Navigate the Digital ID Ecosystem to Enhance Customer Experience

  • Buy Link or Shortcode: {j2store}76|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: IT Strategy
  • Parent Category Link: /it-strategy
  • Amid the pandemic-fueled surge in online services, organizations require secure solutions to safeguard digital interactions. These solutions must be uniform, interoperable, and fortified against security threats.
  • Although the digital identity ecosystem has garnered significant attention and investment, many organizations remain uncertain about its potential for authentication and the authorization required for B2B and B2C transactions, and in turn reducing their cost of operations and transferring their data risks.

Our Advice

Critical Insight

  • Limited / lack of understanding of the global digital ID ecosystem and its varying approaches across countries handicaps businesses in defining the benefits digital ID can bring to customer interactions and overall business management.
  • In addition, key obstacles exist in balancing customer privacy, data security, and regulatory requirements while pursuing excellent end-user experience and high customer adoption.
  • Info-Tech Insight: Focusing on customer touchpoints and transforming them are key to excellent experience and increasing their life-time value (LTV) to them and to your organization. Digital ID is that tool of transformation.

Impact and Result

  • Digital ID has many dimensions, and its ecosystem's sustainability lies in the key principles it is built on. Understanding the digital identity ecosystem and its responsibilities is crucial to formulating an approach to adopt it. Also, focusing on key success factors drives digital ID adoption.
  • Before embarking on the digital identity adoption journey, it is essential to assess your readiness. It is also necessary to understand the risks and challenges. Specific steps to digital ID adoption can help realize the potential of digital identity and enhance the customers' experience.

Navigate the Digital ID Ecosystem to Enhance Customer Experience Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Navigate the Digital ID Ecosystem to Enhance Customer Experience Storyboard – Learn how to adopt Digital ID to drive benefits, enhance customer experience, improve efficiency, manage data risks, and uncover new opportunities.

This research focuses on verified digital identity ecosystems and explores risks, opportunities, and challenges of relying on verified digital IDs and also how adopting digital identity initiatives can improve customer experience and operational efficiency. It covers:

  • Definition and dimensions of digital identity
  • Key responsibilities and principles of digital identity ecosystem
  • Success factors for digital identity adoption
  • Global evolution and unique approaches in Estonia, India, Canada, UK, and Australia
  • Industries that benefit most from digital ID development
  • Key use cases of digital ID
  • Benefits to governments, ID providers, ID consumers, and end users
  • Readiness checklist and ten steps to digital ID adoption
  • Risks and challenges of digital identity adoption
  • Key recommendations to realize potential of digital identity
  • Taxonomy and definitions of terms in the digital identity ecosystem
    • Navigate the Digital ID Ecosystem to Enhance Customer Experience Storyboard
    • Familiarize Yourself With the Digital ID Ecosystem Taxonomy
    • Assess Your Digital ID Adoption Readiness

    Infographic

    Further reading

    Navigate the Digital ID Ecosystem to Enhance Customer Experience

    Beyond the hype: How it can help you become more customer-focused?

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    Amid the pandemic-fueled surge of online services, organizations require secure solutions to safeguard digital interactions. These solutions must be uniform, interoperable, and fortified against security threats.

    Although the digital identity ecosystem has garnered significant attention and investment, many organizations remain uncertain about its potential for authentication and authorization required for B2B and B2C transactions.

    They still wonder if digital ID can help reduce cost of operations and transfer data risks.

    Limited or lack of understanding of the global Digital ID ecosystem and its varying approaches across countries handicap businesses in defining the potential benefits Digital ID can bring to customer interactions and overall business management.

    In addition, key obstacles exist in balancing customer privacy (including the right to be forgotten), data security, and regulatory requirements while pursuing desired end-user experience and high customer adoption.

    Digital ID has many dimensions, and its ecosystem's sustainability lies in the key principles it is built on. Understanding the digital identity ecosystem and its responsibilities is crucial to formulate an approach to adopt it. Also, focusing on key success factors drives digital ID adoption.

    Before embarking on the digital identity adoption journey, it is essential to assess your readiness. It is also necessary to understand the risks and challenges. Specific steps to digital ID adoption can help realize the potential of digital identity and enhance the customers' experience.

    Info-Tech Insight

    Focusing on customer touchpoints and transforming them is key to excellent user experience and increasing their lifetime value (LTV) to them and to your organization. Digital ID is that tool of transformation.

    Analyst Perspective

    Manish Jain.

    Manish Jain

    Principal Research Director

    Analyst Profile

    “I just believed. I believed that the technology would change people's lives. I believed putting real identity online - putting technology behind real identity - was the missing link.”

    - Sheryl Sandberg (Brockes, Emma. “Facebook’s Sheryl Sandberg: who are you calling bossy?” The Guardian, 5 April 2014)

    Sometimes dismissed as mere marketing gimmicks, digital identity initiatives are anything but. While some argue that any online credential is a "Digital ID," rendering the hype around it pointless, the truth is that a properly built digital ID ecosystem has the power to transform laggard economies into global digital powerhouses. Moreover, digital IDs can help businesses transfer some of their cybersecurity risks and unlock new revenue channels by enabling a foundation for secure and efficient value delivery.

    In addition, digital identity is crucial for digital and financial inclusion, simplifying onboarding processes and opening up new opportunities for previously underserved populations. For example, in India, the Aadhaar digital ID ecosystem brought over 481 million1 people into the formal economy by enabling access to financial services. Similarly, in Indonesia, the e-KIP digital ID program paved the way for 10 million new bank accounts, 94% of which were for women2.

    However, digital identity initiatives also come with valid concerns, such as the risk of a single point of failure and the potential to widen the digital divide.

    This research focuses on the verified digital identity ecosystem, exploring the risks, opportunities, and challenges organizations face relying on these verified digital IDs to know their customers before delivering value. By understanding and adopting digital identity initiatives, organizations can unlock their full potential and provide a seamless customer experience while ensuring operational efficiency.

    1 India Aadhaar PMJDY (https://pmjdy.gov.in/account)
    2 Women’s World Banking, 2020.

    Digital Identity Ecosystem and vital ingredients of adoption

    Digital Identity Ecosystem.

    What is digital identity?

    Definitions may vary, depending on the focus.

    “Digital identity (ID) is a set of attributes that links a physical person with their online interactions. Digital ID refers to one’s online persona - an online footprint. It touches important aspects of one’s everyday life, from financial services to health care and beyond.” - DIACC Canada

    “Digital identity is a digital representation of a person. It enables them to prove who they are during interactions and transactions. They can use it online or in person.” - UK Digital Identity and Attributes Trust Framework

    “Digital identity is an electronic representation of an entity (person or other entity such as a business) and it allows people and other entities to be recognized online.” - Australia Trusted Digital Identity Framework

    A digital identity is primarily an electronic form of identity representing an entity uniquely , while abstracting all other identity attributes of the entity. In addition to an electronic form, it may also exist in a physical form (identity certificate), linked through an identifier representing the same entity.

    Digital identity has many dimensions*, and in turn categories

    Trust

    • Verified (Govt. issued IDs)
    • Unverified (Email Id)

    Subject

    • Individual
    • Organization
    • Device
    • Service

    Usability

    • Single-purpose (Disposable)
    • Multi-purpose (Reusable)

    Provider

    • Sovereign Government
    • Provincial Government
    • Local Government
    • Public Organization
    • Private Organization
    • Self

    Jurisdiction

    • Global (Passport)
    • National (DL)
    • State/Provincial (Health Card)
    • Local (Voting Card)
    • Private (Social)

    Form

    • Physical Card
    • Virtual Identifier
    • Online/App Account
    • PKI Keys
    • Tokens

    Governance

    • Sovereign
    • Federated
    • Decentralized
    • Trust Framework -based
    • Self-sovereign

    Expiry

    • Permanent (Lifetime, Years)
    • Temporary (Minutes, Hours)
    • Revocable

    Usage Mode

    • online only
    • offline only
    • Online/offline

    Purpose

    • Authorization (driver’s license, passport, employment)
    • Authentication (birth certificate, social security number)
    • Activity Linking (preferences, habits, and priorities)
    • Historical Record (Resume, educational financial, health history)
    • Social Interactions (Social Media)
    • Machine Connectivity

    Info-Tech Insight

    Digital ID has taken different meanings for different people, serving different purposes in different environments. Based on various aspects of Digital Identification, it can be categorized in several types. However, most of the time when people refer to a form of identification as Digital ID, they refer to a verified id with built-in trust either from the government OR the eco-system.

    * Please refer to Taxonomy for the definition of each of the dimensions

    Understanding a digital identity ecosystem is key to formulating your approach to adopt it

    The image contains a screenshot of a digital identity ecosystem diagram.

    Info-Tech Insight

    Digital identity ecosystems comprise many entities playing different roles, and sometimes more than one. In addition, variations in approach by jurisdictions drive how many active players are in the ecosystem for that jurisdiction.

    For example, in countries like Estonia and India, government plays the role of trust and governance authority as well as ID provider, but didn’t start with any Digital ID wallet. In contrast, in Ukraine, Diia App is primarily a Digital ID Wallet. Similarly, in the US, different states are adopting private Digital ID Wallet providers like Apple.

    Digital ID ecosystem’s sustainability lies in the key principles it is built on

    Social, economic, and legal alignment with target stakeholders
    Transparent governance and operation
    Legally auditable and enforceable
    Robust and Resilient – High availability
    Security – At rest, in progress, and in transit
    Privacy and Control with users
    Omni-channel Convenience – User and Operations
    Minimum data transfer between entities
    Technical interoperability enabled through open standards and protocol
    Scalable and interoperable at policy level
    Cost effective – User and operations
    Inclusive and accessible

    Info-Tech Insight

    A transparent, resilient, and auditable digital ID system must be aligned with socio-economic realities of the target stakeholders. It not only respects their privacy and security of their data by minimizing the data transfer between entities, but also drives desired customer experience by providing an omni-channel, interoperable, scalable, and inclusive ecosystem while still being cost-effective for the collaborators.

    Source: Adapted from Canada PCTF, UK Trust framework, European Commission, Australia TDIF, and others

    Focus on key success factors to drive the digital ID adoption

    Digital ID success factors

    Legislative regulatory framework – Removes uncertainty
    Security & Privacy Assurance- builds trust
    Smooth user experience – Drives preferences
    Transparent ecosystem – Drives inclusivity
    Multi-channel – Drive consistent experience online / offline
    Inter-operability thorough open standards
    Digital literacy – Education and awareness
    Multi-purpose & reusable – Reduce consumer burden
    Collaborative ecosystem –Build network effect

    Source: Adapted from Canada PCTF, UK digital identity & attributes trust framework , European eIDAS, and others

    Info-Tech Insight

    Driving adoption of Digital ID requires affirmative actions from all ecosystem players including governing authorities, identity providers, and identity consumers (relying parties).

    These nine success factors can help drive sustainable adoption of the Digital ID.

    Among many responsibilities the ecosystem players have, identity governance is the key to sustainability

    • Digital identity provision
      • Creating identity attributes
      • Create a reusable identity and attribute service
      • Create a digital identity
      • Assess and manage quality of an identity and attributes
      • Making identity provision inclusive and accessible
    • Digital identity resolution
      • Enabling inclusive access to products and services through digital identity
      • Authenticate and authorize identity subjects before permitting access to their identity and attributes
    • Digital identity governance
      • Manage digital identity and attributes
      • Make Identity service interoperable, and sharable
      • Recover digital identity and attribute accounts
      • Notifying users on accessing identity or making changes on more attributes
      • Report and audit – exclusion, accessibility
      • Retiring an identity or attribute service
      • Respond to complaints and disputes
    • Enterprise risk management and governance
    The image contains a screenshot of a diagram to demonstrate how identity governance is the key to sustainability.
    • Privacy and security
      • Use encryption
      • Privacy compliance framework
      • Consumer Privacy Protection laws (CPPA, GDPR etc.)
      • Acquiring and managing user consents & agreements
      • Prohibited processing of personal data
      • Security controls and governance
    • Information management
      • Record management
      • Archival
      • Disposal (on expiry or to comply with regulations)
      • CIA (confidentiality, integrity, availability)
    • Fraud management
      • Fraud monitoring and reporting
      • Fraud intelligence and analysis
      • Sharing threat indicators
      • Legal, policies and procedures for fraud management
    • Incident response
      • Respond to fraud incidents
      • Respond to a service delivery incident
      • Responding to data breaches
      • Performing and participating in investigation

    Global evolution of digital ID is following the socio-economic aspirations of countries

    The image contains a screenshot of a graph that demonstrates global evolution of digital ID.

    Source: Adapted from the book: Identification Revolution: Can Digital ID be harnessed for Development? (Gelb & Metz), 2018

    Info-Tech Insight

    The world became global a long time ago; however, it sustained economic progress without digital IDs for most of the world's population.

    With the pandemic, when political rhetoric pointed to the demand for localized supply chains, economies became irreversibly digital. In this digital economy, the digital ID ecosystem is the fulcrum of sustainable growth.

    At a time in overlapping jurisdictions, multiple digital IDs can exist. For example, one is issued by a local municipality, one by the province, and another by the national government.

    Global footprint of digital ID is evolving rapidly, but varies in approach

    The image contains a screenshot of a Global footprint of digital ID.

    Info-Tech Insight

    Countries’ approach to the digital ID is rooted in their socio-economic environment and global aspirations.

    Emerging economies with large underserved populations prioritize fast implementation of digital ID through centralized systems.

    Developed economies with smaller populations, low trust in government, and established ID systems prioritize developing trust frameworks to drive decentralized full-scale implementation.

    There is no right way except the one which follows Digital ID principles and aligns with a country’s and its people’s aspirations.

    Estonia's e-identity is the key to its digital agenda 2030

    • Regulatory Body and Operational Governance: Estonian Information System Authority (RIA).
    • Identity Providers: Government of Estonia; Private sector doesn’t issue IDs but can leverage Digital ID ecosystem.
    • Decentralized Approach: Permissioned Blockchain Architecture with built-in data traceability implemented on KSI (Keyless Signature Infrastructure).
    • X-Road – Secure, interoperable open-source data exchange platform between collection point where Data is stored.
    • Digital Identity Form: e-ID
    • Key Use cases:
      • Financial, Telecom: e-KYC, e-Banking
      • Digital Authentication: ID Card, Mobile ID, Smart ID, Digital Signatures
      • E-governance: e-Voting, e-Residency, e-Services Registries, e-Business Register
      • Smart City and mobility: Freight Transportation, Passenger Mobility
      • Healthcare: e-Health Record, e-Prescription, e-Ambulance
    • ID-card
    • Smart ID
    • Mobile ID
    • e-Residency

    Uniqueness

    Estonia pioneered the digital ID implementation with a centralized approach and later transitioned to a decentralized ecosystem driving trust to attract non-citizens into Estonia’s digital economy.

    99% Of Estonian residents have an ID card enabling use of electronic ID

    1.4 B Digital signatures given (2021)

    99% Public Services available as e-Services

    17K+ Productive years saved (five working days/citizen/year saved accessing public services)

    25K E-resident companies contributed more than €32 million in tax

    *Source: https://e-estonia.com/wp-content/uploads/e-estonia-211022_eng.pdf ;

    https://www.e-resident.gov.ee/dashboard

    The image contains a timeline of events from 2001-2020 for Estonia..

    India’s Aadhaar is the foundation of its digital journey through “India stack”

    • Regulatory Accountability and Operational Governance: Unique Identification Authority of India (UIDAI).
    • Identity Provider: Govt. of India.
    • Digital Identity Form: Physical and electronic ID Card; Online (Identifier + OTP), and offline (identifier + biometric) usage; mAadhaar App & Web Portal
    • India Stack: a set of open APIs and digital assets to leverage Aadhaar in identity, data, and payments at scale.
    • Key Use cases:
      • Financial, Telecom: eKYC, Unified Payments Interface (UPI)
      • Digital Wallet: Digi Locker
      • Digital Authentication: eSign, and Aadhaar Auth.
      • Public Welfare: Public Distribution of Service, Social Pension, Employment Guarantee
      • Public service access: Enrollment to School, Healthcare

    1.36B People enrolled

    80% Beneficiaries feel Aadhaar has made PDS, employment guarantee and social pensions more reliable

    91.6% Are very satisfied or somewhat satisfied with Aadhaar

    14B eKYC transactions done by 218 eKYC authentication agencies (KUA)

    Source: https://uidai.gov.in/aadhaar_dashboard/india.php; https://www.stateofaadhaar.in/

    World Bank Report on Private Sector Impacts from ID

    Uniqueness

    “The Aadhaar digital identity system could reduce onboarding costs for Indian firms from 1,500 rupees to as low as an estimated 10 rupees.”

    -World Bank Report on Private Sector Impacts from ID

    With lack of public trust in private sector, government brought in private sector executives in public ecosystem to lead the largest identity program globally and build the India stack to leverage the power of Digital Identity.

    The image contains a screenshot of India's Aadhaar timeline from 2009-2022.

    Ukraine’s Diia is a resilient act to preserve their identities during threat to their existence

    Regulatory Accountability and Operational Governance: Ministry of Digital Transformation.

    Identity provider: Federated govt. agencies.

    Digital identity form: Diia App & Portal as a digital wallet for all IDs including digital driving license.

    • Key use cases:
      • eGovernance – Issuing license and permits, business registration, vaccine certificates.
      • Public communication: air-raid alerts, notifications, court decisions and fines.
      • Financial, Telecom: KYC compliance, mobile donations.
      • eBusiness: Diia City legal framework for IT industry, Diia Business Portal for small and medium businesses.
      • Digital sharing and authentication: Diia signature and Diia QR.
      • Public service access: Diia Education Portal for digital education and digital skills development, healthcare.

    18.5M People downloaded the Diia app.

    14 Digital IDs provided by other ID providers are available through Diia.

    70 Government services are available through Diia.

    ~1M Private Entrepreneurs used Diia to register their companies.

    1300 Tons of paper estimated to be saved by reducing paper applications for new IDs and replacements.

    Source:

    • Ukraine Govt. Website for Invest and trade
    • Diia Case study prepared for the office of Canadian senator colin deacon.

    Uniqueness

    “One of the reasons for the Diia App's popularity is its focus on user experience. In September 2022, the Diia App simplified 25 public services and digitized 16 documents. The Ministry of Digital Transformation aims to make 100% of all public services available online by 2024.”

    - Vladyslava Aleksenko

    Project Lead—digital Identity, Ukraine

    The image contains a screenshot of the timeline for Diia.

    Canada’s PCTF (Pan Canadian Trust Framework) driving the federated digital identity ecosystem

    • Regulatory Accountability: Treasury Board of Canada Secretariat (TBS); Canadian Digital Service (CDS); Office of CIO
    • Standard Setting: Digital Identification and Authentication Council of Canada (DIACC)
    • Frameworks:
      • Treasury Board Directive on Identity Management
      • Pan Canadian Trust Framework (PCTF)
      • Voilà Verified Trustmark Program: ISO aligned compliance certification program on PCTF
      • Governing / Certificate Authority: Trustmark Oversight Board (TOB) and DIACC accredited assessor
      • Operational Governance: Federated between identity providers and identity consumers
      • Identity Providers: Public and Private Sector
      • Other entities involved: Digital ID Lab (Voila Verified Auditor); Kuma (Accredited Assessor)
    The image contains a screenshot of PCTF Components.

    82% People supportive of Digital ID.

    2/3 Canadians prefer public-private partnership for Pan-Canadian digital ID framework.

    >40% Canadians prefer completing various tasks and transactions digitally.

    75% Canadians are willing to share personal information for better experience.

    >80% Trust government, healthcare providers, and financial institutions with their personal information.

    Source: DIACC Survey 2021

    Uniqueness

    Although a few provinces in Canada started their Digital ID journey already, federally, Canada lacked an approach.

    Now Canada is developing a federated Digital ID ecosystem driven through the Pan-Canadian Trust Framework (PCTF) led by a non-profit (DIACC) formed with public and private partnership.

    The image contains a screenshot of Canada's PCTF timeline from 2002-2025.

    Australia’s digital id is pivotal to its vision to become one of the Top-3 digital governments globally by 2025*

    * Australia Digital Government Strategy 2021
    • Regulatory responsibility and standard: Digital Transformation Agency (DTA)’s Digital Identity
    • Operational support and oversight: Service Australia, Interim Oversight Authority (IOA).
    • Accredited identity providers (by 2022): Australian Taxation Office (ATO)’s myGovID, Australia Post’s Digital ID, MasterCard’s ID, OCR Labs App
    • Framework: Trusted Digital Identity Framework (TDIF)
      • Digital Identity Exchange
      • Identity Service Providers and Attribute Verification Service
      • Attribute Service Providers
      • Credential Service Providers
      • Relying Parties
    • Others: States such as NSW, Victoria, and Queensland have their own digital identity programs

    8.6M People using myGovID by Jun-2022

    117 Services accessible through Digital Id System

    The image contains a screenshot diagram of Digital Identity.

    Uniqueness

    Australia started its journey of Digital ID with a centralized Digital ID ecosystem.

    However, now it preparing to transition to a centrally governed Trust framework-based ecosystem expanding to private sector.

    The image contains a screenshot of Australia's Digital id timeline from 2014-2022.

    UK switches gear to the Trust Framework approach to build a public-private digital ID ecosystem

    • Government: Ministry of Digital Infrastructure / Department of Digital, Culture, Media, and Sport
    • Governing Body / Certificate Authority / Operational Governance: TBD
    • Approach: Trust Framework-based UK Digital Identity and attributes trust framework (UKDIATF)
    • Identity providers: Transitioning from “GOV.UK Verify” to a federated digital identity system aligned with “Trust Framework” – enabling both government (“One Login for Government”) and private sector identity providers.
    The image contains a screenshot of the Trust Framework.

    Uniqueness

    UK embarked its Digital ID journey through Gov.UK Verify but decided to scrap it recently.

    It is now preparing to build a trust framework-based federated digital ID ecosystem with roles like schema-owners and orchestration service providers for private sector and drive the collaboration between industry players.

    The image contains a screenshot of UK timeline from 2011-2023.

    Digital ID will transform all industries, though financial services and e-governance will gain most

    Cross Industry

    Financial Services

    Insurance

    E-governance

    Healthcare & Lifesciences

    Travel and Tourism

    E-Commerce

    • Onboarding (customer, employee, patient, etc.)
    • Fraud-prevention (identity theft)
    • Availing restricted services (buying liquor)
    • Secure-sharing of credentials and qualifications (education, experience, gig worker)
    • For businesses, customer 360
    • For businesses, reliable data-driven decision making with lower frequency of ‘astroturfing’ (false identities) and ‘ballot-stuffing’ (duplicate identities)
    • Account opening
    • Asset transfer
    • Payments
    • For businesses, risk management - know your customer (KYC), anti-money laundering (AML), customer due diligence (CDD)
    • Insurance history
    • Insurance claim
    • Public distribution schemes (PDS)
    • Subsidy payments (direct to consumer)
    • Obtain government benefits (maternity, pension, employment guarantee / insurance payments)
    • Tax filing
    • Issuing credentials (birth certificate, passport)
    • Voting
    • For businesses, availing governments supports
    • For SMB businesses, easier regulatory compliance
    • Digital health
    • Out of state public healthcare
    • Secure access to health and diagnostic records
    • For businesses, data sharing between providers and with payers
    • Travel booking
    • Cross-border travel
    • Car rental
    • Secure peer-to-peer sales
    • Secure peer-to-peer sales

    USE CASE

    Car rental

    INDUSTRY: Travel & Tourism

    Source: Info-Tech Research Group

    Challenge

    Solution

    Results

    Verifying the driver’s license (DL) is the first step a car rental company takes before handing over the keys.

    While the rental company only need to know the validity of the DL and if it belongs to the presenter, is bears the liability of much more data presented to them through the DL.

    For customers, it is impossible to rent a car if they forget their DL. If the customer has their driver’s license, they compromise their privacy and security as they hand over their license to the representative.

    The process is not only time consuming, it also creates unnecessary risks to both the business and the renter.

    A digital id-based rental process allows the renter to present the digital id online or in person.

    As the customer approaches the car rental they present their digital id on the mobile app, which has already authenticated the presenter though the biometrics or other credentials.

    The customer selects the purpose of the business as “Car Rental”, and only the customer’s name, photo, and validity of the DL appear on the screen for the representative to see (selective disclosures).

    If the car pick-up is online, only this information is shared with the car rental company, which in turn shares the car and key location with the renter.

    A digital identity-based identity verification can ensure a rental company has access to the minimum data it needs to comply with local laws, which in turn reduces its data leak risk.

    It also reduces customer risks linked to forgetting the DL, and data privacy.

    Digital identity also reduces the risk originated from identity fraud leading to stolen cars.

    USE CASE

    e-Governance public distribution service

    INDUSTRY: Government

    Source: Info-Tech Research Group

    Challenge

    Solution

    Results

    In both emerging and developed economies, public distribution of resources – food, subsidies, or cash – is a critical process through which many people (especially from marginalized sections) survive on.

    They often either don’t have required valid proof of identity or fall prey to low-level corruption when someone defrauds them by claiming the benefit.

    As a result, they either completely miss out on claiming government-provided social benefits OR only receive a part of what they are eligible for.

    A Digital ID based public distribution can help created a Direct Benefit Transfer ecosystem.

    Here beneficiaries register (manually OR automatically from other government records) for the benefits they are eligible for.

    On the specific schedule, they receive their benefit – monetary benefit in their bank accounts, and non-cash benefits, in person from authorized points-of-sales (POS), without any middleman with discretionary decision powers on the distribution.

    India launched its Financial Inclusion Program (Prime Minister's Public Finance Scheme) in 2014.

    The program was linked with India’s Digital Id Aadhaar to smoothen the otherwise bureaucratic and discretionary process for opening a bank account.

    In last eight years, ~481M (Source: PMJDY) beneficiaries have opened a bank account and deposited ~ ₹1.9Trillion (USD$24B), a part of which came as social benefits directly deposited to these accounts from the government of India.

    USE CASE

    Real-estate investment and sale

    INDUSTRY: Asset Management

    Source: Info-Tech Research Group

    Challenge

    Solution

    Results

    “Impersonators posing as homeowners linked to 32 property fraud cases in Ontario and B.C.” – Global News Canada1

    “The level of fraud in the UK is such that it is now a national security threat” – UK Finance Lobby Group2

    Real estate is the most expensive investment people make in their lives. However, lately it has become a soft target for title fraud. Fraudsters steal the title to one’s home and sell it or apply for a new mortgage against it.

    At the root cause of these fraud are usually identity theft when a fraudster steals someone’s identity and impersonates them as the title owner.

    Digital identity tagged to the home ownership / title record can reduce the identity fraud in title transfer.

    When a person wants to sell their house OR apply for a new mortgage on house, multiple notifications will be triggered to their contact attributes on digital ID – phone, email, postal address, and digital ID Wallet, if applicable.

    The homeowner will be mandated to authorize the transaction on at least two channels they had set as preferred, to ensure that the transaction has the consent of the registered homeowner.

    This process will stop any fraud transactions until at least two modes are compromised.

    Even if two modes are compromised, the real homeowner will receive the notification on offline communication modes, and they can then alert the institution or lawyer to block the transaction.

    It will especially help elderly people, who are more prone to fall prey to identity frauds when somebody uses their IDs to impersonate them.

    1 Global News (https://globalnews.ca/news/9437913/homeowner-impersonators-lined-32-fraud-cases-ontario-bc/)

    2 UK Finance Lobby Group (https://www.ukfinance.org.uk/system/files/Half-year-fraud-update-2021-FINAL.pdf)

    Adopting digital ID benefits everybody – governments, id providers, id consumers, and end users

    Governments & identity providers

    (public & private)

    Customers and end users

    (subjects)

    Identity consumer

    (relying parties)

    • Growth in GDP
    • Save costs of providing identity
    • Unlock new revenue source by economic expansion
    • Choice and convenience
    • Control of what data is shared
    • Experience driven by simplicity and data minimalization
    • Reduced cost of availing services
    • Operational efficiency
    • Overall cost efficiency of delivering service and products
    • Reduce risk of potential litigation
    • Reduce risk of fraud
    • Enhanced customer experience leading to increased lifetime value
    • Streamlined storage and access
    • Encourage innovation

    Digital ID will transform all industries, though financial services and e-governance will gain most

    Governments and identity providers (public and private)

    • Growth in GDP by reducing bureaucracy and discretion from the governance processes.
      • As per a McKinsey report, digital ID could unlock the economic value equivalent of 3%-13% of GDP across seven focus countries (Brazil, Ethiopia, India, Nigeria, China, UK, USA) in 2030.
      • “Estonia saves two percent of GDP by signing things digitally; imagine if it could go global.” - aavi Rõivas, Prime Minister of the Republic of Estonia (International Peace Institute)
    • Unlock new revenue source by economic expansion.
      • Estonia earned €32 million in tax revenue from e-resident companies (e-Estonia).
    • Save costs of providing identity in collaboration with 3rd parties and reduce fraud.
      • Canada estimates savings of $482 million for provincial and federal governments, and $4.5 billion for private sector organizations through digital id adoption (2022 Budget Statement).

    Digital ID brings end users choice, convenience, control, and cost-saving, driving overall experience

    Customers and end users (subjects)

    • Choice: Citizens have the choice and convenience to interact safely and conveniently online and offline.
    • Convenience: No compulsion to make physical trips to access service, as end users can identify themselves safely and reliably online, as they do offline.
    • Control: A decentralized, privacy enhancing solution – neither government nor private companies control your digital ID. How and when you use digital ID is entirely up to you.
    • Cost Saving: Save costs of availing service by reducing the offline documentation.
    • Experience: Improved experience while availing service without a need to present multiple documents every time.

    Digital id benefits identity consumers by enhancing multiple dimensions of their value streams

    Identity consumer (relying parties)

    • Operational efficiency: Eliminating unnecessary steps and irrelevant data from the value stream increases overall operational efficiency.
    • Cost efficiency: Helps businesses to reduce overall cost of operations like regulatory requirements.
      • World Bank estimated that the Aadhaar could reduce onboarding costs for Indian firms from ₹1,500/- ($23) to as low as an estimated ₹10/- ($0.15) (*World Bank ID4D)
    • Reduce risk of potential litigation issues: Encourage data minimization.
    • Privacy and security: Businesses can reduce the risk of fraud to organizations and users and can significantly boost the privacy and security of their IT assets.
    • Enhanced customer experience: The decrease in the number of touchpoints and faster turnaround.
    • Streamlined storage and access: Store all available data in a single place, and when required.
    • Encourage innovation: Reduce efforts required in authentication and authorization of users.

    Before embarking on the digital identity adoption journey, assess your readiness

    Legislative coverage

    Does your target jurisdiction have adequate legislative framework to enable uses of digital identities in your industry?

    Trust framework

    If the Digital ID ecosystem in your target jurisdiction is trust framework-based, do you have adequate understanding of it?

    Customer touch-points

    Do you have exact understanding of value stream and customer touch-points where you interact with user identity?

    Relevant identity attributes

    Do you have exact understanding of the identity attributes that your business processes need to deliver customer value?

    Regulatory compliance

    Do you have required systems to ensure your compliance with industry regulations around customer PII and identity?

    Interoperability with IMS

    Is your existing identity management system interoperable with Open-source Digital Identity ecosystem?

    Enterprise governance

    Have you established an integrated enterprise governance framework covering business processes, technical systems, and risk management?

    Communication strategy

    Do have a clear strategy (mode, method, means) to communicate with your target customer and persuade them to adopt digital identity?

    Security operations center

    Do you have security operations center coordinating detection, response, resolution, and communication of potential data breaches?

    Ten steps to adopt to enhance the customer experience

    Considering the complexity of digital identity adoption, and its impact on customer experience, it is vital to assess the ecosystem and adopt an MVP approach before a big-bang launch.

    Diagram to help assess the ecosystem.

    1. Define the use case and identify the customer touchpoint in the value stream which can be improved with a verified digital identity.
    2. Ensure your organization is ready to adopt digital identity (Refer to Digital identity adoption readiness),
    3. Identify an Identity Service Provider (Government, private sector), if there are options.
    4. Understand its technical requirements and assess, to the finer detail, your technical landscape for interoperability.
    5. Set-up a business contract for terms of usages and liabilities.
    6. Create and execute a Minimum Viable Program (MVP) of integration which can be tested with real customers.
    7. Extend MVP to the complete solution and define key success metrics.
    8. Canary-launch with a segment of target customers before a full launch.
    9. Educate customers on the usages and benefits, and adapt your communication plan taking feedback
    10. Monitor and continuously improve the solution based on the feedback from ecosystem partners and end-customers, and regulatory changes.

    Understand and manage the risks and challenges of digital identity adoption

    Digital ID adoption is a major change for everyone in the ecosystem.

    Manage associated risks to avoid the derailing of integration with your business processes and a negative impact on customer experience.

    Manage Risks.

    1. Privacy and security risks – Customer’s sensitive data may get centralized with the identity provider.
    2. Single point of failure while relying a specific IDs; it also increases the impact of identity theft and fraud risk.
    3. Centralization and control risks – Identity provider or identity service broker / orchestrator may control who can participate.
    4. Not universal, interoperability risks – if purpose-specific.
    5. Impact omni-channel experience - Not always available (legal / printable) for offline use.
    6. Exclusion and discrimination risks – Specific data requirements may exclude a group of people.
    7. Scope for misuse and misinterpretation if compromised and not reclaimed in timely manner.
    8. Adoption and usability risks – Subjects / relying parties may not see benefit due to lack of awareness or suspicion.
    9. Liability Agreement gaps between identity provider and identity consumer (relying party).

    Recommendations to help you realize the potential of digital identity into your value streams

    1

    Customer-centricity

    Digital identity initiative should prioritize customer experience when evaluating its fit in the value stream. Adopting it should not sacrifice end-user experience to gain a few brownie points.

    See Info-Tech’s Adopt Design Thinking in Your Organization blueprint, to ensure customer remains at the center of your Digital Adoption initiative.

    2

    Privacy and security

    Adopting digital identity reduces data risk by minimizing data transfer between providers and consumers. However, securing identity attributes in value streams still requires strengthening enterprise security systems and processes.

    See Info-Tech’s Assess and Govern Identity Security blueprint for the actions you may take to secure and govern digital identity.

    3

    Inclusion and awareness

    Adopting digital identity may alter customer interaction with an organization. To avoid excluding target customer segments, design digital identity accordingly. Educating and informing customers about the changes can facilitate faster adoption.

    See Info-Tech’s Social Media blueprint and IT Diversity & Inclusion Tactics to make inclusion and awareness part of digital adoption

    4

    Quantitative success metrics

    To measure the success of a digital ID adoption program, it's essential to use quantitative metrics that align with business KPIs. Some measurable KPIs may include:

    • Reduction in number of IDs business used to serve 90% of customers
    • Reduction in overall cost of operation
      • Reduction in cost of user authentication
    • Reduction in process cycle time (less time required to complete a task – e.g. KYC)

    Taxonomy – Digital ID ecosystem

    (Alphabetical order)

    Continues..

    Attributes: An identity attribute is a statement or information about a specific aspect of entity’s identity ,substantiating they are who they claim to be, own, or have.

    Attribute (or Credential) provider: An attribute or credential provider could be an organization which issues the primary attribute or credential to a subject or entity. They are also responsible for identity-attribute binding, credential maintenance, suspension, recovery, and authentication.

    Attribute (or Credential) service provider: An attribute service provider could be an organization which originally vetted user’s credentials and certified a specific attribute of their identity. It could also be a software, such as digital wallet, which can store and share a user’s attribute with a third party once consented by the user. (Source: UK Govt. Trust Framework)

    Attribute binding: This is a process an attribute service providers uses to link the attributes they created to a person or an organization through an identifier. This process makes attributes useful and valuable for other entities using these attributes. For example, when a new employee joins a company, they are given a unique employee number (an identifier), which links the person with their job title and other aspects (attributes) of his job. (Source: UK Govt. Trust Framework)

    Authentication service provider: An organization which is responsible for creating and managing authenticators and their lifecycle (issuance, suspension, recovery, maintenance, revocation, and destruction of authenticators). (Source: DIACC)

    Authenticator: Information or biometric characteristics under the control of an individual that is a specific instance of something the subject has, knows, or does. E.g. private signing keys, user passwords, or biometrics like face, fingerprints. (Source: Canada PCTF)

    Authentication (identity verification): The process of confirming or denying that the identity presented relates to the subject who is making the claim by comparing the credentials presented with the ones presented during identity proofing.

    Authorization: The process of validating if the authenticated entity has permission to access a resource (service or product).

    Biometrics attributes: Human attributes like retina (iris), fingerprint, heartbeat, facial, handprint, thumbprint, voice print.

    Centralized identity: Digital identities which are fully governed by a centralized government entity. It may have enrollment or registration agencies, private or public sector, to issue the identities, and the technical system may still be decentralized to keep data federated.

    Certificate Authority (CA or accredited assessors): An organization or an entity that conducts assessments to validate the framework compliance of identity or attribute providers (such as websites, email addresses, companies, or individual persons) serving other users, and binding them to cryptographic keys through the issuance of electronic documents known as digital certificates.

    Taxonomy – Digital ID ecosystem

    (Alphabetical order)

    Continues..

    Collective (non-resolvable) attributes: Nationality, domicile, citizenship, immigration status, age group, disability, income group, membership, (outstanding) credit limit, credit score range.

    Contextual identity: A type of identity which establishes an entity’s existence in a specific context – real or virtual. These can be issued by public or private identity providers and are governed by the organizational policies. E.g. employee ID, membership ID, social media ID, machine ID.

    Credentials: A physical or a digital representation of something that establishes an entity’s eligibility to do something for which it is seeking permission, or an association/affiliation with another, generally well-known entity. E.g. Passport, DL, password. In the context of Digital Identity, every identity needs to be attached with a credential to ensure that the subject of the identity can control how and by whom that identity can be used.

    Cryptographic hash function: A hash function is a one-directional mathematical operation performed on a message of any length to get a unique, deterministic, and fixed size numerical string (the hash) which can’t be reverse engineered to get the input data without deploying disproportionate resources. It is the foundation of modern security solutions in DLT / blockchain as they help in verifying the integrity and authenticity of the message.

    Decentralized identity (DID) or self-sovereign identity: This is a way to give back the control of identity to the subject whose identity it is, using an identity wallet in which they collect verified information about themselves from certified issuers (such as the government). By controlling what information is shared from the wallet to requesting third parties (e.g. when registering for a new online service), the user can better manage their privacy, such as only presenting proof that they’re over 18 without needing to reveal their date of birth. Source: (https://www.gsma.com/identity/decentralised-identity)

    Digital identity wallet: A type of digital wallet refers to a secure, trusted software applications (native mobile app, mobile web apps, or Rivas-hosted web applications) based on common standards, allowing a user to store and use their identity attributes, identifiers, and other credentials without loosing or sharing control of them. This is different than Digital Payment Wallets used for financial transactions. (Source: https://www.worldbank.org/content/dam/photos/1440x300/2022/feb/eID_WB_presentation_BS.pdf)

    Digital identity: A digital identity is primarily an electronic form of identity representing an entity uniquely , while abstracting all other identity attributes of the entity. In addition to an electronic form, it may also exist in a physical form (identity certificate), linked through an identifier representing the same entity. E.g. Estonia eID , India Aadhar, digital citizenship ID.

    Digital object architecture: DOA is an open architecture for interoperability among various information systems, including ID wallets, identity providers, and consumers. It focuses on digital objects and comprises three core components: the identifier/resolution system, the repository system, and the registry system. There are also two protocols that connect these components. (Source: dona.net)

    Digital signature: A digital signature is an electronic, encrypted stamp of authentication on digital information such as email messages, macros, or electronic documents. A signature confirms that the information originated from the signer and has not been altered. (Source: Microsoft)

    Taxonomy – Digital ID ecosystem

    (Alphabetical order)

    Continues..

    Entity (or Subject): In the context of identity, an entity is a person, group, object, or a machine whose claims need to be ascertained and identity needs to be established before his request for a service or products can be fulfilled. An entity can also be referred to as a subject whose identity needs to be ascertained before delivering a service.

    Expiry: This is another dimension of an identity and determines the validity of an ID. Most of the identities are longer term, but there can be a few like digital tokens and URLs which can be issued for a few hours or even minutes. There are some which can be revoked after a pre-condition is met.

    Federated identity: Federated identity is an agreement between two organizations about the definition and use of identity attributes and identifiers of a consumer entity requesting a service. If successful, it allows a consumer entity to get authenticated by one organization (identity provider) and then authorized by another organization. E.g. accessing a third-party website using Google credentials.

    Foundational identity: A type of identity which establishes an entity’s existence in the real world. These are generally issued by public sector / government agencies, governed by a legal farmwork within a jurisdiction, and are widely accepted at least in that jurisdiction. E.g. birth certificate, citizenship certificate.

    Governance: This is a dimension of identity that covers the governance model for a digital ID ecosystem. While traditionally it has been under the sovereign government or a federated structure, in recent times, it has been decentralized through DLT technologies or trust-framework based. It can also be self-sovereign, where individuals fully control their data and ID attributes.

    Identifier: A digital identifier is a string of characters that uniquely represents an entity’s identity in a specific context and scope even if one or more identity attributes of the subject change over time. E.g. driver’s license, SSN, SIN, email ID, digital token, user ID, device ID, cookie ID.

    Identity: An identity is an instrument used by an entity to provide the required information about itself to another entity in order to avail a service, access a resource, or exercise a privilege. An identity formed by 1-n identity attributes and a unique identifier.

    Identity and access management (IAM): IAM is a set of frameworks, technologies, and processes to enable the creation, maintenance, and use of digital identity, ensuring that the right people gain access to the right materials and records at the right time. (Source: https://iam.harvard.edu/)

    Identity consumer (Relying party): An organization, or an entity relying on identity provider to mitigate IT risks around knowing its customers before delivering the end-user value (product/service) without deteriorating end-user experience. E.g. Canada Revenue Agency using SecureKey service and relying on Banking institutions to authenticate users; Telecom service providers in India relying on Aadhaar identity system to authenticate the customer's identity.

    Identity form: A dimension of identity that defines its forms depending on the scope it wants to serve. It can be a physical card for offline uses, a virtual identifier like a number, or an app/account with multiple identity attributes. Cryptographic keys and tokens can also be forms of identity.

    Taxonomy – Digital ID ecosystem

    (Alphabetical order)

    Continues...

    Identity infrastructure provider: Organizations involved in creating and maintaining technological infrastructure required to manage the lifecycle of digital identities, attributes, and credentials. They implement functions like security, privacy, resiliency, and user experience as specified in the digital identity policy and trust framework.

    Identity proofing: A process of asserting the identification of a subject at a useful identity assurance level when the subject provides evidence to a credential service provider (CSP), reliably identifying themselves. (Source: NIST Special Publication 800-63A)

    Identity provider (Attestation authority): An organization or an entity validating the foundation or contextual claims of a subject and establishing identifier(s) for a subject. E.g. DMV (US) and MTA (Canada) issuing drivers’ licenses; Google / Facebook issuing authentication tokens for their users logging in on other websites.

    Identity validation: The process of confirming or denying the accuracy of identity information of a subject as established by an authorized party. It doesn’t ensure that the presenter is using their own identity.

    Identity verification (Authentication): The process of confirming or denying that the identity presented relates to the subject who is making the claim by comparing the credentials presented with the ones presented during identity proofing.

    Internationalized resource identifier (IRI): IRIs are equivalent to URIs except that IRIs also allow non-ascii characters in the address space, while URIs only allow us-ascii encoding. (Source: w3.org)

    Jurisdiction: A dimension of identity that covers the physical area or virtual space where an identity is legally acceptable for the purpose defined under law. It can be global, like it is for passport, or it can be local within a municipality for specific services. For unverified digital IDs, it can be the social network.

    Multi-factor Authentication (MFA): Multi-factor authentication is a layered approach to securing digital assets (data and applications), where a system requires a user to present a combination of two or more credentials to verify a user’s identity for login. These factors can be a combination of (i) something you know like a password/PIN; (ii) something you have like a token on mobile device; and (iii) something you are like a biometric. (Adapted from https://www.cisa.gov/publication/multi-factor-authentication-mfa)

    Oauth (Open authorization): OAuth is a standard authorization protocol and used for access delegation. It allows internet users to access websites by using credentials managed by a third-party authorization server / Identity Provider. It is designed for HTTP and allows access tokens to be issued by an authorization server to third-party websites. E.g. Google, Facebook, Twitter, LinkedIn use Oauth to delegate access.

    OpenID: OpenID is a Web Authentication Protocol and implements reliance authentication mechanism. It facilitates the functioning of federated identity by allowing a user to use an existing account (e.g. Google, Facebook, Yahoo) to sign into third-party websites without needing to create new credentials. (Source: https://openid.net/).

    Taxonomy – Digital ID ecosystem

    (Alphabetical order)

    Continues...

    Personally identifiable information (PII): PII is a set of attributes which can be used, through direct or indirect means, to infer the real-world identity of the individual whose information is input. E.g. National ID (SSN/SIN/Aadhar) DL, name, date of birth, age, address, age, identifier, university credentials, health condition, email, domain name, website URI (web resolvable) , phone number, credit card number, username/password, public key / private key. (Source: https://www.dol.gov)

    Predicates: The mathematical or logical operations such as equality or greater than on attributes (e.g. prove your salary is greater than x or your age is greater than y) to prove a claim without sharing the actual values.

    Purpose: This dimension of a digital id defines for what purpose digital id can be used. It can be one or many of these – authentication, authorization, activity linking, historical record keeping, social interactions, and machine connectivity for IoT use cases.

    Reliance authentication: Relying on a third-party authentication before providing a service. It is a method followed in a federated entity system.

    Risk-based authentication: A mechanism to protect against account compromise or identity theft. It correlates an authentication request with transitional facts like requester’s location, past frequency of login, etc. to reduce the risk of potential fraud.

    Scheme in trust framework: A specific set of rules (standard and custom) around the use of digital identities and attributes as agreed by one or more organizations. It is useful when those organizations have similar products, services, business processes. (Source: UK Govt. Trust Framework). E.g. Many credit unions agree on how they will use the identity in loan origination and servicing.

    Selective disclosure (Assertion): A way to present one’s identity by sharing only a limited amount information that is critical to make an authentication / authorization decision. E.g. when presenting your credentials, you could share something proving you are 18 years or above, but not share your name, exact age, address, etc.

    Trust: A dimension of an identity, which essentially is a belief in the reliability, truth, ability, or strength of that identity. While in the physical world all acceptable form of identities come with a verified trust, in online domain, it can be unverified. Also, where an identity is only acceptable as per the contract between two entities, but not widely.

    Trust framework: The trust framework is a set of rules that different organizations agree to follow to deliver one or more of their services. This includes legislation, standards, guidance, and the rules in this document. By following these rules, all services and organizations using the trust framework can describe digital identities and attributes they’ve created in a consistent way. This should make it easier for organizations and users to complete interactions and transactions or share information with other trust framework participants. (Source: UK Govt. Trust Framework)

    Taxonomy – Digital ID ecosystem

    (Alphabetical order)

    Continues...

    Uniform resource identifier (URI): A universal name in registered name spaces and addresses referring to registered protocols or name spaces.

    Uniform resource locator (URL): A type of URI which expresses an address which maps onto an access algorithm using network protocols. (Source: https://www.w3.org/)

    Uniform resource name (URN): A type of URI that includes a name within a given namespace but may not be accessible on the internet.

    Usability: A dimension of identity that defines how many times it can be used. While most of the identities are multi-use, a few digital identities are in token form and can be used only once to authenticate oneself.

    Usage mode: A dimension of identity that defines the service mode in which a digital ID can be used. While all digital IDs are made for online usage, many can also be used in offline interactions.

    Verifiable credentials: This W3C standard specification provides a standard way to express credentials on the Web in a way that is cryptographically secure, privacy-respecting, and machine-verifiable. (Source: https://www.w3.org/TR/vc-data-model/)

    X.509 Certificates: X.509 certificates are standard digital documents that represent an entity providing a service to another entity. They're issued by a certification authority (CA), subordinate CA, or registration authority. These certificates play an important role in ascertaining the validity of an identity provider and in turn the identities issued by it. (Source: https://learn.microsoft.com/en-us/azure/iot-hub/reference-x509-certificates)

    Zero-knowledge proofs: A method by which one party (the prover) can prove to another party (the verifier) that something is true, without revealing any information apart from the fact that this specific statement is true. (Source: 1989 SIAM Paper)

    Zero-trust security: A cybersecurity paradigm focused on resource protection and the premise that trust is never granted implicitly but must be continually evaluated. It evaluates each access request as if it is a fraud attempt, and grants access only if it passes the authentication and authorization test. (Source: Adapted from NIST, SP 800-207: Zero Trust Architecture, 2020)

    Related Info-Tech Research

    Build a Zero Trust Roadmap
    Leverage an iterative and repeatable process to apply zero trust to your organization.

    Assess and Govern Identity Security
    Strong identity security and governance are the keys to the zero-trust future.

    Adopt Design Thinking in Your Organization
    Innovation needs design thinking to ensure customer remains at the center of everything the organization does.

    Social Media
    Leveraging Social Media to connect with your customers and educate them to drive the value proposition of your efforts.

    IT Diversity & Inclusion Tactics
    Equip your teams to create an inclusive environment and mobilize inclusion efforts across the organization.


    Research Contributors and Experts

    David Wallace

    David Wallace
    Executive Counselor

    Erik Avakian

    Erik Avakian
    Technical Counselor, Data Architecture and Governance

    Matthew Bourne

    Matthew Bourne
    Managing Partner, Public Sector Global Services

    Mike Tweedie

    Mike Tweedie
    Practice Lead, CIO Research Development

    Aaron Shum

    Aaron Shum
    Vice President, Security & Privacy

    Works Cited

    India Aadhaar PMJDY (https://pmjdy.gov.in/account)
    Theis, S., Rusconi, G., Panggabean, E., Kelly, S. (2020). Delivering on the Potential of Digitized G2P: Driving Women’s Financial Inclusion and Empowerment through Indonesia’s Program Keluarga Harapan. Women’s World Banking.
    DIACC Canada (https://diacc.ca/the-diacc/)
    UK digital identity & attributes trust framework alpha v2 (0.2) - GOV.UK (https://www.gov.uk/government/publications/uk-digital-identity-attributes-trust-framework-updated-version/uk-digital-identity-and-attributes-trust-framework-alpha-version-2)
    Australia Trusted Digital Identity Framework (https://www.digitalidentity.gov.au/tdif#changes)
    eIDAS (https://digital-strategy.ec.europa.eu/en/policies/eidas-regulation)
    Europe Digital Wallet – POTENTIAL (https://www.digital-identity-wallet.eu/)
    Canada PCTF (https://diacc.ca/trust-framework/)
    Identification Revolution: Can Digital ID be harnessed for Development? (Gelb & Metz), 2018
    e-Estonia website (https://e-estonia.com/solutions/e-identity/id-card/)
    Aadhaar Dashboard (https://uidai.gov.in/)
    DIACC Website (https://diacc.ca/the-diacc/)
    Australia Digital ID website (https://www.digitalidentity.gov.au/tdif#changes)
    UK Policy paper - digital identity & attributes trust framework (https://www.gov.uk/government/publications/uk-digital-identity-attributes-trust-framework-updated-version/uk-digital-identity-and-attributes-trust-framework-alpha-version-2)
    Ukraine Govt. website (https://ukraine.ua/invest-trade/digitalization/)
    Singapore SingPass Website (https://www.tech.gov.sg/products-and-services/singpass/)
    Norway BankID Website (https://www.bankid.no/en/private/about-us/)
    Brazil National ID Card website (https://www.gov.br/casacivil/pt-br/assuntos/noticias/2022/julho/nova-carteira-de-identidade-nacional-modelo-unico-a-partir-de-agosto)
    Indonesia Coverage in Professional Security Magazine (https://www.professionalsecurity.co.uk/products/id-cards/indonesian-cards/)
    Philippine ID System (PhilSys) website (https://www.philsys.gov.ph/)
    China coverage on eGovReview (https://www.egovreview.com/article/news/559/china-announces-plans-national-digital-ids)
    Thales Group Website - DHS’s Automated Biometric Identification System IDENT (https://www.thalesgroup.com/en/markets/digital-identity-and-security/government/customer-cases/ident-automated-biometric-identification-system)
    FranceConnect (https://franceconnect.gouv.fr/)
    Germany: Office for authorization cert. (https://www.personalausweisportal.de/Webs/PA/DE/startseite/startseite-node.html)
    Italian Digital Services Authority (https://www.spid.gov.it/en/)
    Monacco Mconnect (https://mconnect.gouv.mc/en)
    Estonia eID (https://e-estonia.com/wp-content/uploads/e-estonia-211022_eng.pdf)
    E-Residency Dashboard (https://www.e-resident.gov.ee/dashboard)
    Unique ID authority of India (https://uidai.gov.in/aadhaar_dashboard/india.php)
    State of Aadhaar (https://www.stateofaadhaar.in/)
    World Bank (https://documents1.worldbank.org/curated/en/219201522848336907/pdf/Private-Sector-Economic-Impacts-from-Identification-Systems.pdf)
    WorldBank - ID4D 2022 Annual Report (https://documents.worldbank.org/en/publication/documents-reports/documentdetail/099437402012317995/idu00fd54093061a70475b0a3b50dd7e6cdfe147)
    Ukraine Govt. Website for Invest and trade (https://ukraine.ua/invest-trade/digitalization/)
    Diia Case study prepared for the office of Canadian senator colin deacon (https://static1.squarespace.com/static/63851cbda1515c69b8a9a2b9/t/6398f63a9d78ae73d2fd5725/1670968891441/2022-case-study-report-diia-mobile-application.pdf)
    Canadian Digital Identity Research (https://diacc.ca/wp-content/uploads/2022/04/DIACC-2021-Research-Report-ENG.pdf)
    Voilà Verified Trustmark (https://diacc.ca/voila-verified/)
    Digital Identity, 06A Federation Onboarding Guidance paper, March 2022 (https://www.digitalidentity.gov.au/sites/default/files/2022-04/TDIF%2006A%20Federation%20Onboarding%20Guidance%20-%20Release%204.6%20%28Doc%20Version%201.2%29.pdf)
    UK digital identity & attributes trust framework alpha v2 (0.2) - GOV.UK (https://www.gov.uk/government/publications/uk-digital-identity-attributes-trust-framework-updated-version/uk-digital-identity-and-attributes-trust-framework-alpha-version-2)
    A United Nations Estimate of KYC/AML (https://www.imf.org/Publications/fandd/issues/2018/12/imf-anti-money-laundering-and-economic-stability-straight)
    India Aadhaar PMJDY (https://pmjdy.gov.in/account)
    Global News (https://globalnews.ca/news/9437913/homeowner-impersonators-lined-32-fraud-cases-ontario-bc/)
    UK Finance Lobby Group (https://www.ukfinance.org.uk/system/files/Half-year-fraud-update-2021-FINAL.pdf) McKinsey Digital ID report ( https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/digital-identification-a-key-to-inclusive-growth) International Peace Institute ( https://www.ipinst.org/2016/05/information-technology-and-governance-estonia#7)
    E-Estonia Report (https://e-estonia.com/wp-content/uploads/e-estonia-211022_eng.pdf)
    2022 Budget Statement (https://diacc.ca/2022/04/07/2022-budget-statement/)
    World Bank ID4D - Private Sector Economic Impacts from Identification Systems 2018 (https://documents1.worldbank.org/curated/en/219201522848336907/Private-Sector-Economic-Impacts-from-Identification-Systems.pdf)
    DIACC Canada (https://diacc.ca/the-diacc/)
    UK digital identity & attributes trust framework alpha v2 (0.2) - GOV.UK (https://www.gov.uk/government/publications/uk-digital-identity-attributes-trust-framework-updated-version/uk-digital-identity-and-attributes-trust-framework-alpha-version-2)
    https://www.gsma.com/identity/decentralised-identity
    https://www.worldbank.org/content/dam/photos/1440x300/2022/feb/eID_WB_presentation_BS.pdf
    Microsoft Digital signatures and certificates (https://support.microsoft.com/en-us/office/digital-signatures-and-certificates-8186cd15-e7ac-4a16-8597-22bd163e8e96)
    https://www.worldbank.org/content/dam/photos/1440x300/2022/feb/eID_WB_presentation_BS.pdf
    https://www.dona.net/digitalobjectarchitecture
    IAM (https://iam.harvard.edu/)
    NIST Special Publication 800-63A (https://pages.nist.gov/800-63-3/sp800-63a.html)
    https://www.cisa.gov/publication/multi-factor-authentication-mfa
    https://openid.net/
    U.S. DEPARTMENT OF LABOR (https://www.dol.gov/)
    UK govt. trust framework (https://www.gov.uk/government/publications/uk-digital-identity-attributes-trust-framework-updated-version/uk-digital-identity-and-attributes-trust-framework-alpha-version-2)
    https://www.w3.org/
    Verifiable Credentials Data Model v1.1 (https://www.w3.org/TR/vc-data-model/)
    https://learn.microsoft.com/en-us/azure/iot-hub/reference-x509-certificates

    Define the Role of Project Management in Agile and Product-Centric Delivery

    • Buy Link or Shortcode: {j2store}352|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $3,000 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • There are many voices with different opinions on the role of project management. This causes confusion and unnecessary churn.
    • Project management and product management naturally align to different time horizons. Harmonizing their viewpoints can take significant work.
    • Different parts of the organization have diverse views on how to govern and fund pieces of work, which leads to confusion when it comes to the role of project management.

    Our Advice

    Critical Insight

    There is no one-size-fits-all approach to product delivery. For many organizations product delivery requires detailed project management practices, while for others it requires much less. Taking an outcome-first approach when planning your product transformation is critical to make the right decision on the balance between project and product management.

    Impact and Result

    • Get alignment on the definition of projects and products.
    • Understand the differences between delivering projects and delivering products.
    • Line up your project management activities with the needs of Agile and product-centric projects.
    • Understand how funding can change when moving away from project-centric delivery.

    Define the Role of Project Management in Agile and Product-Centric Delivery Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define the Role of Project Management in Agile and Product-Centric Delivery – A guide that walks you through how to define the role of project management in product-centric and Agile delivery environments.

    The activities in this research will guide you through clarifying how you want to talk about projects and products, aligning project management and agility, specifying the different activities for project management, and identifying key differences with funding of products instead of projects.

    • Define the Role of Project Management in Agile and Product-Centric Delivery Storyboard
    [infographic]

    Further reading

    Define the Role of Project Management in Agile and Product-Centric Delivery

    Projects and products are not mutually exclusive.

    Table of Contents

    3 Analyst Perspective

    4 Executive Summary

    7 Step 1.1: Clarify How You Want to Talk About Projects and Products

    13 Step 1.2: Align Project Management and Agility

    16 Step 1.3: Specify the Different Activities for Project Management

    20 Step 1.4: Identify Key Differences in Funding of Products Instead of Projects

    25 Where Do I Go Next?

    26 Bibliography

    Analyst Perspective

    Project management still has an important role to play!

    When moving to more product-centric delivery practices, many assume that projects are no longer necessary. That isn’t necessarily the case!

    Product delivery can mean different things to different organizations, and in many cases it can involve the need to maintain both projects and project delivery.

    Projects are a necessary vehicle in many organizations to drive value delivery, and the activities performed by project managers still need to be done by someone. It is the form and who is involved that will change the most.

    Photo of Ari Glaizel, Practice Lead, Applications Delivery and Management, Info-Tech Research Group.

    Ari Glaizel
    Practice Lead, Applications Delivery and Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge
    • Organizations are under pressure to align the value they provide with the organization’s goals and overall company vision.
    • In response, they are moving to more product-centric delivery practices.
    • Previously, project managers focused on the delivery of objectives through a project, but changes in delivery practices result in de-emphasizing this. What should project managers should be doing?
    Common Obstacles
    • There are many voices with different opinions on the role of project management. This causes confusion and unnecessary churn.
    • Project management and product management naturally align to different time horizons. Harmonizing their viewpoints can take significant work.
    • Different parts of the organization have very specific views on how to govern and fund pieces of work, which leads to confusion about the role of project management.
    Info-Tech’s Approach
    • Get alignment on the definition of projects and products.
    • Understand the differences between delivering projects and products.
    • Line up your project management activities with the needs of Agile and product-centric projects.
    • Understand how funding can change when moving away from project-centric delivery.

    Info-Tech Insight

    There is no one-size-fits-all approach to product delivery. For many organizations product delivery requires detailed project management practices, while for others it requires much less. Taking an outcome-first approach when planning your product transformation is critical to make the right decision on the balance between project and product management.

    Your evolution of delivery practice is not a binary switch

    1. PROJECTS WITH WATERFALL The project manager is accountable for delivery of the project, and the project manager owns resources and scope.
    2. PROJECTS WITH AGILE DELIVERY A transitional state where the product owner is accountable for feature delivery and the project manager accountable for the overall project.
    3. PRODUCTS WITH AGILE PROJECT AND OPERATIONAL DELIVERY The product owner is accountable for the delivery of the project and products, and the project manager plays a role of facilitator and enabler.
    4. PRODUCTS WITH AGILE DELIVERY Delivery of products can happen without necessarily having projects. However, projects could be instantiated to cover major initiatives.

    Info-Tech Insight

    • Organizations do not need to go to full product and Agile delivery to improve delivery practices! Every organization needs to make its own determination on how far it needs to go. You can do it in one step or take each step and evaluate how well you are delivering against your goals and objectives.
    • Many organizations will go to Products With Agile Project and Operational Delivery, and some will go to Products With Agile Delivery.

    Activities to undertake as you transition to product-centric delivery

    1. PROJECTS WITH WATERFALL
      • Clarify how you want to talk about projects and products. The center of the conversation will start to change.
    2. PROJECTS WITH AGILE DELIVERY
      • Align project management and agility. They are not mutually exclusive (but not necessarily always aligned).
    3. PRODUCTS WITH AGILE PROJECT AND OPERATIONAL DELIVERY
      • Specify the different activities for project management. As you mature your product practices, project management becomes a facilitator and collaborator.
    4. PRODUCTS WITH AGILE DELIVERY
      • Identify key differences in funding. Delivering products instead of projects requires a change in the focus of your funding.

    Step 1.1

    Clarify How You Want to Talk About Projects and Products

    Activities
    • 1.1.1 Define “product” and “project” in your context
    • 1.1.2 Brainstorm potential changes in the role of projects as you become Agile and product-centric

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Outcomes of this step

    • An understanding of how the role can change through the evolution from project to more product-centric practices

    Definition of terms

    Project

    “A temporary endeavor undertaken to create a unique product, service, or result. The temporary nature of projects indicates a beginning and an end to the project work or a phase of the project work. Projects can stand alone or be part of a program or portfolio.” (PMBOK, PMI)
    Stock image of an open head with a city for a brain.

    Product

    “A tangible solution, tool, or service (physical or digital) that enables the long-term and evolving delivery of value to customers and stakeholders based on business and user requirements.” (Deliver on Your Digital Product Vision, Info-Tech Research Group)

    Info-Tech InsightLet these definitions be a guide, not necessarily to be taken verbatim. You need to define these terms in your context based on your particular needs and objectives. The only caveat is to be consistent with your usage of these terms in your organization.

    1.1.1 Define “product” and “project” in your context

    30-60 minutes

    Output: Your enterprise/organizational definition of products and projects

    Participants: Executives, Product/project managers, Applications teams

    1. Discuss what “product” and “project” mean in your organization.
    2. Create common, enterprise-wide definitions for “product” and “project.”
    3. Screenshot of the previous slide's definitions of 'Project' and 'Product'.

    Agile and product management does not mean projects go away

    Diagram laying out the roadmap for 'Continuous delivery of value'. Beginning with 'Projects With Agile Delivery' in which Projects with features and services end in a Product Release that is disconnected from the continuum. Then the 'Products With Agile Project and Operational Delivery' and 'Products With Agile Delivery' which are connected by a 'Product Roadmap' and 'Product Backlog' have Product Releases that connect to the continuum.

    Projects Within Products

    Regardless of whether you recognize yourself as a “product-based” or “project-based” shop, the same basic principles should apply.

    You go through a period or periods of project-like development to build or implement a version of an application or product.

    You also have parallel services along with your project development that encompass the more product-based view. These may range from basic support and maintenance to full-fledged strategy teams or services like sales and marketing.

    Info-Tech Note

    As your product transformation continues, projects can become optional and needed only as part of your organization’s overall delivery processes

    Identify the differences between a project-centric and a product-centric organization

    Project Product
    Fund projects — Funding –› Fund teams
    Line-of-business sponsor — Prioritization –› Product owner
    Project owner — Accountability –› Product owner
    Makes specific changes to a product —Product management –› Improves product maturity and support of the product
    Assignment of people to work — Work allocation –› Assignment of work to product teams
    Project manager manages — Capacity management –› Team manages

    Info-Tech Insight

    Product delivery requires significant shifts in the way you complete development and implementation work and deliver value to your users. Make the changes that support improving end-user value and enterprise alignment.

    1.1.2 Brainstorm potential changes in the role of projects as you become Agile and product-centric

    5-10 minutes

    Output: Increased appreciation of the relationship between project and product delivery

    Participants: Executives, Product/project managers, Applications teams

    • Discuss as a group:
      • What stands out in the evolution from project to product?
      • What concerns do you have with the change?
      • What will remain the same?
      • Which changes feel the most impactful?
      • Screenshot of the slide's 'Continuous delivery of value' diagram.

    Step 1.2

    Align Project Management and Agility

    Activities
    • 1.2.1 Explore gaps in Agile/product-centric delivery of projects

    This step involves the following participants:

    • Executives
    • Product/Project managers
    • Applications teams

    Outcomes of this step

    • A clearer view of how agility can be introduced into projects.

    Challenges with the project management role in Agile and product-centric organizations

    Many project managers feel left out in the cold. That should not be the case!

    In product-centric, Agile teams, many roles that a project manager previously performed are now taken care of to different degrees by the product owner, delivery team, and process manager.

    The overall change alters the role of project management from one that orchestrates all activities to one that supports, monitors, and escalates.

    Product Owner
    • Defines the “what” and heavily involved in the “when” and the “why”
    • Accountable for delivery of value
    Delivery team members
    • Define the “how”
    • Accountable for building and delivering high-quality deliverables
    • Can include roles like user experience, interaction design, business analysis, architecture
    Process Manager
    • Facilitates the other teams to ensure valuable delivery
    • Can potentially, in a Scrum environment, play the scrum master role, which involves leading scrums, retrospectives, and sprint reviews and working to resolve team issues and impediments
    • Evolves into more of a facilitator and communicator role

    1.2.1 Explore gaps in Agile/ product-centric delivery of projects

    5-10 minutes

    Output: An assessment of what is in the way to effectively deliver on Agile and product-focused projects

    Participants: Executives, Product/project managers, Applications teams

    • Discuss as a group:
      • What project management activities do you see in Agile/product roles?
      • What gaps do you see?
      • How can project management help Agile/product teams be successful?

    Step 1.3

    Specify the Different Activities for Project Management

    Activities
    • 1.3.1 Articulate the changes in a project manager’s role

    This step involves the following participants:

    • Executives
    • Product/Project managers
    • Applications teams

    Outcomes of this step

    • An understanding of the role of project management in an Agile and product context

    Kicking off the project

    Product-centric delivery still requires key activities to successfully deliver value. Where project managers get their information from does change.

    Stock photo of many hands grabbing a 2D rocketship.
    Project Charter

    Project managers should still define a charter and capture the vision and scope. The vision and high-level scope is primarily defined by the product owner.

    Key Stakeholders and Communication

    Clearly defining stakeholders and communication needs is still important. However, they are defined based on significant input and cues by the product owner.

    Standardizing on Tools and Processes

    To ensure consistency across projects, project managers will want to align tools to how the team manages their backlog and workflow. This will smooth communication about status with stakeholders.

    Info-Tech Insight

    1. Product management plays a similar role to the one that was traditionally filled by the project sponsor except for a personal accountability to the product beyond the life of the project.
    2. When fully transitioned to product-centric delivery, these activities could be replaced by a product canvas. See Deliver on Your Digital Product Vision for more information.

    During the project: Three key activities

    The role of project management evolves from a position of ownership to a position of communication, collaboration, and coordination.

    1. Support
      • Communicate Agile/product team needs to leadership
      • Liaise and co-ordinate for non-Agile/product-focused parts of the organization
      • Coach members of the team
    2. Monitoring
      • Regular status updates to PMO still required
      • Metrics aligned with Agile/product practices
      • Leverage similar tooling and approaches to what is done locally on Agile/product teams (if possible)
    3. Escalation
      • Still a key escalation point for roadblocks that go outside the product teams
      • Collaborate closely with Agile/product team leadership and scrum masters (if applicable)
    Cross-section of a head, split into three levels with icons representing the three steps detailed on the left, 'Support', 'Monitoring', and 'Escalation'.

    1.3.1: Articulate the changes in a project manager’s role

    5-10 minutes

    Output: Current understanding of the role of project management in Agile/product delivery

    Participants: Executives, Product/project managers, Applications teams

    Why is this important?

    Project managers still have a role to play in Agile projects and products. Agreeing to what they should be doing is critical to successfully moving to a product-centric approach to delivery.

    • Review how Info-Tech views the role of project management at project initiation and during the project.
    • Review the state of your Agile and product transformation, paying special attention to who performs which roles.
    • Discuss as a group:
      • What are the current activities of project managers in your organization?
      • Based on how you see delivery practices evolving, what do you see as the new role of project managers when it comes to Agile-centric and product-centric delivery.

    Step 1.4

    Identify Key Differences in Funding of Products Instead of Projects

    Activities
    • 1.4.1 Discuss traditional versus product-centric funding methods

    This step involves the following participants:

    • Executives
    • Product owners
    • Product managers
    • Project managers
    • Delivery managers

    Outcomes of this step

    • Identified differences in funding of products instead of projects

    Planning and budgeting for products and families

    Reward for delivering outcomes, not features

    Autonomy

    Icon of a diamond.

    Fund what delivers value

    Fund long-lived delivery of value through products (not projects).

    Give autonomy to the team to decide exactly what to build.

    Flexibility

    Icon of a dollar sign.

    Allocate iteratively

    Allocate to a pool based on higher-level business case.

    Provide funds in smaller amounts to different product teams and initiatives based on need.

    Arrow cycling right in a clockwise motion.



    Arrow cycling left in a clockwise motion.

    Accountability

    Icon of a target.

    Measure and adjust

    Product teams define metrics that contribute to given outcomes.

    Track progress and allocate more (or less) funds as appropriate.

    Stock image of two suited hands exchanging coins.

    Info-Tech Insight

    Changes to funding require changes to product and Agile practices to ensure product ownership and accountability.

    (Adapted from Bain & Company)

    Budgeting approaches must evolve as you mature your product operating environment

    TRADITIONAL PROJECTS WITH WATERFALL DELIVERY TRADITIONAL PROJECTS WITH AGILE DELIVERY PRODUCTS WITH AGILE PROJECT DELIVERY PRODUCTS WITH AGILE DELIVERY

    WHEN IS THE BUDGET TRACKED?

    Budget tracked by major phases Budget tracked by sprint and project Budget tracked by sprint and project Budget tracked by sprint and release

    HOW ARE CHANGES HANDLED?

    All change is by exception Scope change is routine; budget change is by exception Scope change is routine; budget change is by exception Budget change is expected on roadmap cadence

    WHEN ARE BENEFITS REALIZED?

    Benefits realization post project completion Benefits realization ongoing throughout the life of the project Benefits realization ongoing throughout the life of the product Benefits realization ongoing throughout life of the product

    WHO DRIVES?

    Project Manager
    • Project team delivery role
    • Refines project scope, advocates for changes in the budget
    • Advocates for additional funding in the forecast
    Product Owner
    • Project team delivery role
    • Refines project scope, advocates for changes in the budget
    • Advocates for additional funding in the forecast
    Product Manager
    • Product portfolio team role
    • Forecasting new initiatives during delivery to continue to drive value throughout the life of the product
    Product Manager
    • Product family team role
    • Forecasting new initiatives during delivery to continue to drive value throughout the life of the product
    ˆ ˆ
    Hybrid Operating Environments

    Info-Tech Insight

    As you evolve your approach to product delivery, you will be decoupling the expected benefits, forecast, and budget. Managing them independently will improve your ability adapt to change and drive the right outcomes!

    1.4.1 Discuss traditional versus product-centric funding methods

    30 minutes

    Output: Understanding of funding principles and challenges

    Participants: Executives, Product owners, Product managers, Project managers, Delivery managers

    1. Discuss how projects are currently funded.
    2. Review how the Agile/product funding models differ from how you currently operate.
    3. What changes do you need to consider to support a product delivery model?
    4. For each change, identify the key stakeholders and list at least one action to take.

    Case Study

    Global Digital Financial Services Company

    This financial services company looked to drive better results by adopting more product-centric practices.

    • Its projects exhibited:
      • High complexity/strong dependencies between components
      • High implementation effort
      • High clarification/reconciliation (more than two departments involved)
      • Multiple methodologies (Agile/Waterfall/Hybrid)
    • The team recognized they could not get rid of projects entirely, but getting to a level where there was a coordinated delivery between projects and products being implemented is important.
    Results
    • Moving several initiatives to more product-centric practices allowed for:
      • Delivery within current assigned capacity
      • Limited need for coordination across departments
      • Lower complexity
      • A unified Agile approach to delivery
    • Through balancing the needs of projects and products, there were three key insights about the project management’s role:
      • The role of project management changes depending on the context of the work. There is no one-size-fits-all definition.
      • Project management played a much bigger role when work spanned multiple products and business units.
      • Project management was used as a key coordinator when delivery became complicated and multilayered.
    Example of a company where practices fall equally into 'Project' and 'Product' categories, with some being shared by both.
    Example of a product-centric company where practices fall mainly into the 'Product category', leaving only one in 'Project'.

    Where Do I Go Next?

    Deliver on Your Digital Product Vision

    • Build a product vision your organization can take from strategy through execution.

    Build a Better Product Owner

    • Strengthen the product owner role in your organization by focusing on core capabilities and proper alignment.

    Implement Agile Practices That Work

    • Improve collaboration and transparency with the business to minimize project failure.

    Implement DevOps Practices That Work

    • Streamline business value delivery through the strategic adoption of DevOps practices.

    Prepare an Actionable Roadmap for Your PMO

    • Turn planning into action with a realistic PMO timeline.

    Deliver Digital Products at Scale

    • Deliver value at the scale of your organization through defining enterprise product families.

    Extend Agile Practices Beyond IT

    • Further the benefits of Agile by extending a scaled Agile framework to the business.

    Spread Best Practices With an Agile Center of Excellence

    • Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Tailor IT Project Management Processes to Fit Your Projects

    • Spend less time managing processes and more time delivering results.

    Bibliography

    Cobb, Chuck. “Are there Project Managers in Agile?” High Impact Project Management, n.d. Web.

    Cohn, Mike. “What Is a Product?” Mountain Goat Software, 6 Sept. 2016. Web.

    Cobb, Chuck. “Agile Project Manager Job Description.” High Impact Project Management, n.d. Web.

    “How do you define a product?” Scrum.org, 4 April 2017. Web.

    Johnson, Darren, et al. “How to Plan and Budget for Agile at Scale.” Bain & Company, 8 Oct. 2019. Web.

    “Product Definition.” SlideShare, uploaded by Mark Curphey, 25 Feb. 2007. Web.

    Project Management Institute. A Guide to the Project Management Body of Knowledge (PMBOK Guide). 7th ed., Project Management Institute, 2021.

    Schuurman, Robbin. “Scrum Master vs Project Manager – An Overview of the Differences.” Scrum.org, 11 Feb 2020. Web.

    Schuurman, Robbin. “Product Owner vs Project Manager.” Scrum.org, 12 March 2020. Web.

    Vlaanderen, Kevin. “Towards Agile Product and Portfolio Management.” Academia.edu, 2010. Web.

    “What is a Developer in Scrum?” Scrum.org, n.d. Web.

    “What is a Scrum Master?” Scrum.org, n.d. Web.

    “What is a Product Owner?” Scrum.org, n.d. Web.

    Find Value With Cloud Asset Management

    • Buy Link or Shortcode: {j2store}61|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Asset Management
    • Parent Category Link: /asset-management
    • Spending on cloud platforms and software-as-a-service (SaaS) is growing, and with spending comes waste.
    • The barriers are drastically lower for purchasing SaaS and cloud services as compared to traditional IT components.
    • Skills gap: IT asset managers tend not to have the skills to optimize spending on cloud platforms.
    • New space, new tools: The IT asset management market space is still developing cloud asset management and SaaS management capabilities. Practitioners must rely on cloud optimization tools in the meantime.

    Our Advice

    Critical Insight

    • IT asset managers are uniquely suited to provide value here. They already optimize costs and manage assets.
    • Scope creep is a killer. Focus first on your highest value, highest risk cloud instances.
    • Don’t completely centralize. Central oversight is powerful, but outsource some responsibility to the business.

    Impact and Result

    • Introduce governance: Work with developers, power business users, and infrastructure groups to define a governance approach to cloud assets and to SaaS.
    • Standardize high-impact, low-effort cloud services: Focus your efforts where they will have the most value and in places where you can provide early value.
    • Update your processes: Ensure that your asset registers and your configuration management database is up to date when cloud assets are provisioned and quiesced.

    Find Value With Cloud Asset Management Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement IT asset management for cloud instances and SaaS, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define cloud asset management

    Define when a cloud instance is an asset, and what it means for the asset to be managed.

    • Find Value With Cloud Asset Management – Phase 1: Define Cloud Asset Management
    • Cloud Asset Management Standard Operating Procedures
    • Cloud Instance Provisioning Standards Checklist

    2. Build cloud asset management practices

    Develop an approach to auditing and optimizing cloud assets.

    • Find Value With Cloud Asset Management – Phase 2: Build Cloud Asset Management Practices
    • Cloud Asset Management Policy
    • Monthly Cloud Asset Optimization Checklist
    • Strategic Infrastructure Roadmap Tool
    [infographic]

    Gain Control of Cloud Integration Strategies Before they Float Away

    • Buy Link or Shortcode: {j2store}362|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Enterprise Integration
    • Parent Category Link: /enterprise-integration
    • IT is typically backlogged with tasks while the business waits to implement key solutions to remain competitive. In this competitive space, Cloud solutions offer attractive benefits to business stakeholders especially around agility and cost.
    • Moving to the Cloud involves more than outsourcing a component of the technology stack. Roles, processes, and authentication technologies need to be redefined to fit a distributed stack where parts of the IT solution space reside on-premise while the rest are in the Cloud.
    • Cloud integration means accepting loss of control in product development. A Cloud vendor will address the needs of most constituents and any high degree of customization which counteracts their business model. This makes integration a complex initiative involving two separate parties trying to align.

    Our Advice

    Critical Insight

    • Cloud integration is a fundamental commitment to change within the organization as it deeply impacts roles, processes, and technologies.
    • Be prepared to lose some degree of control of SLA management. IT will have to manage multiple Cloud SLAs and deliver a lowest common approach to the business. This may mean lowering the SLA standards previously set with on-premise solutions.
    • Cloud integration isn’t just about the technology. It is a dedication to establish solid relationships with the Cloud vendor. Understanding where the cloud solution is moving and what issues are being addressed are critical to creating an organizational road map for the future.

    Impact and Result

    • Develop a Cloud integration strategy by proactively understanding the impact of Cloud integration efforts to the organization.
    • Realize that Cloud integration will be an ongoing process of collaboration with the business, and that the initial implementation does not constitute an end.
    • Implement an integrated support structure that includes on-premise and cloud stacks.

    Gain Control of Cloud Integration Strategies Before they Float Away Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand the impacts of Cloud computing on Data, Application, Access, and Service Level Agreement integration

    Assess your current level of Cloud adoption and integration, focusing on solutions that are emerging in the market and the applicability to your IT environment.

    • Storyboard: Gain Control of Cloud Integration Strategies Before they Float Away
    • Cloud Integration Checklist
    • None
    [infographic]

    Build Your Data Quality Program

    • Buy Link or Shortcode: {j2store}127|cart{/j2store}
    • member rating overall impact (scale of 10): 9.1/10 Overall Impact
    • member rating average dollars saved: $40,241 Average $ Saved
    • member rating average days saved: 33 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Experiencing the pitfalls of poor data quality and failing to benefit from good data quality, including:
      • Unreliable data and unfavorable output.
      • Inefficiencies and costly remedies.
      • Dissatisfied stakeholders.
    • The chances of successful decision-making capabilities are hindered with poor data quality.

    Our Advice

    Critical Insight

    • Address the root causes of your data quality issues and form a viable data quality program.
      • Be familiar with your organization’s data environment and business landscape.
      • Prioritize business use cases for data quality fixes.
      • Fix data quality issues at the root cause to ensure proper foundation for your data to flow.
    • It is important to sustain best practices and grow your data quality program.

    Impact and Result

    • Implement a set of data quality initiatives that are aligned with overall business objectives and aimed at addressing data practices and the data itself.
    • Develop a prioritized data quality improvement project roadmap and long-term improvement strategy.
    • Build related practices such as artificial intelligence and analytics with more confidence and less risk after achieving an appropriate level of data quality.

    Build Your Data Quality Program Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should establish a data quality program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define your organization’s data environment and business landscape

    Learn about what causes data quality issues, how to measure data quality, what makes a good data quality practice in relation to your data and business environments.

    • Business Capability Map Template

    2. Analyze your priorities for data quality fixes

    Determine your business unit priorities to create data quality improvement projects.

    • Data Quality Problem Statement Template
    • Data Quality Practice Assessment and Project Planning Tool

    3. Establish your organization’s data quality program

    Revisit the root causes of data quality issues and identify the relevant root causes to the highest priority business unit, then determine a strategy for fixing those issues.

    • Data Lineage Diagram Template
    • Data Quality Improvement Plan Template

    4. Grow and sustain your data quality practices

    Identify strategies for continuously monitoring and improving data quality at the organization.

    Infographic

    Workshop: Build Your Data Quality Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your Organization’s Data Environment and Business Landscape

    The Purpose

    Evaluate the maturity of the existing data quality practice and activities.

    Assess how data quality is embedded into related data management practices.

    Envision a target state for the data quality practice.

    Key Benefits Achieved

    Understanding of the current data quality landscape

    Gaps, inefficiencies, and opportunities in the data quality practice are identified

    Target state for the data quality practice is defined

    Activities

    1.1 Explain approach and value proposition

    1.2 Detail business vision, objectives, and drivers

    1.3 Discuss data quality barriers, needs, and principles

    1.4 Assess current enterprise-wide data quality capabilities

    1.5 Identify data quality practice future state

    1.6 Analyze gaps in data quality practice

    Outputs

    Data Quality Management Primer

    Business Capability Map Template

    Data Culture Diagnostic

    Data Quality Diagnostic

    Data Quality Problem Statement Template

    2 Create a Strategy for Data Quality Project 1

    The Purpose

    Define improvement initiatives

    Define a data quality improvement strategy and roadmap

    Key Benefits Achieved

    Improvement initiatives are defined

    Improvement initiatives are evaluated and prioritized to develop an improvement strategy

    A roadmap is defined to depict when and how to tackle the improvement initiatives

    Activities

    2.1 Create business unit prioritization roadmap

    2.2 Develop subject areas project scope

    2.3 By subject area 1 data lineage analysis, root cause analysis, impact assessment, and business analysis

    Outputs

    Business Unit Prioritization Roadmap

    Subject area scope

    Data Lineage Diagram

    3 Create a Strategy for Data Quality Project 2

    The Purpose

    Define improvement initiatives

    Define a data quality improvement strategy and roadmap

    Key Benefits Achieved

    Improvement initiatives are defined

    Improvement initiatives are evaluated and prioritized to develop an improvement strategy

    A roadmap is defined to depict when and how to tackle the improvement initiatives

    Activities

    3.1 Understand how data quality management fits in with the organization’s data governance and data management programs

    3.2 By subject area 2 data lineage analysis, root cause analysis, impact assessment, and business analysis

    Outputs

    Data Lineage Diagram

    Root Cause Analysis

    Impact Analysis

    4 Create a Strategy for Data Quality Project 3

    The Purpose

    Determine a strategy for fixing data quality issues for the highest priority business unit

    Key Benefits Achieved

    Strategy defined for fixing data quality issues for highest priority business unit

    Activities

    4.1 Formulate strategies and actions to achieve data quality practice future state

    4.2 Formulate a data quality resolution plan for the defined subject area

    4.3 By subject area 3 data lineage analysis, root cause analysis, impact assessment, and business analysis

    Outputs

    Data Quality Improvement Plan

    Data Lineage Diagram

    5 Create a Plan for Sustaining Data Quality

    The Purpose

    Plan for continuous improvement in data quality

    Incorporate data quality management into the organization’s existing data management and governance programs

    Key Benefits Achieved

    Sustained and communicated data quality program

    Activities

    5.1 Formulate metrics for continuous tracking of data quality and monitoring the success of the data quality improvement initiative

    5.2 Workshop Debrief with Project Sponsor

    5.3 Meet with project sponsor/manager to discuss results and action items

    5.4 Wrap up outstanding items from the workshop, deliverables expectations, GIs

    Outputs

    Data Quality Practice Improvement Roadmap

    Data Quality Improvement Plan (for defined subject areas)

    Further reading

    Build Your Data Quality Program

    Quality Data Drives Quality Business Decisions

    Executive Brief

    Analyst Perspective

    Get ahead of the data curve by conquering data quality challenges.

    Regardless of the driving business strategy or focus, organizations are turning to data to leverage key insights and help improve the organization’s ability to realize its vision, key goals, and objectives.

    Poor quality data, however, can negatively affect time-to-insight and can undermine an organization’s customer experience efforts, product or service innovation, operational efficiency, or risk and compliance management. If you are looking to draw insights from your data for decision making, the quality of those insights is only as good as the quality of the data feeding or fueling them.

    Improving data quality means having a data quality management practice that is sustainably successful and appropriate to the use of the data, while evolving to keep pace with or get ahead of changing business and data landscapes. It is not a matter of fixing one data set at a time, which is resource and time intensive, but instead identifying where data quality consistently goes off the rails, and creating a program to improve the data processes at the source.

    Crystal Singh

    Research Director, Data and Analytics

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Your organization is experiencing the pitfalls of poor data quality, including:

    • Unreliable data and unfavorable output.
    • Inefficiencies and costly remedies.
    • Dissatisfied stakeholders.

    Poor data quality hinders successful decision making.

    Common Obstacles

    Not understanding the purpose and execution of data quality causes some disorientation with your data.

    • Failure to realize the importance/value of data quality.
    • Unsure of where to start with data quality.
    • Lack of investment in data quality.

    Organizations tend to adopt a project mentality when it comes to data quality instead of taking the strategic approach that would be all-around more beneficial in the long term.

    Info-Tech’s Approach

    Address the root causes of your data quality issues by forming a viable data quality program.

    • Be familiar with your organization’s data environment and business landscape.
    • Prioritize business use cases for data quality fixes.
    • Fixing data quality issues at the root cause to ensure a proper foundation for your data to flow.

    It is important to sustain best practices and grow your data quality program.

    Info-Tech Insight

    Fix data quality issues as close as possible to the source of data while understanding that business use cases will each have different requirements and expectations from data quality.

    Data is the foundation of your organization’s knowledge

    Data enables your organization to make decisions.

    Reliable data is needed to facilitate data consumers at all levels of the enterprise.

    Insights, knowledge, and information are needed to inform operational, tactical, and strategic decision-making processes. Data and information are needed to manage the business and empower business processes such as billing, customer touchpoints, and fulfillment.

    Raw Data

    Business Information

    Actionable Insights

    Data should be at the foundation of your organization’s evolution. The transformational insights that executives are constantly seeking can be uncovered with a data quality practice that makes high-quality, trustworthy information readily available to the business users who need it.

    98% of companies use data to improve customer experience. (Experian Data Quality, 2019)

    High-Level Data Architecture

    The image is a graphic, which at the top shows different stages of data, and in the lower part of the graphic shows the data processes.

    Build Your Data Quality Program

    1. Data Quality & Data Culture Diagnostics Business Landscape Exercise
    2. Business Strategy & Use Cases
    3. Prioritize Use Cases With Poor Quality

    Info-Tech Insight

    As data is ingested, integrated, and maintained in the various streams of the organization's system and application architecture, there are multiple points where the quality of the data can degrade.

    1. Understand the organization's data culture and data quality environment across the business landscape.
    2. Prioritize business use cases with poor data quality.
    3. For each use case, identify data quality issues and requirements throughout the data pipeline.
    4. Fix data quality issues at the root cause.
    5. As data flow through quality assurance monitoring checkpoints, monitor data to ensure good quality output.

    Insight:

    Proper application of data quality dimensions throughout the data pipeline will result in superior business decisions.

    Data quality issues can occur at any stage of the data flow.

    The image shows the flow of data through various stages: Data Creation; Data Ingestion; Data Accumulation and Engineering; Data Delivery; and Reporting & Analytics. At the bottom, there are two bars: the left one labelled Fix data quality root causes here...; and the right reads: ...to prevent expensive cures here.

    The image is a legend that accompanies the data flow graphic. It indicates that a white and green square icon indicates Data quality dimensions; a red cube indicates a potential point of data quality degradation; the pink square indicates Root cause of poor data quality; and a green flag indicates Quality Assurance Monitoring.

    Prevent the domino effect of poor data quality

    Data is the foundation of decisions made at data-driven organizations.

    Therefore, if there are problems with the organization’s underlying data, this can have a domino effect on many downstream business functions.

    Let’s use an example to illustrate the domino effect of poor data quality.

    Organization X is looking to migrate their data to a single platform, System Y. After the migration, it has become apparent that reports generated from this platform are inconsistent and often seem wrong. What is the effect of this?

    1. Time must be spent on identifying the data quality issues, and often manual data quality fixes are employed. This will extend the time to deliver the project that depends on system Y by X months.
    2. To repair these issues, the business needs to contract two additional resources to complete the unforeseen work. The new resources cost $X each, as well as additional infrastructure and hardware costs.
    3. Now, the strategic objectives of the business are at risk and there is a feeling of mistrust in the new system Y.

    Three key challenges impacting the ability to deliver excellent customer experience

    30% Poor data quality

    30% Method of interaction changing

    30% Legacy systems or lack of new technology

    95% Of organizations indicated that poor data quality undermines business performance.

    (Source: Experian Data Quality, 2019)

    Maintaining quality data will support more informed decisions and strategic insight

    Improving your organization’s data quality will help the business realize the following benefits:

    Data-Driven Decision Making

    Business decisions should be made with a strong rationale. Data can provide insight into key business questions, such as, “How can I provide better customer satisfaction?”

    89% Of CIOs surveyed say lack of quality data is an obstacle to good decision making. (Larry Dignan, CIOs juggling digital transformation pace, bad data, cloud lock0in and business alignment, 2020)

    Customer Intimacy

    Improve marketing and the customer experience by using the right data from the system of record to analyze complete customer views of transactions, sentiments, and interactions.

    94% Percentage of senior IT leaders who say that poor data quality impinges business outcomes. (Clint Boulton, Disconnect between CIOs and LOB managers weakens data quality, 2016)

    Innovation Leadership

    Gain insights on your products, services, usage trends, industry directions, and competitor results to support decisions on innovations, new products, services, and pricing.

    20% Businesses lose as much as 20% of revenue due to poor data quality. (RingLead Data Management Solutions, 10 Stats About Data Quality I Bet You Didn’t Know)

    Operational Excellence

    Make sure the right solution is delivered rapidly and consistently to the right parties for the right price and cost structure. Automate processes by using the right data to drive process improvements.

    10-20% The implementation of data quality initiatives can lead to reductions in corporate budget of up to 20%. (HaloBI, 2015)

    However, maintaining data quality is difficult

    Avoid these pitfalls to get the true value out of your data.

    1. Data debt drags down ROI – a high degree of data debt will hinder you from attaining the ROI you’re expecting.
    2. Lack of trust means lack of usage – a lack of confidence in data results in a lack of data usage in your organization, which negatively effects strategic planning, KPIs, and business outcomes.
    3. Strategic assets become a liability – bad data puts your business at risk of failing compliance standards, which could result in you paying millions in fines.
    4. Increased costs and inefficiency – time spent fixing bad data means less workload capacity for your important initiatives and the inability to make data-based decisions.
    5. Barrier to adopting data-driven tech – emerging technologies, such as predictive analytics and artificial intelligence, rely on quality data. Inaccurate, incomplete, or irrelevant data will result in delays or a lack of ROI.
    6. Bad customer experience – Running your business on bad data can hinder your ability to deliver to your customers, growing their frustration, which negatively impacts your ability to maintain your customer base.

    Info-Tech Insight

    Data quality suffers most at the point of entry. This is one of the causes of the domino effect of data quality – and can be one of the most costly forms of data quality errors due to the error propagation. In other words, fix data ingestion, whether through improving your application and database design or improving your data ingestion policy, and you will fix a large majority of data quality issues.

    Follow Our Data & Analytics Journey

    Data Quality is laced into Data Strategy, Data Management, and Data Governance.

    • Data Strategy
      • Data Management
        • Data Quality
        • Data Governance
          • Data Architecture
            • MDM
            • Data Integration
            • Enterprise Content Management
            • Information Lifecycle Management
              • Data Warehouse/Lake/Lakehouse
                • Reporting and Analytics
                • AI

    Data quality is rooted in data management

    Extract Maximum Benefit Out of Your Data Quality Management.

    • Data management is the planning, execution, and oversight of policies, practices, and projects that acquire, control, protect, deliver, and enhance the value of data and information assets (DAMA, 2009).
    • In other words, getting the right information, to the right people, at the right time.
    • Data quality management exists within each of the data practices, information dimensions, business resources, and subject areas that comprise the data management framework.
    • Within this framework, an effective data quality practice will replace ad hoc processes with standardized practices.
    • An effective data quality practice cannot succeed without proper alignment and collaboration across this framework.
    • Alignment ensures that the data quality practice is fit for purpose to the business.

    The DAMA DMBOK2 Data Management Framework

    • Data Governance
      • Data Quality
      • Data Architecture
      • Data Modeling & Design
      • Data Storage & Operations
      • Data Security
      • Data Integration & Interoperability
      • Documents & Content
      • Reference & Master Data
      • Data Warehousing & Business Intelligence
      • Meta-data

    (Source: DAMA International)

    Related Info-Tech Research

    Build a Robust and Comprehensive Data Strategy

    • People often think that the main problems they need to fix first are related to data quality when the issues transpire at a much larger level. This blueprint is the key to building and fostering a data-driven culture.

    Create a Data Management Roadmap

    • Refer to this blueprint to understand data quality in the context of data disciplines and methods for improving your data management capabilities.

    Establish Data Governance

    • Define an effective data governance strategy and ensure the strategy integrates well with data quality with this blueprint.

    Info-Tech’s methodology for Data Quality

    Phase Steps 1. Define Your Organization’s Data Environment and Business Landscape 2. Analyze Your Priorities for Data Quality Fixes 3. Establish Your Organization’s Data Quality Program 4. Grow and Sustain Your Data Quality Practice
    Phase Outcomes This step identifies the foundational understanding of your data and business landscape, the essential concepts around data quality, as well as the core capabilities and competencies that IT needs to effectively improve data quality. To begin addressing specific, business-driven data quality projects, you must identify and prioritize the data-driven business units. This will ensure that data improvement initiatives are aligned to business goals and priorities. After determining whose data is going to be fixed based on priority, determine the specific problems that they are facing with data quality, and implement an improvement plan to fix it. Now that you have put an improvement plan into action, make sure that the data quality issues don’t keep cropping up. Integrate data quality management with data governance practices into your organization and look to grow your organization’s overall data maturity.

    Info-Tech Insight

    “Data Quality is in the eyes of the beholder.”– Igor Ikonnikov, Research Director

    Data quality means tolerance, not perfection

    Data from Info-Tech’s CIO Business Vision Diagnostic, which represents over 400 business stakeholders, shows that data quality is very important when satisfaction with data quality is low.

    However, when data quality satisfaction hit a threshold, it became less important.

    The image is a line graph, with the X-axis labelled Satisfaction with Data Quality, and the Y axis labelled Rated Importance for Data Quality. The line begins high, and then descends. There is text inside the graph, which is transcribed below.

    Respondents were asked “How satisfied are you with the quality, reliability, and effectiveness of the data you use to manage your group?” as well as to rank how important data quality was to their organization.

    When the business satisfaction of data quality reached a threshold value of 71-80%, the rated importance reached its lowest value.

    Info-Tech Insight

    Data needs to be good, but truly spectacular data may go unnoticed.

    Provide the right level of data quality, with the appropriate effort, for the correct usage. This blueprint will help you to determine what “the right level of data quality” means, as well as create a plan to achieve that goal for the business.

    Data Roles and Responsibilities

    Data quality occurs through three main layers across the data lifecycle

    Data Strategy

    Data Strategy should contain Data Quality as a standard component.

    ← Data Quality issues can occur throughout at any stage of the data flow →

    DQ Dimensions

    Timeliness – Representation – Usability – Consistency – Completeness – Uniqueness – Entry Quality – Validity – Confidence – Importance

    Source System Layer

    • Data Resource Manager/Collector: Enters data into a database and ensures that data collection sources are accurate

    Data Transformation Layer

    • ETL Developer: Designs data storage systems
    • Data Engineer: Oversees data integrations, data warehouses and data lakes, data pipelines
    • Database Administrator: Manages database systems, ensures they meet SLAs, performances, backups
    • Data Quality Engineer: Finds and cleanses bad data in data sources, creates processes to prevent data quality problems

    Consumption Layer

    • Data Scientist: Gathers and analyses data from databases and other sources, runs models, and creates data visualizations for users
    • BI Analyst: Evaluates and mines complex data and transforms it into insights that drive business value. Uses BI software and tools to analyze industry trends and create visualizations for business users
    • Data Analyst: Extracts data from business systems, analyzes it, and creates reports and dashboards for users
    • BI Engineer: Documents business needs on data analysis and reporting and develops BI systems, reports, and dashboards to support them
    Data Creation → [SLA] Data Ingestion [ QA] →Data Accumulation & Engineering → [SLA] Data Delivery [QA] →Reporting & Analytics
    Fix Data Quality root causes here… to prevent expensive cures here.

    Executive Brief Case Study

    Industry: Healthcare

    Source: Primary Info-Tech Research

    Align source systems to maximize business output.

    A healthcare insurance agency faced data quality issues in which a key business use case was impacted negatively. Business rules were not well defined, and default values instead of real value caused a concern. When dealing with multiple addresses, data was coming from different source systems.

    The challenge was to identify the most accurate address, as some were incomplete, and some lacked currency and were not up to date. This especially challenged a key business unit, marketing, to derive business value in performing key activities by being unable to reach out to existing customers to advertise any additional products.

    For this initiative, this insurance agency took an economic approach by addressing those data quality issues using internal resources.

    Results

    Without having any MDM tools or having a master record or any specific technology relating to data quality, this insurance agency used in-house development to tackle those particular issues at the source system. Data quality capabilities such as data profiling were used to uncover those issues and address them.

    “Data quality is subjective; you have to be selective in terms of targeting the data that matters the most. When getting business tools right, most issues will be fixed and lead to achieving the most value.” – Asif Mumtaz, Data & Solution Architect

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostic and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3 Phase 4
    • Call #1: Learn about the concepts of data quality and the common root causes of poor data quality.
    • Call #2: Identify the core capabilities of IT for improving data quality on an enterprise scale.
    • Call #3: Determine which business units use data and require data quality remediation.
    • Call #4: Create a plan for addressing business unit data quality issues according to priority of the business units based on value and impact of data.
    • Call #5: Revisit the root causes of data quality issues and identify the relevant root causes to the highest priority business unit.
    • Call #6: Determine a strategy for fixing data quality issues for the highest priority business unit.
    • Call #7: Identify strategies for continuously monitoring and improving data quality at the organization.
    • Call #8: Learn how to incorporate data quality practices in the organization’s larger data management and data governance frameworks.
    • Call #9: Summarize results and plan next steps on how to evolve your data landscape.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between eight to twelve calls over the course of four to six months.

    Workshop Overview

    Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    Define Your Organization’s Data Environment and Business Landscape Create a Strategy for Data Quality Project 1 Create a Strategy for Data Quality Project 2 Create a Strategy for Data Quality Project 3 Create a Plan for Sustaining Data Quality
    Activities
    1. Explain approach and value proposition.
    2. Detail business vision, objectives, and drivers.
    3. Discuss data quality barriers, needs, and principles.
    4. Assess current enterprise-wide data quality capabilities.
    5. Identify data quality practice future state.
    6. Analyze gaps in data quality practice.
    1. Create business unit prioritization roadmap.
    2. Develop subject areas project scope.
    3. By subject area 1:
    • Data lineage analysis
    • Root cause analysis
    • Impact assessment
    • Business analysis
    1. Understand how data quality management fits in with the organization’s data governance and data management programs.
    2. By subject area 2:
    • Data lineage analysis
    • Root cause analysis
    • Impact assessment
    • Business analysis
    1. Formulate strategies and actions to achieve data quality practice future state.
    2. Formulate data quality resolution plan for defined subject area.
    3. By subject area 3:
    • Data lineage analysis
    • Root cause analysis
    • Impact assessment
    • Business analysis
    1. Formulate metrics for continuous tracking of data quality and monitoring the success of the data quality improvement initiative.
    2. Workshop Debrief with Project Sponsor.
    • Meet with project sponsor/manager to discuss results and action items.
    • Wrap up outstanding items from the workshop, deliverables expectations, GIs.
    Deliverables
    1. Data Quality Management Primer
    2. Business Capability Map Template
    3. Data Culture Diagnostic
    4. Data Quality Diagnostic
    5. Data Quality Problem Statement Template
    1. Business Unit Prioritization Roadmap
    2. Subject area scope
    3. Data Lineage Diagram
    1. Data Lineage Diagram
    2. Root Cause Analysis
    3. Impact Analysis
    1. Data Lineage Diagram
    2. Data Quality Improvement Plan
    1. Data Quality Practice Improvement Roadmap
    2. Data Quality Improvement Plan (for defined subject areas)

    Phase 1

    Define Your Organization’s Data Environment and Business Landscape

    Build Your Data Quality Program

    Data quality is a methodology and must be treated as such

    A comprehensive data quality practice includes appropriate business requirements gathering, planning, governance, and oversight capabilities, as well as empowering technologies for properly trained staff, and ongoing development processes.

    Some common examples of appropriate data management methodologies for data quality are:

    • The data quality team has the necessary competencies and resources to perform the outlined workload.
    • There are processes that exist for continuously evaluating data quality performance capabilities.
    • Improvement strategies are designed to increase data quality performance capabilities.
    • Policies and procedures that govern data quality are well-documented, communicated, followed, and updated.
    • Change controls exist for revising policies and procedures, including communication of updates and changes.
    • Self-auditing techniques are used to ensure business-IT alignment when designing or recalibrating strategies.

    Effective data quality practices coordinate with other overarching data disciplines, related data practices, and strategic business objectives.

    “You don’t solve data quality with a Band-Aid; you solve it with a methodology.” – Diraj Goel, Growth Advisor, BC Tech

    Data quality can be defined by four key quality indicators

    Similar to measuring the acidity of a substance with a litmus test, the quality of your data can be measured using a simple indicator test. As you learn about common root causes of data quality problems in the following slides, think about these four quality indicators to assess the quality of your data:

    • Completeness – Closeness to the correct value. Encompasses accuracy, consistency, and comparability to other databases.
    • Usability – The degree to which data meets current user needs. To measure this, you must determine if the user is satisfied with the data they are using to complete their business functions.
    • Timeliness – Length of time between creation and availability of data.
    • Accessibility – How easily a user can access and understand the data (including data definitions and context). Interpretability can also be used to describe this indicator.

    Info-Tech Insight

    Quality is a relative term. Data quality is measured in terms of tolerance. Perfect data quality is both impossible and a waste of time and effort.

    How to get investment for your data quality program

    Follow these steps to convince leadership of the value of data quality:

    “You have to level with people, you cannot just start talking with the language of data and expect them to understand when the other language is money and numbers.” – Izabela Edmunds, Information Architect at Mott MacDonald

    1. Perform Phases 0 & 1 of this blueprint as this will offer value in carrying out the following steps.
    2. Build credibility. Show them your understanding of data and how it aligns to the business.
    3. Provide tangible evidence of how significant business use cases are impacted by poor quality data.
    4. Present the ROI of fixing the data quality issues you have prioritized.
    5. Explain how the data quality program will be established, implemented, and sustained.
    6. Prove the importance of fixing data quality issues at the source and how it is the most efficient, effective, and cost-friendly solution.

    Phase 1 deliverables

    Each of these deliverables serve as inputs to detect key outcomes about your organization and to help complete this blueprint:

    1. Data Culture Diagnostic

    Use this report to understand where your organization lies across areas relating to data culture.

    While the Quality & Trust area of the report might be most prevalent to this blueprint, this diagnostic may point out other areas demanding more attention.

    Please speak to your account manager for access

    2. Business Capability Map Template

    Perform this process to understand the capabilities that enable specific value streams. The output of this deliverable is a high-level view of your organization’s defined business capabilities.

    Download this tool

    Info-Tech Insight

    Understanding your data culture and business capabilities are foundational to starting the journey of data quality improvement.

    Key deliverable:

    3. Data Quality Diagnostic

    The Data Quality Report is designed to help you understand, assess, and improve key organizational data quality issues. This is where respondents across various areas in the organization can assess Data Quality across various dimensions.

    Download this tool

    Data Quality Diagnostic Value

    Prioritize business use cases with our data quality dimensions.

    • Complete this diagnostic for each major business use case. The output from the Data Culture Diagnostic and the Business Capability Map should help you understand which use cases to address.
    • Involve all key stakeholders involved in the business use case. There may be multiple business units involved in a single use case.
    • Prioritize the business use cases that need the most attention pertaining to data quality by comparing the scores of the Importance and Confidence data quality dimensions.

    If there are data elements that are considered of high importance and low confidence, then they must be prioritized.

    Sample Scorecard

    The image shows a screen capture of a scorecard, with sample information filled in.

    The image shows a screen capture of a scorecard, with sample information filled in.

    Poor data quality develops due to multiple root causes

    After you get to know the properties of good quality data, understand the underlying causes of why those indicators can point to poor data quality.

    If you notice that the usability, completeness, timeliness, or accessibility of the organization’s data is suffering, one or more of the following root causes are likely plaguing your data:

    Common root causes of poor data quality, through the lens of Info-Tech’s Five-Tier Data Architecture:

    The image shows a graphic of Info-Tech's Five-Tier Data Architecture, with root causes of poor data quality identified. In the data creation and ingestion stages, the root causes are identified as Poor system/application design, Poor database design, Inadequate enterprise integration. The root causes identified in the latter stages are: Absence of data quality policies, procedures, and standards, and Incomplete/suboptimal business processes

    These root causes of poor data quality are difficult to avoid, not only because they are often generated at an organization’s beginning stages, but also because change can be difficult. This means that the root causes are often propagated through stale or outdated business processes.

    Data quality problems root cause #1:

    Poor system or application design

    Application design plays one of the largest roles in the quality of the organization’s data. The proper design of applications can prevent data quality issues that can snowball into larger issues downstream.

    Proper ingestion is 90% of the battle. An ounce of prevention is worth a pound of cure. This is true in many different topics, and data quality is one of them. Designing an application so that data gets entered properly, whether by internal staff or external customers, is the single most effective way to prevent data quality issues.

    Some common causes of data quality problems at the application/system level include:

    • Too many open fields (free-form text fields that accept a variety of inputs).
    • There are no lookup capabilities present. Reference data should be looked up instead of entered.
    • Mandatory fields are not defined, resulting in blank fields.
    • No validation of data entries before writing to the underlying database.
    • Manual data entry encourages human error. This can be compounded by poor application design that facilitates the incorrect data entry.

    Data quality problems root cause #2:

    Poor database design

    Database design also affects data quality. How a database is designed to handle incoming data, including the schema and key identification, can impact the integrity of the data used for reporting and analytics.

    The most common type of database is the relational database. Therefore, we will focus on this type of database.

    When working with and designing relational databases, there are some important concepts that must be considered.

    Referential integrity is a term that is important for the design of relational database schema, and indicates that table relationships must always be consistent.

    For table relationships to be consistent, primary keys (unique value for each row) must uniquely identify entities in columns of the table. Foreign keys (field that is defined in a second table but refers to the primary key in the first table) must agree with the primary key that is referenced by the foreign key. To maintain referential integrity, any updates must be propagated to the primary parent key.

    Info-Tech Insight

    Other types of databases, including databases with unstructured data, need data quality consideration. However, unstructured data may have different levels of quality tolerance.

    At the database level, some common root causes include:

    1. Lack of referential integrity.
    2. Lack of unique keys.
    3. Don’t have restricted data range.
    4. Incorrect datatype, string fields that can hold too many characters.
    5. Orphaned records.

    Databases and People:

    Even though database design is a technology issue, don’t forget about the people.

    A lack of training employees on database permissions for updating/entering data into the physical databases is a common problem for data quality.

    Data quality problems root cause #3:

    Improper integration and synchronization of enterprise data

    Data ingestion is another category of data-quality-issue root causes. When moving data in Tier 2, whether it is through ETL, ESB, point-to-point integration, etc., the integrity of the data during movement and/or transformation needs to be maintained.

    Tier 2 (the data ingestion layer) serves to move data for one of two main purposes:

    • To move data from originating systems to downstream systems to support integrated business processes.
    • To move data to Tier 3 where data rests for other purposes. This movement of data in its purest form means we move raw data to storage locations in an overall data warehouse environment reflecting any security, compliance and other standards in our choices for how to store. Also, it is where data is transformed for unique business purpose that will also be moved to a place of rest or a place of specific use. Data cleansing and matching and other data-related blending tasks occur at this layer.

    This ensures the data is pristine throughout the process and improves trustworthiness of outcomes and speed to task completion.

    At the integration layer, some common root causes of data quality problems include:

    1. No data mask. For example, zip code should have a mask of five numeric characters.
    2. Questionable aggregation, transformation process, or incorrect logic.
    3. Unsynchronized data refresh process in an integrated environment.
    4. Lack of a data matching tool.
    5. Lack of a data quality tool.
    6. Don’t have data profiling capability.
    7. Errors with data conversion or migration processes – when migrating, decommissioning, or converting systems – movement of data sets.
    8. Incorrect data mapping between data sources and targets.

    Data quality problems root cause #4:

    Insufficient and ineffective data quality policies and procedures

    Data policies and procedures are necessary for establishing standards around data and represent another category of data-quality-issue root causes. This issue spans across all five of the 5 Tier Architecture.

    Data policies are short statements that seek to manage the creation, acquisition, integrity, security, compliance, and quality of data. These policies vary amongst organizations, depending on your specific data needs.

    • Policies describe what to do, while standards and procedures describe how to do something.
    • There should be few data policies, and they should be brief and direct. Policies are living documents and should be continuously updated to respond to the organization’s data needs.
    • The data policies should highlight who is responsible for the data under various scenarios and rules around how to manage it effectively.

    Some common root causes of data quality issues related to policies and procedures include:

    1. Policies are absent or out of date.
    2. Employees are largely unaware of policies in effect.
    3. Policies are unmonitored and unenforced.
    4. Policies are in multiple locations.
    5. Multiple versions of the same policy exist.
    6. Policies are managed inconsistently across different silos.
    7. Policies are written poorly by untrained authors.
    8. Inadequate policy training program.
    9. Draft policies stall and lose momentum.
    10. Weak policy support from senior management.

    Data quality problems root cause #5:

    Inefficient or ineffective business processes

    Some common root causes of data quality issues related to business processes include:

    1. Multiple entries of the same record leads to duplicate records proliferating in the database.
    2. Many business definitions of data.
    3. Failure to document data manipulations when presenting data.
    4. Failure to train people on how to understand data.
    5. Manually intensive processes can result in duplication of effort (creates room for errors).
    6. No clear delineation of dependencies of business processes within or between departments, which leads to a siloed approach to business processes, rather than a coordinated and aligned approach.

    Business processes can impact data quality. How data is entered into systems, as well as employee training and knowledge about the correct data definitions, can impact the quality of your organization’s data.

    These problematic business process root causes can lead to:

    Duplicate records

    Incomplete data

    Improper use of data

    Wrong data entered into fields

    These data quality issues will result in costly and inefficient manual fixes, wasting valuable time and resources.

    Phase 1 Summary

    1. Data Quality Understanding

    • Understanding that data quality is a methodology and should be treated as such.
    • Data quality can be defined by four key indicators which are completeness, usability, timeliness, and accessibility.
    • Explained how to get investment for your data quality program and showcasing its value to leadership.

    2. Phase 0 Deliverables

    Introduced foundational tools to help you throughout this blueprint:

    • Complete the Data Culture Diagnostic and Business Capability Map Template as they are foundational in understanding your data culture and business capabilities to start the journey of data quality improvement.
    • Involve key relevant stakeholders when completing the Data Quality Diagnostic for each major business use case. Use the Importance and Confidence dimensions to help you prioritize which use case to address.

    3. Common Root Causes

    Addressed where multiple root causes can occur throughout the flow of your data.

    Analyzed the following common root causes of data quality:

    1. Poor system or application design
    2. Poor database design
    3. Improper integration and synchronization of enterprise data
    4. Insufficient and ineffective data quality policies and procedures
    5. Inefficient or ineffective business processes

    Phase 2

    Analyze Your Priorities for Data Quality Fixes

    Build Your Data Quality Program

    Business Context & Data Quality

    Establish the business context of data quality improvement projects at the business unit level to find common goals.

    • To ensure the data improvement strategy is business driven, start your data quality project evaluation by understanding the business context. You will then determine which business units use data and create a roadmap for prioritizing business units for data quality repairs.
    • Your business context is represented by your corporate business vision, mission, goals and objectives, differentiators, and drivers. Collectively, they provide essential information on what is important to your organization, and some hints on how to achieve that. In this step, you will gather important information about your business view and interpret the business view to establish a data view.

    Business Vision

    Business Goals

    Business Drivers

    Business Differentiators

    Not every business unit uses data to the same extent

    A data flow diagram can provide value by allowing an organization to adopt a proactive approach to data quality. Save time by knowing where the entry points are and where to look for data flaws.

    Understanding where data lives can be challenging as it is often in motion and rarely resides in one place. There are multiple benefits that come from taking the time to create a data flow diagram.

    • Mapping out the flow of data can help provide clarity on where the data lives and how it moves through the enterprise systems.
    • Having a visual of where and when data moves helps to understand who is using data and how it is being manipulated at different points.
    • A data flow diagram will allow you to elicit how data is used in a different use case.

    Info-Tech’s Four-Column Model of Data will help you to identify the essential aspects of your data:

    Business Use Case →Used by→Business Unit →Housed in→Systems→Used for→Usage of the Data

    Not every business unit requires the same standard of data quality

    To prioritize your business units for data quality improvement projects, you must analyze the relative importance of the data they use to the business. The more important the data is to the business, the higher the priority is of fixing that data. There are two measures for determining the importance of data: business value and business impact.

    Business Value of Data

    Business value of data can be evaluated by thinking about its ties to revenue generation for the organization, as well as how it is used for productivity and operations at the organization.

    The business value of data is assessed by asking what would happen to the following parameters if the data is not usable (due to poor quality, for example):

    • Loss of Revenue
    • Loss of Productivity
    • Increased Operating Costs

    Business Impact of Data

    Business impact of data should take into account the effects of poor data on both internal and external parties.

    The business impact of data is assessed by asking what the impact would be of bad data on the following parameters:

    • Impact on Customers
    • Impact on Internal Staff
    • Impact on Business Partners

    Value + Impact = Data Priority Score

    Ensure that the project starts on the right foot by completing Info-Tech’s Data Quality Problem Statement Template

    Before you can identify a solution, you must identify the problem with the business unit’s data.

    Download this tool

    Use Info-Tech’s Data Quality Problem Statement Template to identify the symptoms of poor data quality and articulate the problem.

    Info-Tech’s Data Quality Problem Statement Template will walk you through a step-by-step approach to identifying and describing the problems that the business unit feels regarding its data quality.

    Before articulating the problem, it helps to identify the symptoms of the problem. The following W’s will help you to describe the symptoms of the data quality issues:

    What

    Define the symptoms and feelings produced by poor data quality in the business unit.

    Where

    Define the location of the data that are causing data quality issues.

    When

    Define how severe the data quality issues are in frequency and duration.

    Who

    Define who is affected by the data quality problems and who works with the data.

    Info-Tech Best Practice

    Symptoms vs. Problems. Often, people will identify a list of symptoms of a problem and mistake those for the problem. Identifying the symptoms helps to define the problem, but symptoms do not help to identify the solution. The problem statement helps you to create solutions.

    Define the project problem to articulate the purpose

    1 hour

    Input

    • Symptoms of data quality issues in the business unit

    Output

    • Refined problem description

    Materials

    • Data Quality Problem Statement Template

    Participants

    • Data Quality Improvement Project team
    • Business line representatives

    A defined problem helps you to create clear goals, as well as lead your thinking to determine solutions to the problem.

    A problem statement consists of one or two sentences that summarize a condition or issue that a quality improvement team is meant to address. For the improvement team to fix the problem, the problem statement therefore has to be specific and concise.

    Instructions

    1. Gather the Data Quality Improvement Project Team in a room and start with an issue that is believed to be related to data quality.
    2. Ask what are the attributes and symptoms of that reality today; do this with the people impacted by the issue. This should be an IT and business collaboration.
    3. Draw your conclusions of what it all means: what have you collectively learned?
    4. Consider the implications of your conclusions and other considerations that must be taken into account such as regulatory needs, compliance, policy, and targets.
    5. Develop solutions – Contain the problem to something that can be solved in a realistic timeframe, such as three months.

    Download the Data Quality Problem Statement Template

    Case Study

    A strategic roadmap rooted in business requirements primes a data quality improvement plan for success.

    MathWorks

    Industry

    Software Development

    Source

    Primary Info-Tech Research

    As part of moving to a formalized data quality practice, MathWorks leveraged an incremental approach that took its time investigating business cases to support improvement actions. Establishing realistic goals for improvement in the form of a roadmap was a central component for gaining executive approval to push the project forward.

    Roadmap Creation

    In constructing a comprehensive roadmap that incorporated findings from business process and data analyses, MathWorks opted to document five-year and three-year overall goals, with one-year objectives that supported each goal. This approach ensured that the tactical actions taken were directed by long-term strategic objectives.

    Results – Business Alignment

    In presenting their roadmap for executive approval, MathWorks placed emphasis on communicating the progression and impact of their initiatives in terms that would engage business users. They focused on maintaining continual lines of communication with business stakeholders to demonstrate the value of the initiatives and also to gradually shift the corporate culture to one that is invested in an effective data quality practice.

    “Don’t jump at the first opportunity, because you may be putting out a fire with a cup of water where a fire truck is needed.” – Executive Advisor, IT Research and Advisory Firm

    Use Info-Tech’s Practice Assessment and Project Planning Tool to create your strategy for improving data quality

    Assess IT’s capabilities and competencies around data quality and plan to build these as the organization’s data quality practice develops. Before you can fix data quality, make sure you have the necessary skills and abilities to fix data quality correctly.

    The following IT capabilities are developed on an ongoing basis and are necessary for standardizing and structuring a data quality practice:

    • Meeting Business Needs
    • Services and Projects
    • Policies, Procedures, and Standards
    • Roles and Organizational Structure
    • Oversight and Communication
    • Data Quality of Different Data Types

    Download this Tool

    Data Handling and Remediation Competencies:

    • Data Standardization: Formatting values into consistent standards based on industry standards and business rules.
    • Data Cleansing: Modification of values to meet domain restrictions, integrity constraints, or other business rules for sufficient data quality for the organization.
    • Data Matching: Identification, linking, and merging related entries in or across sets of data.
    • Data Validation: Checking for correctness of the data.

    After these capabilities and competencies are assessed for a current and desired target state, the Data Quality Practice Assessment and Project Planning Tool will suggest improvement actions that should be followed in order to build your data quality practice. In addition, a roadmap will be generated after target dates are set to create your data quality practice development strategy.

    Benchmark current and identify target capabilities for your data quality practice

    1 hour

    Input

    • Current and desired data quality practices in the organization

    Output

    • Assessment of where the gaps lie in your data quality practice

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Data Quality Project Lead
    • Business Line Representatives
    • Business Architects

    Use the Data Quality Practice Assessment and Project Planning Tool to evaluate the baseline and target capabilities of your practice in terms of how data quality is approached and executed.

    Download this Tool

    Instructions

    1. Invite the appropriate stakeholders to participate in this exercise. Examples:
      1. Business executives will have input in Tab 2
      2. Unique stakeholders: communications expert or executive advisors may have input
    2. On Tab 2: Practice Components, assess the current and target states of each capability on a scale of 1–5. Note: “Ad hoc” implies a capability is completed, but randomly, informally, and without a standardized method.

    These results will set the baseline against which you will monitor performance progress and keep track of improvements over time.

    Info-Tech Insight

    Focus on early alignment. Assessing capabilities within specific people’s job functions can naturally result in disagreement or debate, especially between business and IT people. Remind everyone that data quality should ultimately serve business needs wherever possible.

    Visualization improves the holistic understanding of where gaps exist in your data quality practice

    To enable deeper analysis on the results of your practice assessment, Tab 3: Data Quality Practice Scorecard in the Data Quality Practice Assessment and Project Planning Tool creates visualizations of the gaps identified in each of your practice capabilities and related data management practices. These diagrams serve as analysis summaries.

    Gap assessment of “Meeting Business Needs” capabilities

    The image shows a screen capture of the Gap assessment of 
“Meeting Business Needs” capabilities, with sample information filled in.

    Visualization of gap assessment of data quality practice capabilities

    The image shows a bar graph titled Data Quality Capabilities.

    1. Enhance your gap analyses by forming a relative comparison of total gaps in key practice capability areas, which will help in determining priorities.
    • Example: In Tab 2 compare your capabilities within “Policies, Procedures, and Standards.” Then in Tab 3, compare your overall capabilities in “Policies, Procedures, and Standards” versus “Empowering Technologies.”
  • Put these up on display to improve discussion in the gap analyses and prioritization sessions.
  • Improve the clarity and flow of your strategy template, final presentations, and summary documents by copying and pasting the gap assessment diagrams.
  • Before engaging in the data quality improvement project plan, receive signoff from IT regarding feasibility

    The final piece of the puzzle is to gain sign-off from IT.

    Hofstadter's law: It always takes longer than you expect, even when you take into account Hofstadter’s Law.

    This means that before engaging IT in data quality projects to fix the business units’ data in Phase 2, IT must assess feasibility of the data quality improvement plan. A feasibility analysis is typically used to review the strengths and weaknesses of the projects, as well as the availability of required skills and technologies needed to complete them. Use the following workflow to guide you in performing a feasibility analysis:

    Project evaluation process:

    Present capabilities

    • Operational Capabilities
    • System Capabilities
    • Schedule Capabilities
      • Summary of Evaluation Results
        • Recommendations/ modifications to the project plan

    Info-Tech Best Practice

    While the PMO identifies and coordinates projects, IT must determine how long and for how much.

    Conduct gap analysis sessions to review and prioritize the capability gaps

    1 hour

    Input

    • Current and Target State Assessment

    Output

    • Documented initiatives to help you get to the target state

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Data Quality team
    • IT representatives

    Instructions

    • Analyze Gap Analysis Results – As a group, discuss the high-level results on Tab 3: Data Quality Practice Score. Discuss the implications of the gaps identified.
    • Do a line-item review of the gaps between current and target levels for each assessed capability by using Tab 2: Practice Components.
    • Brainstorm Alignment Strategies – Brainstorm the effort and activities that will be necessary to support the practice in building its capabilities to the desired target level. Ask the following questions:
      • What activities must occur to enable this capability?
      • What changes/additions to resources, process, technology, business involvement, and communication must occur?
    • Document Data Quality Initiatives – Turn activities into initiatives by documenting them in Tab 4. Data Quality Practice Roadmap. Review the initiatives and estimate the start and end dates of each one.
    • Continue to evaluate the assessment results in order to create a comprehensive set of data quality initiatives that support your practice in building capabilities.

    Download this Tool

    Create the organization’s data quality improvement strategy roadmap

    1 hour

    Input

    • Data quality practice gaps and improvement actions

    Output

    • Data quality practice improvement roadmap

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Data Quality Project Lead
    • Business Executives
    • IT Executives
    • Business Architects

    Generating Your Roadmap

    1. Plan the sequence, starting time, and length of each initiative in the Data Quality Practice Assessment and Project Planning Tool.
    2. The tool will generate a Gantt chart based on the start and length of your initiatives.
    3. The Gantt chart is generated in Tab 4: Data Quality Practice Roadmap, and can be used to organize and ensure that all of the essential aspects of data quality are addressed.

    Use the Practice Roadmap to plan and improve data quality capabilities

    Download this Tool

    Info-Tech Best Practice

    To help get you started, Info-Tech has provided an extensive list of data quality improvement initiatives that are commonly undertaken by organizations looking to improve their data quality.

    Establish Baseline Metrics

    Baseline metrics will be improved through:

    2 hours

    Create practice-level metrics to monitor your data quality practice.

    Instructions:

    1. Establish metrics for both the business and IT that will be used to determine if the data quality practice development is effective.
    2. Set targets for each metric.
    3. Collect current data to calculate the metrics and establish a baseline.
    4. Assign an owner for tracking each metric to be accountable for performance.
    Metric Current Goal
    Usage (% of trained users using the data warehouse)
    Performance (response time)
    Performance (response time)
    Resource utilization (memory usage, number of machine cycles)
    User satisfaction (quarterly user surveys)
    Data quality (% values outside valid values, % fields missing, wrong data type, data outside acceptable range, data that violates business rules. Some aspects of data quality can be automatically tracked and reported)
    Costs (initial installation and ongoing, Total Cost of Ownership including servers, software licenses, support staff)
    Security (security violations detected, where violations are coming from, breaches)
    Patterns that are used
    Reduction in time to market for the data
    Completeness of data that is available
    How many "standard" data models are being used
    What is the extra business value from the data governance program?
    How much time is spent for data prep by BI & analytics team?

    Phase 2 summary

    As you improve your data quality practice and move from reactive to stable, don’t rest and assume that you can let data quality keep going by itself. Rapidly changing consumer requirements or other pains will catch up to your organization and you will fall behind again. By moving to the proactive and predictive end of the maturity scale, you can stay ahead of the curve. By following the methodology laid out in Phase 1, the data quality practices at your organization will improve over time, leading to the following results:

    Chaotic

    Before Data Quality Practice Improvements

    • No standards to data quality

    Reactive

    Year 1

    • Processes defined
    • Data cleansing approach to data quality

    Stable

    Year 2

    • Business rules/ stewardship in place
    • Education and training

    Proactive

    Year 3

    • Data quality practices fully in place and embedded in the culture
    • Trusted and intelligent enterprise

    (Global Data Excellence, Data Excellence Maturity Model)

    Phase 3

    Establish Your Organization’s Data Quality Program

    Build Your Data Quality Program

    Create a data lineage diagram to map the data journey and identify the data subject areas to be targeted for fixes

    It is important to understand the various data that exist in the business unit, as well as which data are essential to business function and require the highest degree of quality efforts.

    Visualize your databases and the flow of data. A data lineage diagram can help you and the Data Quality Improvement Team visualize where data issues lie. Keeping the five-tier architecture in mind, build your data lineage diagram.

    Reminder: Five-Tier Architecture

    The image shows the Five-Tier Architecture graphic.

    Use the following icons to represent your various data systems and databases.

    The image shows four icons. They are: the image of a square and a computer monitor, labelled Application; the image of two sheets of paper, labelled Desktop documents; the image of a green circle next to a computer monitor, labelled Web Application; and a blue cylinder labelled Database.

    Use Info-Tech’s Data Lineage Diagram to document the data sources and applications used by the business unit

    2 hours

    Input

    • Data sources and applications used by the business unit

    Output

    • Data lineage diagram

    Materials

    • Data Lineage Diagram Template

    Participants

    • Business Unit Head/Data Owner
    • Business Unit SMEs
    • Data Analysts/Architects

    Map the flow and location of data within a business unit by creating a system context diagram.

    Gain an accurate view of data locations and uses: Engage business users and representatives with a wide breadth of knowledge-related business processes and the use of data by related business operations.

    1. Sit down with key business representatives of the business unit.
    2. Document the sources of data and processes in which they’re involved, and get IT confirmation that the sources of the data are correct.
    3. Map out the sources and processes in a system context diagram.

    Download this Tool

    Sample Data Lineage Diagram

    The image shows a sample data lineage diagram, split into External Applications and Internal Applications, and showing the processes involved in each.

    Leverage Info-Tech’s Data Quality Practice Assessment and Project Planning Tool to document business context

    1 hour

    Input

    • Business vision, goals, and drivers

    Output

    • Business context for the data quality improvement project

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Data Quality project lead
    • Business line representatives
    • IT executives

    Develop goals and align them with specific objectives to set the framework for your data quality initiatives.

    In the context of achieving business vision, mission, goals, and objectives and sustaining differentiators and key drivers, think about where and how data quality is a barrier. Then brainstorm data quality improvement objectives that map to these barriers. Document your list of objectives in Tab 5. Prioritize business units of the Data Quality Practice Assessment and Project Planning Tool.

    Establishing Business Context Example

    Healthcare Industry

    Vision To improve member services and make service provider experience more effective through improving data quality and data collection, aggregation, and accessibility for all the members.
    Goals

    Establish meaningful metrics that guide to the improvement of healthcare for member effectiveness of health care providers:

    • Data collection
    • Data harmonization
    • Data accessibility and trust by all constituents.
    Differentiator Connect service consumers with service providers, that comply with established regulations by delivering data that is accurate, trusted, timely, and easy to understand to connect service providers and eliminate bureaucracy and save money and time.
    Key Driver Seamlessly provide a healthcare for members.

    Download this Tool

    Document the identified business units and their associated data

    30 minutes

    Input

    • Business units

    Output

    • Documented business units to begin prioritization

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Project Manager

    Instructions

    1. Using Tab 5: Prioritize Business Units of the Data Quality Practice Assessment and Project Planning Tool, document the business units that use data in the organization. This will likely be all business units in the organization.
    2. Next, document the primary data used by those business units.
    3. These inputs will then be used to assess business unit priority to generate a data quality improvement project roadmap.

    The image shows a screen capture of Tab 5: Prioritize Business Units, with sample information inputted.

    Reminder – Not every business unit requires the same standard of data quality

    To prioritize your business units for data quality improvement projects, you must analyze the relative importance of the data they use to the business. The more important the data is to the business, the higher the priority is of fixing that data. There are two measures for determining the importance of data: business value and business impact.

    Business Value of Data

    Business value of data can be evaluated by thinking about its ties to revenue generation for the organization, as well as how it is used for productivity and operations at the organization.

    The business value of data is assessed by asking what would happen to the following parameters if the data is not usable (due to poor quality, for example):

    • Loss of Revenue
    • Loss of Productivity
    • Increased Operating Costs

    Business Impact of Data

    Business impact of data should take into account the effects of poor data on both internal and external parties.

    The business impact of data is assessed by asking what the impact would be of bad data on the following parameters:

    • Impact on Customers
    • Impact on Internal Staff
    • Impact on Business Partners

    Value + Impact = Data Priority Score

    Assess the business unit priority order for data quality improvements

    2 hours

    Input

    • Assessment of value and impact of business unit data

    Output

    • Prioritization list for data quality improvement projects

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Project Manager
    • Data owners

    Instructions

    Instructions In Tab 5: Prioritize Business Units of the Data Quality Practice Assessment and Project Planning Tool, assess business value and business impact of the data within each documented business unit.

    Use the ratings High, Medium, and Low to measure the financial, productivity, and efficiency value and impact of each business unit’s data.

    In addition to these ratings, assess the number of help desk tickets that are submitted to IT regarding data quality issues. This parameter is an indicator that the business unit’s data is high priority for data quality fixes.

    Download this Tool

    Create a business unit order roadmap for your data quality improvement projects

    1 hour

    Input

    • Rating of importance of data for each business unit

    Output

    • Roadmap for data quality improvement projects

    Materials

    • Data Quality Practice Assessment and Project Planning Tool

    Participants

    • Project Manager
    • Product Manager
    • Business line representatives

    Instructions

    After assessing the business units for the business value and business impact of their data, the Data Quality Practice Assessment and Project Planning Tool automatically assesses the prioritization of the business units based on your ratings. These prioritizations are then summarized in a roadmap on Tab 6: Data Quality Project Roadmap. The following is an example of a project roadmap:

    The image shows an example of a project roadmap, with three business units listed vertically along the left hand side, and a Gantt chart showing the time periods in which each Business Unit would work. At the bottom, a table shows the Length of the Project in days (100), and the start date for the first project.

    On Tab 6, insert the timeline for your data quality improvement projects, as well as the starting date of your first data quality project. The roadmap will automatically update with the chosen timing and dates.

    Download this Tool

    Identify metrics at the business unit level to track data quality improvements

    As you improve the data quality for specific business units, measuring the benefits of data quality improvements will help you demonstrate the value of the projects to the business.

    Use the following table to guide you in creating business-aligned metrics:

    Business Unit Driver Metrics Goal
    Sales Customer Intimacy Accuracy of customer data. Percent of missing or incomplete records. 10% decrease in customer record errors.

    Marketing

    Customer Intimacy Accuracy of customer data. Percent of missing or incomplete records. 10% decrease in customer record errors.
    Finance Operational Excellence Relevance of financial reports. Decrease in report inaccuracy complaints.
    HR Risk Management Accuracy of employee data. 10% decrease in employee record errors.
    Shipping Operational Excellence Timeliness of invoice data. 10% decrease in time to report.

    Info-Tech Insight

    Relating data governance success metrics to overall business benefits keeps executive management and executive sponsors engaged because they are seeing actionable results. Review metrics on an ongoing basis with those data owners/stewards who are accountable, the data governance steering committee, and the executive sponsors.

    Case Study

    Address data quality with the right approach to maximize the ROI

    EDC

    Industry: Government

    Source: Environment Development of Canada (EDC)

    Challenge

    Environment Development Canada (EDC) would initially identify data elements that are important to the business purely based on their business instinct.

    Leadership attempted to tackle the enterprise’s data issues by bringing a set of different tools into the organization.

    It didn’t work out because the fundamental foundational layer, which is the data and infrastructure, was not right – they didn't have the foundational capabilities to enable those tools.

    Solution

    Leadership listened to the need for one single team to be responsible for the data persistence.

    Therefore, the data platform team was granted that mandate to extensively execute the data quality program across the enterprise.

    A data quality team was formed under the Data & Analytics COE. They had the mandate to profile the data and to understand what quality of data needed to be achieved. They worked constantly with the business to build the data quality rules.

    Results

    EDC tackled the source of their data quality issues through initially performing a data quality management assessment with business stakeholders.

    From then on, EDC was able to establish their data quality program and carry out other key initiatives that prove the ROI on data quality.

    Begin your data quality improvement project starting with the highest priority business unit

    Now that you have a prioritized list for your data quality improvement projects, identify the highest priority business unit. This is the business unit you will work through Phase 3 with to fix their data quality issues.

    Once you have initiated and identified solutions for the first business unit, tackle data quality for the next business unit in the prioritized list.

    The image is a graphic labelled as Phase 2. On the left, there is a vertical arrow pointing upward labelled Priority of Business Units. Next to it, there are three boxes, with downward pointing arrows between them, each box labelled as each Business Unit's Data Quality Improvement Project. From there an arrow points right to a circle. Inside the circle are the steps necessary to complete the data quality improvement project.

    Create and document your data quality improvement team

    1 hour

    Input

    • Individuals who fit the data quality improvement plan team roles

    Output

    • Project team

    Materials

    • Data Quality Improvement Plan Template

    Participants

    • Data owner
    • Project Manager
    • Product Manager

    The Data Quality Improvement Plan is a concise document that should be created for each data quality project (i.e. for each business unit) to keep track of the project.

    Instructions

    1. Meet with the data owner of the business unit identified for the data quality improvement project.
    2. Identify individuals who fit the data quality improvement plan team roles.
    3. Using the Data Quality Improvement Plan Template to document the roles and individuals who will fit those roles.
    4. Have an introductory meeting with the Improvement team to clarify roles and responsibilities for the project.

    Download this Tool

    Team role Assigned to
    Data Owner [Name]
    Project Manager [Name]
    Business Analyst/BRM [Name]
    Data Steward [Name]
    Data Analyst [Name]

    Document the business context of the Data Quality Improvement Plan

    1 hour

    Input

    • Project team
    • Identified data attributes

    Output

    • Business context for the data quality improvement plan

    Materials

    • Data Quality Improvement Plan Template

    Participants

    • Data owner
    • Project Sponsor
    • Product owner

    Data quality initiatives have to be relevant to the business, and the business context will be used to provide inputs to the data improvement strategy. The context can then be used to determine exactly where the root causes of data quality issues are, which will inform your solutions.

    Instructions

    The business context of the data quality improvement plan includes documenting from previous activities:

    1. The Data Quality Improvement Team.
    2. Your Data Lineage Diagram.
    3. Your Data Quality Problem Statement.

    Info-Tech Best Practice

    While many organizations adopt data quality principles, not all organizations express them along the same terms. Have multiple perspectives within your organization outline principles that fit your unique data quality agenda. Anyone interested in resolving the day-to-day data quality issues that they face can be helpful for creating the context around the project.

    Download this tool

    Now that you have a defined problem, revisit the root causes of poor data quality

    You previously fleshed out the problem with data quality present in the business unit chosen as highest priority. Now it is time to figure out what is causing those problems.

    In the table below, you will find some of the common categories of causes of data quality issues, as well as some specific root causes.

    Category Description
    1. System/Application Design Ineffective, insufficient, or even incorrect system/application design accepts incorrect and missing data elements to the source applications and databases. The data records in those source systems may propagate into systems in tiers 2, 3, 4, and 5 of the 5-tier architecture, creating domino and ripple effects.
    2. Database design Database is created and modeled in an incorrect manner so that the management of the data records is incorrect, resulting in duplicated and orphaned records, and records that are missing data elements or records that contain incorrect data elements. Poor operational data in databases often leads to issues in tiers 2, 3, 4, and 5.
    3. Enterprise Integration Data or information is improperly integrated, transformed, masked, and aggregated in tier 2. In addition, some data integration tasks might not be timely, resulting in out-of-date data or even data that contradicts with other data. Enterprise integration is a precursor of loading a data warehouse and data marts. Issues in this layer affect tier 3, 4 and 5 on the 5-tier architecture.
    4. Policies and Procedures Policies and procedures are not effectively used to reinforce data quality. In some situations, policy gaps are found. In others, policies are overlapped and duplicated. Policies may also be out-of-date or too complex, affecting the users’ ability to interpret the policy objectives. Policies affect all tiers in the 5-tier architecture.
    5. Business Processes Improper business process design introduces poor data into the data systems. Failure to create processes around approving data changes, failure to document key data elements, and failure to train employees on the proper uses of data make data quality a burning problem.

    Leverage a root cause analysis approach to pinpoint the origins of your data issues

    A root cause analysis is a systematic approach to decompose a problem into its components. Use fishbone diagrams to help reveal the root causes of data issues.

    The image shows a fishbone diagram on the left, which starts with Process on the left, and then leads to Application and Integration, and then Database and Policies. This section is titled Root causes. The right hand section is titled Lead to problems with data... and includes 4 circles with the word or in between each. The circles are labelled: Completeness; Usability; Timeliness; Accessibility.

    Info-Tech recommends five root cause categories for assessing data quality issues:

    Application Design. Is the issue caused by human error at the application level? Consider internal employees, external partners/suppliers, and customers.

    Database Design. Is the issue caused by a particular database and stems from inadequacies in its design?

    Integration. Data integration tools may not be fully leveraged, or data matching rules may be poorly designed.

    Policies and Procedures. Do the issues take place because of lack of governance?

    Business Processes. Do the issues take place due to insufficient processes?

    For Example:

    When performing a deeper analysis of your data issues related to the accuracy of the business unit’s data, you would perform a root cause analysis by assessing the contribution of each of the five categories of data quality problem root causes:

    The image shows another fishbone diagram, with example information filled in. The first section on the left is titled Application Design, and includes the text: Data entry problems lead to incorrect accounting entries. The second is Integration, and includes the text: Data integration tools are not fully leveraged. The third section is Policies, and includes the text: No policy on standardizing name and address. The last section is Database design, with text that reads: Databases do not contain unique keys. The diagram ends with an arrow pointing right to a blue circle with Accuracy in it.

    Leverage a combination of data analysis techniques to identify and quantify root causes

    Info-Tech Insight

    Including all attributes of the key subject area in your data profiling activities may produce too much information to make sense of. Conduct data profiling primarily at the table level and undergo attribute profiling only if you are able to narrow down your scope sufficiently.

    Data Profiling Tool

    Data profiling extracts a sample of the target data set and runs it through multiple levels of analysis. The end result is a detailed report of statistics about a variety of data quality criteria (duplicate data, incomplete data, stale data, etc.).

    Many data profiling tools have built-in templates and reports to help you uncover data issues. In addition, they quantify the occurrences of the data issues.

    E-Discovery Tool

    This supplements a profiling tool. For Example, use a BI tool to create a custom grouping of all the invalid states (e.g. “CAL,” “AZN,” etc.) and visualize the percentage of invalid states compared to all states.

    SQL Queries

    This supplements a profiling tool. For example, use a SQL statement to group the customer data by customer segment and then by state to identify which segment–state combinations contain poor data.

    Identify the data issues for the particular business unit under consideration

    2 hours

    Input

    • Issues with data quality felt by the business unit
    • Data lineage diagram

    Output

    • Categorized data quality issues

    Materials

    • Whiteboard, markers, sticky notes
    • Data Quality Improvement Plan Template

    Participants

    • Data quality improvement project team
    • Business line representatives

    Instructions

    1. Gather the data quality improvement project team in a room, along with sticky notes and a whiteboard.
    2. Display your previously created data lineage diagram on the whiteboard.
    3. Using color-coded sticky notes, attach issues to each component of the data lineage diagram that team members can identify. Use different colors for the four quality attributes: Completeness, Usability, Timeliness, and Accessibility.

    Example:

    The image shows the data lineage diagram that has been shown in previous sections. In addition, the image shows 4 post-its arranges around the diagram, labelled: Usability; Completeness; Timeliness; and Accessibility.

    Map the data issues on fishbone diagrams to identify root causes

    1 hour

    Input

    • Categorized data quality issues

    Output

    • Completed fishbone diagrams

    Materials

    • Whiteboard, markers, sticky notes
    • Data Quality Improvement Plan Template

    Participants

    • Data quality improvement project team

    Now that you have data quality issues classified according to the data quality attributes, map these issues onto four fishbone diagrams.

    The image shows a fishbone diagram, which is titled Example: Root cause analysis diagram for data accuracy.

    Download this Tool

    Get to know the root causes behind system/application design mistakes

    Suboptimal system/application design provides entry points for bad data.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Insufficient data mask No data mask is defined for a free-form text field in a user interface. E.g. North American phone number should have 4 masks – country code (1-digit), area code (3-digit), and local number (7-digit). X X
    Too many free-form text fields Incorrect use of free-form text fields (fields that accept a variety of inputs). E.g. Use a free-form text field for zip code instead of a backend look up. X X
    Lack of value lookup Reference data is not looked up from a reference list. E.g. State abbreviation is entered instead of being looked up from a standard list of states. X X
    Lack of mandatory field definitions Mandatory fields are not identified and reinforced. Resulting data records with many missing data elements. E.g. Some users may fill up 2 or 3 fields in a UI that has 20 non-mandatory fields. X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Application Design section is highlighted.

    Get to know the root causes behind common database design mistakes

    Improper database design allows incorrect data to be stored and propagated.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Incorrect referential integrity Referential integrity constraints are absent or incorrectly implemented, resulting in child records without parent records, or related records are updated or deleted in a cascading manner. E.g. An invoice line item is created before an invoice is created. X X
    Lack of unique keys Lack of unique keys creating scenarios where record uniqueness cannot be guaranteed. E.g. Customer records with the same customer_ID. X X
    Data range Fail to define a data range for incoming data, resulting in data values that are out of range. E.g. The age field is able to store an age of 999. X X
    Incorrect data type Incorrect data types are used to store data fields. E.g. A string field is used to store zip codes. Some users use that to store phone numbers, birthdays, etc. X X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Database Design section is highlighted

    Get to know the root causes behind enterprise integration mistakes

    Improper data integration or synchronization may create poor analytical data.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Incorrect transformation Transformation is done incorrectly. A wrong formula may have been used, transformation is done at the wrong data granularity, or aggregation logic is incorrect. E.g. Aggregation is done for all customers instead of just active customers. X X
    Data refresh is out of sync Data is synchronized at different intervals, resulting in a data warehouse where data domains are out of sync. E.g. Customer transactions are refreshed to reflect the latest activities but the account balance is not yet refreshed. X X
    Data is matched incorrectly Fail to match records from disparate systems, resulting in duplications and unmatched records. E.g. Unable to match customers from different systems because they have different cust_ID. X X
    Incorrect data mapping Fields from source systems are not properly matched with data warehouse fields. E.g. Status fields from different systems are mixed into one field. X X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Integration section is highlighted

    Get to know the root causes behind policy and procedure mistakes

    Suboptimal policies and procedures undermine the effect of best practices.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Policy Gaps There are gaps in the policy landscape in terms of some missing key policies or policies that are not refreshed to reflect the latest changes. E.g. A data entry policy is absent, leading to inconsistent data entry practices. X X
    Policy Communications Policies are in place but the policies are not communicated effectively to the organization, resulting in misinterpretation of policies and under-enforcement of policies. E.g. The data standard is created but very few developers are aware of its existence. X X
    Policy Enforcement Policies are in place but not proactively re-enforced and that leads to inconsistent application of policies and policy adoption. E.g. Policy adoption is dropping over time due to lack of reinforcement. X X
    Policy Quality Policies are written by untrained authors and they do not communicate the messages. E.g. A non-technical data user may find a policy that is loaded with technical terms confusing. X X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Policies section is highlighted

    Get to know the root causes behind common business process mistakes

    Ineffective and inefficient business processes create entry points for poor data.

    Business Process
    Usually found in → Tier 1 Tier 2 Tier 3 Tier 4 Tier 5
    Issue Root Causes Usability Completeness Timeliness Accessibility
    Lack of training Key data personnel and business analysts are not trained in data quality and data governance, leading to lack of accountability. E.g. A data steward is not aware of downstream impact of a duplicated financial statement. X X
    Ineffective business process The same piece of information is entered into data systems two or more times. Or a piece of data is stalled in a data system for too long. E.g. A paper form is scanned multiple times to extract data into different data systems. X X
    Lack of documentation Fail to document the work flows of the key business processes. A lack of work flow results in sub-optimal use of data. E.g. Data is modeled incorrectly due to undocumented business logic. X X
    Lack of integration between business silos Business silos hold on to their own datasets resulting in data silos in which data is not shared and/or data is transferred with errors. E.g. Data from a unit is extracted as a data file and stored in a shared drive with little access. X X

    The image shows a fishbone diagram, with the following sections, from left to right: Application Design; Integration; Processes; Policies; Database Design; Data Quality Measure. The Processes section is highlighted

    Phase 3 Summary

    1. Data Lineage Diagram
    • Creating the data lineage diagram is recommended to help visualize the flow of your data and to map the data journey and identify the data subject areas to be targeted for fixes.
    • The data lineage diagram was leveraged multiple times throughout this Phase. For example, the data lineage diagram was used to document the data sources and applications used by the business unit
  • Business Context
    • Business context was documented through the Data Quality Practice Assessment and Project Planning Tool.
    • The same tool was used to document identified business units and their associated data.
    • Metrics were also identified at the business unit level to track data quality improvements.
  • Common Root Causes
    • Leverage a root cause analysis approach to pinpoint the origins of your data quality issues.
    • Analyzed and got to know the root causes behind the following:
      1. System/application design mistakes
      2. Common database design mistakes
      3. Enterprise integration mistakes
      4. Policies and procedures mistakes
      5. Common business processes mistakes
  • Phase 4

    Grow and Sustain Your Data Quality Program

    Build Your Data Quality Program

    For the identified root causes, determine the solutions for the problem

    As you worked through the previous step, you identified the root causes of your data quality problems within the business unit. Now, it is time to identify solutions.

    The following slides provide an overview of the solutions to common data quality issues. As you identify solutions that apply to the business unit being addressed, insert the solution tables in Section 4: Proposed Solutions of the Data Quality Improvement Plan Template.

    All data quality solutions have two components to them:

    • Technology
    • People

    For the next five data quality solution slides, look for the slider for the contributions of each category to the solution. Use this scale to guide you in creating solutions.

    When designing solutions, keep in mind that solutions to data quality problems are not mutually exclusive. In other words, an identified root cause may have multiple solutions that apply to it.

    For example, if an application is plagued with inaccurate data, the application design may be suboptimal, but also the process that leads to data being entered may need fixing.

    Data quality improvement strategy #1:

    Fix data quality issues by improving system/application design.

    Technology

    Application Interface Design

    Restrict field length – Capture only the characters you need for your application.

    Leverage data masks – Use data masks in standardized fields like zip code and phone number.

    Restrict the use of open text fields and use reference tables – Only present open text fields when there is a need. Use reference tables to limit data values.

    Provide options – Use radio buttons, drop-down lists, and multi-select instead of using open text fields.

    Data Validation at the Application Level

    Validate data before committing – Use simple validation to ensure the data entered is not random numbers and letters.

    Track history – Keep track of who entered what fields.

    Cannot submit twice – Only design for one-time submission.

    People

    Training

    Data-entry training – Training that is related to data entry, creating, or updating data records.

    Data resolution training – Training data stewards or other dedicated data personnel on how to resolve data records that are not entered properly.

    Continuous Improvement

    Standards – Develop application design principles and standards.

    Field testing – Field data entry with a few people to look for abnormalities and discrepancies.

    Detection and resolution – Abnormal data records should be isolated and resolved ASAP.

    Application Testing

    Thorough testing – Application design is your first line of defence against poor data. Test to ensure bad data is kept out of the systems.

    Case Study

    HMS

    Industry: Healthcare

    Source: Informatica

    Improve your data quality ingestion procedures to provide better customer intimacy for your users

    Healthcare Management Systems (HMS) provides cost containment services for healthcare sponsors and payers, and coordinates benefits services. This is to ensure that healthcare claims are paid correctly to both government agencies and individuals. To do so, HMS relies on data, and this data needs to be of high quality to ensure the correct decisions are made, the right people get the correct claims, and the appropriate parties pay out.

    To improve the integrity of HMS’s customer data, HMS put in place a framework that helped to standardize the collection of high volume and highly variable data.

    Results

    Working with a data quality platform vendor to establish a framework for data standardization, HMS was able to streamline data analysis and reduce new customer implementations from months to weeks.

    HMS data was plagued with a lack of standardization of data ingestion procedures.

    Before improving data quality processes After improving data quality processes
    Data Ingestion Data Ingestion
    Many standards of ingestion. Standardized data ingestion
    Data Storage Data Storage
    Lack of ability to match data, creating data quality errors.
    Data Analysis Data Analysis
    = =
    Slow Customer Implementation Time 50% Reduction in Customer Implementation Time

    Data quality improvement strategy #2:

    Fix data quality issues using proper database design.

    Technology

    Database Design Best Practices

    Referential integrity – Ensure parent/child relationships are maintained in terms of cascade creation, update, and deletion.

    Primary key definition – Ensure there is at least one key to guarantee the uniqueness of the data records, and primary key should not allow null.

    Validate data domain – Create triggers to check the data values entered in the database fields.

    Field type and length – Define the most suitable data type and length to hold field values.

    One-Time Data Fix (more on the next slide)

    Explore solutions – Where to fix the data issues? Is there a case to fix the issues?

    Running profiling tools to catch errors – Run scans on the database with defined criteria to identify occurrences of questionable data.

    Fix a sample before fixing all records – Use a proof-of-concept approach to explore fix options and evaluate impacts before fixing the full set.

    People

    The DBA Team

    Perform key tasks in pairs – Take a pair approach to perform key tasks so that validation and cross-check can happen.

    Skilled DBAs – DBAs should be certified and accredited.

    Competence – Assess DBA competency on an ongoing basis.

    Preparedness – Develop drills to stimulate data issues and train DBAs.

    Cross train – Cross train team members so that one DBA can cover another DBA.

    Data quality improvement strategy #3:

    Improve integration and synchronization of enterprise data.

    Technology

    Integration Architecture

    Info-Tech’s 5-Tier Architecture – When doing transformations, it is good practice to persist the integration results in tier 3 before the data is further refined and presented in tier 4.

    Timing, timing, and timing – Think of the sequence of events. You may need to perform some ETL tasks before other tasks to achieve synchronization and consistence.

    Historical changes – Ensure your tier 3 is robust enough to include historical data. You need to enable type 2 slowly, changing dimension to recreate the data at a point in time.

    Data Cleansing

    Standardize – Leverage data standardization to standardize name and address fields to improve matching and integration.

    Fuzzy matching – When there are no common keys between datasets. The datasets can only be matched by fuzzy matching. Fuzzy matching is not hard science; define a confidence level and think about a mechanism to deal with the unmatched.

    People

    Reporting and Documentations

    Business data glossary and data lineage – Define a business data glossary to enhance findability of key data elements. Document data mappings and ETL logics.

    Create data quality reports – Many ETL platforms provide canned data quality reports. Leverage those quality reports to monitor the data health.

    Code Review

    Create data quality reports – Many ETL platforms provide canned data quality reports. Leverage those quality reports to monitor the data health.

    ARB (architectural review board) – All ETL codes should be approved by the architectural review board to ensure alignment with the overall integration strategy.

    Data quality improvement strategy #4:

    Improve data quality policies and procedures.

    Technology

    Policy Reporting

    Data quality reports – Leverage canned data quality reports from the ETL platforms to monitor data quality on an on-going basis. When abnormalities are found, provoke the right policies to deal with the issues.

    Store policies in a central location that is well known and easy to find and access. A key way that technology can help communicate policies is by having them published on a centralized website.

    Make the repository searchable and easily navigable. myPolicies helps you do all this and more.

    myPolicies helps you do all this and more.

    Go to this link

    People

    Policy Review and Training

    Policy review – Create a schedule for reviewing policies on a regular basis – invite professional writers to ensure polices are understandable.

    Policy training – Policies are often unread and misread. Training users and stakeholders on policies is an effective way to make sure those users and stakeholders understand the rationale of the policies. It is also a good practice to include a few scenarios that are handled by the policies.

    Policy hotline/mailbox – To avoid misinterpretation of the policies, a policy hotline/mailbox should be set up to answer any data policy questions from the end users/stakeholders.

    Policy Communications

    Simplified communications – Create handy one-pagers and infographic posters to communicate the key messages of the polices.

    Policy briefing – Whenever a new data project is initiated, a briefing of data policies should be given to ensure the project team follows the policies from the very beginning.

    Data quality improvement strategy #5:

    Streamline and optimize business processes.

    Technology

    Requirements Gathering

    Data Lineage – Leverage a metadata management tool to construct and document data lineage for future reference.

    Documentations Repository – It is a best practice to document key project information and share that knowledge across the project team and with the stakeholder. An improvement understanding of the project helps to identify data quality issues early on in the project.

    “Automating creation of data would help data quality most. You have to look at existing processes and create data signatures. You can then derive data off those data codes.” – Patrick Bossey, Manager of Business Intelligence, Crawford and Company

    People

    Requirements Gathering

    Info-Tech’s 4-Column Model – The datasets may exist but the business units do not have an effective way of communicating the quality needs. Use our four-column model and the eleven supporting questions to better understand the quality needs. See subsequent slides.

    I don’t know what the data means so I think the quality is poor – It is not uncommon to see that the right data presented to the business but the business does not trust the data. They also do not understand the business logic done on the data. See our Business Data Glossary in subsequent slides.

    Understand the business workflow – Know the business workflow to understand the manual steps associated with the workflow. You may find steps in which data is entered, manipulated, or consumed inappropriately.

    “Do a shadow data exercise where you identify the human workflows of how data gets entered, and then you can identify where data entry can be automated.” – Diraj Goel, Growth Advisor, BC Tech

    Brainstorm solutions to your data quality issues

    4 hours

    Input

    • Data profiling results
    • Preliminary root cause analyses

    Output

    • Proposals for data fix
    • Fixed issues

    Materials

    • Data Quality Improvement Plan Template

    Participants

    • Business and Data Analysts
    • Data experts and stewards

    After walking through the best-practice solutions to data quality issues, propose solutions to fix your identified issues.

    Instructions

    1. Review Root Cause Analyses: Revisit the root cause analysis and data lineage diagram you have generated in Step 3.2. to understand the issues in greater details.
    2. Characterize Each Issue: You may need to generate a data profiling report to characterize the issue. The report can be generated by using data quality suites, BI platforms, or even SQL statements.
    3. Brainstorm the Solutions: As a group, discuss potential ways to fix the issue. You can tackle the issues by approaching from these areas:
    Solution Approaches
    Technology Approach
    People Approach

    X crossover with

    Problematic Areas
    Application/System Design
    Database Design
    Data Integration and Synchronization
    Policies and Procedures
    Business Processes
    1. Document and Communicate: Document the solutions to your data issues. You may need to reuse or refer to the solutions. Also brainstorm some ideas on how to communicate the results back to the business.

    Download this Tool

    Sustaining your data quality requires continuous oversight through a data governance practice

    Quality data is the ultimate outcome of data governance and data quality management. Data governance enables data quality by providing the necessary oversight and controls for business processes in order to maintain data quality. There are three primary groups (at right) that are involved in a mature governance practice. Data quality should be tightly integrated with all of them.

    Define an effective data governance strategy and ensure the strategy integrates well with data quality with Info-Tech’s Establish Data Governance blueprint.

    Visit this link

    Data Governance Council

    This council establishes data management practices that span across the organization. This should be comprised of senior management or C-suite executives that can represent the various departments and lines of business within the organization. The data governance council can help to promote the value of data governance, facilitate a culture that nurtures data quality, and ensure that the goals of the data governance program are well aligned with business objectives.

    Data Owners

    Identifying the data owner role within an organization helps to create a greater degree of accountability for data issues. They often oversee how the data is being generated as well as how it is being consumed. Data owners come from the business side and have legal rights and defined control over a data set. They ensure data is available to the right people within the organization.

    Data Stewards

    Conflict can occur within an organization’s data governance program when a data steward’s role is confused with that of the steering committee’s role. Data stewards exist to enforce decisions made about data governance and data management. Data stewards are often business analysts or power users of a particular system/dataset. Where a data owner is primarily responsible for access, a data steward is responsible for the quality of a dataset.

    Integrate the data quality management strategy with existing data governance committees

    Ongoing and regular data quality management is the responsibility of the data governance bodies of the organization.

    The oversight of ongoing data quality activities rests on the shoulders of the data governance committees that exist in the organization.

    There is no one-size-fits-all data governance structure. However, most organizations follow a similar pattern when establishing committees, councils, and cross-functional groups. They strive to identify roles and responsibilities at a strategic, tactical, and operational level:

    The image shows a pyramid, with Executive Sponsors at the top, with the following roles in descending order: DG Council; Steering Committee; Working Groups; Data Owners and Data Stewards; and Data Users. Along the left side of the pyramid, there are three labels, in ascending order: Operational, Tactical, and Strategic.

    The image is a flow chart showing project roles, in two sections: the top section is labelled Governing Bodies, and the lower section is labelled Data Quality Improvement Team. There is a note indicating that the Data Owner reports to and provides updates regarding the state of data quality and data quality initiatives.

    Create and update the organization’s Business Data Glossary to keep up with current data definitions

    2 hours

    Input

    • Metrics and goals for data quality

    Output

    • Regularly scheduled data quality checkups

    Materials

    • Business Data Glossary Template
    • Data Quality Dashboard

    Participants

    • Data steward

    A crucial aspect of data quality and governance is the Business Data Glossary. The Business Data Glossary helps to align the terminology of the business with the organization’s data assets. It allows the people who interact with the data to quickly identify the applications, processes, and stewardship associated with it, which will enhance the accuracy and efficiency of searches for organization data definitions and attributes, enabling better access to the data. This will, in turn, enhance the quality of the organization’s data because it will be more accurate, relevant, and accessible.

    Use the Business Data Glossary Template to document key aspects of the data, such as:

    • Definition
    • Source System
    • Possible Values
    • Data Steward
    • Data Sensitivity
    • Data Availability
    • Batch or Live
    • Retention

    Data Element

    • Mkt-Product
    • Fin-Product

    Info-Tech Insight

    The Business Data Glossary ensures that the crucial data that has key business use by key business systems and users is appropriately owned and defined. It also establishes rules that lead to proper data management and quality to be enforced by the data owners.

    Download this Tool

    Data Steward(s): Use the Data Quality Improvement Plan of the business unit for ongoing quality monitoring

    Integrating your data quality strategy into the organization’s data governance program requires passing the strategy over to members of the data governance program. The data steward role is responsible for data quality at the business unit level, and should have been involved with the creation and implementation of the data quality improvement project. After the data quality repairs have been made, it is the responsibility of the data steward to regularly monitor the quality of the business unit’s data.

    Create Improvement Plan ↓
    • Data Quality Improvement Team identifies root cause issues.
    • Brainstorm solutions.
    Implement Improvement Plan ↓
    • Data Quality Improvement Team works with IT.
    Sustain Improvement Plan
    • Data Steward should regularly monitor data quality.

    Download this tool

    See Info-Tech’s Data Steward Job Description Template for a detailed understanding of the roles and responsibilities of the data steward.

    Responsible for sustaining

    The image shows a screen capture of a document entitled Business Context & Subject Area Selection.

    Develop a business-facing data quality dashboard to show improvements or a sudden dip in data quality

    One tool that the data steward can take advantage of is the data quality dashboard. Initiatives that are implemented to address data quality must have metrics defined by business objectives in order to demonstrate the value of the data quality improvement projects. In addition, the data steward should have tools for tracking data quality in the business unit to report issues to the data owner and data governance steering committee.

    • Example 1: Marketing uses data for direct mail and e-marketing campaigns. They care about customer data in particular. Specifically, they require high data quality in attributes such as customer name, address, and product profile.
    • Example 2: Alternatively, Finance places emphasis on financial data, focusing on attributes like account balance, latency in payment, credit score, and billing date.

    The image is Business dashboard on Data Quality for Marketing. It features Data Quality metrics, listed in the left column, and numbers for each quarter over the course of one year, on the right.

    Notes on chart:

    General improvement in billing address quality

    Sudden drop in touchpoint accuracy may prompt business to ask for explanations

    Approach to creating a business-facing data quality dashboard:

    1. Schedule a meeting with the functional unit to discuss what key data quality metrics are essential to their business operations. You should consider the business context, functional area, and subject area analyses you completed in Phase 1 as a starting point.
    2. Discuss how to gather data for the key metrics and their associated calculations.
    3. Discuss and decide the reporting intervals.
    4. Discuss and decide the unit of measurement.
    5. Generate a dashboard similar to the example. Consider using a BI or analytics tool to develop the dashboard.

    Data quality management must be sustained for ongoing improvements to the organization’s data

    • Data quality is never truly complete; it is a set of ongoing processes and disciplines that requires a permanent plan for monitoring practices, reviewing processes, and maintaining consistent data standards.
    • Setting the expectation to stakeholders that a long-term commitment is required to maintain quality data within the organization is critical to the success of the program.
    • A data quality maintenance program will continually revise and fine-tune ongoing practices, processes, and procedures employed for organizational data management.

    Data quality is a program that requires continual care:

    →Maintain→Good Data →

    Data quality management is a long-term commitment that shifts how an organization views, manages, and utilizes its corporate data assets. Long-term buy-in from all involved is critical.

    “Data quality is a process. We are trying to constantly improve the quality over time. It is not a one-time fix.” – Akin Akinwumi, Manager of Data Governance, Startech.com

    Define a data quality review agenda for data quality sustainment

    2 hours

    Input

    • Metrics and goals for data quality

    Output

    • Regularly scheduled data quality checkups

    Materials

    • Data Quality Diagnostic
    • Data Quality Dashboard

    Participants

    • Data Steward

    As a data steward, you are responsible for ongoing data quality checks of the business unit’s data. Define an improvement agenda to organize the improvement activities. Organize the activities yearly and quarterly to ensure improvement is done year-round.

    Quarterly

    • Measure data quality metrics against milestones. Perform a regular data quality health check with Info-Tech’s Data Quality Diagnostic.
    • Review the business unit’s Business Data Glossary to ensure that it is up to date and comprehensive.
    • Assess progress of practice area initiatives (time, milestones, budget, benefits delivered).
    • Analyze overall data quality and report progress on key improvement projects and corrective actions in the executive dashboard.
    • Communicate overall status of data quality to oversight body.

    Annually

    • Calculate your current baseline and measure progress by comparing it to previous years.
    • Set/revise quality objectives for each practice area and inter-practice hand-off processes.
    • Re-evaluate/re-establish data quality objectives.
    • Set/review data quality metrics and tracking mechanisms.
    • Set data quality review milestones and timelines.
    • Revisit data quality training from an end-user perspective and from a practitioner perspective.

    Info-Tech Insight

    Do data quality diagnostic at the beginning of any improvement plan, then recheck health with the diagnostic at regular intervals to see if symptoms are coming back. This should be a monitoring activity, not a data quality fixing activity. If symptoms are bad enough, repeat the improvement plan process.

    Take the next step in your Data & Analytics Journey

    After establishing your data quality program, look to increase your data & analytics maturity.

    • Artificial Intelligence (AI) is a concept that many organizations strive to implement. AI can really help in areas such as data preparation. However, implementing AI solutions requires a level of maturity that many organizations are not at.
    • While a solid data quality foundation is essential for AI initiatives being successful, AI can also ensure high data quality.
    • An AI analytics solution can address data integrity issues at the earliest point of data processing, rapidly transforming these vast volumes of data into trusted business information. This can be done through Anomaly detection, which flags “bad” data, identifying suspicious anomalies that can impact data quality. By tracking and evaluating data, anomaly detection gives critical insights into data quality as data is processed. (Ira Cohen, The End to a Never-Ending Story? Improve Data Quality with AI Analytics, anodot, 2020)

    Consider… “Garbage in, garbage out.”

    Lay a solid foundation by addressing your data quality issues prior to investing heavily in an AI solution.

    Related Info-Tech Research

    Are You Ready for AI?

    • Use AI as a compelling event to expedite funding, resources, and project plans for your data-related initiatives. Check out this note to understand what it takes to be ready to implement AI solutions.

    Get Started With Artificial Intelligence

    • Current AI technology is data-enabled, automated, adaptive decision support. Once you believe you are ready for AI, check out this blueprint on how to get started.

    Build a Data Architecture Roadmap

    • The data lineage diagram was a key tool used in establishing your data quality program. Check out this blueprint and learn how to optimize your data architecture to provide greatest value from data.

    Create an Architecture for AI

    • Build your target state architecture from predefined best practice building blocks. This blueprint assists members first to assess if they have the maturity to embrace AI in their organization, and if so, which AI acquisition model fits them best.

    Phase 4 Summary

    1. Data Quality Improvement Strategy
    • Brainstorm solutions to your data quality issues using the following data quality improvement strategies as a guide:
      1. Fix data quality issues by improving system/application design
      2. Fix data quality issues using proper database design
      3. Improve integration and synchronization of enterprise data
      4. Improve data quality policies and procedures
      5. Streamline and optimize business processes
  • Sustain Your Data Quality Program
    • Quality data is the ultimate outcome of data governance and data quality management.
    • Sustaining your data quality requires continuous oversight through a data governance practice.
    • There are three primary groups (Data Governance Council, Data Owners, and Data Stewards) that are involved in a mature governance practice.
  • Grow Your Data & Analytics Maturity
    • After establishing your data quality program, take the next step in increasing your data & analytics maturity.
    • Good data quality is the foundation of pursuing different ways of maximizing the value of your data such as implementing AI solutions.
    • Continue your data & analytics journey by referring to Info-Tech’s quality research.
  • Research Contributors and Experts

    Izabela Edmunds

    Information Architect Mott MacDonald

    Akin Akinwumi

    Manager of Data Governance Startech.com

    Diraj Goel

    Growth Advisor BC Tech

    Sujay Deb

    Director of Data Analytics Technology and Platforms Export Development Canada

    Asif Mumtaz

    Data & Solution Architect Blue Cross Blue Shield Association

    Patrick Bossey

    Manager of Business Intelligence Crawford and Company

    Anonymous Contributors

    Ibrahim Abdel-Kader

    Research Specialist Info-Tech Research Group

    Ibrahim is a Research Specialist at Info-Tech Research Group. In his career to date he has assisted many clients using his knowledge in process design, knowledge management, SharePoint for ECM, and more. He is expanding his familiarity in many areas such as data and analytics, enterprise architecture, and CIO-related topics.

    Reddy Doddipalli

    Senior Workshop Director Info-Tech Research Group

    Reddy is a Senior Workshop Director at Info-Tech Research Group, focused on data management and specialized analytics applications. He has over 25 years of strong industry experience in IT leading and managing analytics suite of solutions, enterprise data management, enterprise architecture, and artificial intelligence–based complex expert systems.

    Andy Neill

    Practice Lead, Data & Analytics and Enterprise Architecture Info-Tech Research Group

    Andy leads the data and analytics and enterprise architecture practices at ITRG. He has over 15 years of experience in managing technical teams, information architecture, data modeling, and enterprise data strategy. He is an expert in enterprise data architecture, data integration, data standards, data strategy, big data, and development of industry standard data models.

    Crystal Singh

    Research Director, Data & Analytics Info-Tech Research Group

    Crystal is a Research Director at Info-Tech Research Group. She brings a diverse and global perspective to her role, drawing from her professional experiences in various industries and locations. Prior to joining Info-Tech, Crystal led the Enterprise Data Services function at Rogers Communications, one of Canada’s leading telecommunications companies.

    Igor Ikonnikov

    Research Director, Data & Analytics Info-Tech Research Group

    Igor is a Research Director at Info-Tech Research Group. He has extensive experience in strategy formation and execution in the information management domain, including master data management, data governance, knowledge management, enterprise content management, big data, and analytics.

    Andrea Malick

    Research Director, Data & Analytics Info-Tech Research Group

    Andrea Malick is a Research Director at Info-Tech Research Group, focused on building best practices knowledge in the enterprise information management domain, with corporate and consulting leadership in enterprise architecture and content management (ECM).

    Natalia Modjeska

    Research Director, Data & Analytics Info-Tech Research Group

    Natalia Modjeska is a Research Director at Info-Tech Research Group. She advises members on topics related to AI, machine learning, advanced analytics, and data science, including ethics and governance. Natalia has over 15 years of experience in developing, selling, and implementing analytical solutions.

    Rajesh Parab

    Research Director, Data & Analytics Info-Tech Research Group

    Rajesh Parab is a Research Director at Info-Tech Research Group. He has over 20 years of global experience and brings a unique mix of technology and business acumen. He has worked on many data-driven business applications. In his previous architecture roles, Rajesh created a number of product roadmaps, technology strategies, and models.

    Bibliography

    Amidon, Kirk. "Case Study: How Data Quality Has Evolved at MathWorks." The Fifth MIT Information Quality Industry Symposium. 13 July 2011. Web. 19 Aug. 2015.

    Boulton, Clint. “Disconnect between CIOs and LOB managers weakens data quality.” CIO. 05 February 2016. Accessed June 2020.

    COBIT 5: Enabling Information. Rolling Meadows, IL: ISACA, 2013. Web.

    Cohen, Ira. “The End to a Never-Ending Story? Improve Data Quality with AI Analytics.” anodot. 2020.

    “DAMA Guide to the Data Management Body of Knowledge (DAMA-DMBOK Guide).” First Edition. DAMA International. 2009. Digital. April 2014.

    "Data Profiling: Underpinning Data Quality Management." Pitney Bowes. Pitney Bowes - Group 1 Software, 2007. Web. 18 Aug. 2015.

    Data.com. “Data.com Clean.” Salesforce. 2016. Web. 18 Aug. 2015.

    “Dawn of the CDO." Experian Data Quality. 2015. Web. 18 Aug. 2015.

    Demirkan, Haluk, and Bulent Dal. "Why Do So Many Analytics Projects Fail?" The Data Economy: Why Do so Many Analytics Projects Fail? Analytics Magazine. July-Aug. 2014. Web.

    Dignan, Larry. “CIOs juggling digital transformation pace, bad data, cloud lock-in and business alignment.” ZDNet. 11 March 2020. Accessed July.

    Dumbleton, Janani, and Derek Munro. "Global Data Quality Research - Discussion Paper 2015." Experian Data Quality. 2015. Web. 18 Aug. 2015.

    Eckerson, Wayne W. "Data Quality and the Bottom Line - Achieving Business Success through a Commitment to High Quality Data." The Data Warehouse Institute. 2002. Web. 18 Aug. 2015.

    “Infographic: Data Quality in BI the Costs and Benefits.” HaloBI. 2015 Web.

    Lee, Y.W. and Strong, D.M. “Knowing-Why About Data Processes and Data Quality.” Journal of Management Information Systems. 2004.

    “Making Data Quality a Way of Life.” Cognizant. 2014. Web. 18 Aug. 2015.

    "Merck Serono Achieves Single Source of Truth with Comprehensive RIM Solutions." www.productlifegroup.com. ProductLife Group. 15 Apr. 2015. Web. 23 Nov. 2015.

    Myers, Dan. “List of Conformed Dimensions of Data Quality.” Conformed Dimensions of Data Quality (CDDQ). 2019. Web.

    Redman, Thomas C. “Make the Case for Better Data Quality.” Harvard Business Review. 24 Aug. 2012. Web. 19 Aug. 2015.

    RingLead Data Management Solutions. “10 Stats About Data Quality I Bet You Didn’t Know.” RingLead. Accessed 7 July 2020.

    Schwartzrock, Todd. "Chrysler's Data Quality Management Case Study." Online video clip. YouTube. 21 April. 2011. Web. 18 Aug. 2015

    “Taking control in the digital age.” Experian Data Quality. Jan 2019. Web.

    “The data-driven organization, a transformation in progress.” Experian Data Quality. 2020. Web.

    "The Data Quality Benchmark Report." Experian Data Quality. Jan. 2015. Web. 18 Aug. 2015.

    “The state of data quality.” Experian Data Quality. Sept. 2013. Web. 17 Aug. 2015.

    Vincent, Lanny. “Differentiating Competence, Capability and Capacity.” Innovation Management Services. Web. June 2008.

    “7 ways poor data quality is costing your business.” Experian Data Quality. July 2020. Web.

    Combine Security Risk Management Components Into One Program

    • Buy Link or Shortcode: {j2store}376|cart{/j2store}
    • member rating overall impact (scale of 10): 9.1/10 Overall Impact
    • member rating average dollars saved: $37,798 Average $ Saved
    • member rating average days saved: 32 Average Days Saved
    • Parent Category Name: Governance, Risk & Compliance
    • Parent Category Link: /governance-risk-compliance
    • Companies are aware of the need to discuss and assess risk, but many struggle to do so in a systematic and repeatable way.
    • Rarely are security risks analyzed in a consistent manner, let alone in a systematic and repeatable method to determine project risk as well as overall organizational risk exposure.

    Our Advice

    Critical Insight

    • The best security programs are built upon defensible risk management. With an appropriate risk management program in place, you can ensure that security decisions are made strategically instead of based on frameworks and gut feelings. This will optimize any security planning and budgeting.
    • All risks can be quantified. Security, compliance, legal, or other risks can be quantified using our methodology.

    Impact and Result

    • Develop a security risk management program to create a standardized methodology for assessing and managing the risk that information systems face.
    • Build a risk governance structure that makes it clear how security risks can be escalated within the organization and who makes the final decision on certain risks.
    • Use Info-Tech’s risk assessment methodology to quantifiably evaluate the threat severity for any new or existing project or initiative.
    • Tie together all aspects of your risk management program, including your information security risk tolerance level, threat and risk assessments, and mitigation effectiveness models.

    Combine Security Risk Management Components Into One Program Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should develop and implement a security risk management program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish the risk environment

    Lay down the foundations for security risk management, including roles and responsibilities and a defined risk tolerance level.

    • Combine Security Risk Management Components Into One Program – Phase 1: Establish the Risk Environment
    • Security Risk Governance Responsibilities and RACI Template
    • Risk Tolerance Determination Tool
    • Risk Weighting Determination Tool

    2. Conduct threat and risk assessments

    Define frequency and impact rankings then assess the risk of your project.

    • Combine Security Risk Management Components Into One Program – Phase 2: Conduct Threat and Risk Assessments
    • Threat and Risk Assessment Process Template
    • Threat and Risk Assessment Tool

    3. Build the security risk register

    Catalog an inventory of individual risks to create an overall risk profile.

    • Combine Security Risk Management Components Into One Program – Phase 3: Build the Security Risk Register
    • Security Risk Register Tool

    4. Communicate the risk management program

    Communicate the risk-based conclusions and leverage these in security decision making.

    • Combine Security Risk Management Components Into One Program – Phase 4: Communicate the Risk Management Program
    • Security Risk Management Presentation Template
    • Security Risk Management Summary Template
    [infographic]

    Workshop: Combine Security Risk Management Components Into One Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish the Risk Environment

    The Purpose

    Build the foundation needed for a security risk management program.

    Define roles and responsibilities of the risk executive.

    Define an information security risk tolerance level.

    Key Benefits Achieved

    Clearly defined roles and responsibilities.

    Defined risk tolerance level.

    Activities

    1.1 Define the security executive function RACI chart.

    1.2 Assess business context for security risk management.

    1.3 Standardize risk terminology assumptions.

    1.4 Conduct preliminary evaluation of risk scenarios to determine your risk tolerance level.

    1.5 Decide on a custom risk factor weighting.

    1.6 Finalize the risk tolerance level.

    1.7 Begin threat and risk assessment.

    Outputs

    Defined risk executive functions

    Risk governance RACI chart

    Defined quantified risk tolerance and risk factor weightings

    2 Conduct Threat and Risk Assessments

    The Purpose

    Determine when and how to conduct threat and risk assessments (TRAs).

    Complete one or two TRAs, as time permits during the workshop.

    Key Benefits Achieved

    Developed process for how to conduct threat and risk assessments.

    Deep risk analysis for one or two IT projects/initiatives.

    Activities

    2.1 Determine when to initiate a risk assessment.

    2.2 Review appropriate data classification scheme.

    2.3 Identify system elements and perform data discovery.

    2.4 Map data types to the elements.

    2.5 Identify STRIDE threats and assess risk factors.

    2.6 Determine risk actions taking place and assign countermeasures.

    2.7 Calculate mitigated risk severity based on actions.

    2.8 If necessary, revisit risk tolerance.

    2.9 Document threat and risk assessment methodology.

    Outputs

    Define scope of system elements and data within assessment

    Mapping of data to different system elements

    Threat identification and associated risk severity

    Defined risk actions to take place in threat and risk assessment process

    3 Continue to Conduct Threat and Risk Assessments

    The Purpose

    Complete one or two TRAs, as time permits during the workshop.

    Key Benefits Achieved

    Deep risk analysis for one or two IT projects/initiatives, as time permits.

    Activities

    3.1 Continue threat and risk assessment activities.

    3.2 As time permits, one to two threat and risk assessment activities will be performed as part of the workshop.

    3.3 Review risk assessment results and compare to risk tolerance level.

    Outputs

    One to two threat and risk assessment activities performed

    Validation of the risk tolerance level

    4 Establish a Risk Register and Communicate Risk

    The Purpose

    Collect, analyze, and aggregate all individual risks into the security risk register.

    Plan for the future of risk management.

    Key Benefits Achieved

    Established risk register to provide overview of the organizational aggregate risk profile.

    Ability to communicate risk to other stakeholders as needed.

    Activities

    4.1 Begin building a risk register.

    4.2 Identify individual risks and threats that exist in the organization.

    4.3 Decide risk responses, depending on the risk level as it relates to the risk tolerance.

    4.4 If necessary, revisit risk tolerance.

    4.5 Identify which stakeholders sign off on each risk.

    4.6 Plan for the future of risk management.

    4.7 Determine how to present risk to senior management.

    Outputs

    Risk register, with an inventory of risks and a macro view of the organization’s risk

    Defined risk-based initiatives to complete

    Plan for securing and managing the risk register

    Build a Data Classification MVP for M365

    • Buy Link or Shortcode: {j2store}67|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: End-User Computing Applications
    • Parent Category Link: /end-user-computing-applications
    • Resources are the primary obstacle to getting a foot hold in O365 governance, whether it is funding or FTE resources.
    • Data is segmented and is difficult to analyze when you can’t see it or manage the relationships between sources.
    • Organizations expect results early and quickly and a common obstacle is that building a proper data classification framework can take more than two years and the business can't wait that long.

    Our Advice

    Critical Insight

    • Data classification is the lynchpin to ANY effective governance of O/M365 and your objective is to navigate through this easily and effectively and build a robust, secure, and viable governance model.
    • Start your journey by identifying what and where your data is and how much data you have. You need to understand what sensitive data you have and where it is stored before you can protect it or govern that data.
    • Ensure there is a high-level leader who is the champion of the governance objective.

    Impact and Result

    • Using least complex sensitivity labels in your classification are your building blocks to compliance and security in your data management schema; they are your foundational steps.

    Build a Data Classification MVP for M365 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build a Data Classification MVP for M365 Deck – A guide for how to build a minimum-viable product for data classification that end users will actually use.

    Discover where your data resides, what governance helps you do, and what types of data you're classifying. Then build your data and security protection baselines for your retention policy, sensitivity labels, workload containers, and both forced and unforced policies.

    • Build a Data Classification MVP for M365 Storyboard
    [infographic]

    Further reading

    Build a Data Classification MVP for M365

    Kickstart your governance with data classification users will actually use!

    Executive Summary

    Info-Tech Insight

    • Creating an MVP gets you started in data governance
      Information protection and governance are not something you do once and then you are done. It is a constant process where you start with the basics (a minimum-viable product or MVP) and enhance your schema over time. The objective of the MVP is reducing obstacles to establishing an initial governance position, and then enabling rapid development of the solution to address a variety of real risks, including data loss prevention (DLP), data retention, legal holds, and data labeling.
    • Define your information and protection strategy
      The initial strategy is to start looking across your organization and identifying your customer data, regulatory data, and sensitive information. To have a successful data protection strategy you will include lifecycle management, risk management, data protection policies, and DLP. All key stakeholders need to be kept in the loop. Ensure you keep track of all available data and conduct a risk analysis early. Remember, data is your highest valued intangible asset.
    • Planning and resourcing are central to getting started on MVP
      A governance plan and governance decisions are your initial focus. Create a team of stakeholders that include IT and business leaders (including Legal, Finance, HR, and Risk), and ensure there is a top-level leader who is the champion of the governance objective, which is to ensure your data is safe, secure, and not prone to leakage or theft, and maintain confidentiality where it is warranted.

    Executive Summary

    Your Challenge
    • Today, the amount of data companies are gathering is growing at an explosive rate. New tools are enabling unforeseen channels and ways of collaborating.
    • Combined with increased regulatory oversight and reporting obligations, this makes the discovery and management of data a massive undertaking. IT can’t find and protect the data when the business has difficulty defining its data.
    • The challenge is to build a framework that can easily categorize and classify data yet allows for sufficient regulatory compliance and granularity to be useful. Also, to do it now because tomorrow is too late.
    Common Obstacles

    Data governance has several obstacles that impact a successful launch, especially if governing M365 is not a planned strategy. Below are some of the more common obstacles:

    • Resources are the primary obstacle to starting O365 governance, whether it is funding or people.
    • Data is segmented and is difficult to analyze when you can’t see it or manage the relationships between sources.
    • Organizations expect results early and quickly and a common obstacle is that building a "proper data classification framework” is a 2+ year project and the business can't wait that long.
    Info-Tech’s Approach
    • Start with the basics: build a minimum-viable product (MVP) to get started on the path to sustainable governance.
    • Identify what and where your data resides, how much data you have, and understand what sensitive data needs to be protected.
    • Create your team of stakeholders, including Legal, records managers, and privacy officers. Remember, they own the data and should manage it.
    • Categorization comes before classification, and discovery comes before categorization. Use easy-to-understand terms like high, medium, or low risk.

    Info-Tech Insight

    Data classification is the lynchpin to any effective governance of O/M365 and your objective is to navigate through this easily and effectively and build a robust, secure, and viable governance model. Start your journey by identifying what and where your data is and how much data do you have. You need to understand what sensitive data you have and where it is stored before you can protect or govern it. Ensure there is a high-level leader who is the champion of the governance objectives. Data classification fulfills the governance objectives of risk mitigation, governance and compliance, efficiency and optimization, and analytics.

    Questions you need to ask

    Four key questions to kick off your MVP.

    1

    Know Your Data

    Do you know where your critical and sensitive data resides and what is being done with it?

    Trying to understand where your information is can be a significant project.

    2

    Protect Your Data

    Do you have control of your data as it traverses across the organization and externally to partners?

    You want to protect information wherever it goes through encryption, etc.

    3

    Prevent Data Loss

    Are you able to detect unsafe activities that prevent sharing of sensitive information?

    Data loss prevention (DLP) is the practice of detecting and preventing data breaches, exfiltration, or unwanted destruction of sensitive data.

    4

    Govern Your Data

    Are you using multiple solutions (or any) to classify, label, and protect sensitive data?

    Many organizations use more than one solution to protect and govern their data, making it difficult to determine if there are any coverage gaps.

    Classification tiers

    Build your schema.

    Pyramid visualization for classification tiers. The top represents 'Simplicity', and the bottom 'Complexity' with the length of the sides at each level representing the '# of policies' and '# of labels'. At the top level is 'MVP (Minimum-Viable Product) - Confidential, Internal (Subcategory: Personal), Public'. At the middle level is 'Regulated - Highly Confidential, Confidential, Sensitive, General, Internal, Restricted, Personal, Sub-Private, Public'. And a the bottom level is 'Government (DOD) - Top Secret (TS), Secret, Confidential, Restricted, Official, Unclassified, Clearance'

    Info-Tech Insight

    Deciding on how granular you go into data classification will chiefly be governed by what industry you are in and your regulatory obligations – the more highly regulated your industry, the more classification levels you will be mandated to enforce. The more complexity you introduce into your organization, the more operational overhead both in cost and resources you will have to endure and build.

    Microsoft MIP Topology

    Microsoft Information Protection (MIP), which is Microsoft’s Data Classification Services, is the key to achieving your governance goals. Without an MVP, data classification will be overwhelming; simplifying is the first step in achieving governance.

    A diagram of multiple offerings all connected to 'MIP Data Classification Service'. Circled is 'Sensitivity Labels' with an arrow pointing back to 'MIP' at the center.
    (Source: Microsoft, “Microsoft Purview compliance portal”)

    Info-Tech Insight

    Using least-complex sensitivity labels in your classification are your building blocks to compliance and security in your data management schema; they are your foundational steps.

    MVP RACI Chart

    Data governance is a "takes a whole village" kind of effort.

    Clarify who is expected to do what with a RACI chart.

    End User M365 Administrator Security/ Compliance Data Owner
    Define classification divisions R A
    Appy classification label to data – at point of creation A R
    Apply classification label to data – legacy items R A
    Map classification divisions to relevant policies R A
    Define governance objectives R A
    Backup R A
    Retention R A
    Establish minimum baseline A R

    What and where your data resides

    Data types that require classification.

    Logos for 'Microsoft', 'Office 365', and icons for each program included in that package.
    M365 Workload Containers
    Icon for MS Exchange. Icon for MS SharePoint.Icon for MS Teams. Icon for MS OneDrive. Icon for MS Project Online.
    Email
    • Attachments
    Site Collections, Sites Sites Project Databases
    Contacts Teams and Group Site Collections, Sites Libraries and Lists Sites
    Metadata Libraries and Lists Documents
    • Versions
    Libraries and Lists
    Teams Conversations Documents
    • Versions
    Metadata Documents
    • Versions
    Teams Chats Metadata Permissions
    • Internal Sharing
    • External Sharing
    Metadata
    Permissions
    • Internal Sharing
    • External Sharing
    Files Shared via Teams Chats Permissions
    • Internal Sharing
    • External Sharing

    Info-Tech Insight

    Knowing where your data resides will ensure you do not miss any applicable data that needs to be classified. These are examples of the workload containers; you may have others.

    Discover and classify on- premises files using AIP

    AIP helps you manage sensitive data prior to migrating to Office 365:
    • Use discover mode to identify and report on files containing sensitive data.
    • Use enforce mode to automatically classify, label, and protect files with sensitive data.
    Can be configured to scan:
    • SMB files
    • SharePoint Server 2016, 2013
    Stock image of a laptop uploading to the cloud with a padlock and key in front of it.
    • Map your network and find over-exposed file shares.
    • Protect files using MIP encryption.
    • Inspect the content in file repositories and discover sensitive information.
    • Classify and label file per MIP policy.
    Azure Information Protection scanner helps discover, classify, label, and protect sensitive information in on-premises file servers. You can run the scanner and get immediate insight into risks with on-premises data. Discover mode helps you identify and report on files containing sensitive data (Microsoft Inside Track and CIAOPS, 2022). Enforce mode automatically classifies, labels, and protects files with sensitive data.

    Info-Tech Insight

    Any asset deployed to the cloud must have approved data classification. Enforcing this policy is a must to control your data.

    Understanding governance

    Microsoft Information Governance

    Information Governance
    • Retention policies for workloads
    • Inactive and archive mailboxes

    Arrow pointing down-right

    Records Management
    • Retention labels for items
    • Disposition review

    Arrow pointing down-left

    Retention and Deletion

    ‹——— Connectors for Third-Party Data ———›

    Information governance manages your content lifecycle using solutions to import, store, and classify business-critical data so you can keep what you need and delete what you do not. Backup should not be used as a retention methodology since information governance is managed as a “living entity” and backup is a stored information block that is “suspended in time.” Records management uses intelligent classification to automate and simplify the retention schedule for regulatory, legal, and business-critical records in your organization. It is for that discrete set of content that needs to be immutable.
    (Source: Microsoft, “Microsoft Purview compliance portal”)

    Retention and backup policy decision

    Retention is not backup.

    Info-Tech Insight

    Retention is not backup. Retention means something different: “the content must be available for discovery and legal document production while being able to defend its provenance, chain of custody, and its deletion or destruction” (AvePoint Blog, 2021).

    Microsoft Responsibility (Microsoft Protection) Weeks to Months Customer Responsibility (DLP, Backup, Retention Policy) Months to Years
    Loss of service due to natural disaster or data center outage Loss of data due to departing employees or deactivated accounts
    Loss of service due to hardware or infrastructure failure Loss of data due to malicious insiders or hackers deleting content
    Short-term (30 days) user error with recycle bin/ version history (including OneDrive “File Restore”) Loss of data due to malware or ransomware
    Short-term (14 days) administrative error with soft- delete for groups, mailboxes, or service-led rollback Recovery from prolonged outages
    Long-term accidental deletion coverage with selective rollback

    Understand retention policy

    What are retention policies used for? Why you need them as part of your MVP?

    Do not confuse retention labels and policies with backup.

    Remember: “retention [policies are] auto-applied whereas retention label policies are only applied if the content is tagged with the associated retention label” (AvePoint Blog, 2021).

    E-discovery tool retention policies are not turned on automatically.

    Retention policies are not a backup tool – when you activate this feature you are unable to delete anyone.

    “Data retention policy tools enable a business to:

    • “Decide proactively whether to retain content, delete content, or retain and then delete the content when needed.
    • “Apply a policy to all content or just content meeting certain conditions, such as items with specific keywords or specific types of sensitive information.
    • “Apply a single policy to the entire organization or specific locations or users.
    • “Maintain discoverability of content for lawyers and auditors, while protecting it from change or access by other users. […] ‘Retention Policies’ are different than ‘Retention Label Policies’ – they do the same thing – but a retention policy is auto-applied, whereas retention label policies are only applied if the content is tagged with the associated retention label.

    “It is also important to remember that ‘Retention Label Policies’ do not move a copy of the content to the ‘Preservation Holds’ folder until the content under policy is changed next.” (Source: AvePoint Blog, 2021)

    Definitions

    Data classification is a focused term used in the fields of cybersecurity and information governance to describe the process of identifying, categorizing, and protecting content according to its sensitivity or impact level. In its most basic form, data classification is a means of protecting your data from unauthorized disclosure, alteration, or destruction based on how sensitive or impactful it is.

    Once data is classified, you can then create policies; sensitive data types, trainable classifiers, and sensitivity labels function as inputs to policies. Policies define behaviors, like if there will be a default label, if labeling is mandatory, what locations the label will be applied to, and under what conditions. A policy is created when you configure Microsoft 365 to publish or automatically apply sensitive information types, trainable classifiers, or labels.

    Sensitivity label policies show one or more labels to Office apps (like Outlook and Word), SharePoint sites, and Office 365 groups. Once published, users can apply the labels to protect their content.

    Data loss prevention (DLP) policies help identify and protect your organization's sensitive info (Microsoft Docs, April 2022). For example, you can set up policies to help make sure information in email and documents is not shared with the wrong people. DLP policies can use sensitive information types and retention labels to identify content containing information that might need protection.

    Retention policies and retention label policies help you keep what you want and get rid of what you do not. They also play a significant role in records management.

    Data examples for MVP classification

    • Examples of the type of data you consider to be Confidential, Internal, or Public.
    • This will help you determine what to classify and where it is.
    Internal Personal, Employment, and Job Performance Data
    • Social Security Number
    • Date of birth
    • Marital status
    • Job application data
    • Mailing address
    • Resume
    • Background checks
    • Interview notes
    • Employment contract
    • Pay rate
    • Bonuses
    • Benefits
    • Performance reviews
    • Disciplinary notes or warnings
    Confidential Information
    • Business and marketing plans
    • Company initiatives
    • Customer information and lists
    • Information relating to intellectual property
    • Invention or patent
    • Research data
    • Passwords and IT-related information
    • Information received from third parties
    • Company financial account information
    • Social Security Number
    • Payroll and personnel records
    • Health information
    • Self-restricted personal data
    • Credit card information
    Internal Data
    • Sales data
    • Website data
    • Customer information
    • Job application data
    • Financial data
    • Marketing data
    • Resource data
    Public Data
    • Press releases
    • Job descriptions
    • Marketing material intended for general public
    • Research publications

    New container sensitivity labels (MIP)

    New container sensitivity labels

    Public Private
    Privacy
    1. Membership to group is open; anyone can join
    2. “Everyone except external guest” ACL onsite; content available in search to all tenants
    1. Only owner can add members
    2. No access beyond the group membership until someone shares it or changes permissions
    Allowed Not Allowed
    External guest policy
    1. Membership to group is open; anyone can join
    2. “Everyone except external guest” ACL onsite; content available in search to all tenants
    1. Only owner can add members
    2. No access beyond the group membership until someone shares it or changes permissions

    What users will see when they create or label a Team/Group/Site

    Table of what users will see when they create or label a team/group/site highlighting 'External guest policy' and 'Privacy policy options' as referenced above.
    (Source: Microsoft, “Microsoft Purview compliance portal”)

    Info-Tech Insights

    Why you need sensitivity container labels:
    • Manage privacy of Teams Sites and M365 Groups
    • Manage external user access to SPO sites and teams
    • Manage external sharing from SPO sites
    • Manage access from unmanaged devices

    Data protection and security baselines

    Data Protection Baseline

    “Microsoft provides a default assessment in Compliance Manager for the Microsoft 365 data protection baseline" (Microsoft Docs, June 2022). This baseline assessment has a set of controls for key regulations and standards for data protection and general data governance. This baseline draws elements primarily from NIST CSF (National Institute of Standards and Technology Cybersecurity Framework) and ISO (International Organization for Standardization) as well as from FedRAMP (Federal Risk and Authorization Management Program) and GDPR (General Data Protection Regulation of the European Union).

    Security Baseline

    The final stage in M365 governance is security. You need to implement a governance policy that clearly defines storage locations for certain types of data and who has permission to access it. You need to record and track who accesses content and how they share it externally. “Part of your process should involve monitoring unusual external sharing to ensure staff only share documents that they are allowed to” (Rencore, 2021).

    Info-Tech Insights

    • Controls are already in place to set data protection policy. This assists in the MVP activities.
    • Finally, you need to set your security baseline to ensure proper permissions are in place.

    Prerequisite baseline

    Icon of crosshairs.
    Security

    MFA or SSO to access from anywhere, any device

    Banned password list

    BYOD sync with corporate network

    Icon of a group.
    Users

    Sign out inactive users automatically

    Enable guest users

    External sharing

    Block client forwarding rules

    Icon of a database.
    Resources

    Account lockout threshold

    OneDrive

    SharePoint

    Icon of gears.
    Controls

    Sensitivity labels, retention labels and policies, DLP

    Mobile application management policy

    Building baselines

    Sensitivity Profiles: Public, Internal, Confidential; Subcategory: Highly Confidential

    Microsoft 365 Collaboration Protection Profiles

    Sensitivity Public External Collaboration Internal Highly Confidential
    Description Data that is specifically prepared for public consumption Not approved for public consumption, but OK for external collaboration External collaboration highly discouraged and must be justified Data of the highest sensitivity: avoid oversharing, internal collaboration only
    Label details
    • No content marking
    • No encryption
    • Public site
    • External collaboration allowed
    • Unmanaged devices: allow full access
    • No content marking
    • No encryption
    • Private site
    • External collaboration allowed
    • Unmanaged devices: allow full access
    • Content marking
    • Encryption
    • Private site
    • External collaboration allowed but monitored
    • Unmanaged devices: limited web access
    • Content marking
    • Encryption
    • Private site
    • External collaboration disabled
    • Unmanaged devices: block access
    Teams or Site details Public Team or Site open discovery, guests are allowed Private Team or Site members are invited, guests are allowed Private Team or Site members are invited, guests are not allowed
    DLP None Warn Block

    Please Note: Global/Compliance Admins go to the 365 Groups platform, the compliance center (Purview), and Teams services (Source: Microsoft Documentation, “Microsoft Purview compliance documentation”)

    Info-Tech Insights

    • Building baseline profiles will be a part of your MVP. You will understand what type of information you are addressing and label it accordingly.
    • Sensitivity labels are a way to classify your organization's data in a way that specifies how sensitive the data is. This helps you decrease risks in sharing information that shouldn't be accessible to anyone outside your organization or department. Applying sensitivity labels allows you to protect all your data easily.

    MVP activities

    PRIMARY
    ACTIVITIES
    Define Your Governance
    The objective of the MVP is reducing barriers to establishing an initial governance position, and then enabling rapid progression of the solution to address a variety of tangible risks, including DLP, data retention, legal holds, and labeling.
    Decide on your classification labels early.

    CATEGORIZATION





    CLASSIFICATION

    MVP
    Data Discovery and Management
    AIP (Azure Information Protection) scanner helps discover, classify, label, and protect sensitive information in on-premises file servers. You can run the scanner and get immediate insight into risks with on-premises data.
    Baseline Setup
    Building baseline profiles will be a part of your MVP. You will understand what type of information you are addressing and label it accordingly. Microsoft provides a default assessment in Compliance Manager for the Microsoft 365 data protection baseline.
    Default M365 settings
    Microsoft provides a default assessment in Compliance Manager for the Microsoft 365 data protection baseline. This baseline assessment has a set of controls for key regulations and standards for data protection and general data governance.
    SUPPORT
    ACTIVITIES
    Retention Policy
    Retention policy is auto-applied. Decide whether to retain content, delete content, or retain and then delete the content.
    Sensitivity Labels
    Automatically enforce policies on groups through labels; classify groups.
    Workload Containers
    M365: SharePoint, Teams, OneDrive, and Exchange, where your data is stored for labels and policies.
    Unforced Policies
    Written policies that are not enforceable by controls in Compliance Manager such as acceptable use policy.
    Forced Policies
    Restrict sharing controls to outside organizations. Enforce prefix or suffix to group or team names.

    ACME Company MVP for M/O365

    PRIMARY
    ACTIVITIES
    Define Your Governance


    Focus on ability to use legal hold and GDPR compliance.

    CATEGORIZATION





    CLASSIFICATION

    MVP
    Data Discovery and Management


    Three classification levels (public, internal, confidential), which are applied by the user when data is created. Same three levels are used for AIP to scan legacy sources.

    Baseline Setup


    All data must at least be classified before it is uploaded to an M/O365 cloud service.

    Default M365 settings


    Turn on templates 1 8 the letter q and the number z

    SUPPORT
    ACTIVITIES
    Retention Policy


    Retention policy is auto-applied. Decide whether to retain content, delete content, or retain and then delete the content.

    Sensitivity Labels


    Automatically enforce policies on groups through labels; classify groups.

    Workload Containers


    M365: SharePoint, Teams, OneDrive, and Exchange, where your data is stored for labels and policies.

    Unforced Policies


    Written policies that are not enforceable by controls in Compliance Manager such as acceptable use policy.

    Forced Policies


    Restrict sharing controls to outside organizations. Enforce prefix or suffix to group or team names.

    Related Blueprints

    Govern Office 365

    Office 365 is as difficult to wrangle as it is valuable. Leverage best practices to produce governance outcomes aligned with your goals.

    Map your organizational goals to the administration features available in the Office 365 console. Your governance should reflect your requirements.

    Migrate to Office 365 Now

    Jumping into an Office 365 migration project without careful thought of the risks of a cloud migration will lead to project halt and interruption. Intentionally plan in order to expose risk and to develop project foresight for a smooth migration.

    Microsoft Teams Cookbook

    Remote work calls for leveraging your Office 365 license to use Microsoft Teams – but IT is unsure about best practices for governance and permissions. Moreover, IT has few resources to help train end users with Teams best practices

    IT Governance, Risk & Compliance

    Several blueprints are available on a broader topic of governance, from Make Your IT Governance Adaptable to Improve IT Governance to Drive Business Results and Build an IT Risk Management Program.

    Bibliography

    “Best practices for sharing files and folders with unauthenticated users.” Microsoft Build, 28 April 2022. Accessed 2 April 2022.

    “Build and manage assessments in Compliance Manager.” Microsoft Docs, 15 June 2022. Web.

    “Building a modern workplace with Microsoft 365.” Microsoft Inside Track, n.d. Web.

    Crane, Robert. “June 2020 Microsoft 365 Need to Know Webinar.” CIAOPS, SlideShare, 26 June 2020. Web.

    “Data Classification: Overview, Types, and Examples.” Simplilearn, 27 Dec. 2021. Accessed 11 April 2022.

    “Data loss prevention in Exchange Online.” Microsoft Docs, 19 April 2022. Web.

    Davies, Nahla. “5 Common Data Governance Challenges (and How to Overcome Them).” Dataversity. 25 October 2021. Accessed 5 April 2022.

    “Default labels and policies to protect your data.” Microsoft Build, April 2022. Accessed 3 April 2022.

    M., Peter. "Guide: The difference between Microsoft Backup and Retention." AvePoint Blog, 9 Oct. 2021. Accessed 4 April 2022.

    Meyer, Guillaume. “Sensitivity Labels: What They Are, Why You Need Them, and How to Apply Them.” nBold, 6 October 2021. Accessed 2 April 2022.

    “Microsoft 365 guidance for security & compliance.” Microsoft, 27 April 2022. Accessed 28 April 2022.

    “Microsoft Purview compliance portal.” Microsoft, 19 April 2022. Accessed 22 April 2022.

    “Microsoft Purview compliance documentation.” Microsoft, n.d. Accessed 22 April 2022.

    “Microsoft Trust Center: Products and services that run on trust.” Microsoft, 2022. Accessed 3 April 2022.

    “Protect your sensitive data with Microsoft Purview.” Microsoft Build, April 2022. Accessed 3 April 2022.

    Zimmergren, Tobias. “4 steps to successful cloud governance in Office 365.” Rencore, 9 Sept. 2021. Accessed 5 April 2022.

    Maximize Your American Rescue Plan Funding

    • Buy Link or Shortcode: {j2store}74|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $661,499 Average $ Saved
    • member rating average days saved: 8 Average Days Saved
    • Parent Category Name: Cost & Budget Management
    • Parent Category Link: /cost-and-budget-management
    • Will funding from COVID-19 stimulus opportunities mean more human and financial resources for IT?
    • Are there governance processes in place to successfully execute large projects?
    • What does a large, one-time influx of capital mean for keeping-the-lights-on budgets?
    • How will ARP funding impact your internal resourcing?
    • How can you ensure that IT is not left behind or an afterthought?

    Our Advice

    Critical Insight

    • Seek a one-to-many relationship between IT solutions and business problems. Use the central and overarching nature of IT to identify one solution to multiple business problems that span multiple programs, departments, and agencies.
    • Lack of specific guidance should not be a roadblock to starting. Be proactive by initiating the planning process so that you are ready to act as soon as details are clear.
    • IT involvement is the lynchpin for success. The pandemic has made this theme self-evident, and it needs to stay that way.
    • The fact that this funding is called COVID-19 relief might make you think you should only use it for recovery, but actually it should be viewed as an opportunity to help the organization thrive post-pandemic.

    Impact and Result

    • Shift IT’s role from service provider to innovator. Take ARP funding as a once-in-a-lifetime opportunity to create future enterprise capabilities by thinking big to consider IT innovation that can transform the business and its initiatives for the post-pandemic world.
    • Whether your organization is eligible for a direct or an indirect transfer, be sure you understand the requirements to apply for funding internally through a business case or externally through a grant application.
    • Gain the skills to execute the project with confidence by developing a comprehensive statement of work and managing your projects and vendor relationships effectively.

    Maximize Your American Rescue Plan Funding Research & Tools

    Use our research to help maximize ARP funding.

    Follow Info-Tech's approach to think big, align with the business, analyze budget and staffing, execute with confidence, and ensure compliance and reporting.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    [infographic]

    Workshop: Maximize Your American Rescue Plan Funding

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Think Big

    The Purpose

    Push the boundaries of conventional thinking and consider IT innovations that truly transform the business.

    Key Benefits Achieved

    A list of innovative IT opportunities that your IT department can use to transform the business

    Activities

    1.1 Discuss the objectives of ARP and what they mean to IT departments.

    1.2 Identify drivers for change.

    1.3 Review IT strategy.

    1.4 Augment your IT opportunities list.

    Outputs

    Revised IT vision

    List of innovative IT opportunities that can transform the business

    2 Align With the Business

    The Purpose

    Partner with the business to reprioritize projects and initiatives for the post-pandemic world.

    Key Benefits Achieved

    Assessment of the organization’s new and existing IT opportunities and alignment with business objectives

    Activities

    2.1 Assess alignment of current and new IT initiatives with business objectives.

    2.2 Review and update prioritization criteria for IT projects.

    Outputs

    Preliminary list of IT initiatives

    Revised project prioritization criteria

    3 Analyze IT Budget and Staffing

    The Purpose

    Identify IT budget deficits resulting from pandemic response and discover opportunities to support innovation through new staff and training.

    Key Benefits Achieved

    Prioritized shortlist of business-aligned IT initiative and projects

    Activities

    3.1 Classify initiatives into project categories using ROM estimates.

    3.2 Identify IT budget needs for projects and ongoing services.

    3.3 Identify needs for new staff and skills training.

    3.4 Determine business benefits of proposed projects.

    3.5 Prioritize your organization’s projects.

    Outputs

    Prioritized shortlist of business-aligned IT initiatives and projects

    4 Plan Next Steps

    The Purpose

    Tie IT expenditures to direct transfers or link them to ARP grant opportunities.

    Key Benefits Achieved

    Action plan to obtain ARP funding

    Activities

    4.1 Tie projects to direct transfers, where applicable.

    4.2 Align list of projects to indirect ARP grant opportunities.

    4.3 Develop an action plan to obtain ARP funding.

    4.4 Discuss required approach to project governance.

    Outputs

    Action plan to obtain ARP funding

    Project governance gaps

    IT Diversity & Inclusion Tactics

    • Buy Link or Shortcode: {j2store}517|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Engage
    • Parent Category Link: /engage
    • Although inclusion is key to the success of a diversity and inclusion (D&I) strategy, the complexity of the concept makes it a daunting pursuit.
    • This is further complicated by the fact that creating inclusion is not a one-and-done exercise. Rather, it requires the ongoing commitment of employees and managers to reassess their own behaviors and to drive a cultural shift.

    Our Advice

    Critical Insight

    Realize the benefits of a diverse workforce by embedding inclusion into work practices, behaviors, and values, ensuring accountability throughout the department.

    Impact and Result

    Understand what it means to be inclusive: reassess work practices and learn how to apply leadership behaviors to create an inclusive environment

    IT Diversity & Inclusion Tactics Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Mobilize inclusion efforts

    Learn, evaluate, and understand what it means to be inclusive, examine biases, and apply inclusive leadership behaviors.

    • Diversity & Inclusion Initiatives Catalog
    • Inclusive IT Work Practices Examples
    • Inclusive Work Practices Template
    • Equip Managers to Adopt Inclusive Leadership Behaviors
    • Workbook: Equip Managers to Adopt Inclusive Leadership Behaviors
    • Standard Focus Group Guide
    [infographic]

    Take a Realistic Approach to Disaster Recovery Testing

    • Buy Link or Shortcode: {j2store}414|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity

    You have made significant investments in availability and disaster recovery – but your ability to recover hasn’t been tested in years. Testing will:

    • Improve your DR capabilities.
    • Identify required changes to planning documentation and procedures.
    • Validate DR capabilities for interested customers and auditors.

    Our Advice

    Critical Insight

    • If you treat testing as a pass/fail exercise, you aren’t meeting the end goal of improving organizational resilience.
    • Focus on identifying gaps and risks, and addressing them, before a real disaster hits.
    • Take a realistic, iterative approach to resilience testing that starts with small, low-risk tests and builds on lessons learned.

    Impact and Result

    • Identify testing scenarios and scope that can deliver value to your organization.
    • Create practical test plans with Info-Tech’s template.
    • Demonstrate value from testing to gain buy-in for additional tests.

    Take a Realistic Approach to Disaster Recovery Testing Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Take a Realistic Approach to Disaster Recovery Testing Storyboard – A guide to establishing a right-sized approach to DR testing that delivers durable value to your organization.

    Use this research to understand the different types of tests, prioritize and plan tests for your organization, review the results, and establish a cadence for testing.

    • Take a Realistic Approach to Disaster Recovery Testing Storyboard

    2. Disaster Recovery Test Plan Template – A template to document your organization's DR test plan.

    Use this template to document scope and goals, participants, key pre-test milestones, the test-day schedule, and your findings from the testing exercise.

    • Disaster Recovery Test Plan Template

    3. Disaster Recovery Testing Program Summary – A template to outline your organization's DR testing program.

    Identify the tests you will run over the next year and the expertise, governance, process, and funding required to support testing.

    • Disaster Recovery Testing Program Summary

    [infographic]

     

    Further reading

    Take a Realistic Approach to Disaster Recovery Testing

    Reduce costly downtime with a right-sized testing program that improves IT resilience.

    Analyst Perspective

    Reduce costly downtime with a right-sized testing program that improves IT resilience.

    Andrew Sharp

    Most businesses make significant investments in disaster recovery and technology resilience. Redundant sites and systems, monitoring, intrusion prevention, backups, training, documentation: it all costs time and money.

    But does this investment deliver expected value? Specifically, can you deliver service continuity in a way that meets business requirements?

    You can’t know the answer without regularly testing recovery processes and systems. And more than just validation, testing helps you deliver service continuity by finding and addressing gaps in your plans and training your staff on recovery procedures.

    Use the insights, tools, and templates in this research to create a streamlined and effective resilience testing program that helps validate recovery capabilities and enhance service reliability, availability, and continuity.

    Andrew Sharp

    Research Director, Infrastructure & Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    You have made significant investments in availability and disaster recovery (DR) – but your ability to recover hasn’t been tested in years. Testing will:

    • Improve your DR capabilities.
    • Identify required changes to planning documentation and procedures.
    • Validate DR capabilities for interested customers and auditors.

    Common Obstacles

    Despite the value testing can offer, actually executing on DR tests is difficult because:

    • Testing is often an IT-driven initiative, and it can be difficult to secure business buy-in to redirect resources away from other urgent projects or accept risks that come with testing.
    • Previous tests have been overly complex and challenging to coordinate and leave a hangover so bad that no one wants to do them again.

    Info-Tech's Approach

    Take a realistic approach to resilience testing by starting with small, low-risk tests, then iterating with the lessons you’ve learned:

    • Identify testing scenarios and scope that can deliver value to your organization.
    • Create practical test plans with Info-Tech’s template.
    • Get buy-in for regular DR testing from key stakeholders with a testing program summary.

    Info-Tech Insight

    If you treat testing as a pass/fail exercise, you aren’t meeting the end goal of improving organizational resilience. Focus on identifying gaps and risks so you can address them before a real disaster hits.

    Process and Outputs

    This research is accompanied by templates to help you achieve your goals faster.

    1 - Establish the business rationale for DR testing.
    2 - Review a range of options for testing.
    3 - Prioritize tests that are most valuable to your business.
    4 - Create a disaster recovery test plan.
    5 - Establish a Test Program to support a regular testing cycle.

    Outputs:

    DR Test Plan
    DR Testing Program Summary

    Example Orange Activity slide.
    Orange activity slides like the one on the left provide directions to help you make key decisions.

    Key Deliverable:

    Disaster Recovery Test Plan Template

    Build a plan for your first disaster recovery test.

    This document provides a complete example you can use to quickly build your own plan, including goals, milestones, participants, the test-day schedule, and findings from the after-action review.

    Why test?

    Testing helps you avoid costly downtime

    • In a disaster scenario, speed matters. Immediately after an outage, the impact on the organization is small, but impact increases rapidly the longer the outage continues.
    • A quick and reliable response and recovery can protect the organization from significant losses.
    • A DRP testing and maintenance program helps ensure you’re ready to recover when you need to, rather than figuring it out as you go.

    “Routine testing is vital to survive a disaster… that’s when muscle memory sets in. If you don’t test your DR plan it falls [in importance], and you never see how routine changes impact it.”

    – Jennifer Goshorn
    Chief Administrative Officer
    Gunderson Dettmer LLP

    Info-Tech members estimated even one day of system downtime could lead to significant revenue losses. Estimated loss of revenue over 24 hours. Core Infrastructure has the highest potential for lost revenue.

    Average estimated potential loss* in thousands of USD due to a 24-hour outage (N=41)

    *Data aggregated from 41 business impact analyses (BIAs) conducted with Info-Tech advisory assistance. BIAs evaluate potential revenue loss due to a full day of system downtime, at the worst possible time.

    Run tests to enhance disaster recovery plans

    Testing improves organizational resilience

    • Identify and address gaps in your plans before a real disaster strikes.
    • Cross-train staff on systems recovery.
    • Go beyond testing technology to test recovery processes.
    • Establish a culture that centers resilience in everyday decision-making.

    Testing keeps DR documentation ready for action

    • Update documentation ahead of tests to prepare for the testing exercise.
    • Update documentation after testing to incorporate any lessons learned.

    Testing validates that investments in resilience deliver value

    • Confirm your organization can meet defined recovery time objectives (RTOs) and recovery point objectives (RPOs).
    • Provide proof of testing for auditors, prospective customers, and insurance applications

    Overcome testing challenges

    Despite the value of effective recovery testing, most IT organizations struggle to test recovery plans

    Common challenges

    • Key resources don’t have time for testing exercises.
    • You don’t have the technology to support live recovery testing.
    • Tests are done ad hoc and lessons learned are lost.
    • A lack of business support for test exercises as the value isn’t understood.
    • Tests are always artificially simple because RTOs and RPOs must be met to satisfy customer or auditor inquiries

    Overcome challenges with a realistic approach:

    • Start small with tabletop and recovery tests for specific systems.
    • Include recovery tests in operational tasks (e.g. restore systems when you have a maintenance window).
    • Create testing plans for larger testing exercises.
    • Build on successful tests to streamline testing exercises in the future.
    • Don’t make testing a pass-fail exercise. Focus on identifying gaps and risks so you can address them before a real disaster hits.

    Go beyond traditional testing

    Different test techniques help validate recovery against different threats

    • There are many threats to service continuity, including ransomware, severe weather events, geopolitical conflict, legacy systems, staff turnover, and day-to-day outages caused by human error, software updates, hardware failures, or network outages.
    • At its core, disaster recovery planning is about recovery. A plan for service recovery will help you mitigate against many threats at once. The testing approaches on the right will help you validate different aspects of that recovery process.
    • This research will provide an overview of the approaches outlined on the right and help you prioritize tests that are most valuable to your organization.
    Different test techniques for disaster recover training: System Failover tests, tabletop exercises, ransomware recovery tests, etc.

    00 Identify a working group

    30 minutes

    Identify a group of participants who can fill the following roles and inform the discussions around testing in this research. A single person could fill multiple roles and some roles could be filled by multiple people. Many participants will be drawn from the larger DRP team.

    Roles and expectations for Disaster Recovery Planning. DRP sponsor, Testing coordinator, System testers, business liaisons, executive team.

    Input

    • Organizational context

    Output

    • A list of key participants for test planning and execution

    Participants

    • Typically, start by identifying the sponsor and coordinator and have them identify the other members of the working group.

    Start by updating your disaster recovery plan (DRP)

    Use Info-Tech’s Create a Right-Sized Disaster Recovery Plan research to identify recovery objectives based on business impact and outline recovery processes. Both are tremendously valuable inputs to your test plans.

    Overall Business Continuity Plan

    IT Disaster Recovery Plan

    A plan to restore IT services (e.g. applications and infrastructure) following a disruption. A DRP:

    • Identifies critical applications and dependencies.
    • Defines appropriate recovery objectives based on a business impact analysis (BIA).
    • Creates a step-by-step incident response plan.

    BCP for Each Business Unit

    A set of plans to resume business processes for each business unit. A business continuity plan (BCP) is also sometimes called a continuity of operations plan (COOP).

    BCPs are created and owned by each business unit, and creating a BCP requires deep involvement from the leadership of each business unit.

    Info-Tech’s Develop a Business Continuity Plan blueprint provides a methodology for creating business unit BCPs as part of an overall BCP for the organization.

    Crisis Management Plan

    A plan to manage a wide range of crises, from health and safety incidents to business disruptions to reputational damage.

    Info-Tech’s Implement Crisis Management Best Practices blueprint provides a framework for planning a response to any crisis, from health and safety incidents to reputational damage.

    01 Confirm: why test at all?

    15-30 minutes

    Identify the value recovery testing for your organization. Use language appropriate for a nontechnical audience. Start with the list below and add, modify, or delete bullet points to reflect your own organization.

     

    Drivers for testing – Examples:

     

    • Improve service continuity.
    • Identify and address gaps in recovery plans before a real disaster strikes.
    • Cross-train staff on systems recovery to minimize single points of failure.
    • Identify how we coordinate across teams during a major systems outage.
    • Exercise both recovery processes and technology.
    • Support a culture that centers system resilience in everyday decision-making.
    • Keep recovery documentation up-to-date and ready for action.
    • Confirm that our stated recovery objectives can be met.
    • Provide proof of testing for auditors, prospective customers, and insurance applications.
    • We require proof of testing to pass audits and renew cybersecurity insurance.

    Info-Tech Insight

    Time-strapped technical staff will sometimes push back on planning and testing, objecting that the team will “figure it out” in a disaster. But the question isn’t whether recovery is possible – it’s whether the recovery aligns with business needs. If your plan is to “MacGyver” a solution on the fly, you can’t know if it’s the right solution for your organization.

    Input

    • Business drivers and context for testing

    Output

    • Specific goals that are driving testing

    Participants

    • DR sponsor
    • Test coordinator

    Think about what and how you test

    Different layers of the stack to test: Network, Authentication, compute and storage, visualization platforms, database services, middleware, app servers, web servers.

    Find gaps and risks with tabletop testing

    Tabletop planning had the greatest impact on meeting recovery objectives (RTOs/RPOs).

    In a tabletop planning exercise, the team walks through a disaster scenario to outline the recovery workflow, and risks or gaps that could disrupt that workflow.

    Tabletops are particularly effective because:

    • It enables you to play out a wider range of scenarios than technology-based testing (e.g. full-scale, parallel) due to cost and complexity factors.
    • It is non-intrusive, so it can be executed more easily than other testing methodologies.
    • The exercise translates into recovery documentation: you create a workflow as you go.
    • A major site or service recovery scenario will review all aspects of the recovery process and create the backbone of your recovery plan.

    02 Run a tabletop exercise

    2 hours

    Tabletop testing is part of our core DRP methodology, Create a Right-Sized Disaster Recovery Plan. This exercise can be run using cue cards, sticky notes, or on a whiteboard; many of our facilitators find building the workflow directly in flowchart software to be very effective.

    Use our Recovery Workflow Template as a starting point.

    Some tips for running your first tabletop exercise:

    Do

    • Review the complete workflow from notification all the way to user acceptance testing.
    • Keep focused; stay on task and on time.
    • Revisit each step and record gaps and risks (and known solutions, but don’t dwell on this).
    • Revise and improve the plan with task owners.

    Don't

    • Get weighed down by tools.
    • Try to find solutions to every gap/risk as you go. Save in-depth research/discussion for later.
    • Document the details right away – stick to the high-level plan for the first exercise.
    1. Ahead of the exercise, decide on a scenario, identify participants, and book a meeting time.
      • For your first walkthrough of a DR scenario, we often recommend a scenario that considers a site failure requiring failover to a DR site.
      • For the first exercise, focus on technical aspects of recovery before bringing in members of the business. The technical team may need space to discuss the appropriate steps in the recovery process before you bring in business liaisons to discuss user acceptance testing (UAT).
      • A complete failover considers all systems, the viability of your second site, and can help identify parts of the process that require additional exercises.
    2. Review the scenario with participants. Then, discuss and document the recovery process, starting with initial notification of an event.
      • Record steps in the process on white cards or boxes.
      • On yellow and red cards, document gaps and risks in people process and technology requirements.
    3. Once you’ve walked through the process, return to the start.
      • Record the time required to complete each step. Consider identifying who is responsible for key steps. Identify any additional gaps and risks.
    4. Clean up and record the results of the workflow. Save a copy with your DRP documentation.

    Input

    • Expert knowledge on systems recovery

    Output

    • Recovery workflow, including gaps and risks

    Participants

    • Test coordinator
    • Technical SMEs

    Move from tabletop testing to functional exercises

    See how your plans fare in the real world

    In live exercises, some portion of your recovery plans are executed in a way that mimics a real recovery scenario. Some advantages of live testing:

    • See how standby systems behave. A tabletop exercise can miss small issues that can make or break the recovery process. For example, connectivity or integration issues on a new subnet might be difficult to predict prior to actually running services in that environment.
    • Hands-on practice: Familiarize the team with the steps, commands, and interfaces of your recovery toolset.
    • Manage the pressure of the DR scenario: Nothing’s quite like the real thing, but a live exercise may be the closest your team can get to a disaster situation without experiencing it firsthand.

    Examples of live exercises

    Boot and smoke test Turn on a standby system and confirm it boots up correctly.
    Restore and validate data Restore data or servers from backup. Confirm data integrity.
    Parallel testing Send familiar transactions to production and standby systems. Confirm both systems produce the same result.
    Failover systems Shut down the production system and use the standby system in production.

    Run local tests ahead of releases

    Think small

    Most unacceptable downtime is caused by localized issues, such as hardware or software failures, rather than widespread destructive events. Regular local testing can help validate the recovery plan for local issues and improve overall service continuity.

    Make local testing a standard step in maintenance work and new deployments to embed resilience considerations in day-to-day activities. Run the same tests in both your primary and your DR environment.

    Some examples of localized tests:

    • Review backup logs and check for errors.
    • Restore files or whole systems from backup.
    • Run application-based tests as part of release management, including unit, regression, and performance tests.
      • Ensure application tests are run for both the primary and DR environment.
      • For a deep-dive on application testing, see Info-Tech’s research Automate Testing to Get More Done.

    Info-Tech Insight

    Local tests will vary between different services, and local test design is usually best left to the system SMEs. At the same time, centralize reporting to understand where tests are being done.

    Investigate whether your IT Service Management or ticketing system can create recurring tasks or work orders to schedule, document, and track test exercises. Tasks can be pre-populated with checklists and documentation to support the test and provide a record of completed tests to support oversight and reporting.

    Have the business validate recovery

    If your business doesn’t think a system’s recovered, it’s not recovered.

    User acceptance testing (UAT) after system recovery is a key step in the recovery process. Like any step in the process, there’s value in testing it before it actually needs to be done. Assign responsibility for building UATs to the person who will be responsible for executing them.

    An acceptance test script might look something like the checklist below.

    • Does the application open?
    • Does the interface look right?
    • Do you see any unusual notifications or warnings?
    • Can you conduct a key transaction with dummy data?
    • Can you run key reports?

    “I cannot stress how important it is to assign ownership of responsibilities in a test; this is the only way to truly mitigate against issues in a test.”

    – Robert Nardella
    IT Service Management
    Certified z/OS Mainframe Professional

    Info-Tech Insight

    Build test scripts and test transactions ahead of time to minimize the amount of new work required during a recovery scenario.

    Beyond the Basics: Full Failover Testing

    • A failover test – a full failover of your production environment to a secondary environment – is what many IT and businesspeople think about when they think of disaster recovery testing.
    • A full test can validate previous local or tabletop tests, identify additional gaps and risks, and provide hands-on training experience with recovery processes and technologies.
    • Setting a date for failover testing can also inject some urgency into otherwise low-priority (but high importance) disaster recovery planning and documentation exercises, which need to be completed prior to the test.
    • Despite these benefits, full failover tests carry significant risk and require a great deal of effort and cost. Typically, only businesses that already have an active-active environment capable of supporting in-scope production systems are able to run a full environment failover.
    • This is especially true the first time you test. While in theory a DR plan should be ready to go at any time, there will be documents to update, gaps to address, and risks to mitigate before you go ahead with the test.

    Full Failover Testing

    What you get:

    • Provide hands-on experience with recovery processes and technology.
    • Confirm that site failover works in practice as you assumed in tabletop or local testing exercises.
    • Identify critical gaps you might have missed without a full failover test.

    What you need:

    • An active-active secondary site, with sufficient standby equipment, data, and licensed standby software to support production.
    • A completed tabletop exercise and documented recovery workflow.
    • A documented test plan, backout plan, and formal sign-off.
    • An off-hours downtime window.
    • Time from technical SMEs and business resources, both for creating the plan and executing the test.

    Beyond the Basics: Site Reliability Engineering

    • Site reliability engineering (SRE) is an application of skills and approaches from software engineering to improve system resilience.
    • SRE is focused on “availability, latency, performance, efficiency, change management, monitoring, emergency response, and capacity planning” across a set portfolio of services (Sloss, 2017).
    • In many organizations, SRE is implemented as a team that supports separate applications teams.
    • Applications must have defined and granular resilience requirements, translated into service objectives. The SRE team and applications teams will work together to meet these objectives.
    • Site reliability engineers (the folks that do SRE, and often also abbreviated as SREs) are expected to build solutions and processes to ensure services remain stable and performant, not just respond when they fail. For example, Google allows their SREs to spend just half their time on incident response, with the rest of their time focused on development and automation tasks.

    Site Reliability Testing

    What you get:

    • Improved reliability and reduced frequency and impact of downtime.
    • Increased use of automation to address problems before they cause an incident.
    • Granular resilience objectives.

    What you need:

    • Systems running on software-defined infrastructure.
    • Specialized skills in programming, infrastructure-as-code.
    • Business & product owners able to define and fund acceptable and appropriate resilience objectives.
    • Technical experts able to translate product requirements into technical design requirements.

    Beyond the Basics: Chaos Engineering

    • Chaos engineering, a term and approach first popularized by the team at Netflix, aims to improve the resilience of particularly large and distributed systems by simulating system failures and evaluating performance against a baseline.
    • Experiments simulate a variety of real-world events that could cause outages (e.g. network slowdowns or server failures). Experiments run continuously, and the recommendation is to run them in production where feasible while minimizing the impact on customers.
    • Tools to help you run chaos testing exist, including open-source toolkits like Chaos Monkey or Mangle and paid software as a service (SaaS) solutions like Gremlin.
    • Deciding whether the long-term benefits of tests that can degrade production are worth the potential risk of system slowdowns or outages is a business or product decision. Technical considerations aside, if the business owner of a particular system doesn’t see the value of continuous testing outweighing the introduced risk, this approach to testing isn’t going to happen.

    Chaos Engineering

    What you get:

    • Confidence that systems can weather volatile and unpredictable conditions in a production environment.
    • An embedded resilience culture.

    What you need:

    • High-maturity IT incident, monitoring and event practices.
    • Standby/resilient systems to minimize downtime impact.
    • Business buy-in for introducing risk into the production environment.
    • Specialized skills to identify, develop, and run tests that degrade production performance in a controlled way.
    • Budget and time to act on issues identified through testing.

    Beyond the Basics: Security Event Simulations

    • Ransomware is driving demands for proof of recovery testing from customers, executives, auditors, and insurance companies. Systems recovery is part of ransomware recovery, but recovering from a breach includes detection, analysis, containment, and eradication of the attack vector before systems recovery can begin.
    • Beyond technical recovery, internal legal and communications teams will have a role, as will your insurance provider, consultants specialized in ransomware recovery, or professional ransom negotiators.
    • A tabletop exercise focused on ransomware incident response is a key first step. You can find Info-Tech’s methodology for a ransomware tabletop in Phase 3 of Build Resilience Against Ransomware Attacks.
    • Live testing approaches can offer hands-on experience and further insight into how your systems are vulnerable to malware. A variety of open source and proprietary tools can simulate ransomware and help you identify problems, though it’s important to understand the limitations of different simulators (Allon, 2022).
    • A “red team” exercise simulates an adversarial attack against your processes and systems. A specialized penetration tester will often take on the role of the red team and provide a report of identified gaps and risks after the engagement.

    Security Event Simulation

    What you get:

    • Hands-on experience managing and recovering from a ransomware attack in a controlled environment.
    • A better understanding of gaps in your response process.

    What you need:

    • A completed ransomware tabletop exercise and mature security incident response processes.
    • For Ransomware Simulators: An air-gapped sandbox environment hosting a copy of your production systems and security tools, and time from your technical SMEs.
    • For Red Team Exercises: A trusted provider, scope for your testing plans, and time from your security incident response team.

    Prioritize tests by asking these three questions

    1. Will the scope of this test deliver sufficient value?

    • Yes, these are critical systems with low tolerance for downtime or data loss.
    • Yes, major changes or new systems require validation of DR capabilities.
    • Yes, there’s high probability of an outage, or recent experience of an outage.
    • •Yes, we have audit requirements or customer demands for testing.

    2. Are we ready for this test?

    • Yes, recovery plans and recovery objectives are documented.
    • Yes, key technical and business resources have time to commit to testing exercises.
    • Yes, technology is currently able to support proposed tests.

    3. Is it easy to do?

    • Yes, effort required to complete the test is low (i.e. minimal work, few participants).
    • Yes, the risks related to testing are low.
    • Yes, it won’t cost much.

    Info-Tech Insight

    More complex, challenging, risky, or costly tests, such as full failover tests, can deliver value. But do the high-value, low-effort stuff first!

    03 Brainstorm and prioritize test ideas

    30-60 minutes

    Even if you have an idea of what you need to test and how you want to run those tests, this brainstorming exercise can generate useful ideas for testing that might otherwise have been missed.

      1. Review the slides above to develop ideas on how and what you want to test. These slides may be enough to kickstart a brainstorming process. Don’t debate or discount ideas at this point. Write down these ideas in a space where all participants can see them (e.g. whiteboard or shared screen).

    The next steps will help you prioritize the list – if needed – to tests that are highest value and lowest effort.

    1. Discuss where you have the greatest need to test. Assign a score of 0 – 3 for each test, with a score of 3 being high-need and a score of zero being low-need. Consider whether:
      • These applications have a low tolerance for downtime.
      • There’s a high chance of an outage, or recent experience with an outage.
      • There’s a need to train or cross-train staff on recovery for the system(s) in question.
      • Major changes require a review or validation of DR capabilities.
      • Audit requirements or customer/executive demands can be met via testing.
    2. Discuss which tests will require the least effort to complete – where readiness is high and tests are easier to do. Assign a score between 0 and 3 for each test, with a score of 3 being least effort and a score of 0 being high effort. Consider whether:
      • Recovery plans and recovery objectives are documented for these systems.
      • Technical experts are available to work on testing exercises.
      • For active testing, standby/sandbox systems are available and capable of supporting proposed tests.
      • The effort required to complete the test is low (e.g. minimal new work, few participants).
      • The risks related to testing are low.
      • You will need to secure additional funding.
    3. Sum together the assigned scores for each test. Higher scores should be the highest priority, but of course use your judgement to validate the results and select one or two tests to execute in the coming year.

    “There are different levels of testing and it is very progressive. I do not recommend my clients to do anything, unless they do it in a progressive fashion. Don’t try to do a live failover test with your users, right out of the box.”

    – Steve Tower
    Principal Consultant
    Prompta Consulting Group

    Input

    • Organizational and technical context

    Output

    • Prioritize list of DR testing ideas

    Participants

    • DR sponsor
    • Test coordinator

    04 Build a test plan

    3-5 days

    Building a test plan helps the test run smoothly and can uncover issues with the underlying DRP as you dig into the details.

    The test coordinator will own the plan document but will rely on the sponsor to confirm scope and goals, technical SMEs to develop system recovery plans, and business liaisons to create UAT scripts.

    Download Info-Tech’s Disaster Recovery Test Plan Template. Use the structure of the template to build your own document, deleting example data as you go. Consider saving a separate copy of this document as an example and working from a second copy.

    Key sections of the document include:

    • Goals, scenario, and scope of the test.
    • Assumptions, constraints, risks, and mitigation strategies.
    • Test participants.
    • Key pre-test milestones, and test-day schedule.
    • After-action review.

    Download the Disaster Recovery Test Plan Template

    Input

    • Scope
    • High-level goals

    Output

    • Test plan, including goals, scope, key milestones, risks and mitigations, and test-day schedule

    Participants

    • Test coordinator develops the plan with support from:
      • Technical SMEs
      • Business liaisons
      • DR sponsor

    05 Run an after-action review

    30-60 minutes

    Take time after test exercises – especially large-scale tests with many participants – to consider what went well, what didn’t, and where you can improve future testing exercises. Track lessons learned and next steps at the bottom of your test plan.

    1. Start with a short (5-10 minute) debrief of the test and allow participants to ask questions. Confirm:
      • Did we meet the goals we set for the exercise, including RTOs and RPOs?
      • What was done well? What issues, gaps, and risks were identified?
    2. Work through variations of the following questions:
      • Was the test plan effective, and was the test well organized?
      • Was the documentation effective? Where did we follow the plan as documented, and where did we deviate from the plan?
      • Was our communication/collaboration during the test effective?
      • Have gaps and issues found during the test been reported to the testing coordinator? Could some of the issues uncovered apply more broadly to other IT services as well?
      • What could we test next, based on what was discovered?
      • Are there other tools or approaches that could be useful?

    Input

    • Insights and experience from a recent testing exercise

    Output

    • Identified gaps and risks, and action items to address them
    • Ideas to improve future test exercises

    Participants

    • Test coordinator develops the plan with support from:
      • Test coordinator
      • Test participants

    Follow a testing cycle

    All tests are expected to drive actions to improve resilience, as appropriate. Experience from previous tests will be applied to future testing exercises.

    The testing cycle: 1. Plan a test, 2. Run test, 3. Take action.

    Use your experience to simplify testing

    The fifth testing exercise should be easier than the first

    Outputs and lessons learned from testing should help you run future tests.

    • With past experience under their belt, participants should have a better understanding of their role, and of their peers’ roles, and the goal of the exercise.
    • Facilitators will be more comfortable facilitating the exercise, and everyone should be more confident in the steps required to recover their systems.
    • Gather feedback from participants through after-action reviews to identify what worked and what didn’t.
    • Documentation from previous tests can provide a template for future tests.
    • Gaps identified in previous tests can provide ideas for future tests.

    Experience, lessons learned, improved process, new test targets, repeat.

    Info-Tech Insight

    Testing should get easier over time. But if you’re easily passing every test, it’s a sign that you’re ready to run more challenging tests.

    06 Create a test program summary

    2-4 hours

    Regular testing allows you to build on prior tests and helps keep plans current despite changes to your environment.

    Keeping a regular testing schedule requires expertise, a process to coordinate your efforts, and a level of governance to provide oversight and ensure testing continues to deliver value. Create a call to action using Info-Tech’s Disaster Recovery Testing Program Summary Template.

    The result is a summary document that:

    • Identifies key takeaways and testing goals
    • Presents key elements of the testing program
    • Outlines the testing cycle
    • Lists expected milestones for the next year
    • Identifies participants
    • Recommends next steps

    “It is extremely important in the early stages of development to concentrate the focus on actual recoverability and data protection, enhancing these capabilities over time into a fully matured program that can truly test the recovery, and not simply focusing on the testing process itself.”

    – Joe Starzyk
    Senior Business Development Executive
    IBM Global Services

    Research Contributors and Experts

    • Bernard A. Jones, Business Continuity & Disaster Recovery Expert
    • Robert Nardella, IT Service Management, Certified z/OS Mainframe Professional
    • Larry Liss, Chief Technology Officer, Blank Rome LLP
    • Jennifer Goshorn, Chief Administrative and Chief Compliance Officer, Gunderson Dettmer LLP
    • Paul Kirvan, FBCI, CISA, Independent IT Consultant/Auditor, Paul Kirvan Associates
    • Steve Tower, Principal Consultant, Prompta Consulting Group
    • Joe Starzyk, Senior Business Development Executive, IBM Global Services
    • Thomas Bronack, Enterprise Resiliency and Corporate Certification Consultant, DCAG
    • Paul S. Randal, CEO & Owner, SQLskills.com
    • Tom Baumgartner, Disaster Recovery Analyst, Catholic Health

    Bibliography

    Alton, Yoni. “Ransomware simulators – reality or a bluff?” Palo Alto Blog, 2 May 2022. Accessed 31 Jan 2023.
    https://www.paloaltonetworks.com/blog/security-operations/ransomware-simulators-reality-or-a-bluff/

    Brathwaite, Shimon. “How to Test your Business Continuity and Disaster Recovery Plan,” Security Made Simple, 13 Nov 2022. Accessed 31 Jan 2023.
    https://www.securitymadesimple.org/cybersecurity-blog/how-to-test-your-business-continuity-and-disaster-recovery-plan

    The Business Continuity Institute. Good Practice Guidelines: 2018 Edition. The Business Continuity Institute, 2017.

    Emigh, Jacqueline. “Disaster Recovery Testing: Ensuring Your DR Plan Works,” Enterprise Storage Forum, 28 May 2019. Accessed 31 Jan 2023.
    Disaster Recovery Testing: Ensuring Your DR Plan Works | Enterprise Storage Forum

    Gardner, Dana. "Case Study: Strategic Approach to Disaster Recovery and Data Lifecycle Management Pays off for Australia's SAI Global." ZDNet. BriefingsDirect, 26 Apr 2012. Accessed 31 Jan 2023.
    http://www.zdnet.com/article/case-study-strategic-approach-to-disaster-recovery-and-data-lifecycle-management-pays-off-for-australias-sai-global/.

    IBM. “Section 11. Testing the Disaster Recovery Plan.” IBM, 2 Aug 2021. Accessed 31 Jan 2023. Section 11. Testing the disaster recovery plan - IBM Documentation Lutkevich, Ben and Alexander Gillis. “Chaos Engineering”. TechTarget, Jun 2021. Accessed 31 Jan 2023.
    https://www.techtarget.com/searchitoperations/definition/chaos-engineering

    Monperrus, Martin. “Principles of Antifragility.” Arxiv Forum, 7 June 2017. Accessed 31 Jan 2023.
    https://arxiv.org/ftp/arxiv/papers/1404/1404.3056.pdf

    “Principles of Chaos Engineering.” Principles of Chaos Engineering, 2019 March. Accessed 31 Jan 2023.
    https://principlesofchaos.org/

    Sloss, Benjamin Treynor. “Introduction.” Site Reliability Engineering. Ed. Betsy Beyer. O’Reilly Media, 2017. Accessed 31 Jan 2023.
    https://sre.google/sre-book/introduction/

    Build Your BizDevOps Playbook

    • Buy Link or Shortcode: {j2store}177|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Today’s rapidly scaling and increasingly complex products create mounting pressure on delivery teams to release new features and changes quickly and with sufficient quality.
    • Many organizations see BizDevOps as a solution to help meet this demand. However, they often lack the critical cross-functional collaboration and team-sport culture that are critical for success.
    • The industry provides little consensus and guidance on how to prepare for the transition to BizDevOps.

    Our Advice

    Critical Insight

    • BizDevOps is cultural, not driven by tools. It is about delivering high-quality and valuable releases to stakeholders through collective ownership, continuous collaboration, and team-first behaviors supported by tools.
    • BizDevOps begins with a strong foundation in five key areas. The crux of successful BizDevOps is centered on the strategic adoption and optimization of building great requirements, collaborative practices, iterative delivery, application management, and high-fidelity environments.
    • Teams take STOCK of what it takes to collaborate effectively. Teams and stakeholders must show up, trust the delivery method and people, orchestrate facilitated activities, clearly communicate and knowledge share every time they collaborate.

    Impact and Result

    • Bring the right people to the table. BizDevOps brings significant organizational, process and technology changes to improve delivery effectiveness. Include the key roles in the definition and validation of your BizDevOps vision and practices.
    • Focus on the areas that matter. Review your current circumstances and incorporate the right practices that addresses your key challenges and blockers to becoming BizDevOps.
    • Build your BizDevOps playbook. Gain a broad understanding of the key plays and practices that makes a successful BizDevOps organization. Verify and validate these practices in order to tailor them to your context. Keep your playbook live.

    Build Your BizDevOps Playbook Research & Tools

    Start here – read the Executive Brief

    Find out why you should implement BizDevOps, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Get started with BizDevOps

    Set the right expectations with your stakeholders and define the context of your BizDevOps implementation.

    • Build Your BizDevOps Playbook – Phase 1: Get Started With BizDevOps
    • BizDevOps Playbook

    2. Tailor your BizDevOps playbook

    Tailor the plays in your BizDevOps playbook to your circumstances and vision.

    • Build Your BizDevOps Playbook – Phase 2: Tailor Your BizDevOps Playbook
    [infographic]

    Workshop: Build Your BizDevOps Playbook

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Set Your Expectations

    The Purpose

    Discuss the goals of your BizDevOps playbook.

    Identify the various perspectives who should be included in the BizDevOps discussion.

    Level set expectations of your BizDevOps implementation.

    Key Benefits Achieved

    Identification of the key roles who should be included in the BizDevOps discussion.

    Learning of key practices to support your BizDevOps vision and goals.

    Your vision of BizDevOps in your organization.

    Activities

    1.1 Define BizDevOps.

    1.2 Understand your key stakeholders.

    1.3 Define your objectives.

    Outputs

    Your BizDevOps definition

    List of BizDevOps stakeholders

    BizDevOps vision and objectives

    2 Set the Context

    The Purpose

    Understand the various methods to initiate the structuring of facilitated collaboration.

    Share a common way of thinking and behaving with a set of principles.

    Focus BizDevOps adoption on key areas of software product delivery.

    Key Benefits Achieved

    A chosen collaboration method (Scrum, Kanban, Scrumban) to facilitate collaboration

    A mutually understanding and beneficial set of guiding principles

    Areas where BizDevOps will see the most benefit

    Activities

    2.1 Select your foundation method.

    2.2 Define your guiding principles.

    2.3 Focus on the areas that matter.

    Outputs

    Chosen collaboration model

    List of guiding principles

    High-level assessment of delivery practices and its fit for BizDevOps

    3 Tailor Your BizDevOps Playbook

    The Purpose

    Review the good practices within Info-Tech’s BizDevOps Playbook.

    Tailor your playbook to reflect your circumstances.

    Key Benefits Achieved

    Understanding of the key plays involved in product delivery

    Product delivery plays that reflect the challenges and opportunities of your organization and support your BizDevOps vision

    Activities

    3.1 Review and tailor the plays in your playbook

    Outputs

    High-level discussion of key product delivery plays and its optimization to support BizDevOps

    Prepare for Cognitive Service Management

    • Buy Link or Shortcode: {j2store}335|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: 10 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design
    • The evolution of natural language processing and machine learning applications has led to specialized AI-assisted toolsets that promise to improve the efficiency and timeliness of IT operations.

    Our Advice

    Critical Insight

    • These are early days. These AI-assisted toolsets are generating a considerable amount of media attention, but most of them are relatively untested. Early adopters willing to absorb experimentation costs are in the process of deploying the first use cases. Initial lessons are showing that IT operations in most organizations are not yet mature enough to take advantage of AI-assisted toolsets.
    • Focus on the problem, not the tool. Explicit AI questions should be at the end of the list. Start by asking what business problem you want to solve.
    • Get your house in order. The performance of AI-assisted tools depends on mature IT operations processes and reliable data sets. Standardize service management processes and build a knowledgebase of structured content to prepare for AI-assisted IT operations.

    Impact and Result

    • Don’t fall prey to the AI-bandwagon effect. AI-assisted innovations will support shift-left service support strategies through natural language processing and machine learning applications. However, the return on your AI investment will depend on whether it helps you meet an actual business goal.
    • AI-assisted tools presuppose the existence of mature IT operations functions, including standardized processes, high-quality structured content focused on the incidents and requests that matter, and a well-functioning ITSM web portal.
    • The success of AI ITSM projects hinges on adoption. If your vision is to power end-user interactions with chatbots and deploy intelligent agents on tickets coming through the web portal, be sure to develop a self-service culture that empowers end users to help themselves and experiment with new tools and technologies. Without end-user adoption, the promised benefits of AI projects will not materialize.

    Prepare for Cognitive Service Management Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should prepare for cognitive service management, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Review emerging AI technology

    Get an overview of emerging AI applications to understand how they will strengthen a shift-left service support strategy.

    2. Sort potential IT operations AI use cases

    Review potential use cases for AI applications to prioritize improvement initiatives and align them to organizational goals.

    • Disruptive Technology Shortlisting Tool
    • Disruptive Technology Value-Readiness and SWOT Analysis Tool

    3. Prepare for a cognitive service management project

    Develop an ITSM AI strategy to prepare your organization for the coming of cognitive service management, and build a roadmap for implementation.

    • Customer Journey Map (PDF)
    • Customer Journey Map (Visio)
    • Infrastructure Roadmap Technology Assessment Tool
    • Strategic Infrastructure Roadmap Tool
    [infographic]

    Satisfy Digital End Users With Low- and No-Code

    • Buy Link or Shortcode: {j2store}185|cart{/j2store}
    • member rating overall impact (scale of 10): 8.5/10 Overall Impact
    • member rating average dollars saved: $2,460 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Your organization decided to invest in digital solutions to support their transition to a digital and automated workplace. They are ready to begin the planning and delivery of these solutions.
    • However, IT capacity is constrained due to the high and aggressive demand to meet business priorities and maintain mission critical applications. Technical experience and skills are difficult to find, and stakeholders are increasing their expectations to deliver technologies faster with high quality using less resources.
    • Stakeholders are interested in low and no code solutions as ways to their software delivery challenges and explore new digital capabilities.

    Our Advice

    Critical Insight

    • Current software delivery inefficiencies and lack of proper governance and standards impedes the ability to successfully scale and mature low and no code investments and see their full value.
    • Many operating models and culture do not enable or encourage the collaboration needed to evaluate business opportunities and underlying operational systems.This can exacerbate existing shadow IT challenges and promote a negative perception of IT.
    • Low and no code tools bring significant organizational, process, and technical changes that IT and the business may not be prepared or willing to accept and adopt, especially when these tools support business and worker managed applications and services.

    Impact and Result

    • Establish the right expectations. Profile your digital end users and their needs and challenges. Discuss current IT and business software delivery and digital product priorities to determine what to expect from low- and no-code.
    • Build your low- and no-code governance and support. Clarify the roles, processes, and tools needed for low- and no-code delivery and management through IT and business collaboration.
    • Evaluate the fit of low- and no-code and shortlist possible tools. Obtain a thorough view of the business and technical complexities of your use cases. Indicate where and how low- and no-code is expected to generate the most return.

    Satisfy Digital End Users With Low- and No-Code Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Satisfy Digital End Users With Low- and No-Code Deck – A step-by-step guide on selecting the appropriate low- and no-code tools and building the right people, processes, and technologies to support them.

    This blueprint helps you develop an approach to understand your low- and no-code challenges and priorities and to shortlist, govern, and manage the right low- and no-code tools.

    • Satisfy Digital End Users With Low- and No-Code – Phases 1-3

    2. Low- and No-Code Communication Template – Clearly communicate the goal and approach of your low- and no-code implementation in a language your audience understands.

    This template narrates a story to describe the need and expectations of your low- and no-code initiative to get buy-in from stakeholders and interested parties.

    • Low- and No-Code Communication Template

    Infographic

    Workshop: Satisfy Digital End Users With Low- and No-Code

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Select Your Tools

    The Purpose

    Understand the personas of your low- and no-code users and their needs.

    List the challenges low- and no-code is designed to solve or the opportunities you hope to exploit.

    Identify the low- and no-code tools to address your needs.

    Key Benefits Achieved

    Level set expectations on what low- and no-code can deliver.

    Identify areas where low- and no-code can be the most beneficial.

    Select the tools to best address your problem and opportunities.

    Activities

    1.1 Profile your digital end users

    1.2 Set reasonable expectations

    1.3 List your use cases

    1.4 Shortlist your tools

    Outputs

    Digital end-user skills assessment

    Low- and no-code objectives and metrics

    Low- and no-code use case opportunities

    Low- and no-code tooling shortlist

    2 Deliver Your Solution

    The Purpose

    Optimize your product delivery process to accommodate low- and no-code.

    Review and improve your product delivery and management governance model.

    Discuss how to improve your low- and no-code capacities.

    Key Benefits Achieved

    Encourage business-IT collaborative practices and improve IT’s reputation.

    Shift the right accountability and ownership to the business.

    Equip digital end users with the right skills and competencies.

    Activities

    2.1 Adapt your delivery process

    2.2 Transform your governance

    2.3 Identify your low- and no-code capacities

    Outputs

    Low- and no-code delivery process and guiding principles

    Low- and no-code governance, including roles and responsibilities, product ownership and guardrails

    List of low- and no-code capacity improvements

    3 Plan Your Adoption

    The Purpose

    Design a CoE and/or CoP to support low- and no-code capabilities.

    Build a roadmap to illustrate key low- and no-code initiatives.

    Key Benefits Achieved

    Ensure coordinated, architected, and planned implementation and adoption of low- and no-code consistently across the organization.

    Reaffirm support for digital end users new to low- and no-code.

    Clearly communicate your approach to low- and no-code.

    Activities

    3.1 Support digital end users and facilitate cross-functional sharing

    3.2 Yield results with a roadmap

    Outputs

    Low- and no-code supportive body design (e.g. center of excellence, community of practice)

    Low- and no-code roadmap

    Engineer Your Event Management Process

    • Buy Link or Shortcode: {j2store}461|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Operations Management
    • Parent Category Link: /i-and-o-process-management

    Build an event management practice that is situated in the larger service management environment. Purposefully choose valuable events to track and predefine their associated actions to cut down on data clutter.

    Our Advice

    Critical Insight

    Event management is useless in isolation. The goals come from the pain points of other ITSM practices. Build handoffs to other service management practices to drive the proper action when an event is detected.

    Impact and Result

    Create a repeatable framework to define monitored events, their root cause, and their associated action. Record your monitored events in a catalog to stay organized.

    Engineer Your Event Management Process Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Engineer Your Event Management Deck – A step-by-step document that walks you through how to choose meaningful, monitored events to track and action.

    Engineer your event management practice with tracked events informed by the business impact of the related systems, applications, and services. This storyboard will help you properly define and catalog events so you can properly respond when alerted.

    • Engineer Your Event Management Process – Phases 1-3

    2. Event Management Cookbook – A guide to help you walk through every step of scoping event management and defining every event you track in your IT environment.

    Use this tool to define your workflow for adding new events to track. This cookbook includes the considerations you need to include for every tracked event as well as the roles and responsibilities of those involved with event management.

    • Event Management Cookbook

    3. Event Management Catalog – Using the Event Management Cookbook as a guide, record all your tracked events in the Event Management Catalog.

    Use this tool to record your tracked events and alerts in one place. This catalog allows you to record the rationale, root-cause, action, and data governance for all your monitored events.

    • Event Management Catalog

    4. Event Management Workflow – Define your event management handoffs to other service management practices.

    Use this template to help define your event management handoffs to other service management practices including change management, incident management, and problem management.

    • Event Management Workflow (Visio)
    • Event Management Workflow (PDF)

    5. Event Management Roadmap – Implement and continually improve upon your event management practice.

    Use this tool to implement and continually improve upon your event management process. Record, prioritize, and assign your action items from the event management blueprint.

    • Event Management Roadmap
    [infographic]

    Workshop: Engineer Your Event Management Process

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Situate Event Management in Your Service Management Environment

    The Purpose

    Determine goals and challenges for event management and set the scope to business-critical systems.

    Key Benefits Achieved

    Defined system scope of Event Management

    Roles and responsibilities defined

    Activities

    1.1 List your goals and challenges

    1.2 Monitoring and event management RACI

    1.3 Abbreviated business impact analysis

    Outputs

    Event Management RACI (as part of the Event Management Cookbook)

    Abbreviated BIA (as part of the Event Management Cookbook)

    2 Define Your Event Management Scope

    The Purpose

    Define your in-scope configuration items and their operational conditions

    Key Benefits Achieved

    Operational conditions, related CIs and dependencies, and CI thresholds defined

    Activities

    2.1 Define operational conditions for systems

    2.2 Define related CIs and dependencies

    2.3 Define conditions for CIs

    2.4 Perform root-cause analysis for complex condition relationships

    2.5 Set thresholds for CIs

    Outputs

    Event Management Catalog

    3 Define Thresholds and Actions

    The Purpose

    Pre-define actions for every monitored event

    Key Benefits Achieved

    Thresholds and actions tied to each monitored event

    Activities

    3.1 Set thresholds to monitor

    3.2 Add actions and handoffs to event management

    Outputs

    Event Catalog

    Event Management Workflows

    4 Start Monitoring and Implement Event Management

    The Purpose

    Effectively implement event management

    Key Benefits Achieved

    Establish an event management roadmap for implementation and continual improvement

    Activities

    4.1 Define your data policy for event management

    4.2 Identify areas for improvement and establish an implementation plan

    Outputs

    Event Catalog

    Event Management Roadmap

    Further reading

    Engineer Your Event Management Process

    Track monitored events purposefully and respond effectively.

    EXECUTIVE BRIEF

    Analyst Perspective

    Event management is useless in isolation.

    Event management creates no value when implemented in isolation. However, that does not mean event management is not valuable overall. It must simply be integrated properly in the service management environment to inform and drive the appropriate actions.

    Every step of engineering event management, from choosing which events to monitor to actioning the events when they are detected, is a purposeful and explicit activity. Ensuring that event management has open lines of communication and actions tied to related practices (e.g. problem, incident, and change) allows efficient action when needed.

    Catalog your monitored events using a standardized framework to allow you to know:

    1. The value of tracking the event.
    2. The impact when the event is detected.
    3. The appropriate, right-sized reaction when the event is detected.
    4. The tool(s) involved in tracking the event.

    Properly engineering event management allows you to effectively monitor and understand your IT environment and bolster the proactivity of the related service management practices.

    Benedict Chang

    Benedict Chang
    Research Analyst, Infrastructure & Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Strive for proactivity. Implement event management to reduce response times of technical teams to solve (potential) incidents when system performance degrades.

    Build an integrated event management practice where developers, service desk, and operations can all rely on event logs and metrics.

    Define the scope of event management including the systems to track, their operational conditions, related configuration items (CIs), and associated actions of the tracked events.

    Common Obstacles

    Managed services, subscription services, and cloud services have reduced the traditional visibility of on- premises tools.

    System(s) complexity and integration with the above services has increased, making true cause and effect difficult to ascertain.

    Info-Tech’s Approach

    Clearly define a limited number of operational objectives that may benefit from event management.

    Focus only on the key systems whose value is worth the effort and expense of implementing event management.

    Understand what event information is available from the CIs of those systems and map those against your operational objectives.

    Write a data retention policy that balances operational, audit, and debugging needs against cost and data security needs.

    Info-Tech Insight

    More is NOT better. Even in an AI-enabled world, every event must be collected with a specific objective in mind. Defining the purpose of each tracked event will cut down on data clutter and response time when events are detected.

    Your challenge

    This research is designed to help organizations who are facing these challenges or looking to:

    • Build an event management practice that is situated in the larger service management environment.
    • Purposefully choose events and to track as well as their related actions based on business-critical systems, their conditions, and their related CIs.
    • Cut down on the clutter of current events tracked.
    • Create a framework to add new events when new systems are onboarded.

    33%

    In 2020, 33% of organizations listed network monitoring as their number one priority for network spending. 27% of organizations listed network monitoring infrastructure as their number two priority.
    Source: EMA, 2020; n=350

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • Many organizations have multiple tools across multiple teams and departments that track the current state of infrastructure, making it difficult to consolidate event management into a single practice.
    • Managed services, subscription services, and cloud services have reduced the traditional visibility of on-premises tools
    • System(s) complexity and integration with the above services has increased, making true cause and effect difficult to ascertain.

    Build event management to bring value to the business

    33%

    33% of all IT organizations reported that end users detected and reported incidents before the network operations team was aware of them.
    Source: EMA, 2020; n=350

    64%

    64% of enterprises use 4-10 monitoring tools to troubleshoot their network.
    Source: EMA, 2020; n=350

    Info-Tech’s approach

    Choose your events purposefully to avoid drowning in data.

    A funnel is depicted. along the funnel are the following points: Event Candidates: 1. System Selection by Business Impact; 2. System Decomposition; 3. Event Selection and Thresholding; 4. Event Action; 5. Data Management; Valuable, Monitored, and Actioned Events

    The Info-Tech difference:

    1. Start with a list of your most business-critical systems instead of data points to measure.
    2. Decompose your business-critical systems into their configuration items. This gives you a starting point for choosing what to measure.
    3. Choose your events and label them as notifications, warnings, or exceptions. Choose the relevant thresholds for each CI.
    4. Have a pre-defined action tied to each event. That action could be to log the datapoint for a report or to open an incident or problem ticket.
    5. With your event catalog defined, choose how you will measure the events and where to store the data.

    Event management is useless in isolation

    Define how event management informs other management practices.

    Logging, Archiving, and Metrics

    Monitoring and event management can be used to establish and analyze your baseline. The more you know about your system baselines, the easier it will be to detect exceptions.

    Change Management

    Events can inform needed changes to stay compliant or to resolve incidents and problems. However, it doesn’t mean that changes can be implemented without the proper authorization.

    Automatic Resolution

    The best use case for event management is to detect and resolve incidents and problems before end users or IT are even aware.

    Incident Management

    Events sitting in isolation are useless if there isn’t an effective way to pass potential tickets off to incident management to mitigate and resolve.

    Problem Management

    Events can identify problems before they become incidents. However, you must establish proper data logging to inform problem prioritization and actioning.

    Info-Tech’s methodology for Engineering Your Event Management Process

    1. Situate Event Management in Your Service Management Environment 2. Define Your Monitoring Thresholds and Accompanying Actions 3. Start Monitoring and Implement Event Management

    Phase Steps

    1.1 Set Operational and Informational Goals

    1.2 Scope Monitoring and States of Interest

    2.1 Define Conditions and Related CIs

    2.2 Set Monitoring Thresholds and Alerts

    2.3 Action Your Events

    3.1 Define Your Data Policy

    3.2 Define Future State

    Event Cookbook

    Event Catalog

    Phase Outcomes

    Monitoring and Event Management RACI

    Abbreviated BIA

    Event Workflow

    Event Management Roadmap

    Insight summary

    Event management is useless in isolation.

    The goals come from the pain points of other ITSM practices. Build handoffs to other service management practices to drive the proper action when an event is detected.

    Start with business intent.

    Trying to organize a catalog of events is difficult when working from the bottom up. Start with the business drivers of event management to keep the scope manageable.

    Keep your signal-to-noise ratio as high as possible.

    Defining tracked events with their known conditions, root cause, and associated actions allows you to be proactive when events occur.

    Improve slowly over time.

    Start small if need be. It is better and easier to track a few items with proper actions than to try to analyze events as they occur.

    More is NOT better. Avoid drowning in data.

    Even in an AI-enabled world, every event must be collected with a specific objective in mind. Defining the purpose of each tracked event will cut down on data clutter and response time when events are detected.

    Add correlations in event management to avoid false positives.

    Supplement the predictive value of a single event by aggregating it with other events.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Key deliverable:

    This is a screenshot of the Event Management Cookbook

    Event Management Cookbook
    Use the framework in the Event Management Cookbook to populate your event catalog with properly tracked and actioned events.

    This is a screenshot of the Event Management RACI

    Event Management RACI
    Define the roles and responsibilities needed in event management.

    This is a screenshot of the event management workflow

    Event Management Workflow
    Define the lifecycle and handoffs for event management.

    This is a screenshot of the Event Catalog

    Event Catalog
    Consolidate and organize your tracked events.

    This is a screenshot of the Event Roadmap

    Event Roadmap
    Roadmap your initiatives for future improvement.

    Blueprint benefits

    IT Benefits

    • Provide a mechanism to compare operating performance against design standards and SLAs.
    • Allow for early detection of incidents and escalations.
    • Promote timely actions and ensure proper communications.
    • Provide an entry point for the execution of service management activities.
    • Enable automation activity to be monitored by exception
    • Provide a basis for service assurance, reporting and service improvements.

    Business Benefits

    • Less overall downtime via earlier detection and resolution of incidents.
    • Better visibility into SLA performance for supplied services.
    • Better visibility and reporting between IT and the business.
    • Better real-time and overall understanding of the IT environment.

    Case Study

    An event management script helped one company get in front of support calls.

    INDUSTRY - Research and Advisory

    SOURCE - Anonymous Interview

    Challenge

    One staff member’s workstation had been infected with a virus that was probing the network with a wide variety of usernames and passwords, trying to find an entry point. Along with the obvious security threat, there existed the more mundane concern that workers occasionally found themselves locked out of their machine and needed to contact the service desk to regain access.

    Solution

    The system administrator wrote a script that runs hourly to see if there is a problem with an individual’s workstation. The script records the computer's name, the user involved, the reason for the password lockout, and the number of bad login attempts. If the IT technician on duty notices a greater than normal volume of bad password attempts coming from a single account, they will reach out to the account holder and inquire about potential issues.

    Results

    The IT department has successfully proactively managed two distinct but related problems: first, they have prevented several instances of unplanned work by reaching out to potential lockouts before they receive an incident report. They have also successfully leveraged event management to probe for indicators of a security threat before there is a breach.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Introduce the Cookbook and explore the business impact analysis.

    Call #4: Define operational conditions.

    Call #6: Define actions and related practices.

    Call #8: Identify and prioritize improvements.

    Call #3: Define system scope and related CIs/ dependencies.

    Call #5: Define thresholds and alerts.

    Call #7: Define data policy.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 6 to 12 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    Situate Event Management in Your Service Management Environment Define Your Event Management Scope Define Thresholds and Actions Start Monitoring and Implement Event Management Next Steps and Wrap-Up (offsite)

    Activities

    1.1 3.1 Set Thresholds to Monitor

    3.2 Add Actions and Handoffs to Event Management

    Introductions

    1.2 Operational and Informational Goals and Challenges

    1.3 Event Management Scope

    1.4 Roles and Responsibilities

    2.1 Define Operational Conditions for Systems

    2.2 Define Related CIs and Dependencies

    2.3 Define Conditions for CIs

    2.4 Perform Root-Cause Analysis for Complex Condition Relationships

    2.4 Set Thresholds for CIs

    3.1 Set Thresholds to Monitor

    3.2 Add Actions and Handoffs to Event Management

    4.1 Define Your Data Policy for Event Management

    4.2 Identify Areas for Improvement and Future Steps

    4.3 Summarize Workshop

    5.1 Complete In-Progress Deliverables From Previous Four Days

    5.2 Set Up Review Time for Workshop Deliverables and to Discuss Next Steps

    Deliverables
    1. Monitoring and Event Management RACI (as part of the Event Management Cookbook)
    2. Abbreviated BIA (as part of the Event Management Cookbook)
    3. Event Management Cookbook
    1. Event Management Catalog
    1. Event Management Catalog
    2. Event Management Workflows
    1. Event Management Catalog
    2. Event Management Roadmap
    1. Workshop Summary

    Phase 1

    Situate Event Management in Your Service Management Environment

    Phase 1 Phase 2 Phase 3

    1.1 Set Operational and Informational Goals
    1.2 Scope Monitoring and Event Management Using Business Impact

    2.1 Define Conditions and Related CIs
    2.2 Set Monitoring Thresholds and Alerts
    2.3 Action Your Events

    3.1 Define Your Data Policy
    3.2 Set Your Future of Event Monitoring

    Engineer Your Event Management Process

    This phase will walk you through the following activities:

    1.1.1 List your goals and challenges

    1.1.2 Build a RACI chart for event management

    1.2.1 Set your scope using business impact

    This phase involves the following participants:

    Infrastructure management team

    IT managers

    Step 1.1

    Set Operational and Informational Goals

    Activities

    1.1.1 List your goals and challenges

    1.1.2 Build a RACI chart for event management

    Situate Event Management in Your Service Management Environment

    This step will walk you through the following activities:

    Set the overall scope of event management by defining the governing goals. You will also define who is involved in event management as well as their responsibilities.

    This step involves the following participants:

    Infrastructure management team

    IT managers

    Outcomes of this step

    Define the goals and challenges of event management as well as their data proxies.

    Have a RACI matrix to define roles and responsibilities in event management.

    Situate event management among related service management practices

    This image depicts the relationship between Event Management and related service management practices.

    Event management needs to interact with the following service management practices:

    • Incident Management – Event management can provide early detection and/or prevention of incidents.
    • Availability and Capacity Management – Event management helps detect issues with availability and capacity before they become an incident.
    • Problem Management – The data captured in event management can aid in easier detection of root causes of problems.
    • Change Management – Event management can function as the rationale behind needed changes to fix problems and incidents.

    Consider both operational and informational goals for event management

    Event management may log real-time data for operational goals and non-real time data for informational goals

    Event Management

    Operational Goals (real-time)

    Informational Goals (non-real time)

    Incident Response & Prevention

    Availability Scaling

    Availability Scaling

    Modeling and Testing

    Investigation/ Compliance

    • Knowing what the outcomes are expected to achieve helps with the design of that process.
    • A process targeted to fewer outcomes will generally be less complex, easier to adhere to, and ultimately, more successful than one targeted to many goals.
    • Iterate for improvement.

    1.1.1 List your goals and challenges

    Gather a diverse group of IT staff in a room with a whiteboard.

    Have each participant write down their top five specific outcomes they want from improved event management.

    Consolidate similar ideas.

    Prioritize the goals.

    Record these goals in your Event Management Cookbook.

    Priority Example Goals
    1 Reduce response time for incidents
    2 Improve audit compliance
    3 Improve risk analysis
    4 Improve forecasting for resource acquisition
    5 More accurate RCAs

    Input

    • Pain points

    Output

    • Prioritized list of goals and outcomes

    Materials

    • Whiteboard/flip charts
    • Sticky notes

    Participants

    • Infrastructure management team
    • IT managers

    Download the Event Management Cookbook

    Event management is a group effort

    • Event management needs to involve multiple other service management practices and service management roles to be effective.
    • Consider the roles to the right to see how event management can fit into your environment.

    Infrastructure Team

    The infrastructure team is accountable for deciding which events to track, how to track, and how to action the events when detected.

    Service Desk

    The service desk may respond to events that are indicative of incidents. Setting a root cause for events allows for quicker troubleshooting, diagnosis, and resolution of the incident.

    Problem and Change Management

    Problem and change management may be involved with certain event alerts as the resultant action could be to investigate the root cause of the alert (problem management) or build and approve a change to resolve the problem (change management).

    1.1.2 Build a RACI chart for event management

    1. As a group, complete the RACI chart using the template to the right. RACI stands for the following:
      • Responsible. The person doing the work.
      • Accountable. The person who ensures the work is done.
      • Consulted. Two-way communication.
      • Informed. One-way communication
      • There must be one and only one accountable person for each task. There must also be at least one responsible person. Depending on the use case, RACI letters may be combined (e.g. AR means the person who ensures the work is complete but also the person doing the work).
    2. Start with defining the roles in the first row in your own environment.
    3. Look at the tasks on the first column and modify/add/subtract tasks as necessary.
    4. Populate the RACI chart as necessary.

    Download the Event Management Cookbook

    Event Management Task IT Manager SME IT Infrastructure Manager Service Desk Configuration Manager (Event Monitoring System) Change Manager Problem Manager
    Defining systems and configuration items to monitor R C AR R
    Defining states of operation R C AR C
    Defining event and event thresholds to monitor R C AR I I
    Actioning event thresholds: Log A R
    Actioning event thresholds: Monitor I R A R
    Actioning event thresholds: Submit incident/change/problem ticket R R A R R I I
    Close alert for resolved issues AR RC RC

    Step 1.2

    Scope Monitoring and Event Management Using Business Impact

    Activities

    1.2.1 Set your scope using business impact

    Situate Event Management in Your Service Management Environment

    This step will walk you through the following activities:

    • Set your scope of event management using an abbreviated business impact analysis.

    This step involves the following participants:

    • Infrastructure manager
    • IT managers

    Outcomes of this step

    • List of systems, services, and applications to monitor.

    Use the business impact of your systems to set the scope of monitoring

    Picking events to track and action is difficult. Start with your most important systems according to business impact.

    • Business impact can be determined by how costly system downtime is. This could be a financial impact ($/hour of downtime) or goodwill impact (internal/external stakeholders affected).
    • Use business impact to determine the rating of a system by Tier (Gold, Silver, or Bronze):
      • GOLD: Mission-critical services. An outage is catastrophic in terms of cost or public image/goodwill. Example: trading software at a financial institution.
      • SILVER: Important to daily operations but not mission critical. Example: email services at any large organization.
      • BRONZE: Loss of these services is an inconvenience more than anything, though they do serve a purpose and will be missed if they are never brought back online. Example: ancient fax machines.
    • Align a list of systems to track with your previously selected goals for event management to determine WHY you need to track that system. Tracking the system could inform critical SLAs (performance/uptime), vulnerability, compliance obligations, or simply system condition.

    More is not better

    Tracking too many events across too many tools could decrease your responsiveness to incidents. Start tracking only what is actionable to keep the signal-to-noise ratio of events as high as possible.

    % of Incidents Reported by End Users Before Being Recognized by IT Operations

    A bar graph is depicted. It displays the following Data: All Organizations: 40%; 1-3 Tools: 29; 4-10 Tools: 36%; data-verified=11 Tools: 52">

    Source: Riverbed, 2016

    1.2.1 Set your scope using business impact

    Collating an exhaustive list of applications and services is onerous. Start small, with a subset of systems.

    1. Gather a diverse group of IT staff and end users in a room with a whiteboard.
    2. List 10-15 systems and services. Solicit feedback from the group. Questions to ask:
      • What services do you regularly use? What do you see others using?
        (End users)
      • Which service comprises the greatest number of service calls? (IT)
      • What services are the most critical for business operations? (Everybody)
      • What is the cost of downtime (financial and goodwill) for these systems? (Business)
      • How does monitoring these systems align with your goals set in Step 1.1?
    3. Assign an importance to each of these systems from Gold (most important) to Bronze (least important).
    4. Record these systems in your Event Management Cookbook.
    Systems/Services/Applications Tier
    1 Core Infrastructure Gold
    2 Internet Access Gold
    3 Public-Facing Website Gold
    4 ERP Silver
    15 PaperSave Bronze

    Include a variety of services in your analysis

    It might be tempting to jump ahead and preselect important applications. However, even if an application is not on the top 10 list, it may have cross-dependencies that make it more valuable than originally thought.

    For a more comprehensive BIA, see Create a Right-Sized Disaster Recovery Plan
    Download the Event Management Cookbook

    Phase 2

    Define Your Monitoring Thresholds and Accompanying Actions

    Phase 1Phase 2Phase 3

    1.1 Set Operational and Informational Goals
    1.2 Scope Monitoring and Event Management Using Business Impact

    2.1 Define Conditions and Related CIs
    2.2 Set Monitoring Thresholds and Alerts
    2.3 Action Your Events

    3.1 Define Your Data Policy
    3.2 Set Your Future of Event Monitoring

    Engineer Your Event Management Process

    This phase will walk you through the following activities:

    • 2.1.1 Define performance conditions
    • 2.1.2 Decompose services into Related CIs
    • 2.2.1 Verify your CI conditions with a root-cause analysis
    • 2.2.2 Set thresholds for your events
    • 2.3.1 Set actions for your thresholds
    • 2.3.2 Build your event management workflow

    This phase involves the following participants:

    • Business system owners
    • Infrastructure manager
    • IT managers

    Step 2.1

    Define Conditions and Related CIs

    Activities

    2.1.1 Define performance conditions

    2.1.2 Decompose services into related CIs

    Define Your Monitoring Thresholds and Accompanying Actions

    This step will walk you through the following activities:

    For each monitored system, define the conditions of interest and related CIs.

    This step involves the following participants:

    Business system owners

    Infrastructure manager

    IT managers

    Outcomes of this step

    List of conditions of interest and related CIs for each monitored system.

    Consider the state of the system that is of concern to you

    Events present a snapshot of the state of a system. To determine which events you want to monitor, you need to consider what system state(s) of importance.

    • Systems can be in one of three states:
      • Up
      • Down
      • Degraded
    • What do these states mean for each of your systems chosen in your BIA?
    • Up and Down are self-explanatory and a good place to start.
    • However, degraded systems are indicative that one or more component systems of an overarching system has failed. You must uncover the nature of such a failure, which requires more sophisticated monitoring.

    2.1.1 Define system states of greatest importance for each of your systems

    1. With the system business owners and compliance officers in the room, list the performance states of your systems chosen in your BIA.
    2. If you have too many systems listed, start only with the Gold Systems.
    3. Use the following proof approaches if needed:
      • Positive Proof Approach – every system when it has certain technical and business performance expectations. You can use these as a baseline.
      • Negative Proof Approach – users know when systems are not performing. Leverage incident data and end-user feedback to determine failed or degraded system states and work backwards.
    4. Focus on the end-user facing states.
    5. Record your critical system states in the Event Management Cookbook.
    6. Use these states in the next several activities and translate them into measurable infrastructure metrics.

    Input

    • Results of business impact analysis

    Output

    • Critical system states

    Materials

    • Whiteboard/flip charts
    • Sticky notes
    • Markers

    Participants

    • Infrastructure manager
    • Business system owners

    Download the Event Management Cookbook

    2.1.2 Decompose services into relevant CIs

    Define your system dependencies to help find root causes of degraded systems.

    1. For each of your systems identified in your BIA, list the relevant CIs.
    2. Identify dependencies and relationship of those CIs with other CIs (linkages and dependencies).
    3. Starting with the Up/Down conditions for your Gold systems, list the conditions of the CIs that would lead to the condition of the system. This may be a 1:1 relationship (e.g. Core Switches down = Core Infrastructure down) or a many:1 relationship (some virtualization hosts + load balancers down = Core Infrastructure down). You do not need to define specific thresholds yet. Focus on conditions for the CIs.
    4. Repeat step 3 with Degraded conditions.
    5. Repeat step 3 and 4 with Silver and Bronze systems.
    6. Record the results in the Event Management Cookbook.

    Core Infrastructure Example

    An iceberg is depicted. below the surface, are the following terms in order from shallowest to deepest: MPLS Connection, Core Switches, DNS; DHCP, AD ADFS, SAN-01; Load Balancers, Virtualization Hosts (x 12); Power and Cooling

    Download the Event Management Cookbook

    Step 2.2

    Set Monitoring Thresholds and Alerts

    Activities

    2.2.1 Verify your CI conditions with a root-cause analysis

    2.2.2 Set thresholds for your events

    Define Your Monitoring Thresholds and Accompanying Actions

    This step will walk you through the following activities:

    Set monitoring thresholds for each CI related to each condition of interest.

    This step involves the following participants:

    Business system managers

    Infrastructure manager

    IT managers

    Service desk manager

    Outcomes of this step

    List of events to track along with their root cause.

    Event management will involve a significant number of alerts

    Separate the serious from trivial to keep the signal-to-noise ratio high.

    Event Categories: Exceptions: Alarms Indicate Failure; Alerts indicate exceeded thresholds; Normal Operation. Event Alerts: Informational; Exceptional; Warning

    Set your own thresholds

    You must set your own monitoring criteria based on operational needs. Events triggering an action should be reviewed via an assessment of the potential project and associated risks.

    Consider the four general signal types to help define your tracked events

    Latency – time to respond

    Examples:

    • Web server – time to complete request
    • Network – roundtrip ping time
    • Storage – read/write queue times

    Traffic – amount of activity per unit time

    Web sever – how many pages per minute

    Network – Mbps

    Storage – I/O read/writes per sec

    Errors – internally tracked erratic behaviors

    Web Server – page load failures

    Network – packets dropped

    Storage – disk errors

    Saturation – consumption compared to theoretical maximum

    Web Server – % load

    Network – % utilization

    Storage – % full

    2.2.1 Verify your CI conditions with a root-cause analysis

    RCAs postulate why systems go down; use the RCA to inform yourself of the events leading up to the system going down.

    1. Gather a diverse group of IT staff in a room with a whiteboard.
    2. Pick a complex example of a system condition (many:1 correlation) that has considerable data associated with it (e.g. recorded events, problem tickets).
    3. Speculate on the most likely precursor conditions. For example, if a related CI fails or is degraded, which metrics would you likely see before the failure?
    4. If something failed, imagine what you’d most likely see before the failure.
    5. Extend that timeline backward as far as you can be reasonably confident.
    6. Pick a value for that event.
    7. Write out your logic flow from event recognition to occurrence.
    8. Once satisfied, program the alert and ideally test in a non-prod environment.

    Public Website Example

    Dependency CIs Tool Metrics
    ISP WAN SNMP Traps Latency
    Telemetry Packet Loss
    SNMP Pooling Jitter
    Network Performance Web Server Response Time
    Connection Stage Errors
    Web Server Web Page DOM Load Time
    Performance
    Page Load Time

    Let your CIs help you

    At the end of the day, most of us can only monitor what our systems let us. Some (like Exchange Servers) offer a crippling number of parameters to choose from. Other (like MPLS) connections are opaque black boxes giving up only the barest of information. The metrics you choose are largely governed by the art of the possible.

    Case Study

    Exhaustive RCAs proved that 54% of issues were not caused by storage.

    This is the Nimble Storage Logo

    INDUSTRY - Enterprise IT
    SOURCE - ESG, 2017

    Challenge

    Despite a laser focus on building nothing but all-flash storage arrays, Nimble continued to field a dizzying number of support calls.

    Variability and complexity across infrastructure, applications, and configurations – each customer install being ever so slightly different – meant that the problem of customer downtime seemed inescapable.

    Solution

    Nimble embedded thousands of sensors into its arrays, both at a hardware level and in the code. Thousands of sensors per array multiplied by 7,500 customers meant millions of data points per second.

    This data was then analyzed against 12,000 anonymized app-data gap-related incidents.

    Patterns began to emerge, ones that persisted across complex customer/array/configuration combinations.

    These patterns were turned into signatures, then acted on.

    Results

    54% of app-data gap related incidents were in fact related to non-storage factors! Sub-optimal configuration, bad practices, poor integration with other systems, and even VM or hosts were at the root cause of over half of reported incidents.

    Establishing that your system is working fine is more than IT best practice – by quickly eliminating potential options the right team can get working on the right system faster thus restoring the service more quickly.

    Gain an even higher SNR with event correlation

    Filtering:

    Event data determined to be of minimal predictive value is shunted aside.

    Aggregation:

    De-duplication and combination of similar events to trigger a response based on the number or value of events, rather than for individual events.

    Masking:

    Ignoring events that occur downstream of a known failed system. Relies on accurate models of system relationships.

    Triggering:

    Initiating the appropriate response. This could be simple logging, any of the exception event responses, an alert requiring human intervention, or a pre-programmed script.

    2.2.2 Set thresholds for your events

    If the event management team toggles the threshold for an alert too low (e.g. one is generated every time a CPU load reaches 60% capacity), they will generate too many false positives and create far too much work for themselves, generating alert fatigue. If they go the other direction and set their thresholds too high, there will be too many false negatives – problems will slip through and cause future disruptions.

    1. Take your list of RCAs from the previous activity and conduct an activity with the group. The goal of the exercise is to produce the predictive event values that confidently predict an imminent event.
    2. Questions to ask:
      • What are some benign signs of this incident?
      • Is there something we could have monitored that would have alerted us to this issue before an incident occurred?
      • Should anyone have noticed this problem? Who? Why? How?
      • Go through this for each of the problems identified and discuss thresholds. When complete, include the information in the Event Management Catalog.

    Public Website Example

    Dependency Metrics Threshold
    Network Performance Latency 150ms
    Packet Loss 10%
    Jitter >1ms
    Web Server Response Time 750ms
    Performance
    Connection Stage Errors 2
    Web Page Performance DOM Load time 1100ms
    Page Load time 1200ms

    Download the Event Management Cookbook

    Step 2.3

    Action Your Events

    Activities

    2.3.1 Set actions for your thresholds

    2.3.2 Build your event management workflow

    Define Your Monitoring Thresholds and Associated Actions

    This step will walk you through the following activities:

    With your list of tracked events from the previous step, build associated actions and define the handoff from event management to related practices.

    This step involves the following participants:

    Event management team

    Infrastructure team

    Change manager

    Problem manager

    Incident manager

    Outcomes of this step

    Event management workflow

    Set actions for your thresholds

    For each of your thresholds, you will need an action tied to the event.

    • Review the event alert types:
      • Informational
      • Warning
      • Exception
    • Your detected events will require one of the following actions if detected.
    • Unactioned events will lead to a poor signal-to-noise ratio of data, which ultimately leads to confusion in the detection of the event and decreased response effectiveness.

    Event Logged

    For informational alerts, log the event for future analysis.

    Automated Resolution

    For a warning or exception event or a set of events with a well-known root cause, you may have an automated resolution tied to detection.

    Human Intervention

    For warnings and exceptions, human intervention may be needed. This could include manual monitoring or a handoff to incident, change, or problem management.

    2.3.1 Set actions for your thresholds

    Alerts generated by event management are useful for many different ITSM practitioners.

    1. With the chosen thresholds at hand, analyze the alerts and determine if they require immediate action or if they can be logged for later analysis.
    2. Questions to ask:
      1. What kind of response does this event warrant?
      2. How could we improve our event management process?
      3. What event alerts would have helped us with root-cause analysis in the past?
    3. Record the results in the Event Management Catalog.

    Public Website Example

    Outcome Metrics Threshold Response (s)
    Network Performance Latency 150ms Problem Management Tag to Problem Ticket 1701
    Web Page Performance DOM Load time 1100ms Change Management

    Download the Event Management Catalog

    Input

    • List of events generated by event management

    Output

    • Action plan for various events as they occur

    Materials

    • Whiteboard/flip charts
    • Pens
    • Paper

    Participants

    • Event Management Team
    • Infrastructure Team
    • Change Manager
    • Problem Manager
    • Incident Manager

    2.3.2 Build your event management workflow

    1. As a group, discuss your high-level monitoring, alerting, and actioning processes.
    2. Define handoff processes to incident, problem, and change management. If necessary, open your incident, problem, and change workflows and discuss how the event can further pass onto those practices. Discuss the examples below:
      • Incident Management: Who is responsible for opening the incident ticket? Can the incident ticket be automated and templated?
      • Change Management: Who is responsible for opening an RFC? Who will approve the RFC? Can it be a pre-approved change?
      • Problem Management : Who is responsible for opening the problem ticket? How can the event data be useful in the problem management process?
    3. Use and modify the example workflow as needed by downloading the Event Management Workflow.

    Example Workflow:

    This is an image of an example Event Management Workflow

    Download the Event Management Workflow

    Common datapoints to capture for each event

    Data captured will help related service management practices in different ways. Consider what you will need to record for each event.

    • Think of the practice you will be handing the event to. For example, if you’re handing the event off to incident or problem management, data captured will have to help in root-cause analysis to find and execute the right solution. If you’re passing the event off to change management, you may need information to capture the rationale of the change.
    • Knowing the driver for the data can help you define the right data captured for every event.
    • Consider the data points below for your events:

    Data Fields

    Device

    Date/time

    Component

    Parameters in exception

    Type of failure

    Value

    Download the Event Management Catalog

    Start Monitoring and Implement Event Management

    Phase 1Phase 2Phase 3

    1.1 Set Operational and Informational Goals
    1.2 Scope Monitoring and Event Management Using Business Impact

    2.1 Define Conditions and Related CIs
    2.2 Set Monitoring Thresholds and Alerts
    2.3 Action Your Events

    3.1 Define Your Data Policy
    3.2 Set Your Future of Event Monitoring

    Engineer Your Event Management Process

    This phase will walk you through the following activities:

    3.1.1 Define data policy needs

    3.2.1 Build your roadmap

    This phase involves the following participants:

    Business system owners

    Infrastructure manager

    IT managers

    Step 3.1

    Define Your Data Policy

    Activities

    3.1.1 Define data policy needs

    Start Monitoring and Implement Event Management

    This step will walk you through the following activities:

    Your overall goals from Phase 1 will help define your data retention needs. Document these policy statements in a data policy.

    This step involves the following participants:

    CIO

    Infrastructure manager

    IT managers

    Service desk manager

    Outcomes of this step

    Data retention policy statements for event management

    Know the difference between logs and metrics

    Logs

    Metrics

    A log is a complete record of events from a period:

    • Structured
    • Binary
    • Plaintext
    Missing entries in logs can be just as telling as the values existing in other entries. A metric is a numeric value that gives information about a system, generally over a time series. Adjusting the time series allows different views of the data.

    Logs are generally internal constructs to a system:

    • Applications
    • DB replications
    • Firewalls
    • SaaS services

    Completeness and context make logs excellent for:

    • Auditing
    • Analytics
    • Real-time and outlier analysis
    As a time series, metrics operate predictably and consistently regardless of system activity.

    This independence makes them ideal for:

    • Alerts
    • Dashboards
    • Profiling

    Large amounts of log data can make it difficult to:

    • Store
    • Transmit
    • Sift
    • Sort

    Context insensitivity means we can apply the same metric to dissimilar systems:

    • This is especially important for blackbox systems not fully under local control.

    Understand your data requirements

    Amount of event data logged by a 1000 user enterprise averages 113GB/day

    Source: SolarWinds

    Security Logs may contain sensitive information. Best practice is to ensure logs are secure at rest and in transit. Tailor your security protocol to your compliance regulations (PCI, etc.).
    Architecture and Availability When production infrastructure goes down, logging tends to go down as well. Holes in your data stream make it much more difficult to determine root causes of incidents. An independent secondary architecture helps solve problems when your primary is offline. At the very least, system agents should be able to buffer data until the pipeline is back online.
    Performance Log data grows: organically with the rest of the enterprise and geometrically in the event of a major incident. Your infrastructure design needs to support peak loads to prevent it from being overwhelmed when you need it the most.
    Access Control Events have value for multiple process owners in your enterprise. You need to enable access but also ensure data consistency as each group performs their own analysis on the data.
    Retention Near-real time data is valuable operationally; historic data is valuable strategically. Find a balance between the two, keeping in mind your obligations under compliance frameworks (GDPR, etc.).

    3.1.1 Set your data policy for every event

    1. Given your event list in the Event Management Catalog, include the following information for each event:
      • Retention Period
      • Data Sensitivity
      • Data Rate
    2. Record the results in the Event Management Catalog.

    Public Website Example

    Metrics/Log Retention Period Data Sensitivity Data Rate
    Latency 150ms No
    Packet Loss 10% No
    Jitter >1ms No
    Response Time 750ms No
    HAProxy Log 7 days Yes 3GB/day
    DOM Load time 1100ms
    Page Load time 1200ms
    User Access 3 years Yes

    Download the Event Management Catalog

    Input

    • List of events generated by event management
    • List of compliance standards your organization adheres to

    Output

    • Data policy for every event monitored and actioned

    Materials

    • Whiteboard/flip charts
    • Pens
    • Paper

    Participants

    • Event management team
    • Infrastructure team

    Step 3.2

    Set Your Future of Event Monitoring

    Activities

    3.2.1 Build your roadmap

    Start Monitoring and Implement Event Management

    This step will walk you through the following activities:

    Event management maturity is slowly built over time. Define your future actions in a roadmap to stay on track.

    This step involves the following participants:

    CIO

    Infrastructure manager

    IT managers

    Outcomes of this step

    Event management roadmap and action items

    Practice makes perfect

    For every event that generates an alert, you want to judge the predictive power of said event.

    Engineer your event management practice to be predictive. For example:

    • Up/Down Alert – Expected Consequence: Service desk will start working on the incident ticket before a user reports that said system has gone down.
    • SysVol Capacity Alert – Expected Consequence: Change will be made to free up space on the volume prior to the system crashing.

    If the expected consequence is not observed there are three places to look:

    1. Was the alert received by the right person?
    2. Was the alert received in enough time to do something?
    3. Did the event triggering the alert have a causative relationship with the consequence?

    While impractical to look at every action resulting from an alert, a regular review process will help improve your process. Effective alerts are crafted with specific and measurable outcomes.

    Info-Tech Insight

    False positives are worse than missed positives as they undermine confidence in the entire process from stakeholders and operators. If you need a starting point, action your false positives first.

    Mind Your Event Management Errors

    Two Donut charts are depicted. The first has a slice which is labeled 7% False Positive. The Second has a slice which is labeled 33% False Negative.

    Source: IEEE Communications Magazine March 2012

    Follow the Cookbook for every event you start tracking

    Consider building event management into new, onboarded systems as well.

    You now have several core systems, their CIs, conditions, and their related events listed in the Event Catalog. Keep the Catalog as your single reference point to help manage your tracked events across multiple tools.

    The Event Management Cookbook is designed to be used over and over. Keep your tracked events standard by running through the steps in the Cookbook.

    An additional step you could take is to pull the Cookbook out for event tracking for each new system added to your IT environment. Adding events in the Catalog during application onboarding is a good way to manage and measure configuration.

    Event Management Cookbook

    This is a screenshot of the Event Management Cookbook

    Use the framework in the Event Management Cookbook to populate your event catalog with properly tracked and actioned events.

    3.2.1 Build an event management roadmap

    Increase your event management maturity over time by documenting your goals.

    Add the following in-scope goals for future improvement. Include owner, timeline, progress, and priority.

    • Add additional systems/applications/services to event management
    • Expand condition lists for given systems
    • Consolidate tracking tools for easier data analysis and actioning
    • Integrate event management with additional service management practices

    This image contains a screenshot of a sample Event Management Roadmap

    Summary of Accomplishment

    Problem Solved

    You now have a structured event management process with a start on a properly tracked and actioned event catalog. This will help you detect incidents before they become incidents, changes needed to the IT environment, and problems before they spread.

    Continue to use the Event Management Cookbook to add new monitored events to your Event Catalog. This ensures future events will be held to the same or better standard, which allows you to avoid drowning in too much data.

    Lastly, stay on track and continually mature your event management practice using your Event Management Roadmap.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    This is an example of a RACI Chart for Event Management

    Build a RACI Chart for Event Management

    Define and document the roles and responsibilities in event management.

    This is an example of a business impact chart

    Set Your Scope Using Business Impact

    Define and prioritize in-scope systems and services for event management.

    Related Info-Tech Research

    Standardize the Service Desk

    Improve customer service by driving consistency in your support approach and meeting SLAs.

    Improve Incident and Problem Management

    Don’t let persistent problems govern your department

    Harness Configuration Management Superpowers

    Build a service configuration management practice around the IT services that are most important to the organization.

    Select Bibliography

    DeMattia, Adam. “Assessing the Financial Impact of HPE InfoSight Predictive Analytics.” ESG, Softchoice, Sept. 2017. Web.

    Hale, Brad. “Estimating Log Generation for Security Information Event and Log Management.” SolarWinds, n.d. Web.

    Ho, Cheng-Yuan, et al. “Statistical Analysis of False Positives and False Negatives from Real Traffic with Intrusion Detection/Prevention Systems.” IEEE Communications Magazine, vol. 50, no. 3, 2012, pp. 146-154.

    ITIL Foundation ITIL 4 Edition = ITIL 4. The Stationery Office, 2019.

    McGillicuddy, Shamus. “EMA: Network Management Megatrends 2016.” Riverbed, April 2016. Web.

    McGillicuddy, Shamus. “Network Management Megatrends 2020.” Enterprise Management Associates, APCON, 2020. Web.

    Rivas, Genesis. “Event Management: Everything You Need to Know about This ITIL Process.” GB Advisors, 22 Feb. 2021. Web.

    “Service Operations Processes.” ITIL Version 3 Chapters, 21 May 2010. Web.

    Build a Software Quality Assurance Program

    • Buy Link or Shortcode: {j2store}284|cart{/j2store}
    • member rating overall impact (scale of 10): 9.6/10 Overall Impact
    • member rating average dollars saved: $20,972 Average $ Saved
    • member rating average days saved: 14 Average Days Saved
    • Parent Category Name: Testing, Deployment & QA
    • Parent Category Link: /testing-deployment-and-qa
    • Today’s rapidly scaling and increasingly complex products create mounting pressure on delivery teams to release new systems and changes quickly and with sufficient quality.
    • Many organizations lack the critical capabilities and resources needed to satisfy their growing testing backlog, risking product success.

    Our Advice

    Critical Insight

    • Testing is often viewed as a support capability rather than an enabler of business growth. It receives focus and investment only when it becomes a visible problem.
    • The rise in security risks, aggressive performance standards, constantly evolving priorities, and misunderstood quality policies further complicate QA as it drives higher expectations for effective practices.
    • QA starts with good requirements. Tests are only as valuable as the requirements they are validating and verifying. Early QA improves the accuracy of downstream tests and reduces costs of fixing defects late in delivery.
    • Quality is an organization-wide accountability. Upstream work can have extensive ramifications if all roles are not accountable for the decisions they make.
    • Quality must account for both business and technical requirements. Valuable change delivery is cemented in a clear understanding of quality from both business and IT perspectives.

    Impact and Result

    • Standardize your definition of a product. Come to an organizational agreement of what attributes define a high-quality product. Accommodate both business and IT perspectives in your definition.
    • Clarify the role of QA throughout your delivery pipeline. Indicate where and how QA is involved throughout product delivery. Instill quality-first thinking in each stage of your pipeline to catch defects and issues early.
    • Structure your test design, planning, execution, and communication practices to better support your quality definition and business and IT environments and priorities. Adopt QA good practices to ensure your tests satisfy your criteria for a high-quality and successful product.

    Build a Software Quality Assurance Program Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build a strong foundation for quality, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define your QA process

    Standardize your product quality definition and your QA roles, processes, and guidelines according to your business and IT priorities.

    • Build a Strong Foundation for Quality – Phase 1: Define Your QA Process
    • Test Strategy Template

    2. Adopt QA good practices

    Build a solid set of good practices to define your defect tolerances, recognize the appropriate test coverage, and communicate your test results.

    • Build a Strong Foundation for Quality – Phase 2: Adopt QA Good Practices
    • Test Plan Template
    • Test Case Template
    [infographic]

    Workshop: Build a Software Quality Assurance Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your QA Process

    The Purpose

    Discuss your quality definition and how quality is interpreted from both business and IT perspectives.

    Review your case for strengthening your QA practice.

    Review the standardization of QA roles, processes, and guidelines in your organization.

    Key Benefits Achieved

    Grounded understanding of quality that is accepted across IT and between the business and IT.

    Clear QA roles and responsibilities.

    A repeatable QA process that is applicable across the delivery pipeline.

    Activities

    1.1 List your QA objectives and metrics.

    1.2 Adopt your foundational QA process.

    Outputs

    Quality definition and QA objectives and metrics.

    QA guiding principles, process, and roles and responsibilities.

    2 Adopt QA Good Practices

    The Purpose

    Discuss the practices to reveal the sufficient degree of test coverage to meet your acceptance criteria, defect tolerance, and quality definition.

    Review the technologies and tools to support the execution and reporting of your tests.

    Key Benefits Achieved

    QA practices aligned to industry good practices supporting your quality definition.

    Defect tolerance and acceptance criteria defined against stakeholder priorities.

    Identification of test scenarios to meet test coverage expectations.

    Activities

    2.1 Define your defect tolerance.

    2.2 Model and prioritize your tests.

    2.3 Develop and execute your QA activities.

    2.4 Communicate your QA activities.

    Outputs

    Defect tolerance levels and courses of action.

    List of test cases and scenarios that meet test coverage expectations.

    Defined test types, environment and data requirements, and testing toolchain.

    Test dashboard and communication flow.

    Build Your IT Cost Optimization Roadmap

    • Buy Link or Shortcode: {j2store}72|cart{/j2store}
    • member rating overall impact (scale of 10): 8.9/10 Overall Impact
    • member rating average dollars saved: $57,297 Average $ Saved
    • member rating average days saved: 7 Average Days Saved
    • Parent Category Name: Cost & Budget Management
    • Parent Category Link: /cost-and-budget-management

    Cost optimization is misunderstood and inadequately tackled. IT departments face:

    • Top-down budget cuts within a narrow time frame
    • Absence of adequate governance: financial, project, data, etc.
    • Long-standing bureaucratic practices slowing down progress
    • Short-term thinking

    Our Advice

    Critical Insight

    Cost optimization is not just about reducing costs. In fact, you should aim to achieve three objectives:

    • Reduce your unwarranted IT spending.
    • Optimize your cost-to-value.
    • Sustain your cost optimization.

    Impact and Result

    • Follow Info-Tech’s approach to develop a 12-month cost optimization roadmap.
    • Develop an IT cost optimization strategy based on your specific circumstances and timeline.
    • Info-Tech’s methodology helps you maintain sustainable cost optimization across IT by focusing on four levers: assets, vendors, project portfolio, and workforce.

    Build Your IT Cost Optimization Roadmap Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. IT Cost Optimization Roadmap Deck – A step-by-step methodology to achieve sustainable cost optimization and effectively communicate your strategy to stakeholders.

    This blueprint will help you understand your IT cost optimization mandate, identify your journey, assess your IT spend across four levers, develop your IT cost optimization roadmap, and craft a related communication strategy.

    • Build Your IT Cost Optimization Roadmap – Phases 1-4

    2. IT Cost Optimization Workbook – A structured tool to help you document your IT cost optimization goals and outline related initiatives to develop an effective 12-month roadmap.

    This tool guides an IT department in planning and prioritization activities to build an effective IT cost optimization strategy. The outputs include visual charts and a 12-month roadmap to showcase the implementation timelines and potential cost savings.

    • IT Cost Optimization Workbook

    3. IT Cost Optimization Roadmap Samples and Templates – A proactive journey template to help you communicate your IT cost optimization strategy to stakeholders in a clear, concise, and compelling manner.

    This presentation template uses sample data from "Acme Corp" to demonstrate an IT cost optimization strategy following a proactive journey. Use this template to document your final IT cost optimization strategy outputs, including the adopted journey, IT cost optimization goals, related key initiatives, potential cost savings, timelines, and 12-month roadmap.

    • IT Cost Optimization Roadmap Samples and Templates

    Infographic

    Workshop: Build Your IT Cost Optimization Roadmap

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand Your Mandate & Objectives

    The Purpose

    Determine your organization’s current context and its cost optimization objectives, IT’s corresponding cost optimization journey, and goals.

    Key Benefits Achieved

    A business-aligned set of specific IT cost optimization goals.

    Activities

    1.1 Understand your organization’s cost optimization objectives and how this impacts IT.

    1.2 Review potential cost optimization target areas based on your ITFM Benchmarking Report.

    1.3 Identify factors constraining cost optimization options.

    1.4 Set concrete IT cost optimization goals.

    1.5 Identify inputs required for decision making.

    Outputs

    IT cost optimization journey and guiding principles for making corresponding decisions

    2 Outline Initiatives for Vendors & Assets

    The Purpose

    Create a longlist of potential cost optimization initiatives focused on two cost optimization levers: assets and vendors.

    Key Benefits Achieved

    A comprehensive list of potential asset- and vendor-focused initiatives including cost savings estimates.

    Activities

    2.1 Identify a longlist of possible initiatives around asset lifecycle management, investment deferral, repurposing, etc., and vendor contract renegotiation, cancelation, etc.

    2.2 Estimate the cost savings of cost optimization initiatives.

    Outputs

    Longlist of potential vendor management and asset optimization IT cost optimization initiatives

    3 Outline Initiatives for Projects & Workforce

    The Purpose

    Create a longlist of potential cost optimization initiatives focused on two cost optimization levers: project portfolio and workforce.

    Key Benefits Achieved

    A comprehensive list of potential initiatives focused on project portfolio and workforce including cost savings estimates.

    Activities

    3.1 Identify a longlist of possible initiatives around project priorities, project backlog reduction, project intake restructuring, etc., and workforce productivity, skills, redeployment, etc.

    3.2 Estimate the cost savings of cost optimization initiatives.

    Outputs

    Longlist of possible cost optimization initiatives and their potential cost savings for project portfolio and workforce levers.

    4 Build an IT Cost Optimization Roadmap

    The Purpose

    Develop a visual IT cost optimization roadmap.

    Key Benefits Achieved

    A prioritized, business-aligned IT cost optimization roadmap

    Activities

    4.1 Assess feasibility of each initiative (effort and risk profile) given cost optimization goals.

    4.2 Prioritize cost optimization initiatives to create a final shortlist.

    4.3 Fine-tune key information about your final cost optimization initiatives and develop a cost optimization roadmap for proposal.

    Outputs

    Prioritized list of key cost optimization initiatives, descriptions, estimated impact, and roadmap.

    5 Communicate & Execute

    The Purpose

    Develop a communication plan and executive presentation.

    Key Benefits Achieved

    A boardroom-ready set of communication materials for gaining buy-in and support for your IT cost optimization roadmap.

    Activities

    5.1 Outline components of a communication plan, including approvers, stakeholders, and governance and management mechanisms to be used.

    5.2 Create an executive presentation.

    5.3 Set up review time for workshop deliverables and post-workshop activities.

    Outputs

    IT cost optimization communication plan and presentation strategy.

    IT Cost Optimization Executive Presentation

    Further reading

    Build Your IT Cost Optimization Roadmap

    Improve cost-to-value in a sustainable manner.

    Analyst Perspective

    Optimize your cost sustainably.

    Whether the industry is in an economic downturn, or your business is facing headwinds in the market, pressure to reduce spending across organizations is inevitable. When it comes to the IT organization, it is often handled as a onetime event. Cost optimization is an industry standard term, but it usually translates into cost cutting. How do you manage this challenge given the day-to-day demands placed on IT? Do you apply cost reduction equally across the IT landscape, or do you apply reductions using a targeted approach? How do you balance the business demands regarding innovation with keeping the lights on? What is the best path forward?

    While the situation isn't unique, all too often the IT organization response is too shortsighted.

    By using the Info-Tech methodology and tools, you will be able to develop an IT cost optimization roadmap based on your specific circumstances and timeline.

    A well-thought-out strategy should help you achieve three objectives:

    1. Reduce your unwarranted IT spending.
    2. Optimize your cost-to-value.
    3. Sustain your cost optimization.

    This blueprint will guide you to understand your mandate, identify your cost optimization journey (reactive, proactive, or strategic), and assess your IT spend across four levers (assets, vendors, project portfolio, and workforce).

    Finally, keep in mind that cost optimization is not a project to be completed, but an ongoing process to be exercised.

    Bilal Alberto Saab, Research Director, IT Financial Management

    Bilal Alberto Saab
    Research Director, IT Financial Management
    Info-Tech Research Group

    Executive Summary

    Cost optimization is misunderstood and inadequately tackled Common obstacles Follow Info-Tech's approach to develop a 12-month cost optimization roadmap
    • Top-down budget cut within a narrow time frame.
    • Absence of adequate governance: financial, project, data, etc.
    • Long-standing bureaucratic practices slowing down progress.
    • Short-term thinking.
    • Lack of alignment and collaboration among stakeholders: communication and relationships.
    • Absence of a clear plan and adequate process.
    • Lack of knowledge, expertise, and skill set.
    • Inadequate funding and no financial transparency.
    • Poor change management practices.

    Develop an IT cost optimization strategy based on your specific circumstances and timeline.

    Info-Tech's methodology helps you maintain sustainable cost optimization across IT by focusing on four levers:

    1. Assets
    2. Vendors
    3. Project Portfolio
    4. Workforce

    Info-Tech Insight
    Cost optimization is not just about reducing costs. In fact, you should aim to achieve three objectives: (1) reduce your unwarranted IT spending, (2) optimize your cost-to-value, and (3) sustain your cost optimization.

    Your challenge

    IT leaders are often asked to cut costs.

    • Cost management is a long-term challenge. Businesses and IT departments look to have a flexible cost structure focused on maximizing business value while maintaining the ability to adapt to market pressure. However, businesses must also be able to respond to unexpected events.
    • In times of economic downturn, many CEOs and CFOs shift their thinking from growth to value protection. This can force a round of cost cutting across all departments focused on short-term, immediate, and measurable objectives.
    • Many IT departments are then faced with the challenge of meeting cost cutting targets. No one knows exactly how markets will behave, but the effects of rising inflation and increasing interest rates, for example, can manifest very quickly.

    When crisis hits, does IT's hard-won gains around being seen as a partner to the business suddenly disappear and IT becomes just a cost center all over again?

    In times of economic slowdown or downturn, the key challenge of IT leaders is to optimize costs without jeopardizing their strategic and innovative contribution.

    Common obstacles

    The 90% of the budget you keep is more important than the 10% of the budget you cut.

    • While the business responds to fluctuating economic conditions, IT must ensure that its budget remains fully aligned with business strategy and expected business value.
    • However, in the face of sudden pressures, a common tendency is to make quick decisions without fully considering their long-term implications.
    • Avoid costly mistakes with a proactive and strategic mindset. Put in place a well-communicated cost optimization strategy rather than hastily cutting back the biggest line items in your budget.

    How can IT optimize costs to achieve a corporate impact, but not cut so deep that the organization can't take advantage of opportunities to recover and thrive?

    Know how you will strategically optimize IT costs before you are forced to cut cost aggressively in a reactive fashion.

    What is cost optimization?

    It's not just about cutting costs

    • While cost optimization may involve cutting costs, it is more about making smart spend and investment decisions.
    • At its core, cost optimization is a strategic decision-making process that sets out to minimize waste and get the most value for money.
    • Cost optimization encompasses near-term, mid-term, and long-term objectives, all of which are related and build upon one another. It is an accumulative practice, not a onetime exercise.
    • A sound cost optimization practice is inherently flexible, sustainable, and consequence-oriented with the positive goal of generating net benefit for the organization over time.

    Change your mindset ...

    An Info-Tech survey of IT staff reveals that while most agree that cost optimization is an important IT process, nearly 20% fewer of them agree that it's being managed well.

    Chart of cost optimization

    Info-Tech IT Management & Governance Diagnostic, 2022.

    A starting point for cost optimization improvement is adjusting your frame of mind. Know that it's not just about making difficult cuts - in reality, it's a creative pursuit that's about thriving in all circumstances, not just surviving.

    Slow revenue growth expectations generate urgency

    Many IT organizations will be directed to trim costs during turbulent times.

    • Cost optimization implies continuous cost management, which entails long-term strategic initiatives (i.e. organizations and their IT departments seek flexible cost structures and practices focused on maximizing business value while maintaining the ability to adapt to changes in the broader economic environment). However, organizations must also be able to respond to unexpected events.
    • During times of turmoil – poor economic outlook expected to negatively impact an organization's bottom line – CEOs and CFOs think more about survival than growth, driving cost cutting across all departments to create short-term, immediate, and measurable financial benefits.
    • In such situations, many IT departments will be hard-pressed to meet cost cutting targets at short notice. If not planned correctly, with a tunnel vision focus instead of a strategic one, you can end up hurting yourself in the not-so-distant future.

    Build Your IT Cost Optimization Roadmap

    Insight summary

    Sustain an optimal cost-to-value ratio across four levers:

    1. Assets
    2. Vendors
    3. Project Portfolio
    4. Workforce

    Cost optimization is not just about reducing costs

    In fact, you should aim to achieve three objectives:
    (1) reduce your unwarranted IT spending, (2) optimize your cost-to-value, and (3) sustain your cost optimization.

    Reduce unwarranted IT spending

    Stop the bleeding or go for quick wins
    Start by reducing waste and bad spending habits while clearly communicating your intentions to your stakeholders – get buy-in.

    Optimize cost-to-value

    Value means tradeoffs
    Pursue value but know that it will lead you to make tradeoffs between cost, performance, and risk.

    Sustain cost optimization

    Think about tomorrow: reduce, reuse, recalibrate, and repeat
    Standardize and automate your cost optimization processes around a proper governance framework. Cost optimization is not a onetime exercise.

    Info-Tech's methodology for building your IT cost optimization roadmap

    Phase 1: Understand Your Mandate & Objectives

    Know where you stand and where you're going.

    Understand your cost optimization mandate within the context of your organization's situation and direction.

    Phase 2: Outline Your Initiatives

    Evaluate many, pick a few.

    Think of all possible cost optimization initiatives across the four optimization levers (Assets, Vendors, Project Portfolio, and Workforce), but only keep the ones that best help you fulfill your goals.

    Phase 3: Develop Your Roadmap

    Keep one eye on today and the other on tomorrow.

    Prioritize cost optimization initiatives that would help you achieve your near-term objectives first, but don't forget about the medium and long term.

    Phase 4: Communicate and Execute

    Communicate and collaborate - you are not a one-person show.

    Reach out to other business units where necessary. Your success relies on getting buy-in from various stakeholders, especially when cost optimization initiatives impact them in one way or another.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    IT Cost Optimization Roadmap Samples and Templates
    Templates including an abbreviated executive presentation and a final communication presentation based on a 12-month cost optimization roadmap.

    IT Cost Optimization Workbook
    A workbook generating a 12-month cost optimization roadmap.

    Measure the value of this blueprint

    Maintain an optimal IT cost-to-organization revenue ratio.

    This blueprint will guide you to set cost optimization goals across one to three main objectives, depending on your identified journey (reactive, proactive, or strategic):

    • Reduce unwarranted IT spending.
    • Optimize cost-to value.
    • Sustain cost optimization.

    In phase 1 of this blueprint, we will help you establish your goals to satisfy your organization's needs.

    In phase 3, we will help you develop a game plan and a roadmap for achieving those metrics.

    Once you implement your 12-month roadmap, start tracking the metrics below over the next fiscal year (FY) to assess the effectiveness of undertaken measures.

    Cost Optimization Objective Key Success Metric
    Reduce unwarranted IT spending Decrease IT cost in identified key areas
    Optimize cost-to-value Decrease IT cost per IT employee
    Sustain cost optimization Decrease IT cost-to-organization revenue

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."
    Guided Implementation
    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."
    Workshop
    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.
    Consulting
    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3 Phase 4
    Call #1:
    • Identify cost optimization scope requirements, objectives, and your specific challenges.
    • Review and assess cost optimization goals and objectives.
    Call #2:

    Review potential cost optimization initiatives for assets and vendors levers.

    Call #3:

    Assess cost optimization initiatives' cost and feasibility - for assets and vendors levers.

    Call #4:

    Review potential cost optimization initiatives for project portfolio and workforce levers.

    Call #5:

    Assess cost optimization initiatives' cost and feasibility - for project portfolio and workforce levers.

    Call #6:
    • Identify final decision criteria for cost optimization prioritization.
    • Review prioritized cost optimization initiatives and roadmap outputs.
    Call #7:
    • Review the Cost Optimization Communication Plan and IT Cost Optimization Executive Presentation.
    • Discuss next steps.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI will include multiple calls over the course of one to two months.

    IT cost analysis and optimization workshop overview

    Session 1 Session 2 Session 3 Session 4 Session 5
    Activities Understand Your Mandate and Objectives Outline Initiatives for Assets and Vendors Outline Initiatives for Projects and Workforce Develop an IT Cost Optimization Roadmap Communicate and Execute
    1.1 Understand your organization's cost optimization objectives and how this impacts IT.
    1.2 Review potential cost optimization target areas based on your IT financial management benchmarking report.
    1.3 Identify factors constraining cost optimization options.
    1.4 Set concrete IT cost optimization goals.
    1.5 Identify inputs required for decision making.
    2.1 Identify a longlist of possible initiatives around:
    1. Asset lifecycle management, investment deferral, repurposing, etc.
    2. Vendor contract renegotiation, cancelation, etc.
    2.2 Estimate the cost savings of cost optimization initiatives.
    3.1 Identify a longlist of possible initiatives around:
    1. Project priorities, project backlog reduction, project intake restructuring, etc.
    2. Workforce productivity, skills, redeployment, etc.
    3.2 Estimate the cost savings of cost optimization initiatives.
    4.1 Assess the feasibility of each initiative (effort and risk profile) given cost optimization goals.
    4.2 Prioritize cost optimization initiatives to create a final shortlist.
    4.3 Fine-tune key information about your final cost optimization initiatives and develop a cost optimization roadmap for proposal.
    5.1 Outline components of a communication plan, including approvers, stakeholders, and governance and management mechanisms to be used.
    5.2 Create an executive presentation.
    5.3 Set up review time for workshop deliverables and post-workshop activities.
    Output
    • IT cost optimization journey and guiding principles for making corresponding decisions.
    • Long list of possible cost optimization initiatives and their potential cost savings for assets and vendors levers.
    • Long list of possible cost optimization initiatives and their potential cost savings for project portfolio and workforce levers.
    • Prioritized list of key cost optimization initiatives, descriptions, estimated impact, and roadmap.
    • IT cost optimization communication plan and presentation strategy.

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phase 1

    Understand Your Mandate and Objectives

    Phase 1
    Understand Your Mandate and Objectives

    Phase 2
    Outline Your Cost Optimization Initiatives

    Phase 3
    Develop Your IT Cost Optimization Roadmap

    Phase 4
    Communicate and Execute

    This phase will walk you through the following activities:

    • Business context and cost optimization journey
    • Cost constraints and parameters
    • Cost optimization goals

    This phase involves the following participants:

    • CIO/IT director
    • IT finance lead

    1.1 Gain consensus on the business context and IT cost optimization journey

    60 minutes

    • Using the questions on slide 20, conduct a brief journey assessment to ensure consensus on the direction you are planning to take.
    • Document your findings in the provided template.
    Input Output
    • Understanding business objectives and identifying your IT mandate
    • Determining the cost optimization journey: reactive, proactive, or strategic
    Materials Participants
    • Whiteboard or flip charts
    • Journey assessment template
    • CIO/IT director
    • IT finance lead

    See the next three slides for guidelines and the journey assessment questions and template.

    Distinguishing between three journeys

    By considering business objectives without forgoing your IT mandate.

    Journey Reactive Proactive Strategic
    Description
    • Business objectives are closely tied to cost reduction, forcing cost cutting across IT.
    • Typically occurs during turbulent economic times, when slow revenue growth is expected.
    • Business objectives do not include clear cost optimization initiatives but mandates IT to be fiscally conservative.
    • Typically occurs when economic turbulence is on the horizon and the organization's revenue is stable - executives only have a fiscal discipline guidance.
    • Business objectives do not include clear cost optimization initiatives.
    • Typically occurs when the overall economy is in good shape and the organization is in positive revenue growth territory.
    Main Focus
    • Quick-to-execute measures with few dependencies and concrete impact in response to business urgency and/or executive directive.
    • Enabling the organization to respond to different types and magnitudes of business change in a more planned and controlled manner.
    • Establishing an efficient, agile, sustainable, and strategically aligned cost optimization practice across all stages of the business cycle, regardless of business conditions.

    Questions to help determine your journey

    Business Objectives Business Strategy
    • What are the current business objectives?
    • Are there any stated cost-related objectives? If yes, what cost-related objectives have been stated by organizational leadership, such as cuts, areas of investment, and any targets for both?
    • Does the organization have a business strategy in place?
    • Was the business strategy reviewed or revised recently?
    • What's the business strategy focus for the next 12 months?
    • Are there any cost optimization implications within the current business strategy?
    IT Objectives IT Strategy and Mandate
    • What are your current IT objectives?
    • Are your IT objectives aligned to business objectives?
    • Do you have any IT cost-related objectives? If yes, what are your current IT cost-related objectives?
    • Are your IT cost-related objectives aligned to business objectives?
    • Do you have an IT strategy in place?
    • Is your IT strategy aligned to your organization's business strategy?
    • Do you have a cost optimization mandate? If yes, what is your cost optimization mandate?
    • What's the fiscal guidance and direction in IT?
    Journey
    Agreed-upon journey: reactive, proactive, or strategic.

    Template & Example

    Journey assessment

    Business Objectives Business Strategy
    • The founder's mission around quality persists despite ownership/leadership changes. Reliability and dependability are really important to everyone.
    • Increase visibility and interconnectivity across the supply chain.
    • Increase market share: younger markets and emerging foreign markets.
    • Economic outlook expected to negatively affect the bottom line - will need to trim and protect the core.
    • Grow Gizmo product sales by 10%.
    • Lower production cost of Gizmo product by 5%.
    IT Objectives IT Strategy and Mandate
    • IT/OT convergence, process automation, and modernization are major opportunities to better position the business for the future and introduce more agility into operations and reduce production cost.
    • Very mature and stable production processes with 100% uptime is a priority.
    • Lower IT cost related to Gizmo product.
    • There's no clear cost optimization mandate, but a fiscally conservative budget is recommended.
    Journey
    Agreed-upon journey: proactive.

    1.2 Review internal and external benchmarking reports

    60-90 minutes

    1. Review the IT spend and staffing results, summarized in your Info-Tech IT Spend & Staffing Benchmarking report.
    2. Identify areas where your IT spend is disproportionately high or low in comparison with your industry peers.
    3. Review and document any causes or rationales for high or low spend in each area identified. Do not be specific about any actual optimization targets or actions at this stage - simply make notes.
    4. Start a list of potential cost optimization initiatives to be further analyzed and investigated for feasibility at a later stage (see next slides for guidance, example, and template).
    InputOutput
    • IT Spend & Staffing Benchmarking report
    • A list of potential cost optimization focus areas
    MaterialsParticipants
    • Whiteboard or flip charts
    • Potential cost optimization initiatives list template
    • CIO/IT director
    • IT finance lead

    Info-Tech's approach

    Our IT cost model maps your IT spending and staffing according to four key views, putting IT spend in language that stakeholders across the organization can relate to.

    IT cost model maps

    Template & Example

    Potential cost optimization initiatives list

    Brainstorm and list potential cost optimization initiatives at a macro level.

    Potential Initiative Source Source Contact Notes
    Reduce application maintenance cost Internal Benchmarking Report CIO Based on current year report
    Rationalize software applications Info-Tech IT Benchmarking Report CIO Based on current year report
    Migrate key business applications to the cloud Latest iteration of the IT strategy CIO New IT strategy will be in development concurrent with cost optimization strategy development
    Align job roles to the current IT structure IT org. chart and salaries HR, CIO Based on information of the current year and will likely change in a few months (beginning of a new year)
    Renegotiate the top five vendor contracts up for renewal this year List of IT vendors Procurement office, CIO, IT infrastructure director, IT applications director, IT services manager Based on a list consolidated last week

    Want help with your IT spend transparency and benchmarking efforts?

    Let us fast-track your IT spend journey.

    The path to IT financial management maturity starts with knowing exactly where your money is going. To streamline this effort, Info-Tech offers an IT Spend & Staffing Benchmarking service that provides full transparency into where your money is going without any heavy lifting on your part.

    This unique service features:

    • A client-proven approach to meet your IT spend transparency goals.
    • Spend and staff mapping that reveals business consumption of IT.
    • Industry benchmarking to compare your spending and staffing to that of your peers.
    • Results in a fraction of the time with much less effort than going it alone.
    • Expert review of results and ongoing discussions with Info-Tech analysts.

    If you'd like Info-Tech to pave the way to IT spend transparency, contact your account manager for more information - we're happy to talk anytime.

    1.3 Identify your overarching constraints

    30 minutes

    1. Assess where spend change opportunities are currently limited or nonexistent due to organization edict or policy, industry regulatory requirements, or active contracts. Ask yourself:
      1. Where do IT spend bottlenecks exist and what are they?
      2. What IT spend objectives and practices are absolutely mandatory and nonnegotiable from both a business and an IT perspective?
      3. Are there areas where spend change is possible but would be very difficult to execute due to the stakeholders involved, governance processes, time frames, or another constraining factor?
    2. Identify where reduction or elimination of an IT service would negatively affect required service levels and business continuity or recovery.
    3. List constraints as negotiable or nonnegotiable on the template provided.
    4. Remove areas of focus from your cost optimization scope that land outside achievable parameters, and flag those that are difficult but still possible.
    InputOutput
    • Situational awareness and current state understanding
    • List of negotiable constraints to act on
    • Delimiting the cost optimization scope
    MaterialsParticipants
    • Whiteboard or flip charts
    • Constraints assessment template
    • CIO/IT director
    • IT finance lead

    See the next slides for additional guidance and a constraints assessment template.

    Acknowledge your limitations

    By recognizing your constraints, which will lead you to define your cost optimization scope.

    Constraints Organizational Legal/Regulatory Other
    What An organizational constraint is any work condition that hinders an employee's performance - be it physical, emotional, or otherwise. A legal or regulatory constraint is any law, rule, standard, or regulation - be it industry specific or otherwise - limiting the ability of any stakeholder to get the most out of a certain activity, initiative, or project. Other types of constraints affecting business units.
    Who Collaborate with your IT leaders and business partners to identify all major constraints that would affect cost optimization initiatives.
    How Discussions and information sessions to distinguish between negotiable and nonnegotiable constraints that would thwart cost optimization efforts:
    • Legal/regulatory requirements and related initiatives (past, ongoing, and planned/expected).
      Example: projects cannot be delayed, processes are difficult to simplify, etc.
    • Operational governance - organization policies, processes, methodologies, structure, etc.
      Example: adopting a waterfall model for development instead of an agile one.
    • Financial and accounting practices.
      Example: capital expenditure and operational expenditure classification.
    Challenge Degree to which you can influence certain outcomes within a set time frame:
    • Prioritize negotiating constraints where you can influence the outcome or maximize cost optimization benefits.

    We define a constraint as a restriction controlling the behavior of any of your stakeholders, hence preventing a desired outcome.

    In our context, constraints will determine your playing field: the boundaries of your cost optimization scope.

    Distinguish between constraints

    Negotiable vs. nonnegotiable to delimit your cost optimization scope.

    Distinguish between constraints

    Template & Example

    Constraints assessment

    List high-level limitations that hinder your cost optimization options.

    Nonnegotiable constraints
    Organizational Legal/Regulatory IT/Other
    Prioritization of sales/customer service activities SEC compliance/reporting mandates Production unit incident response service levels
    [Constraint] [Constraint] [Constraint]
    [Constraint] [Constraint] [Constraint]
    [Constraint] [Constraint] [Constraint]
    Negotiable constraints
    Organizational Legal/Regulatory IT/Other
    Core business operations process design Vendor contracts up for near-term renewal Current capital project commitments
    [Constraint] [Constraint] [Constraint]
    [Constraint] [Constraint] [Constraint]
    [Constraint] [Constraint] [Constraint]

    1.4 Establish overarching cost optimization goals

    60-90 minutes

    1. Establish specific IT cost optimization goals. Depending on your journey, step 1.1. You will have one to three overarching cost optimization goals, as follows:
      1. Reactive: Cost-cutting goal to reduce unwarranted IT spending.
      2. Proactive: Cost-to-value optimization goal.
      3. Strategic: Cost optimization sustainability goal.
      Consider amounts and time frames, as well as likely/suitable approaches you plan to employ to achieve these goals.
    2. Document your final cost optimization goals in the IT Cost Optimization Workbook.
    3. Revisit your goals after outlining your initiatives (phase 2) to ensure feasibility depending on your journey.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Situational awareness and current state understanding
    • Defined goals for IT cost optimization
    MaterialsParticipants
    • Whiteboard or flip charts
    • Set Cost Optimization Goals tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead

    Template & Example

    Document your overarching goals

    Excel Workbook: IT Cost Optimization – Set Optimization Goals Worksheet

    Refer to the example and guidelines below on how to document your goals based on your journey:

    Table of Overarching Goals

    Column ID Input Type Guidelines
    B Dropdown Select the appropriate journey: Reactive, Proactive, or Strategic.
    C Dropdown Select the appropriate cost optimization objective: Reduce Unwarranted IT Spending, Optimize Cost-to-Value, Sustain Cost Optimization.
    D Formula Automatic calculation, no entry required. Reduce Unwarranted IT Spending goal is the first priority, followed by Optimize Cost-to-Value, and Sustain Cost Optimization goals, respectively.
    E Text Enter the overarching goal related to each objective.

    Complete the following fields for each goal depending on your journey in the Excel Workbook as per guidelines:

    1. Navigate to the Set Cost Optimization Goals tab.
    2. Identify your journey and objective for each goal.
    3. Document your goal(s).

    Download the IT Cost Optimization Workbook

    Template & Example

    Break down your goals per quarter

    Excel Workbook: IT Cost Optimization - Set Cost Optimization Goals Worksheet

    Refer to the example and guidelines below on how to break down your goals per quarter and track your progress:

    Table break down your goals per quarter

    Column ID Input Type Guidelines
    F, G, H, I Text Enter the target per quarter: It could be a percentage, dollar amount, or description of the breakdown, depending on the cost optimization goal and objective.

    Complete the following fields for each goal depending on your journey in the Excel Workbook as per guidelines:

    1. Navigate to the Set Cost Optimization Goals tab.
    2. Determine your target per quarter for every goal.
    3. Document your targets.

    Download the IT Cost Optimization Workbook

    1.5 Identify inputs required for decision making

    60-90 minutes

    1. Each of the optimization levers (assets, vendors, project portfolio, and workforce) will require specific and unique sources of information which you will need to collect before moving forward. Examples of important sources of information include:
      1. Latest iteration of the IT strategy.
      2. List of IT assets (hardware, software).
      3. List of IT services or IT service catalog.
      4. List of current and planned IT projects and their resourcing allocations.
      5. List of largest vendor contracts and their key details, such as their expiration/renewal date.
      6. IT department organizational chart and salaries (by role).
    2. Review and analyze each of the documents.
    3. Continue to list potential cost optimization initiatives (step 1.2) to be further analyzed and investigated for feasibility at a later stage.
    InputOutput
    • IT strategy
    • Lists of IT assets, services, and projects
    • Top vendor contracts
    • IT org. chart and salaries
    • Macrolevel list of potential cost optimization initiatives
    MaterialsParticipants
    • Potential cost optimization initiatives list template (slide 24)
    • CIO/IT director
    • IT finance lead

    Prepare all pertinent sources of information

    And start drafting your cost optimization laundry list.

    Documents Benchmarking IT Strategy Other Information Sources
    What
    • Review:
      • Your IT spend trend across several years (ideally three to five years): internal benchmarking report.
      • Your IT spend compared to industry peers: external benchmarking report.
    • Analyze your internal and external benchmarking reports across the four views: service, expense, business, and innovation.
    • Review your business aligned IT strategy to identify cost optimization related initiatives.
    • At a later stage, exploit your IT strategy to prioritize cost optimization initiatives as needed.
    • Review your IT organization chart and salaries to determine whether the IT organization structure is optimal, job descriptions are mapped to the desired structure, employee skillsets and salary scale are adequate and aligned to the job description, etc.
    • Compile and examine lists of assets, vendors, projects, and services.
    • Prepare any other information sources you deem meaningful.
    Who Collaborate with your IT leaders and business partners to:
    • Prepare the necessary reports, documents, and required sources of information.
    • Identify potential cost optimization initiatives around areas of improvement.
    How Discussions and information sessions to analyze and deep dive on raw findings.
    Challenge Time to compile and analyze reports without affecting day-to-day operations:
    • Outsource some activities such as external benchmarking to organizations like Info-Tech.
    • Get consulting support on specific reports or tasks through workshops, calls, etc.

    Phase 2

    Outline Your Cost Optimization Initiatives

    Phase 1
    Understand Your Mandate and Objectives

    Phase 2
    Outline Your Cost Optimization Initiatives

    Phase 3
    Develop Your IT Cost Optimization Roadmap

    Phase 4
    Communicate and Execute

    This phase will walk you through the following activities:

    • IT cost optimization initiatives
    • IT cost optimization workbook

    This phase involves the following participants:

    • CIO/IT director
    • IT finance lead
    • IT asset manager
    • IT infrastructure manager
    • IT vendor management lead
    • PMO lead
    • IT talent management representative
    • Other IT management

    Outline your cost optimization initiatives

    Across Info-Tech's four levers.

    Levers ASSETS VENDORS PROJECT PORTFOLI WORKFORCE
    What
    • Maintain trustworthy data to optimize cost, reduce risk, and improve services in line with business priorities and requirements:
      • Optimize cost: reallocate unused hardware and software, end unneeded service agreements, and manage renewals and audits.
      • Reduce risk: provide comprehensive asset data for security controls development and incident management - manage equipment disposal.
      • Improve IT service: support incident, problem, request, and change management with ITAM data.
    • Examine your vendor contracts and vendor management practices to optimize your expected value from every IT provider you deal with.
    • Treat vendor management as a proactive, cross-functional practice aiming to create value by improving communication, relationships, processes, performance, and ultimately reducing cost.
    • Reassess your project portfolio to maximize total value in line with business objectives and strategy.
    • Reduce resource waste with a strategic approach to project portfolio management:
      • Ensure that approved projects can be completed by aligning intake with real project capacity.
      • Minimize over-allocation of resources by allocating based on the proportion of project vs. non-project work.
      • Forecast future resource requirements by maintaining accurate resource capacity data.
    • Review your strategic workforce plan to identify cost optimization opportunities.
    • Determine capability gaps to train or develop current staff and minimize the need for severance payouts and hiring costs, while providing clear career paths to retain high performers.
    • Link workforce planning with strategic planning to ensure that you have the right people in the right positions, in the right places, at the right time, with the knowledge, skills, and attributes to deliver on strategic business goals.
    Who Collaborate with your IT leaders and business partners to:
    • Prepare the necessary reports, documents, and required sources of information.
    • Determine cost optimization initiatives across the four levers.
    How You will decide on the best course of action depending on your journey.

    Most common cost optimization challenges

    Across Info-Tech's four levers.

    Levers ASSETS VENDORS PROJECT PORTFOLI WORKFORCE
    Challenge
    • Incomplete or inaccurate data, poor processes, inadequate tools, and lack of support across the organization is leading to bad decision making while damaging value.
    • Spending on IT providers is increasing while vendor contract expected value - results, output, performance, solutions, or outcomes - is not realized.
    • Poor planning, conflicting priorities, and resource scarcity is affecting project outcomes, resulting in suboptimal value.
    • Talent shortages, lack of prioritization, and experience in managing an IT workforce is leading to higher costs and a loss in value.
    Solution
    • Develop a sustainable IT asset management (ITAM) strategy aligned with your business priorities.
    • Establish a vendor management initiative (VMI) with a solid foundation to fit your organization's culture, environment, and goals.
    • Create a coherent strategy to maximize the total value that projects deliver as a portfolio, rather than a collection of individual projects.
    • Develop a strategic workforce plan (SWP) to ensure you have the right people in place at the right time.
    Related Info-Tech Research Develop an IT Asset Management Strategy Jump-start Your Vendor Management Initiative Develop a Project Portfolio Management Strategy Build a Strategic IT Workforce Plan

    2.1 Determine your cost optimization initiatives

    8 hours

    Now that you have identified your journey and understood your constraints:

    1. Review your list of potential cost optimization initiatives and document viable ones in the IT Cost Optimization Workbook.
    2. Think of potential cost optimization initiatives within the four levers: assets, vendors, project portfolio, and workforce. The following slides will help you in this endeavor.

    Download the IT Cost Optimization Workbook

    Input Output
    • Potential cost optimization initiatives list
    • Outline Initiatives in the IT Cost Optimization Workbook
    Materials Participants
    • Whiteboard or flip charts
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Other IT management - depending on the optimization lever (Assets, Vendors, Project Portfolio, or Workforce)

    Plan your cost optimization initiatives

    Your initiatives will differ depending on your journey

    In terms of aggressiveness and objectives.

    Plan cost optimization initiatives

    Cost optimization initiatives pertaining to a reactive journey are characterized by aggressive cost reduction.

    On the other hand, cost optimization initiatives within a strategic journey can vary in aggressiveness across objectives.

    2.1.1 Identify asset optimization initiatives

    2 hours

    1. Review the IT asset management strategy if available. Compile a list of all hardware, software, and facility asset costs for delivery of IT services.
    2. Analyze hardware and software assets for opportunities to consolidate, reduce, eliminate, and/or enhance functionality/automation. Look for:
      1. Redundancy or duplication of functionality not necessary for disaster recovery or business continuity purposes.
      2. Low or no-use software.
      3. Homegrown or legacy systems with high maintenance/support burdens.
      4. Multiple, old, or unsupported versions of current-use software.
      5. Opportunities to delay hardware/software refreshes or upgrades.
      6. Cloud/outsourced options.
      7. Instances of unsanctioned shadow IT.
    3. Reassess your in-house asset management processes to see where efficiency and effectiveness could be improved overall.
    4. Document cost optimization initiatives that could be driven by asset optimization objectives in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    InputOutput
    • IT asset management strategy
    • List of current assets including hardware, software, and facilities
    • Outline Initiatives driven by asset optimization objectives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Whiteboard or flip charts
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT asset manager
    • IT infrastructure manager
    • Other IT management

    Example

    Asset optimization

    Some examples to get you started

    Journey Reactive, Proactive, or Strategic Proactive or Strategic Strategic
    Initiatives
    • Validate the license cost of performance optimization.
    • Review the utilization of software/hardware before renewal or purchase of additional hardware or software.
    • Assess new license cost against projects to determine possibility of differing or canceling software.
    • Postpone the purchases of hardware.
    • Extend the life of hardware.
    • Consolidate and reconfigure hardware.
    • Return damaged/malfunctioning hardware under warranty.
    • Consolidate and reconfigure software.
    • Optimize software/hardware functionality.
    • Implement hardware/software standard or policy.
    • Develop an infrastructure management outsourcing strategy.
    • Optimize cloud management: review utilization, licensing, cost, etc.
    • Develop a sustainable IT asset management (ITAM) strategy aligned with your business priorities.
    • Minimize shadow IT by creating a policy and improving the service request process.
    • Develop or assess a cloud strategy for a certain service.
    No initiatives for the reactive journey. No initiatives for the reactive or proactive journeys.
    Objective Reduce Unwarranted IT Spending Optimize Cost-to-Value Sustain Cost Optimization

    Template & Example

    List your objectives and initiatives

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to input your asset optimization initiatives and related objectives:

    List your objectives and initiatives

    Column ID Input Type Guidelines
    B Formula Automatic calculation, no entry required. The ID will update once there's an input in column E.
    C Dropdown Select an optimization lever: Assets, Vendors, Project Portfolio, or Workforce.
    D Dropdown Select an initiative focus from the dropdown list - this will help you think of initiatives.
    E Text Enter your initiative.
    F Text Write a brief description per initiative, providing a cost optimization rationale.
    G Dropdown Select the cost type per initiative: OpEx (operating expenditure) or CapEx (capital expenditure).
    H Dropdown Select 1 of 3 objectives for each initiative: Reduce Unwarranted IT Spending, Optimize Cost-to-Value, or Sustain Cost Optimization.

    List your initiatives in the provided Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Enter all your initiatives driven by the asset optimization lever.
    3. Determine the cost optimization objective per initiative.

    2.1.2 Identify vendor optimization initiatives

    2 hours

    1. Revisit the IT vendor classification if available. Identify all existing vendor contracts up for renewal within the current fiscal year and create an inventory.
    2. Examine your vendor contracts to optimize your expected value from every IT provider you deal with. For each contract:
      1. Identify the business purpose/drivers.
      2. Identify the expiration/renewal date to determine time frames for action.
      3. Determine if there is an opportunity to rightsize, cancel, renegotiate costs/service levels, or postpone renewal/purchase.
      4. Identify integrations and interdependencies with other hardware and software systems to understand scope and impact of potential changes.
    3. Reassess your in-house vendor management processes to see where efficiency and effectiveness could be improved overall.
    4. Document cost optimization initiatives that could be driven by vendor optimization objectives in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Vendor classification
    • Vendors contracts
    • Outline Initiatives driven by vendor optimization objectives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Whiteboard or flip charts
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT vendor management lead
    • Other IT management

    Example

    Vendor optimization

    Some examples to get you started.

    Journey Reactive, Proactive, or Strategic Proactive or Strategic Strategic
    Initiatives
    • Renegotiate and rightsize a vendor contract:
      • Cancel vendor/service/type application contract.
      • Renegotiate vendor/service/type contract.
      • Cancel vendor/service/type licenses.
      • Rationalize number of vendor/service/type licenses.
    • Consolidate vendors/resellers with similar services, products and features.
    • Implement a vendor management initiative to maximize value and minimize risk.
    • Consolidate contracts to take advantage of spending power and volume.
    • Set up custom vendor performance metrics.
    • Establish ongoing monitoring of vendor risk (financial, security, etc.).
    No initiatives for the reactive journey. No initiatives for the reactive or proactive journeys.
    Objective Reduce Unwarranted IT Spending Optimize Cost-to-Value Sustain Cost Optimization

    Template & Example

    List your objectives and initiatives

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to input your vendor optimization initiatives and related objectives:

    List your objectives and initiatives

    Column ID Input Type Guidelines
    B Formula Automatic calculation, no entry required. The ID will update once there's an input in column E.
    C Dropdown Select an optimization lever: Assets, Vendors, Project Portfolio, or Workforce.
    D Dropdown Select an initiative focus from the dropdown list - this will help you think of initiatives.
    E Text Enter your initiative.
    F Text Write a brief description per initiative, providing a cost optimization rationale.
    G Dropdown Select the cost type per initiative: OpEx (operating expenditure) or CapEx (capital expenditure).
    H Dropdown Select 1 of 3 objectives for each initiative: Reduce Unwarranted IT Spending, Optimize Cost-to-Value, or Sustain Cost Optimization.

    List your initiatives in the provided Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Enter all your initiatives driven by the vendor optimization lever.
    3. Determine the cost optimization objective per initiative.

    2.1.3 Identify project portfolio optimization initiatives

    2 hours

    1. Review the IT Project Portfolio Strategy if available, and the list of both in-flight and planned projects.
    2. Reassess your project portfolio to maximize total value in line with business objectives and strategy. For each current and pending project on the list, identify a cost optimization initiative, including:
      1. Revisiting, confirming, and documenting actual project rationale with the business in relation to strategic goals.
      2. Rescoping existing projects that are underway.
      3. Accelerating planned or existing projects that enable business cost savings or competitive advantage and revenue growth.
      4. Canceling or postponing projects that are underway or haven't started.
      5. Identifying net-new projects that enhance business capabilities or save business costs.
    3. Reassess your in-house project management and project portfolio management processes to see where efficiency and effectiveness could be improved overall.
    4. Document cost optimization initiatives that could be driven by project portfolio optimization objectives in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    Input Output
    • Project Portfolio Management Strategy
    • List of current and pending projects
    • Outline Initiatives driven by project portfolio optimization objectives in the IT Cost Optimization Workbook
    Materials Participants
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • PMO lead
    • Other IT management

    Example

    Project portfolio optimization

    Some examples to get you started.

    Journey Reactive, Proactive, or Strategic Proactive or Strategic Strategic
    Initiatives
    • Cancel projects with no executive sponsor.
    • Cancel projects with unacceptable timelines.
    • Postpone projects where there is a more urgent need for related resources.
    • Rescope projects where a more effective business case has been identified.
    • Freeze projects where scope and resourcing are uncertain.
    • Accelerate projects that enable business cost savings or a competitive advantage with revenue growth.
    • Combine projects that are better managed by realigning project managers and coordinators.
    • Break projects into phases to front-load realized value.
    • Outsource projects with commoditized skillset requirements.
    • Reassess the technology requirements when multiple vendors are involved.
    • Reexamine project rationale with the business in relation to strategic goals.
    • Identify net-new projects that offer improved value in relation to current economics.
    • Reassess the strategic drivers for project spending in the face of shifting priorities.
    • Implement a project portfolio governance function.
    • Introduce a benefits realization discipline in relation to the benefits forecasted during project approval.
    No initiatives for the reactive journey. No initiatives for the reactive or proactive journeys.
    Objective Reduce Unwarranted IT Spending Optimize Cost-to-Value Sustain Cost Optimization

    Template & Example

    List your objectives and initiatives

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to input your project portfolio optimization initiatives and related objectives:

    List your objectives and initiatives

    Column ID Input Type Guidelines
    B Formula Automatic calculation, no entry required. The ID will update once there's an input in column E.
    C Dropdown Select an optimization lever: Assets, Vendors, Project Portfolio, or Workforce.
    D Dropdown Select an initiative focus from the dropdown list - this will help you think of initiatives.
    E Text Enter your initiative.
    F Text Write a brief description per initiative, providing a cost optimization rationale.
    G Dropdown Select the cost type per initiative: OpEx (operating expenditure) or CapEx (capital expenditure).
    H Dropdown Select 1 of 3 objectives for each initiative: Reduce Unwarranted IT Spending, Optimize Cost-to-Value, or Sustain Cost Optimization.

    List your initiatives in the provided Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Enter all your initiatives driven by the project portfolio optimization lever.
    3. Determine the cost optimization objective per initiative.

    2.1.4 Identify workforce optimization initiatives

    2 hours

    1. Review the IT department's strategic workforce plan (SWP) if available, organizational chart, and salaries by role. Do not review IT staffing in terms of named individuals who occupy a given role - focus on functions, roles, and job descriptions.
    2. Determine capability gaps:
      1. Rectify efficiency, effectiveness, and other performance issues.
      2. Train IT staff to enhance or improve skills and effectiveness.
      3. Add roles, skills, or headcount to improve effectiveness.
      4. Integrate teams to improve collaboration and reduce redundancies or break out new ones to increase focus/specialization.
      5. Redesign job roles and responsibilities.
      6. Redeploy/reassign staff to other teams.
      7. Conduct layoff (as a last resort, starting by assessing contractual employees).
    3. Document cost optimization initiatives that could be driven by workforce optimization objectives in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Strategic workforce plan (SWP)
    • Organizational charts
    • Staff lists
    • Outline Initiatives driven by workforce optimization objectives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Talent management representative
    • Other IT management

    Example

    Workforce optimization

    Some examples to get you started.

    Journey Reactive, Proactive, or Strategic Proactive or Strategic Strategic
    Initiatives
    • Defer vacancy, position, or role.
    • Freeze all overnight and unessential IT staff travel.
    • Outsource project/function to free internal resources.
    • Postpone nonessential IT staff training as per training plans.
    • Suspend IT team discretionary spend.
    • Streamline workforce related to department/service (develop the process).
    • Relocate role or function from division or group to division or group.
    • Adjust framework and level assignments.
    • Promote and train employees for a certain objective.
    • Implement a strategic workforce plan (SWP) to ensure you have the right people in place, at the right time.
    • Set up a workforce performance monitoring framework or process to optimize staffing capabilities aligned with business value.
    No initiatives for the reactive journey. No initiatives for the reactive or proactive journeys.
    Objective Reduce Unwarranted IT Spending Optimize Cost-to-Value Sustain Cost Optimization

    Template & Example

    List your objectives and initiatives

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to input your workforce optimization initiatives and related objectives:

    List your objectives and initiatives

    Column ID Input Type Guidelines
    B Formula Automatic calculation, no entry required. The ID will update once there's an input in column E.
    C Dropdown Select an optimization lever: Assets, Vendors, Project Portfolio, or Workforce.
    D Dropdown Select an initiative focus from the dropdown list - this will help you think of initiatives.
    E Text Enter your initiative.
    F Text Write a brief description per initiative, providing a cost optimization rationale.
    G Dropdown Select the cost type per initiative: OpEx (operating expenditure) or CapEx (capital expenditure).
    H Dropdown Select 1 of 3 objectives for each initiative: Reduce Unwarranted IT Spending, Optimize Cost-to-Value, or Sustain Cost Optimization.

    List your initiatives in the provided Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Enter all your initiatives driven by the workforce optimization lever.
    3. Determine the cost optimization objective per initiative.

    2.2 Estimate the cost savings of cost optimization initiatives

    8 hours

    Now that you have identified your initiatives:

    1. Review your cost optimization initiatives per lever (Assets, Vendors, Project Portfolio, and Workforce).
    2. Determine whether the implementation cost of each of your initiatives is included as part of your budget.
    3. Estimate your cost savings.
    4. Document your assessment in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Potential cost optimization initiatives list
    • Outline Initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Whiteboard or flip charts
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Other IT management - depending on the optimization lever (Assets, Vendors, Project Portfolio, or Workforce)

    2.2.1 Estimate the costs impacting your asset optimization initiatives

    2 hours

    1. Review each asset optimization initiative to estimate cost implications.
    2. Consider implementation cost in terms of your budget, and document it in the IT Cost Optimization Workbook (see next slides). Is the implementation cost of the underlying initiative considered in your current budget? If not, move to the next initiative. You will assess the flagged initiative independently at a later stage if deemed necessary.
    3. Estimate the current cost related to the initiative (including implementation cost), and document it in the IT Cost Optimization Workbook (see next slides). This will be the first of two inputs needed to calculate the initiative's potential cost savings.
    4. Estimate the expected cost, post initiative execution, of the underlying initiative, and document it in the IT Cost Optimization Workbook (see next slides). This will be the second and last input needed to calculate the initiative's potential cost savings.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Asset optimization initiatives
    • Cost and budget information
    • Cost estimates of asset optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT asset manager
    • IT infrastructure manager
    • Other IT management

    Template & Example

    Estimate your cost

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete cost estimates for each asset optimization initiative:

    Estimate your cost

    Column ID Input Type Guidelines
    I Dropdown Select if the implementation cost is considered within your budget or not. If not, the initiative will be flagged to be reviewed, and no further entry is required; move to the next initiative. Implementation cost represents your cost for planning, executing, and monitoring the related initiative.
    J, K Whole Number Input a dollar amount. Current cost represents the yearly cost including implementing the initiative, while the expected cost represents the yearly cost after implementing the initiative.
    L Formula Automatic calculation, no entry required. The difference between current cost and expected cost.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine if the implementation cost is considered within the budget.
    3. If yes, estimate the current cost, and expected cost of the underlying initiative.

    2.2.2 Estimate the costs impacting your vendor optimization initiatives

    2 hours

    1. Review each vendor optimization initiative to estimate cost implications.
    2. Consider implementation cost in terms of your budget, and document it in the IT Cost Optimization Workbook (see next slides). Is the implementation cost of the underlying initiative considered in your current budget? If not, move to the next initiative. You will assess the flagged initiative independently at a later stage if deemed necessary.
    3. Estimate the current cost related to the initiative (including implementation cost), and document it in the IT Cost Optimization Workbook (see next slides). This will be the first of two inputs needed to calculate the initiative's potential cost savings.
    4. Estimate the expected cost, post initiative execution, of the underlying initiative, and document it in the IT Cost Optimization Workbook (see next slides). This will be the second and last input needed to calculate the initiative's potential cost savings.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Vendor optimization initiatives
    • Cost and budget information
    • Cost estimates of vendor optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT vendor management lead
    • Other IT management

    Template & Example

    Estimate your cost

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete cost estimates for each vendor optimization initiative:

    Estimate your cost

    Column ID Input Type Guidelines
    I Dropdown Select if the implementation cost is considered within your budget or not. If not, the initiative will be flagged to be reviewed, and no further entry is required; move to the next initiative. Implementation cost represents your cost for planning, executing, and monitoring the related initiative.
    J, K Whole Number Input a dollar amount. Current cost represents the yearly cost including implementing the initiative, while the expected cost represents the yearly cost after implementing the initiative.
    L Formula Automatic calculation, no entry required. The difference between current cost and expected cost.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine if the implementation cost is considered within the budget.
    3. If yes, estimate the current cost, and expected cost of the underlying initiative.

    2.2.3 Estimate the costs impacting your project portfolio optimization initiatives

    2 hours

    1. Review each project portfolio optimization initiative to estimate cost implications.
    2. Consider implementation cost in terms of your budget, and document it in the IT Cost Optimization Workbook (see next slides). Is the implementation cost of the underlying initiative considered in your current budget? If not, move to the next initiative. You will assess the flagged initiative independently at a later stage if deemed necessary.
    3. Estimate the current cost related to the initiative (including implementation cost), and document it in the IT Cost Optimization Workbook (see next slides). This will be the first of two inputs needed to calculate the initiative's potential cost savings.
    4. Estimate the expected cost, post initiative execution, of the underlying initiative, and document it in the IT Cost Optimization Workbook (see next slides). This will be the second and last input needed to calculate the initiative's potential cost savings.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Project portfolio optimization initiatives
    • Cost and budget information
    • Cost estimates of project portfolio optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • PMO lead
    • Other IT management

    Template & Example

    Estimate your cost

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete cost estimates for each project portfolio optimization initiative:

    Estimate your cost

    Column ID Input Type Guidelines
    I Dropdown Select if the implementation cost is considered within your budget or not. If not, the initiative will be flagged to be reviewed, and no further entry is required; move to the next initiative. Implementation cost represents your cost for planning, executing, and monitoring the related initiative.
    J, K Whole Number Input a dollar amount. Current cost represents the yearly cost including implementing the initiative, while the expected cost represents the yearly cost after implementing the initiative.
    L Formula Automatic calculation, no entry required. The difference between current cost and expected cost.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine if the implementation cost is considered within the budget.
    3. If yes, estimate the current cost, and expected cost of the underlying initiative.

    2.2.4 Estimate the costs impacting your workforce optimization initiatives

    2 hours

    1. Review each workforce optimization initiative to estimate cost implications.
    2. Consider implementation cost in terms of your budget, and document it in the IT Cost Optimization Workbook (see next slides). Is the implementation cost of the underlying initiative considered in your current budget? If not, move to the next initiative. You will assess the flagged initiative independently at a later stage if deemed necessary.
    3. Estimate the current cost related to the initiative (including implementation cost), and document it in the IT Cost Optimization Workbook (see next slides). This will be the first of two inputs needed to calculate the initiative's potential cost savings.
    4. Estimate the expected cost, post initiative execution, of the underlying initiative, and document it in the IT Cost Optimization Workbook (see next slides). This will be the second and last input needed to calculate the initiative's potential cost savings.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Workforce optimization initiatives
    • Cost and budget information
    • Cost estimates of workforce optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Talent management representative
    • Other IT management

    Template & Example

    Estimate your cost

    Excel Workbook: IT Cost Optimization –i Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete cost estimates for each workforce optimization initiative:

    Estimate your cost

    Column ID Input Type Guidelines
    I Dropdown Select if the implementation cost is considered within your budget or not. If not, the initiative will be flagged to be reviewed, and no further entry is required; move to the next initiative. Implementation cost represents your cost for planning, executing, and monitoring the related initiative.
    J, K Whole Number Input a dollar amount. Current cost represents the yearly cost including implementing the initiative, while the expected cost represents the yearly cost after implementing the initiative.
    L Formula Automatic calculation, no entry required. The difference between current cost and expected cost.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine if the implementation cost is considered within the budget.
    3. If yes, estimate the current cost, and expected cost of the underlying initiative.

    Phase 3

    Develop Your IT Cost Optimization Roadmap

    Phase 1
    Understand Your Mandate and Objectives

    Phase 2
    Outline Your Cost Optimization Initiatives

    Phase 3
    Develop Your IT Cost Optimization Roadmap

    Phase 4
    Communicate and Execute

    This phase will walk you through the following activities:

    • IT cost optimization workbook
    • IT cost optimization roadmap

    This phase involves the following participants:

    • CIO/IT director
    • IT finance lead
    • IT asset manager
    • IT infrastructure manager
    • IT vendor management lead
    • PMO lead
    • IT talent management representative
    • Other IT management

    Develop your prioritized and aligned cost optimization roadmap

    The process of developing your roadmap is where you set final cost optimization priorities, conduct a final rationalization to decide what's in and what's out, and document your proposed plan of action.

    First, take a moment to consider if you missed anything. Too often, only the cost cutting elements of the cost optimization equation get attention. Remember that cost optimization also includes making smart investments. Sometimes adding and expanding is better for the business than removing or contracting.

    • Do your proposed initiatives help position the organization to recover quickly if you're dealing with a downturn or recession scenario?
    • Have you fully considered growth or innovation opportunities that will help optimize costs in the long run?

    Feasibility
    Eliminate initiatives from the longlist of potential initiatives that cannot be achieved given the cost optimization goals you determined at the beginning of this exercise.

    Priority
    Rank order the remaining initiatives according to their ability to contribute to goal attainment and dependency relationships with external constraints and one another.

    Action Plan
    Create an overarching visual roadmap that shows how you intend to achieve your cost optimization goals over the short, medium, and long-term.

    3.1 Assess the feasibility of your cost optimization initiatives

    4 hours

    Now that you have identified your initiatives across the four levers and understood the business impacts:

    1. Review each of your cost optimization initiatives and estimate the feasibility in terms of:
      1. Effort required to implement.
      2. Risk: Likelihood of failure and impact on performance.
      3. Approval rights: Within the IT or finance's accountability/domain or not.
    2. Document your assessment in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Cost optimization initiatives
    • Feasibility estimates of cost optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Variables tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Other IT management - depending on the optimization lever (Assets, Vendors, Project Portfolio, or Workforce)

    3.1.1 Estimate the feasibility of your asset optimization initiatives

    1 hour

    1. Review each asset optimization initiative to estimate feasibility implications.
    2. Start by defining the effort required variables. Think in terms of how many dedicated full-time employees you would need to implement the initiative. Document your definition for each of the three variables (High, Medium, or Low) in the IT Cost Optimization Workbook (see next slides). Then, estimate the effort required to implement the related initiative. Consider complexity, scope, and resource availability, before you document it in the IT Cost Optimization Workbook (see next slides).
    3. Define your likelihood of failure variables. Think in terms of probability of failure or percent chance the underlying initiative will not succeed. Document your definition for each of the three variables (High, Medium, or Low) in the IT Cost Optimization Workbook (see next slides). Then, estimate the likelihood of failure to implement the related initiative, and document it in the IT Cost Optimization Workbook (see next slides).
    4. Consider the initiative's impact on performance. Would implementing the initiative hinder IT or business performance? If you are on a reactive journey, would it impede business recovery in any way, shape, or form? Document the impact (Positive Impact, No Impact, or Negative Impact) in the IT Cost Optimization Workbook (see next slides).
    5. Determine who is responsible for approving the initiative. Does it fall within your jurisdiction, responsibility, or accountability? If not, it would mean that it might be more difficult to implement the initiative. Document approval rights (within accountability or not within accountability) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    Input Output
    • Asset optimization initiatives
    • Feasibility estimates of asset optimization initiatives in the IT Cost Optimization Workbook
    Materials Participants
    • Define Variables tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT asset manager
    • IT infrastructure manager
    • Other IT management

    Template & Example

    Define your feasibility variables

    Excel Workbook: IT Cost Optimization – Define Variables Worksheet

    Refer to the example and guidelines below on how to define your feasibility variables for standardization purposes. You can adopt a different definition per optimization lever (Assets, Vendors, Project Portfolio, and Workforce), or maintain the same one across initiatives, depending on what makes sense for your organization:

    Define your feasibility variables

    Column ID Input Type Guidelines
    B, G Formula Automatic calculation, no entry required. The ID will populate automatically.
    C, H Text No entry required. Three variables identified: High, Medium, Low.
    D, E Whole Number Review and input the range of each effort required variable, based on the number of dedicated full-time employees needed to implement an initiative, as it works best for your organization.
    I, J Whole Number Review and input the range of each likelihood of failure variable, based on the probability of failure of an initiative, as it works best for your organization. This example should work for most organizations.

    Define your feasibility variables in the Excel Workbook as per guidelines:

    1. Navigate to the Define Variables tab.
    2. Review and enter the range of each effort required and likelihood of failure variable as you see fit for your organization.

    Template & Example

    Estimate your feasibility

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete feasibility estimates for each asset optimization initiative:

    Estimate your feasibility

    Column ID Input Type Guidelines
    M Dropdown Select the effort required estimate based on your defined variables. Effort required represents the number of dedicated employees needed to plan, execute, and monitor the underlying initiative, based on the level of maturity and readiness; consider complexity, scope, and resource availability.
    N Dropdown Select the likelihood of failure estimate based on your defined variables. Likelihood of failure represents the probability of failure of the underlying initiative.
    O Dropdown Select the impact on performance estimate related to the implementation of the underlying initiative. Consider the impact on IT and on business (including business recovery if on a reactive journey).
    P Dropdown Select the appropriate approval right related to the underlying initiative. Determine if the initiative's approval falls within your accountability or not.
    Q Text Write a brief description per initiative, providing an impact rationale and identifying the approver where possible.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate effort required to implement the underlying initiative.
    3. Identify the risk of each initiative: likelihood of failure and impact on performance.
    4. Choose the adequate approval right classification for each initiative.

    3.1.2 Estimate the feasibility of your vendor optimization initiatives

    1 hour

    1. Review each vendor optimization initiative to estimate feasibility implications, along with previously defined variables (see slides 64 and 65).
    2. Consider the initiative's impact on performance. Would implementing the initiative hinder IT or business performance? If you are on a reactive journey, would it impede business recovery in any way, shape, or form? Document the impact (Positive Impact, No Impact, or Negative Impact) in the IT Cost Optimization Workbook (see next slides).
    3. Determine who is responsible for approving the initiative. Does it fall within your jurisdiction, responsibility, or accountability? If not, it would mean that it might be more difficult to implement the initiative. Document approval rights (within accountability or not within accountability) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    InputOutput
    • Vendor optimization initiatives
    • Feasibility estimates of vendor optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Variables tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT vendor management lead
    • Other IT management

    Template & Example

    Estimate your feasibility

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete feasibility estimates for each vendor optimization initiative:

    Estimate your feasibility

    Column ID Input Type Guidelines
    M Dropdown Select the effort required estimate based on your defined variables. Effort required represents the number of dedicated employees needed to plan, execute, and monitor the underlying initiative, based on the level of maturity and readiness; consider complexity, scope, and resource availability.
    N Dropdown Select the likelihood of failure estimate based on your defined variables. Likelihood of failure represents the probability of failure of the underlying initiative.
    O Dropdown Select the impact on performance estimate related to the implementation of the underlying initiative. Consider the impact on IT and on business (including business recovery if on a reactive journey).
    P Dropdown Select the appropriate approval right related to the underlying initiative. Determine if the initiative's approval falls within your accountability or not.
    Q Text Write a brief description per initiative, providing an impact rationale and identifying the approver where possible.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate effort required to implement the underlying initiative.
    3. Identify the risk of each initiative: likelihood of failure and impact on performance.
    4. Choose the adequate approval right classification for each initiative.

    3.1.3 Estimate the feasibility of your project portfolio optimization initiatives

    1 hour

    1. Review each project portfolio optimization initiative to estimate feasibility implications, along with previously defined variables (see slides 64 and 65).
    2. Consider the initiative's impact on performance. Would implementing the initiative hinder IT or business performance? If you are on a reactive journey, would it impede business recovery in any way, shape, or form? Document the impact (Positive Impact, No Impact, or Negative Impact) in the IT Cost Optimization Workbook (see next slides).
    3. Determine who is responsible for approving the initiative. Does it fall within your jurisdiction, responsibility, or accountability? If not, it would mean that it might be more difficult to implement the initiative. Document approval rights (within accountability or not within accountability) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    InputOutput
    • Project portfolio optimization initiatives
    • Feasibility estimates of vendor optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Variables tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • PMO lead
    • Other IT management

    Template & Example

    Estimate your feasibility

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete feasibility estimates for each project portfolio optimization initiative:

    Estimate your feasibility

    Column ID Input Type Guidelines
    M Dropdown Select the effort required estimate based on your defined variables. Effort required represents the number of dedicated employees needed to plan, execute, and monitor the underlying initiative, based on the level of maturity and readiness; consider complexity, scope, and resource availability.
    N Dropdown Select the likelihood of failure estimate based on your defined variables. Likelihood of failure represents the probability of failure of the underlying initiative.
    O Dropdown Select the impact on performance estimate related to the implementation of the underlying initiative. Consider the impact on IT and on business (including business recovery if on a reactive journey).
    P Dropdown Select the appropriate approval right related to the underlying initiative. Determine if the initiative's approval falls within your accountability or not.
    Q Text Write a brief description per initiative, providing an impact rationale and identifying the approver where possible.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate effort required to implement the underlying initiative.
    3. Identify the risk of each initiative: likelihood of failure and impact on performance.
    4. Choose the adequate approval right classification for each initiative.

    3.1.4 Estimate the feasibility of your workforce optimization initiatives

    1 hour

    1. Review each workforce optimization initiative to estimate feasibility implications, along with previously defined variables (see slides 64 and 65).
    2. Consider the initiative's impact on performance. Would implementing the initiative hinder IT or business performance? If you are on a reactive journey, would it impede business recovery in any way, shape, or form? Document the impact (Positive Impact, No Impact, or Negative Impact) in the IT Cost Optimization Workbook (see next slides).
    3. Determine who is responsible for approving the initiative. Does it fall within your jurisdiction, responsibility, or accountability? If not, it would mean that it might be more difficult to implement the initiative. Document approval rights (within accountability or not within accountability) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    InputOutput
    • Workforce optimization initiatives
    • Feasibility estimates of workforce optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Variables tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Talent management representative
    • Other IT management

    Template & Example

    Estimate your feasibility

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete feasibility estimates for each workforce optimization initiative:

    Estimate your feasibility

    Column ID Input Type Guidelines
    M Dropdown Select the effort required estimate based on your defined variables. Effort required represents the number of dedicated employees needed to plan, execute, and monitor the underlying initiative, based on the level of maturity and readiness; consider complexity, scope, and resource availability.
    N Dropdown Select the likelihood of failure estimate based on your defined variables. Likelihood of failure represents the probability of failure of the underlying initiative.
    O Dropdown Select the impact on performance estimate related to the implementation of the underlying initiative. Consider the impact on IT and on business (including business recovery if on a reactive journey).
    P Dropdown Select the appropriate approval right related to the underlying initiative. Determine if the initiative's approval falls within your accountability or not.
    Q Text Write a brief description per initiative, providing an impact rationale and identifying the approver where possible.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate effort required to implement the underlying initiative.
    3. Identify the risk of each initiative: likelihood of failure and impact on performance.
    4. Choose the adequate approval right classification for each initiative.

    3.2 Prioritize cost optimization initiatives to create a final shortlist

    4 hours

    Now that you have your cost and feasibility for each cost optimization initiative:

    1. Review each of your cost optimization initiatives and estimate the time and priority by considering:
      1. Preliminary priority assessment based on your cost and feasibility input.
      2. Time frame: start and end date of each initiative.
      3. Current budget cycle: time remaining in the current budget cycle and potential cost savings in this fiscal year.
    2. Determine the final priority of the initiative and decide whether you want to include it in your 12-month roadmap.
    3. Document your assessment in the IT Cost Optimization Workbook.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Cost optimization initiatives
    • Time and priority estimates of cost optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Priority Threshold tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Other IT management - depending on the optimization lever (Assets, Vendors, Project Portfolio, or Workforce)

    3.2.1 Prioritize your asset optimization initiatives

    1 hour

    1. Review each asset optimization initiative to set the priority.
    2. Validate your cost and feasibility estimates and consider the automated evaluation, in the IT Cost Optimization Workbook, providing you with a preliminary priority based on your cost and feasibility estimates (see next slides).
    3. Revisit your overarching goals (step 1.4) as you will assess the time it will take you to complete your initiatives and prioritize accordingly.
    4. Determine your start and end date for each initiative based on your journey, objectives, and overarching goals. Consider the urgency of each initiative. Document the quarter and year for your start and end dates in the IT Cost Optimization Workbook (see next slides).
    5. Identify the time remaining in your current budget cycle after the completion of each initiative to get a cost savings estimate for the current fiscal year. Document the number of remaining quarters (0, 1, 2, 3, or 4) in the IT Cost Optimization Workbook (see next slides).
    6. Decide on the priority of each initiative (High, Medium, or Low), and document it in the IT Cost Optimization Workbook (see next slides).
    7. Revisit the priority decision after prioritizing all your initiatives and determine which ones to include in your 12-month roadmap; consider the number of initiatives you can tackle at the same time within a 12-month period. Document your final decision (Yes or No) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    InputOutput
    • Asset optimization initiatives
    • Time and priority estimates of cost optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Priority Threshold tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT asset manager
    • IT infrastructure manager
    • Other IT management

    Template & Example

    Understand your priority assessment

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how the preliminary priority assessment is assigned, for each asset optimization initiative, noting that columns Q to X are hidden automatic calculations and should not be touched:

    Understand your priority assessment

    Column ID Input Type Guidelines
    R Formula Hidden automatic calculation, no entry required. Rank of estimate cost savings (per year) in ascending order (higher cost savings implies a higher rank).
    S Formula Hidden automatic calculation, no entry required. Cost Savings Score on a scale of 1 to 3, where the top third in Cost Savings Rank are assigned a score of 1, the bottom third a score of 3, and in between a score of 2, noting that negative cost savings would imply a -1 score.
    T Formula Hidden automatic calculation, no entry required. Cost Score adds 1 to the Cost Savings Score if the underlying initiative is within the budget.
    U, V, W Formula Hidden automatic calculation, no entry required. A score on a scale of 1 to 3 based on input of columns M, N, and O, where Low or Positive Impact is assigned a score of 3, Medium or No Impact a score of 2, and High or Negative Impact a score of 1.
    X Formula Hidden automatic calculation, no entry required. The rounding of the average of columns U, V, and W, adding 1 to the result if the initiative's approval falls within your accountability (column P).
    Y Formula Hidden automatic calculation, no entry required. The sum of columns T and X, adding 3 for Reduce Unwarranted IT Spending, and 1 to Optimize Cost-to-value (column H).
    Z Formula Hidden automatic calculation, no entry required. Preliminary priority assessment based on the Define Priority Threshold worksheet (hidden, see next slide).

    Review the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Validate cost and feasibility estimates (columns I to P previously filled - steps 2.2 and 3.1) driving the Priority Score and Preliminary Priority Assessment.

    Template & Example

    Priority threshold rationale

    Excel Workbook: IT Cost Optimization – Define Priority Threshold Worksheet

    Refer to the screenshot of the Define Priority Threshold worksheet below to understand the rationale behind the priority score and priority level:

    Priority threshold rationale

    Template & Example

    Estimate your timeline

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete timeline estimates for each asset optimization initiative:

    Estimate your timeline

    Column ID Input Type Guidelines
    AA, AC Dropdown Select the quarter(s) in which you plan to begin and complete your initiative.
    AB, AD Dropdown Select the year(s) in which you plan to begin and complete your initiative.
    AE Dropdown Select the number of remaining quarters, in the current fiscal year, after you complete the initiative (0 to 4); based on columns AA to AD.
    AF Formula Automatic calculation, no entry required. Estimate of cost savings in the current fiscal year, based on the remaining quarters after implementation. The entry in column AE is divided by 4, and the result is multiplied by the related estimated cost savings per year (entry in column L).
    AG Dropdown Select if cost savings after the implementation of the underlying initiative will be permanent or temporary.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate quarter and year to start and complete the initiative.
    3. Identify the time remaining in your current budget cycle after the completion of the initiative.

    Template & Example

    Make your final decisions

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to assign the final priority for each asset optimization initiative, and include it in your 12-month roadmap:

    Make your final decisions

    Column ID Row ID Input Type Guidelines
    AH - Dropdown Select your final priority decision after reviewing the preliminary priority assessment (column Z) and timeline estimates (columns AA to AG).
    AI - Dropdown Select whether you want to include the initiative in your 12-month roadmap (Yes or No).
    AK, AL 5 Formula Automatic calculation, no entry required. The total number of initiatives you decided to include in your 12-month roadmap; based on column AI when Yes is selected.
    AK, AL 6 Formula Automatic calculation, no entry required. Total estimated cost savings per year after the initiative's completion; based on column L when included in the 12-month roadmap (column AI when Yes is selected)
    AK, AL 7 Formula Automatic calculation, no entry required. Total estimated cost savings in the current fiscal year; based on column AF when included in the 12-month roadmap (column AI when Yes is selected)
    • Estimated cost savings per year refer to cost savings fully realized by the end of the upcoming fiscal year, following the initiatives' implementation.
    • Estimated cost savings in the current budget cycle, refer to cost savings partially realized in the current fiscal year, after the initiatives' implementation.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the final priority of the initiative.
    3. Decide whether you want to include the initiative in your 12-month roadmap.

    3.2.2 Prioritize your vendor optimization initiatives

    1 hour

    1. Review each vendor optimization initiative to set the priority.
    2. Validate your cost and feasibility estimates and consider the automated evaluation, in the IT Cost Optimization Workbook, providing you with a preliminary priority based on your cost and feasibility estimates (see next slides).
    3. Revisit your overarching goals (step 1.4) as you will assess the time it will take you to complete your initiatives and prioritize accordingly.
    4. Determine your start and end date for each initiative based on your journey, objectives, and overarching goals. Consider the urgency of each initiative. Document the quarter and year for your start and end dates in the IT Cost Optimization Workbook (see next slides).
    5. Identify the time remaining in your current budget cycle after the completion of each initiative to get a cost savings estimate for the current fiscal year. Document the number of remaining quarters (0, 1, 2, 3, or 4) in the IT Cost Optimization Workbook (see next slides).
    6. Decide on the priority of each initiative (High, Medium, or Low), and document it in the IT Cost Optimization Workbook (see next slides).
    7. Revisit the priority decision after prioritizing all your initiatives and determine which ones to include in your 12-month roadmap; consider the number of initiatives you can tackle at the same time within a 12-month period. Document your final decision (Yes or No) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    Input Output
    • Vendor optimization initiatives
    • Time and priority estimates of cost optimization initiatives in the IT Cost Optimization Workbook
    Materials Participants
    • Define Priority Threshold tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • IT vendor management lead
    • Other IT management

    Template & Example

    Understand your priority assessment

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how the preliminary priority assessment is assigned, for each vendor optimization initiative, noting that columns Q to X are hidden automatic calculations and should not be touched:

    Understand your priority assessment

    Column ID Input Type Guidelines
    R Formula Hidden automatic calculation, no entry required. Rank of estimate cost savings (per year) in ascending order (higher cost savings implies a higher rank).
    S Formula Hidden automatic calculation, no entry required. Cost Savings Score on a scale of 1 to 3, where the top third in Cost Savings Rank are assigned a score of 1, the bottom third a score of 3, and in between a score of 2, noting that negative cost savings would imply a -1 score.
    T Formula Hidden automatic calculation, no entry required. Cost Score adds 1 to the Cost Savings Score if the underlying initiative is within the budget.
    U, V, W Formula Hidden automatic calculation, no entry required. A score on a scale of 1 to 3 based on input of columns M, N, and O, where Low or Positive Impact is assigned a score of 3, Medium or No Impact a score of 2, and High or Negative Impact a score of 1.
    X Formula Hidden automatic calculation, no entry required. The rounding of the average of columns U, V, and W, adding 1 to the result if the initiative's approval falls within your accountability (column P).
    Y Formula Hidden automatic calculation, no entry required. The sum of columns T and X, adding 3 for Reduce Unwarranted IT Spending, and 1 to Optimize Cost-to-Value (column H).
    Z Formula Hidden automatic calculation, no entry required. Preliminary priority assessment based on the Define Priority Threshold worksheet (hidden, see next slide).

    Review the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Validate cost and feasibility estimates (columns I to P previously filled - steps 2.2 and 3.1) driving the Priority Score and Preliminary Priority Assessment.

    Template & Example

    Priority Threshold Rationale

    Excel Workbook: IT Cost Optimization – Define Priority Threshold Worksheet

    Refer to the screenshot of the Define Priority Threshold worksheet below to understand the rationale behind the Priority Score and Priority Level:

    Priority Threshold Rationale

    Template & Example

    Estimate your timeline

    Excel Workbook: IT Cost Optimization – Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete timeline estimates for each vendor optimization initiative:

    Estimate your timeline

    Column ID Input Type Guidelines
    AA, AC Dropdown Select the quarter(s) in which you plan to begin and complete your initiative.
    AB, AD Dropdown Select the year(s) in which you plan to begin and complete your initiative.
    AE Dropdown Select the number of remaining quarters, in the current fiscal year, after you complete the initiative (0 to 4); based on columns AA to AD.
    AF Formula Automatic calculation, no entry required. Estimate of cost savings in the current fiscal year, based on the remaining quarters after implementation. The entry in column AE is divided by 4, and the result is multiplied by the related estimated cost savings per year (entry in column L).
    AG Dropdown Select if cost savings after the implementation of the underlying initiative will be Permanent or Temporary.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate quarter and year to start and complete the initiative.
    3. Identify the time remaining in your current budget cycle after the completion of the initiative.

    Template & Example

    Make your final decisions

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to assign the final priority for each vendor optimization initiative, and include it in your 12-month roadmap:

    Make your final decisions

    Column ID Row ID Input Type Guidelines
    AH - Dropdown Select your final priority decision after reviewing the preliminary priority assessment (column Z) and timeline estimates (columns AA to AG).
    AI - Dropdown Select whether you want to include the initiative in your 12-month roadmap (Yes or No).
    AK, AL 5 Formula Automatic calculation, no entry required. The total number of initiatives you decided to include in your 12-month roadmap; based on column AI when Yes is selected.
    AK, AL 6 Formula Automatic calculation, no entry required. Total estimated cost savings per year after the initiative's completion; based on column L when included in the 12-month roadmap (column AI when Yes is selected)
    AK, AL 7 Formula Automatic calculation, no entry required. Total estimated cost savings in the current fiscal year; based on column AF when included in the 12-month roadmap (column AI when Yes is selected)
    • Estimated cost savings per year refer to cost savings fully realized by the end of the upcoming fiscal year, following the initiatives' implementation.
    • Estimated cost savings in the current budget cycle, refer to cost savings partially realized in the current fiscal year, after the initiatives' implementation.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the final priority of the initiative.
    3. Decide whether you want to include the initiative in your 12-month roadmap.

    3.2.3 Prioritize your project portfolio optimization initiatives

    1 hour

    1. Review each project portfolio optimization initiative to set the priority.
    2. Validate your cost and feasibility estimates and consider the automated evaluation, in the IT Cost Optimization Workbook, providing you with a preliminary priority based on your cost and feasibility estimates (see next slides).
    3. Revisit your overarching goals (step 1.4) as you will assess the time it will take you to complete your initiatives and prioritize accordingly.
    4. Determine your start and end date for each initiative based on your journey, objectives, and overarching goals. Consider the urgency of each initiative. Document the quarter and year for your start and end dates in the IT Cost Optimization Workbook (see next slides).
    5. Identify the time remaining in your current budget cycle after the completion of each initiative to get a cost savings estimate for the current fiscal year. Document the number of remaining quarters (0, 1, 2, 3, or 4) in the IT Cost Optimization Workbook (see next slides).
    6. Decide on the priority of each initiative (High, Medium, or Low), and document it in the IT Cost Optimization Workbook (see next slides).
    7. Revisit the priority decision after prioritizing all your initiatives and determine which ones to include in your 12-month roadmap; consider the number of initiatives you can tackle at the same time within a 12-month period. Document your final decision (Yes or No) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    InputOutput
    • Project portfolio optimization initiatives
    • Time and priority estimates of cost optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Priority Threshold tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • PMO lead
    • Other IT management

    Template & Example

    Understand your priority assessment

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how the preliminary priority assessment is assigned, for each project portfolio optimization initiative, noting that columns Q to X are hidden automatic calculations and should not be touched:

    Understand your priority assessment

    Column ID Input Type Guidelines
    R Formula Hidden automatic calculation, no entry required. Rank of Estimate Cost Savings (per year) in ascending order (higher cost savings implies a higher rank).
    S Formula Hidden automatic calculation, no entry required. Cost Savings Score on a scale of 1 to 3, where the top third in Cost Savings Rank are assigned a score of 1, the bottom third a score of 3, and in between a score of 2, noting that negative cost savings would imply a -1 score.
    T Formula Hidden automatic calculation, no entry required. Cost Score adds 1 to the Cost Savings Score if the underlying initiative is within the budget.
    U, V, W Formula Hidden automatic calculation, no entry required. A score on a scale of 1 to 3 based on input of columns M, N, and O, where Low or Positive Impact is assigned a score of 3, Medium or No Impact a score of 2, and High or Negative Impact a score of 1.
    X Formula Hidden automatic calculation, no entry required. The rounding of the average of columns U, V, and W, adding 1 to the result if the initiative's approval falls within your accountability (column P).
    Y Formula Hidden automatic calculation, no entry required. The sum of columns T and X, adding 3 for Reduce Unwarranted IT Spending, and 1 to Optimize Cost-to-Value (column H).
    Z Formula Hidden automatic calculation, no entry required. Preliminary Priority Assessment based on the Define Priority Threshold worksheet (hidden, see next slide).

    Review the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Validate cost and feasibility estimates (columns I to P previously filled - steps 2.2 and 3.1) driving the Priority Score and Preliminary Priority Assessment.

    Template & Example

    Priority Threshold Rationale

    Excel Workbook: IT Cost Optimization - Define Priority Threshold Worksheet

    Refer to the screenshot of the Define Priority Threshold worksheet below to understand the rationale behind the Priority Score and Priority Level:

    Priority threshold rationale

    Template & Example

    Estimate your timeline

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete timeline estimates for each project portfolio optimization initiative:

    Estimate your timeline

    Column ID Input Type Guidelines
    AA, AC Dropdown Select the quarter(s) in which you plan to begin and complete your initiative.
    AB, AD Dropdown Select the year(s) in which you plan to begin and complete your initiative.
    AE Dropdown Select the number of remaining quarters, in the current fiscal year, after you complete the initiative (0 to 4); based on columns AA to AD.
    AF Formula Automatic calculation, no entry required. Estimate of cost savings in the current fiscal year, based on the remaining quarters after implementation. The entry in column AE is divided by 4, and the result is multiplied by the related estimated cost savings per year (entry in column L).
    AG Dropdown Select if cost savings after the implementation of the underlying initiative will be Permanent or Temporary.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate quarter and year to start and complete the initiative.
    3. Identify the time remaining in your current budget cycle after the completion of the initiative.

    Template & Example

    Make your final decisions

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to assign the final priority for each project portfolio optimization initiative and include it in your 12-month roadmap:

    Make your final decisions

    Column ID Row ID Input Type Guidelines
    AH - Dropdown Select your final priority decision after reviewing the preliminary priority assessment (column Z) and timeline estimates (columns AA to AG).
    AI - Dropdown Select whether you want to include the initiative in your 12-month roadmap (Yes or No).
    AK, AL 5 Formula Automatic calculation, no entry required. The total number of initiatives you decided to include in your 12-month roadmap; based on column AI when Yes is selected.
    AK, AL 6 Formula Automatic calculation, no entry required. Total estimated cost savings per year after the initiative's completion; based on column L when included in the 12-month roadmap (column AI when Yes is selected)
    AK, AL 7 Formula Automatic calculation, no entry required. Total estimated cost savings in the current fiscal year; based on column AF when included in the 12-month roadmap (column AI when Yes is selected)
    • Estimated cost savings per year refer to cost savings fully realized by the end of the upcoming fiscal year, following the initiatives' implementation.
    • Estimated cost savings in the current budget cycle, refer to cost savings partially realized in the current fiscal year, after the initiatives' implementation.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the final priority of the initiative.
    3. Decide whether you want to include the initiative in your 12-month roadmap.

    3.2.4 Prioritize your workforce optimization initiatives

    1 hour

    1. Review each workforce optimization initiative to set the priority.
    2. Validate your cost and feasibility estimates and consider the automated evaluation, in the IT Cost Optimization Workbook, providing you with a preliminary priority based on your cost and feasibility estimates (see next slides).
    3. Revisit your overarching goals (step 1.4) as you will assess the time it will take you to complete your initiatives and prioritize accordingly.
    4. Determine your start and end date for each initiative based on your journey, objectives, and overarching goals. Consider the urgency of each initiative. Document the quarter and year for your start and end dates in the IT Cost Optimization Workbook (see next slides).
    5. Identify the time remaining in your current budget cycle after the completion of each initiative to get a cost savings estimate for the current fiscal year. Document the number of remaining quarters (0, 1, 2, 3, or 4) in the IT Cost Optimization Workbook (see next slides).
    6. Decide on the priority of each initiative (High, Medium, or Low), and document it in the IT Cost Optimization Workbook (see next slides).
    7. Revisit the priority decision after prioritizing all your initiatives and determine which ones to include in your 12-month roadmap; consider the number of initiatives you can tackle at the same time within a 12-month period. Document your final decision (Yes or No) in the IT Cost Optimization Workbook (see next slides).

    Download the IT Cost Optimization Workbook

    InputOutput
    • Workforce optimization initiatives
    • Time and priority estimates of cost optimization initiatives in the IT Cost Optimization Workbook
    MaterialsParticipants
    • Define Priority Threshold tab in the IT Cost Optimization Workbook
    • Outline Initiatives tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT finance lead
    • Talent management representative
    • Other IT management

    Template & Example

    Understand your priority assessment

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how the preliminary priority assessment is assigned, for each workforce optimization initiative, noting that columns Q to X are hidden automatic calculations and should not be touched:

    Understand your priority assessment

    Column ID Input Type Guidelines
    R Formula Hidden automatic calculation, no entry required. Rank of Estimate Cost Savings (per year) in ascending order (higher cost savings implies a higher rank).
    S Formula Hidden automatic calculation, no entry required. Cost Savings Score on a scale of 1 to 3, where the top third in Cost Savings Rank are assigned a score of 1, the bottom third a score of 3, and in between a score of 2, noting that negative cost savings would imply a -1 score.
    T Formula Hidden automatic calculation, no entry required. Cost Score adds 1 to the Cost Savings Score if the underlying initiative is within the budget.
    U, V, W Formula Hidden automatic calculation, no entry required. A score on a scale of 1 to 3 based on input of columns M, N, and O, where Low or Positive Impact is assigned a score of 3, Medium or No Impact a score of 2, and High or Negative Impact a score of 1.
    X Formula Hidden automatic calculation, no entry required. The rounding of the average of columns U, V, and W, adding 1 to the result if the initiative's approval falls within your accountability (column P).
    Y Formula Hidden automatic calculation, no entry required. The sum of columns T and X, adding 3 for Reduce Unwarranted IT Spending, and 1 to Optimize Cost-to-Value (column H).
    Z Formula Hidden automatic calculation, no entry required. Preliminary Priority Assessment based on the Define Priority Threshold worksheet (hidden, see next slide).

    Review the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Validate cost and feasibility estimates (columns I to P previously filled - steps 2.2 and 3.1) driving the Priority Score and Preliminary Priority Assessment.

    Template & Example

    Priority Threshold Rationale

    Excel Workbook: IT Cost Optimization - Define Priority Threshold

    Refer to the screenshot of the Define Priority Threshold worksheet below to understand the rationale behind the Priority Score and Priority Level:

    Priority Threshold Rationale

    Template & Example

    Estimate your timeline

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to complete timeline estimates for each workforce optimization initiative:

    Estimate your timeline

    Column ID Input Type Guidelines
    AA, AC Dropdown Select the quarter(s) in which you plan to begin and complete your initiative.
    AB, AD Dropdown Select the year(s) in which you plan to begin and complete your initiative.
    AE Dropdown Select the number of remaining quarters, in the current fiscal year, after you complete the initiative (0 to 4); based on columns AA to AD.
    AF Formula Automatic calculation, no entry required. Estimate of cost savings in the current fiscal year, based on the remaining quarters after implementation. The entry in column AE is divided by 4, and the result is multiplied by the related estimated cost savings per year (entry in column L).
    AG Dropdown Select if cost savings after the implementation of the underlying initiative will be Permanent or Temporary.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the appropriate quarter and year to start and complete the initiative.
    3. Identify the time remaining in your current budget cycle after the completion of the initiative.

    Template & Example

    Make your final decisions

    Excel Workbook: IT Cost Optimization - Outline Initiatives Worksheet

    Refer to the example and guidelines below on how to assign the final priority for each workforce optimization initiative, and include it in your 12-month roadmap:

    Make your final decisions

    Column ID Row ID Input Type Guidelines
    AH - Dropdown Select your final priority decision after reviewing the preliminary priority assessment (column Z) and timeline estimates (columns AA to AG).
    AI - Dropdown Select whether you want to include the initiative in your 12-month roadmap (Yes or No).
    AK, AL 5 Formula Automatic calculation, no entry required. The total number of initiatives you decided to include in your 12-month roadmap; based on column AI when Yes is selected.
    AK, AL 6 Formula Automatic calculation, no entry required. Total estimated cost savings per year after the initiative's completion; based on column L when included in the 12-month roadmap (column AI when Yes is selected)
    AK, AL 7 Formula Automatic calculation, no entry required. Total estimated cost savings in the current fiscal year; based on column AF when included in the 12-month roadmap (column AI when Yes is selected)
    • Estimated cost savings per year refer to cost savings fully realized by the end of the upcoming fiscal year, following the initiatives' implementation.
    • Estimated cost savings in the current budget cycle, refer to cost savings partially realized in the current fiscal year, after the initiatives' implementation.

    Complete the following fields for each initiative in the Excel Workbook as per guidelines:

    1. Navigate to the Outline Initiatives tab.
    2. Determine the final priority of the initiative.
    3. Decide whether you want to include the initiative in your 12-month roadmap.

    3.3 Develop your cost optimization roadmap

    1 hour

    1. Conduct a final evaluation of your timeline, priority decision, and initiatives you wish to include in your 12-month roadmap. Do they make sense, are they achievable, and do they all contribute individually and collectively to reaching your cost optimization goals?
    2. Review your 12-month roadmap outputs in the IT Cost Optimization Workbook (see next slides).
    3. Make adjustments to your 12-month roadmap by adding or removing initiatives as you deem necessary (step 3.2).
    4. Document your final roadmap - including initiatives and relative time frames for execution - in the IT Cost Optimization Roadmap templates provided (see slide 97). The 12-month roadmap outputs from the IT Cost Optimization Workbook (see next slide) can facilitate this task.

    Download the IT Cost Optimization Workbook

    Input Output
    • Outline Initiatives tab in the IT Cost Optimization Workbook, output from previous steps
    • IT Cost Optimization Roadmap
    Materials Participants
    • Outline Initiatives Charts tab in the IT Cost Optimization Workbook
    • Diagram Results tab in the IT Cost Optimization Workbook
    • List Results tab in the IT Cost Optimization Workbook
    • Timeline Result tab in the IT Cost Optimization Workbook
    • CIO/IT director
    • IT financial lead
    • Other IT management

    Template & Example

    Potential Cost Savings Per Year

    Excel Workbook: IT Cost Optimization - Outline Initiatives Charts Worksheet

    Refer to the example below on charts depicting different views of estimated cost savings per year across the four optimization levers (Assets, Vendors, Project Portfolio, and Workforce) that could help you in your assessment and decision making.

    Potential cost savings per year

    From the Excel Workbook, after completing your potential initiatives and filling all related entries in the Outline Initiatives tab:

    1. Navigate to the Outline Initiatives Charts tab.
    2. Review each of the charts.
    3. Navigate back to the Outline Initiatives tab to examine, drill down, and amend individual initiative entries or final decisions as you deem necessary.

    Template & Example

    12-month Roadmap Outputs

    Excel Workbook: IT Cost Optimization - Diagram Results, List Results, and Timeline Result Worksheets

    Refer to the example below depicting different roadmap output that could help you in presentations, assessment, and decision making.

    12-month Roadmap Outputs

    From the Excel Workbook:

    1. Navigate to the Diagram Results tab. This bubble diagram represent cost optimization initiatives by objective where each bubble size is determined by its estimated cost saving per year.
    2. Navigate to the List Results tab. You will find a list of the cost optimizations initiatives you've chosen to include in your roadmap and related charts.
    3. Navigate to the Timeline Result tab. This Gantt chart is a timeline view of the cost optimizations initiatives you've chosen to include in your roadmap.

    Download the IT Cost Optimization Workbook

    IT cost optimization roadmap

    Phase 4

    Communicate and Execute

    Phase 1
    Understand Your Mandate and Objectives

    Phase 2
    Outline Your Cost Optimization Initiatives

    Phase 3
    Develop Your IT Cost Optimization Roadmap

    Phase 4
    Communicate and Execute

    This phase will walk you through the following activities:

    • Cost optimization communication plan
    • Cost optimization executive presentation

    This phase involves the following participants:

    • CIO/IT director
    • IT finance lead
    • PMO lead
    • Other IT management

    Build Your IT Cost Optimization Roadmap

    4.1 Build the communication plan

    45 to 60 minutes

    1. Use the Cost Optimization Communication Plan templates and guidance on the following slides.
    2. Complete the template to develop your communication plan for your cost optimization proposal and initiatives. At a minimum, it should include:
      1. Steps for preparing and presenting your proposal to decision-makers, sponsors, and other stakeholders, including named presenters and points of contact in IT.
      2. Checkpoints for communication throughout the execution of each initiative and the cost optimization roadmap overall, including target audiences, accountabilities, modes and methods of communication, type/scope of information to be communicated at each checkpoint, and any decision/approval steps.

    Download the IT Cost Optimization Workbook

    InputOutput
    • Cost optimization roadmap
    • Completed draft of the Cost Optimization Communication Plan
    MaterialsParticipants
    • IT Cost Optimization Workbook
    • IT Cost Optimization Roadmap
    • Info-Tech's Cost Optimization Communication Plan template
    • CIO/IT director
    • IT financial lead
    • Other IT management

    Understand a communication strategy's purpose

    Put as much effort into developing your communication strategy as you would into planning and executing the cost optimization initiatives themselves. Don't skip this part.

    Your communication strategy has two major components ...

    1. A tactical plan for how and when you'll communicate with stakeholders about your proposals, activities, and progress toward meeting cost optimization goals.
    2. An executive or board presentation that outlines your final proposed cost optimization initiatives, their respective business cases, and resources/support required with the goal of gaining approval to execute.

    Your communication strategy will need to ...

    • Provide answers to the "What's in it for me?" question from all impacted stakeholders.
    • Roles, responsibilities, and accountabilities before, during, and after initiatives are completed.
    • Descriptions and high-level information about dates, deliverables, and impacts of the specific changes being made.

    You will also develop more detailed operational and project plans for each initiative. IT will use these plans to manage and track the execution of individual initiatives when the time comes.

    Template & Example

    Document the overall what and why of your planned communications

    Component Purpose Context Key Messages Intended Outcomes
    Definition Description of the topic and why you're communicating with this specific audience right now. Background information about the broader situation and how you got to where you are today. The main points you want your target audience to hear/read, absorb, and remember. What you hope you and your audience will get at the end of the communication or effort.
    Our Language
    • IT is proposing an organization-wide array of initiatives in order to reduce IT costs. We are seeking your approval and support to carry out these initiatives.
    • [Purpose]
    • The economy is in active downturn and may become a full recession.
    • IT is anticipating mandatory cost reductions and has opted to take a proactive position.
    • We used an analytical framework to look at all areas of the organization to identify and prioritize IT cost-reduction opportunities.
    • [Context]
    • IT is being proactive.
    • IT is sensitive to the business.
    • IT needs your support.
    • IT is committed to keeping you informed at every step.
    • IT wants to position the organization for rapid recovery when the economy improves.
    • [Message]
    • Buy-in, approval, and ongoing support for cost optimization initiatives proposed.
    • Update on the status of specific initiatives, including what's happened, progress, and what's coming next.
    • [Outcome]

    Template & Example

    Next, note the who, how, and when of your communication plan

    Stakeholder/Approver Initiatives Impact Format Time frame Messenger
    CEO
    • Reduce number of Minitab licenses
    • Defer hiring of new data architecture position
    • Cancel VR simulation project
    Indefinitely delays current strategic projects Monthly meeting discussion Last Wednesday of every month starting Oct. 26, FY1 CIO, IT data analytics project lead, IT VR project lead
    IT Steering Committee
    • Adjust service level framework and level assignments
    • Postpone purchases for network modernization
    • Postpone workstation/laptop upgrades for non-production functions
    • Outsource data analytics project
    Nearly all of these initiatives are enterprise-wide or affect multiple departments. Varying direct and indirect impacts will need to be independently communicated for each initiative if approved by the ITS.

    Formal presentation at quarterly ITS meetings

    Monthly progress updates via email bulletin

    Approval presentation: Oct. 31, FY1

    Quarterly updates: Jan. 31, Apr. 28, and Jul. 28, FY2

    CIO, IT service director, IT infrastructure director, IT data analytics project lead
    VP of Sales
    • Pause Salesforce view redesign project
    Delays new sales tool efficiency improvement. Meeting discussion Nov. FY1 CIO, IT Salesforce view redesign project lead
    [Name/Title/Group]
    • [Initiative]
    • [Initiative]
    [Impact statement] [Format] [Date/Period] [Name/Title]
    [Name/Title/Group]
    • [Initiative]
    • [Initiative]
    [Impact statement] [Format] [Date/Period] [Name/Title]
    [Name/Title/Group]
    • [Initiative]
    • [Initiative]
    [Impact statement] [Format] [Date/Period] [Name/Title]

    4.2 Build the executive presentation

    45-60 minutes

    1. Download Info-Tech's IT Cost Optimization Roadmap Samples and Templates.
    2. Update the content with the outputs of your cost optimization roadmap and data/graph elements from the IT Cost Optimization Workbook. Refer to your organization's standards and norms for executive-level presentations and adapt accordingly.

    Download IT Cost Optimization Roadmap Samples and Templates

    Input Output
    • IT Cost Optimization Roadmap
    • IT Cost Optimization Workbook
    • Completed draft of the IT Cost Optimization Executive Presentation
    Materials Participants
    • IT Cost Optimization Workbook
    • IT Cost Optimization Roadmap Samples and Templates
    • CIO/IT directors
    • IT financial lead
    • Other IT management

    Summary of Accomplishment

    Congratulations! You now have an IT cost optimization strategy and a communication plan.

    Throughout this blueprint, you have:

    1. Identified your IT mandate and cost optimization journey.
    2. Outlined your initiatives across the four levers (assets, vendors, project portfolio, and workforce).
    3. Put together a 12-month IT cost optimization roadmap.
    4. Developed a communication strategy and crafted an executive presentation - your initial step to communicate and discuss IT cost optimization initiatives with your key stakeholders.

    What's next?

    Communicate with your stakeholders, then follow your internal project policies and procedures to get the necessary approvals as required. Once obtained, you can start the execution and implementation of your IT cost optimization strategy.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com
    1-888-670-8889

    Research Contributors and Experts

    Jennifer Perrier, Principal Research Director, IT Financial Management

    Jennifer Perrier
    Principal Research Director, IT Financial Management
    Info-Tech Research Group

    Jack Hakimian, Senior Vice President, Research Development

    Jack Hakimian
    Senior Vice President, Research Development
    Info-Tech Research Group

    Graham Price, Senior Executive Counselor, Executive Services

    Graham Price
    Senior Executive Counselor, Executive Services
    Info-Tech Research Group

    Travis Duncan, Research Director, Project & Portfolio Management

    Travis Duncan
    Research Director, Project & Portfolio Management
    Info-Tech Research Group

    Dave Kish, Practice Lead, IT Financial Management

    Dave Kish
    Practice Lead, IT Financial Management
    Info-Tech Research Group

    Baird Miller, PhD, Senior Executive Advisor, Executive Services

    Baird Miller, PhD
    Senior Executive Advisor, Executive Services
    Info-Tech Research Group

    Other Research Contributors and Experts

    Monica Braun
    Research Director, IT Financial Management
    Info-Tech Research Group

    Sandi Conrad
    Principal Advisory Director, Infrastructure & Operations
    Info-Tech Research Group

    Phil Bode
    Principal Advisory Director, Vendor Management
    Info-Tech Research Group

    Donna Glidden
    Advisory Director, Vendor Management
    Info-Tech Research Group

    Barry Cousins
    Distinguished Analyst & Research Fellow
    Info-Tech Research Group

    Andrew Sharp
    Research Director, Infrastructure & Operations Practice
    Info-Tech Research Group

    Frank Sewell
    Advisory Director, Vendor Management
    Info-Tech Research Group

    Related Info-Tech Research

    Achieve IT Spend & Staffing Transparency
    Most CIOs, CFOs, and business function leaders don't enjoy a shared vocabulary when it comes to talking about technology spend. As a result, truly meaningful conversations about where and how to spend technology funds in support of business goals are rare. Enable these important conversations by transparently mapping your IT spend data against four key stakeholder views.

    Reduce Shadow IT With a Service Request Catalog
    As the business gets more innovative to solve its problems, IT finds itself in reactive mode, dealing with software bloat, managing surprise SaaS renewals, and having to integrate products that they didn't know were purchased. To solve this, IT needs to focus on service and visibility to counter Shadow IT.

    Bibliography

    "A Short Guide to Structured Cost Reduction." National Audit Office, 18 June 2010. Web.

    "IT Cost Savings: A Guide to Application Rationalization." LeanIX, 2021. Web.

    Jouravlev, Roman. "Service Financial Management: ITIL 4 Practice Guide." Axelos, 30 April 2020. Web.

    Leinwand, Paul, and Vinay Couto. "How to Cut Costs More Strategically." Harvard Business Review, March 2017. Web.

    "Role & Influence of the Technology Decision-Maker 2022." Foundry, 2022. Web.

    "State of the CIO 2022." CIO, 2022. Web.

    "The Definitive Guide to IT Cost Optimization." LeanIX, n.d. Web.

    "Understand the Principles of Cost Optimization." Google Cloud, n.d. Web.

    The Rapid Application Selection Framework

    • Buy Link or Shortcode: {j2store}608|cart{/j2store}
    • member rating overall impact (scale of 10): 9.2/10 Overall Impact
    • member rating average dollars saved: $37,512 Average $ Saved
    • member rating average days saved: 22 Average Days Saved
    • Parent Category Name: Selection & Implementation
    • Parent Category Link: /selection-and-implementation
    • Selection takes forever. Traditional software selection drags on for years, sometimes in perpetuity.
    • IT is viewed as a bottleneck and the business has taken control of software selection.
    • “Gut feel” decisions rule the day. Intuition, not hard data, guides selection, leading to poor outcomes.
    • Negotiations are a losing battle. Money is left on the table by inexperienced negotiators.
    • Overall: Poor selection processes lead to wasted time, wasted effort, and applications that continually disappoint.

    Our Advice

    Critical Insight

    • Adopt a formal methodology to accelerate and improve software selection results.
    • Improve business satisfaction by including the right stakeholders and delivering new applications on a truly timely basis.
    • Kill the “sacred cow” requirements that only exist because “it’s how we’ve always done it.”
    • Forget about “RFP” overload and hone in on the features that matter to your organization.
    • Skip the guesswork and validate decisions with real data.
    • Take control of vendor “dog and pony shows” with single-day, high-value, low-effort, rapid-fire investigative interviews.
    • Master vendor negotiations and never leave money on the table.

    Impact and Result

    Improving software selection is a critical project that will deliver huge value.

    • Hit a home run with your business stakeholders: use a data-driven approach to select the right application vendor for their needs – fast.
    • Shatter stakeholder expectations with truly rapid application selections.
    • Boost collaboration and crush the broken telephone with concise and effective stakeholder meetings.
    • Lock in hard savings and do not pay list price by using data-driven tactics.

    The Rapid Application Selection Framework Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. The Rapid Application Selection Framework

    • The Rapid Application Selection Framework Deck

    2. The Guide to Software Selection: A Business Stakeholder Manual

    • The Guide to Software Selection: A Business Stakeholder Manual

    3. The Software Selection Workbook

    • The Software Selection Workbook

    4. The Vendor Evaluation Workbook

    • The Vendor Evaluation Workbook
    [infographic]

    Maintain an Organized Portfolio

    • Buy Link or Shortcode: {j2store}432|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $3,059 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • All too often, the portfolio of programs and projects looks more like a random heap than a strategically organized and balanced collection of investments that will drive the business forward.
    • Portfolio managers know that with the right kind of information and the right level of process maturity they can get better results through the portfolio; however, organizations often assume (falsely) that the required level of maturity is out of reach from their current state and perpetually delay improvements.

    Our Advice

    Critical Insight

    • The information needed to define clear and usable criteria for organizing the portfolio of programs and projects already exists. Portfolio managers only need to identify the sources of that information and institute processes for regularly reviewing that information in order to define those criteria.
    • Once a portfolio manager has a clear idea of the goals and constraints that shape what ought to be included (or removed) from the portfolio and once these have been translated into clear and usable portfolio criteria, basic portfolio management processes can be instituted to ensure that these criteria are used consistently throughout the various stages of the project lifecycle.
    • Portfolio management frameworks and processes do not need to be built from scratch. Well-known frameworks – such as the one outlined in COBIT 5 APO05 – can be instituted in a way that will allow even low-maturity organizations to start organizing their portfolio.
    • Organizations do not need to grow into portfolio management frameworks to get the benefits of an organized portfolio; instead, they can grow within such frameworks.

    Impact and Result

    • An organized portfolio will ensure that the projects and programs included in it are strategically aligned and can actually be executed within the finite constraints of budgetary and human resource capacity.
    • Portfolio managers are better empowered to make decisions about which projects should be included in the portfolio (and when) and are better empowered to make the very tough decisions about which projects should be removed from the portfolio (i.e. cancelled).
    • Building and maturing a portfolio management framework will more fully integrate the PMO into the broader IT management and governance frameworks, making it a more integral part of strategic decisions and a better business partner in the long run.

    Maintain an Organized Portfolio Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should maintain an organized portfolio of programs and projects, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess the current state of the portfolio and PPM processes

    Analyze the current mix of programs and projects in your portfolio and assess the maturity of your current PPM processes.

    • Maintain an Organized Portfolio – Phase 1: Assess the Current State of the Portfolio and PPM Processes
    • Project Portfolio Organizer
    • COBIT APO05 (Manage Portfolio) Alignment Workbook

    2. Enhance portfolio organization through improved PPM criteria and processes

    Enhance and optimize your portfolio management processes to ensure portfolio criteria are clearly defined and consistently applied across the project lifecycle when making decisions about which projects to include or remove from the portfolio.

    • Maintain an Organized Portfolio – Phase 2: Enhance Portfolio Organization Through Improved PPM Criteria and Processes
    • Portfolio Management Standard Operating Procedures

    3. Implement improved portfolio management practices

    Implement your portfolio management improvement initiatives to ensure long-term sustainable adoption of new PPM practices.

    • Maintain an Organized Portfolio – Phase 3: Implement Improved Portfolio Management Practices
    • Portfolio Management Improvement Roadmap Tool
    [infographic]

    Workshop: Maintain an Organized Portfolio

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Portfolio Mix and Portfolio Process Current State

    The Purpose

    Analyze the current mix of the portfolio to determine how to better organize it according to organizational goals and constraints.

    Assess which PPM processes need to be enhanced to better organize the portfolio.

    Key Benefits Achieved

    An analysis of the existing portfolio of projects (highlighting areas of concern).

    An analysis of the maturity of current PPM processes and their ability to support the maintenance of an organized portfolio.

    Activities

    1.1 Pre-work: Prepare a complete project list.

    1.2 Define existing portfolio categories, criteria, and targets.

    1.3 Analyze the current portfolio mix.

    1.4 Identify areas of concern with current portfolio mix.

    1.5 Review the six COBIT sub-processes for portfolio management (APO05.01-06).

    1.6 Assess the degree to which these sub-processes have been currently achieved at the organization.

    1.7 Assess the degree to which portfolio-supporting IT governance and management processes exist.

    1.8 Perform a gap analysis.

    Outputs

    Analysis of the current portfolio mix

    Assessment of COBIT alignment and gap analysis.

    2 Define Portfolio Target Mix, Criteria, and Roadmap

    The Purpose

    Define clear and usable portfolio criteria.

    Record/design portfolio management processes that will support the consistent use of portfolio criteria at all stages of the project lifecycle.

    Key Benefits Achieved

    Clearly defined and usable portfolio criteria.

    A portfolio management framework that supports the consistent use of the portfolio criteria across all stages of the project lifecycle.

    Activities

    2.1 Identify determinants of the portfolio mix, criteria, and constraints.

    2.2 Define the target mix, portfolio criteria, and portfolio metrics.

    2.3 Identify sources of funding and resourcing.

    2.4 Review and record the portfolio criteria based upon the goals and constraints.

    2.5 Create a PPM improvement roadmap.

    Outputs

    Portfolio criteria

    Portfolio metrics for intake, monitoring, closure, termination, reprioritization, and benefits tracking

    Portfolio Management Improvement Roadmap

    3 Design Improved Portfolio Sub-Processes

    The Purpose

    Ensure that the portfolio criteria are used to guide decision making at each stage of the project lifecycle when making decisions about which projects to include or remove from the portfolio.

    Key Benefits Achieved

    Processes that support decision making based upon the portfolio criteria.

    Processes that ensure the portfolio remains consistently organized according to the portfolio criteria.

    Activities

    3.1 Ensure that the metrics used for each sub-process are based upon the standard portfolio criteria.

    3.2 Establish the roles, accountabilities, and responsibilities for each sub-process needing improvement.

    3.3 Outline the workflow for each sub-process needing improvement.

    Outputs

    A RACI chart for each sub-process

    A workflow for each sub-process

    4 Change Impact Analysis and Stakeholder Engagement Plan

    The Purpose

    Ensure that the portfolio management improvement initiatives are sustainably adopted in the long term.

    Key Benefits Achieved

    Stakeholder engagement.

    Sustainable long-term adoption of the improved portfolio management practices.

    Activities

    4.1 Conduct a change impact analysis.

    4.2 Create a stakeholder engagement plan.

    Outputs

    Change Impact Analysis

    Stakeholder Engagement Plan

    Completed Portfolio Management SOP

    Determine the Future of Microsoft Project in Your Organization

    • Buy Link or Shortcode: {j2store}357|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $125,999 Average $ Saved
    • member rating average days saved: 50 Average Days Saved
    • Parent Category Name: Project Management Office
    • Parent Category Link: /project-management-office
    • You use Microsoft tools to manage your work, projects, and/or project portfolio.
    • Its latest offering, Project for the web, is new and you’re not sure what to make of it. Microsoft says it will soon replace Microsoft Project and Project Online, but the new software doesn’t seem to do what the old software did.
    • The organization has adopted M365 for collaboration and work management. Meetings happen on Teams, projects are scoped a bit with Planner, and the operations group uses Azure Boards to keep track of what they need to get done.
    • Despite your reservations about the new project management software, Microsoft software has become even more ubiquitous.

    Our Advice

    Critical Insight

    • The various MS Project offerings (but most notably the latest, Project for the web) hold the promise of integrating with the rest of M365 into a unified work management solution. However, out of the box, Project for the web and the various platforms within M365 are all disparate utilities that need to be pieced together in a purpose-built manner to make use of them for holistic work management purposes. If you’re looking for a cohesive product out of the box, look elsewhere. If you’re looking to assemble a wide array of work, project, and portfolio management functions across different functions and departments, you may have found what you seek.
    • Rather than choosing tools based on your gaps, assess your current maturity level so that you optimize your investment in the Microsoft landscape.

    Impact and Result

    Follow Info-Tech’s path in this blueprint to:

    • Perform a tool audit to trim your work management tool landscape.
    • Navigate the MS Project and M365 licensing landscape.
    • Make sense of what to do with Project for the web and take the right approach to rolling it out (i.e. DIY or MS Gold Partner driven) based upon your needs.
    • Create an action plan to inform next steps.

    After following the program in this blueprint, you will be prepared to advise the organization on how to best leverage the rapidly shifting work management options within M365 and the place of MS Project within it.

    Determine the Future of Microsoft Project in Your Organization Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should make sense of the MS Project and M365 landscapes, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Determine your tool needs

    Assess your work management tool landscape, current state maturity, and licensing needs to inform a purpose-built work management action plan.

    • M365 Task Management Tool Guide
    • M365 Project Management Tool Guide
    • M365 Project Portfolio Management Tool Guide
    • Tool Audit Workbook
    • Force Field Analysis Tool
    • Microsoft Project & M365 Licensing Tool
    • Project Portfolio Management Maturity Assessment Workbook (With Tool Analysis)
    • Project Management Maturity Assessment Workbook (With Tool Analysis)

    2. Weigh your MS Project implementation options

    Get familiar with Project for the web’s extensibility as well as the MS Gold Partner ecosystem as you contemplate the best implementation approach(s) for your organization.

    • None
    • None

    3. Finalize your implementation approach

    Prepare a boardroom-ready presentation that will help you communicate your MS Project and M365 action plan to PMO and organizational stakeholders.

    • Microsoft Project & M365 Action Plan Template

    Infographic

    Workshop: Determine the Future of Microsoft Project in Your Organization

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Driving Forces and Risks

    The Purpose

    Assess the goals and needs as well as the risks and constraints of a work management optimization.

    Take stock of your organization’s current work management tool landscape.

    Key Benefits Achieved

    Clear goals and alignment across workshop participants as well as an understanding of the risks and constraints that will need to be mitigated to succeed.

    Current-state insight into the organization’s work management tool landscape.

    Activities

    1.1 Review the business context.

    1.2 Explore the M365 work management landscape.

    1.3 Identify driving forces for change.

    1.4 Analyze potential risks.

    1.5 Perform current-state analysis on work management tools.

    Outputs

    Business context

    Current-state understanding of the task, project, and portfolio management options in M365 and how they align with the organization’s ways of working

    Goals and needs analysis

    Risks and constraints analysis

    Work management tool overview

    2 Determine Tool Needs and Process Maturity

    The Purpose

    Determine your organization’s work management tool needs as well as its current level of project management and project portfolio management process maturity.

    Key Benefits Achieved

    An understanding of your tooling needs and your current levels of process maturity.

    Activities

    2.1 Review tool audit dashboard and conduct the final audit.

    2.2 Identify current Microsoft licensing.

    2.3 Assess current-state maturity for project management.

    2.4 Define target state for project management.

    2.5 Assess current-state maturity for project portfolio management.

    2.6 Define target state for project portfolio management.

    Outputs

    Tool audit

    An understanding of licensing options and what’s needed to optimize MS Project options

    Project management current-state analysis

    Project management gap analysis

    Project portfolio management current-state analysis

    Project portfolio management gap analysis

    3 Weigh Your Implementation Options

    The Purpose

    Take stock of your implementation options for Microsoft old project tech and new project tech.

    Key Benefits Achieved

    An optimized implementation approach based upon your organization’s current state and needs.

    Activities

    3.1 Prepare a needs assessment for Microsoft 365 and Project Plan licenses.

    3.2 Review the business case for Microsoft licensing.

    3.3 Get familiar with Project for the web.

    3.4 Assess the MS Gold Partner Community.

    3.5 Conduct a feasibility test for PFTW.

    Outputs

    M365 and Project Plan needs assessment

    Business case for additional M365 and MS Project licensing

    An understand of Project for the web and how to extend it

    MS Gold Partner outreach plan

    A go/no-go decision for extending Project for the web on your own

    4 Finalize Implementation Approach

    The Purpose

    Determine the best implementation approach for your organization and prepare an action plan.

    Key Benefits Achieved

    A purpose-built implementation approach to help communicate recommendations and needs to key stakeholders.

    Activities

    4.1 Decide on the implementation approach.

    4.2 Identify the audience for your proposal.

    4.3 Determine timeline and assign accountabilities.

    4.4 Develop executive summary presentation.

    Outputs

    An implementation plan

    Stakeholder analysis

    A communication plan

    Initial executive presentation

    5 Next Steps and Wrap-Up (offsite)

    The Purpose

    Finalize your M365 and MS Project work management recommendations and get ready to communicate them to key stakeholders.

    Key Benefits Achieved

    Time saved in developing and communicating an action plan.

    Stakeholder buy-in.

    Activities

    5.1 Complete in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Outputs

    Finalized executive presentation

    A gameplan to communicate your recommendations to key stakeholders as well as a roadmap for future optimization

    Further reading

    Determine the Future of Microsoft Project in Your Organization

    View your task management, project management, and project portfolio management options through the lens of M365.

    EXECUTIVE BRIEF

    Analyst Perspective

    Microsoft Project is an enigma

    Microsoft Project has dominated its market since being introduced in the 1980s, yet the level of adoption and usage per license is incredibly low.

    The software is ubiquitous, mostly considered to represent its category for “Project Management.” Yet, the software is conflated with its “Portfolio Management” offerings as organizations make platform decisions with Microsoft Project as the incorrectly identified incumbent.

    And incredibly, Microsoft has dominated the next era of productivity software with the “365” offerings. Yet, it froze the “Project” family of offerings and introduced the not-yet-functional “Project for the web.”

    Having a difficult time understanding what to do with, and about, Microsoft Project? You’re hardly alone. It’s not simply a question of tolerating, embracing, or rejecting the product: many who choose a competitor find they’re still paying for Microsoft Project-related licensing for years to come.

    If you’re in the Microsoft 365 ecosystem, use this research to understand your rapidly shifting landscape of options.

    (Barry Cousins, Project Portfolio Management Practice Lead, Info-Tech Research Group)

    Executive Summary

    Your Challenge

    You use Microsoft (MS) tools to manage your work, projects, and/or project portfolio.

    Their latest offering, Project for the web, is new and you’re not sure what to make of it. Microsoft says it will soon replace Microsoft Project and Project Online, but the new software doesn’t seem to do what the old software did.

    The organization has adopted M365 for collaboration and work management. Meetings happen on Teams, projects are scoped a bit with Planner, and the operations group uses Azure Boards to keep track of what they need to get done.

    Despite your reservations about the new project management software, Microsoft software has become even more ubiquitous.

    Common Obstacles

    M365 provides the basic components for managing tasks, projects, and project portfolios, but there is no instruction manual for making those parts work together.

    M365 isn’t the only set of tools at play. Business units and teams across the organization have procured other non-Microsoft tools for work management without involving IT.

    Microsoft’s latest project offering, Project for the web, is still evolving and you’re never sure if it is stable or ready for prime time. The missing function seems to involve the more sophisticated project planning disciplines, which are still important to larger, longer, and costlier projects.

    Common Obstacles

    Follow Info-Tech’s path in this blueprint to:

    • Perform a tool audit to trim your work management tool landscape.
    • Navigate the MS Project and M365 licensing landscape.
    • Make sense of what to do with Project for the web and take the right approach to rolling it out (i.e. DIY or MS Gold Partner driven) for your needs.
    • Create an action plan to inform next steps.

    After following the program in this blueprint, you will be prepared to advise the organization on how to best leverage the rapidly shifting work management options within M365 and the place of MS Project within it.

    M365 and, within it, O365 are taking over

    Accelerated partly by the pandemic and the move to remote work, Microsoft’s market share in the work productivity space has grown exponentially in the last two years.

    70% of Fortune 500 companies purchased 365 from Sept. 2019 to Sept. 2020. (Thexyz blog, 2020)

    In its FY21 Q2 report, Microsoft reported 47.5 million M365 consumer subscribers – an 11.2% increase from its FY20 Q4 reporting. (Office 365 for IT Pros, 2021)

    As of September 2020, there were 258,000,000 licensed O365 users. (Thexyz blog, 2020)

    In this blueprint, we’ll look at what the what the phenomenal growth of M365 means for PMOs and project portfolio practitioners who identify as Microsoft shops

    The market share of M365 warrants a fresh look at Microsoft’s suite of project offerings

    For many PMO and project portfolio practitioners, the footprint of M365 in their organizations’ work management cultures is forcing a renewed look at Microsoft’s suite of project offerings.

    The complicating factor is this renewed look comes at a transitional time in Microsoft’s suite of project and portfolio offerings.

    • The market dominance of MS Project Server and Project Online are wanning, with Microsoft promising the end-of-life for Online sometime in the coming years.
    • Project Online’s replacement, Project for the web, is a viable task management and lightweight project management tool, but its viability as a replacement for the rigor of Project Online is at present largely a question mark.
    • Related to the uncertainty and promise around Project for the web, the Dataverse and the Power Platform offer a glimpse into a democratized future of work management tools but anything specific about that future has yet to solidify.

    Microsoft Project has 66% market share in the project management tool space. (Celoxis, 2018)

    A copy of MS project is sold or licensed every 20 seconds. (Integent, 2013)

    MS Project is evolving to meet new work management realities

    It also evolved to not meet the old project management realities.

    • The lines between traditional project management and operational task management solutions are blurring as organizations struggle to keep up with demands.
    • To make the software easier to use, modern work management doesn’t involve the complexities from days past. You won’t find anywhere to introduce complex predecessor-successor relationships, unbalanced assignments with front-loading or back-loading, early-start/late-finish, critical path, etc.
    • “Work management” is among the latest buzzwords in IT consulting. With Project for the web (PFTW), Azure Boards, and Planner, Microsoft is attempting to compete with lighter and better-adopted tools like Trello, Basecamp, Asana, Wrike, and Monday.com.
    • Buyers of project and work management software have struggled to understand how PFTW will still be usable if it gets the missing project management function from MS Project.

    Info-Tech Insight

    Beware of the Software Granularity Paradox.

    Common opinion 1: “Plans and estimates that are granular enough to be believable are too detailed to manage and maintain.”

    Common opinion 2: “Plans simple enough to publish aren’t detailed enough to produce believable estimates.”

    In other words, software simple enough to get widely adopted doesn’t produce believable plans. Software that can produce believable plans is too complex to use at scale.

    A viable task and project management option must walk the line between these dichotomies.

    M365 gives you the pieces, but it’s on PMO users to piece them together in a viable way

    With the new MS Project and M365, it’s on PMOs to avoid the granularity paradox and produce a functioning solution that fits with the organization’s ways of working.

    Common perception still sees Microsoft Project as a rich software tool. Thus, when we consider the next generation of Microsoft Project, it’s easy to expect a newer and friendlier version of what we knew before.

    In truth, the new solution is a collection of partially integrated but largely disparate tools that each satisfy a portion of the market’s needs. While it looks like a rich collection of function when viewed through high-level requirements, users will find:

    • Overlaps, where multiple tools satisfy the same functional requirement (e.g. “assign a task”)
    • Gaps, where a tool doesn’t quite do enough and you’re forced to incorporate another tool (e.g. reverting back to Microsoft Project for advanced resource planning)
    • Islands, where tools don’t fluently talk to each other (e.g. Planner data integrated in real-time with portfolio data, which requires clunky, unstable, decentralized end-user integrations with Microsoft Power Automate)
    A colourful arrangement of Microsoft programs arranged around a pile of puzzle pieces.

    Info-Tech's approach

    Use our framework to best leverage the right MS Project offerings and M365 components for your organization’s work management needs.

    The Info-Tech difference:

    1. A simple to follow framework to help you make sense of a chaotic landscape.
    2. Practical and tactical tools that will help you save time.
    3. Leverage industry best practices and practitioner-based insights.
    An Info-Tech framework titled 'Determine the Future of Microsoft Project in Your Organization, subtitle 'View your task, project, and portfolio management options through the lens of Microsoft 365'. There are four main sections titled 'Background', 'Approaches', 'Deployments', and 'Portfolio Outcomes'. In '1) Background' are 'Analyze Content', 'Assess Constraints', and 'Determine Goals and Needs'. In '2) Approaches' are 'DIY: Are you ready to do it yourself?' 'Info-Tech: Can our analysts help?', and 'MS Gold Partner: Are you better off with a third party?'. In '3) Deployments' are five sections: 'Personal Task Management', Barriers to Portfolio Outcomes: Isolated to One Person. 'Team Task Management', Barriers to Portfolio Outcomes: Isolated to One Team. 'Project Portfolio Management', Barriers to Portfolio Outcomes: Isolated to One Project. 'Project Management', Barriers to Portfolio Outcomes: Functionally Incomplete. 'Enterprise Project and Portfolio Management', Barriers to Portfolio Outcomes: Underadopted. In '4) Portfolio Outcomes' are 'Informed Steering Committee', 'Increased Project Throughput', 'Improved Portfolio Responsiveness', 'Optimized Resource Utilization', and 'Reduced Monetary Waste'.

    Determine the Future of Microsoft Project in Your Organization

    View your task, project, and portfolio management options through the lens of Microsoft 365.

    1. Background

    • Analyze Content
    • Assess Constraints
    • Determine Goals and Needs

    2. Approaches

    • DIY – Are you ready to do it yourself?
    • Info-Tech – Can our analysts help?
    • MS Gold Partner – Are you better off with a third party?

    3. Deployments

      Task Management

    • Personal Task Management
      • Who does it? Knowledge workers
      • What is it? To-do lists
      • Common Approaches
        • Paper list and sticky notes
        • Light task tools
      • Applications
        • Planner
        • To Do
      • Level of Rigor 1/5
      • Barriers to Portfolio Outcomes: Isolated to One Person
    • Team Task Management
      • Who does it? Groups of knowledge workers
      • What is it? Collaborative to-do lists
      • Common Approaches
        • Kanban boards
        • Spreadsheets
        • Light task tools
      • Applications
        • Planner
        • Azure Boards
        • Teams
      • Level of Rigor 2/5
      • Barriers to Portfolio Outcomes: Isolated to One Team
    • Project Management

    • Project Portfolio Management
      • Who does it? PMO Directors, Portfolio Managers
      • What is it?
        • Centralized list of projects
        • Request and intake handling
        • Aggregating reporting
      • Common Approaches
        • Spreadsheets
        • PPM software
        • Roadmaps
      • Applications
        • Project for the Web
        • Power Platform
      • Level of Rigor 3/5
      • Barriers to Portfolio Outcomes: Isolated to One Project
    • Project Management
      • Who does it? Project Managers
      • What is it? Deterministic scheduling of related tasks
      • Common Approaches
        • Spreadsheets
        • Lists
        • PM software
        • PPM software
      • Applications
        • Project Desktop Client
      • Level of Rigor 4/5
      • Barriers to Portfolio Outcomes: Functionally Incomplete
    • Enterprise Project and Portfolio Management

    • Enterprise Project and Portfolio Management
      • Who does it? PMO and ePMO Directors, Portfolio Managers, Project Managers
      • What is it?
        • Centralized request and intake handling
        • Resource capacity management
        • Deterministic scheduling of related tasks
      • Common Approaches
        • PPM software
      • Applications
        • Project Online
        • Project Desktop Client
        • Project Server
      • Level of Rigor 5/5
      • Barriers to Portfolio Outcomes: Underadopted

    4. Portfolio Outcomes

    • Informed Steering Committee
    • Increased Project Throughput
    • Improved Portfolio Responsiveness
    • Optimized Resource Utilization
    • Reduced Monetary Waste

    Info-Tech's methodology for Determine the Future of MS Project for Your Organization

    1. Determine Your Tool Needs

    2. Weigh Your MS Project Implementation Options

    3. Finalize Your Implementation Approach

    Phase Steps

    1. Survey the M365 Work Management Tools
    2. Perform a Process Maturity Assessment to Help Inform Your M365 Starting Point
    3. Consider the Right MS Project Licenses for Your Stakeholders
    1. Get Familiar With Extending Project for the Web Using Power Apps
    2. Assess the MS Gold Partner Community
    1. Prepare an Action Plan

    Phase Outcomes

    1. Work Management Tool Audit
    2. MS Project and Power Platform Licensing Needs
    3. Project Management and Project Portfolio Management Maturity Assessment
    1. Project for the Web Readiness Assessment
    2. MS Gold Partner Outreach Plan
    1. MS Project and M365 Action Plan Presentation

    Insight Summary

    Overarching blueprint insight: Microsoft Parts Sold Separately. Assembly required.

    The various MS Project offerings (but most notably the latest, Project for the web) hold the promise of integrating with the rest of M365 into a unified work management solution. However, out of the box, Project for the web and the various platforms within M365 are all disparate utilities that need to be pieced together in a purpose-built manner to make use of them for holistic work management purposes.

    If you’re looking for a cohesive product out of the box, look elsewhere. If you’re looking to assemble a wide array of work, project, and portfolio management functions across different functions and departments, you may have found what you seek

    Phase 1 insight: Align your tool choice to your process maturity level.

    Rather than choosing tools based on your gaps, make sure to assess your current maturity level so that you optimize your investment in the Microsoft landscape.

    Phase 2 insight: Weigh your options before jumping into Microsoft’s new tech.

    Microsoft’s new Project plans (P1, P3, and P5) suggest there is a meaningful connection out of the box between its old tech (Project desktop, Project Server, and Project Online) and its new tech (Project for the web).

    However, the offerings are not always interoperable.

    Phase 3 insight: Keep the iterations small as you move ahead with trials and implementations.

    Organizations are changing as fast as the software we use to run them.

    If you’re implementing parts of this platform, keep the changes small as you monitor the vendors for new software versions and integrations.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Key deliverable: Microsoft Project & M365 Action Plan Template

    The Action Plan will help culminate and present:

    • Context and Constraints
    • DIY Implementation Approach
    Or
    • MS Partner Implementation Approach
    • Future-State Vision and Goals
    Samples of Info-Tech's key deliverable 'Microsoft Project and M365 Action Plan Template'.

    Tool Audit Workbook

    Sample of Info-Tech deliverable 'Tool Audit Workbook'.

    Assess your organization's current work management tool landscape and determine what tools drive value for individual users and teams and which ones can be rationalized.

    Force Field Analysis

    Sample of Info-Tech deliverable 'Force Field Analysis'.

    Document the driving and resisting forces for making a change to your work management tools.

    Maturity Assessments

    Sample of Info-Tech deliverable 'Maturity Assessments'.

    Use these assessments to identify gaps in project management and project portfolio management processes. The results will help guide process improvement efforts and measure success and progress.

    Microsoft Project & M365 Licensing Tool

    Sample of Info-Tech deliverable 'Microsoft Project and M365 Licensing Tool'.

    Determine the best licensing options and approaches for your implementation of Microsoft Project.

    Curate your work management tools to harness valuable portfolio outcomes

    • Increase Project Throughput

      Do more projects by ensuring the right projects and the right amount of projects are approved and executed.
    • Support an Informed Steering Committee

      Easily compare progress of projects across the portfolio and enable the leadership team to make decisions.
    • Improve portfolio responsiveness

      Make the portfolio responsive to executive steering when new projects and changing priorities need rapid action.
    • Optimize Resource Utilization

      Assign the right resources to approved projects and minimize the chronic over-allocation of resources that leads to burnout.
    • Reduce Monetary Waste

      Terminate low-value projects early and avoid sinking additional funds into unsuccessful ventures.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 6 to 8 calls over the course of 3 to 4 months.

      Introduction

    • Call #1: Scope requirements, objectives, and your specific challenges.
    • Phase 1

    • Call #2: Explore the M365 work management landscape.
    • Call #3: Discuss Microsoft Project Plans and their capabilities.
    • Call #4: Assess current-state maturity.
    • Phase 2

    • Call #5: Get familiar with extending Project for the web using Power Apps.
    • Call #6: Assess the MS Gold Partner Community.
    • Phase 3

    • Call #7: Determine approach and deployment.
    • Call #8: Discuss action plan.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1
    Assess Driving Forces and Risks

    Day 2
    Determine Tool Needs and Process Maturity

    Day 3
    Weigh Your Implementation Options

    Day 4
    Finalize Implementation Approach

    Day 5
    Next Steps and Wrap-Up (offsite)

    Activities

    • 1.1 Review the business context.
    • 1.2 Explore the M365 work management landscape.
    • 1.3 Identify driving forces for change.
    • 1.4 Analyze potential risks.
    • 1.5 Perform current-state analysis on work management tools.
    • 2.1 Review tool audit dashboard and conduct the final audit.
    • 2.2 Identify current Microsoft licensing.
    • 2.3 Assess current-state maturity for project management.
    • 2.4 Define target state for project management.
    • 2.5 Assess current-state maturity for project portfolio management.
    • 2.6 Define target state for project portfolio management.
    • 3.1 Prepare a needs assessment for Microsoft 365 and Project Plan licenses.
    • 3.2 Review the business case for Microsoft licensing.
    • 3.3 Get familiar with Project for the web.
    • 3.4 Assess the MS Gold Partner Community.
    • 3.5 Conduct a feasibility test for PFTW.
    • 4.1 Decide on the implementation approach.
    • 4.2 Identify the audience for your proposal.
    • 4.3 Determine timeline and assign accountabilities.
    • 4.4 Develop executive summary presentation.
    • 5.1 Complete in-progress deliverables from previous four days.
    • 5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables

    1. Force Field Analysis
    2. Tool Audit Workbook
    1. Tool Audit Workbook
    2. Project Management Maturity Assessment
    3. Portfolio Management Maturity Assessment
    1. Microsoft Project and M365 Licensing Tool
    1. Microsoft Project & M365 Action Plan
    1. Microsoft Project & M365 Action Plan

    Determine the Future of Microsoft Project for Your Organization

    Phase 1: Determine Your Tool Needs

    Phase 1: Determine Your Tool Needs

    Phase 2: Weigh Your Implementation Options Phase 3: Finalize Your Implementation Approach
    • Step 1.1: Survey the M365 work management landscape
    • Step 1.2: Explore the Microsoft Project Plans and their capabilities
    • Step 1.3: Assess the maturity of your current PM & PPM capabilities
    • Step 2.1: Get familiar with extending Project for the web using Power Apps
    • Step 2.2: Assess the MS Gold Partner Community
    • Step 3.1: Prepare an action plan

    Phase Outcomes

    • Tool Audit
    • Microsoft Project Licensing Analysis
    • Project Management Maturity Assessment
    • Project Portfolio Management Maturity Assessments

    Step 1.1

    Survey the M365 Work Management Landscape

    Activities

    • 1.1.1 Distinguish between task, project, and portfolio capabilities
    • 1.1.2 Review Microsoft’s offering for task, project, and portfolio management needs
    • 1.1.4 Assess your organizational context and constraints
    • 1.1.3 Explore typical deployment options

    This step will walk you through the following activities:

    • Assessing your organization’s context for project and project portfolio management
    • Documenting the organization’s constraints
    • Establishing the organization’s goals and needs

    This step involves the following participants:

    • PMO Director
    • Resource Managers
    • Project Managers
    • Knowledge Workers

    Outcomes of Step

    • Knowledge of the Microsoft ecosystem as it relates to task, project, and portfolio management
    • Current organizational context and constraints

    Don’t underestimate the value of interoperability

    The whole Microsoft suite is worth more than the sum of its parts … if you know how to put it together.

    38% of the worldwide office suite market belongs to Microsoft. (Source: Statistica, 2021)

    1 in 3 small to mid-sized organizations moving to Microsoft Project say they are doing so because it integrates well with Office 365. (Source: CBT Nuggets, 2018)

    There’s a gravity to the Microsoft ecosystem.

    And while there is no argument that there are standalone task management tools, project management tools, or portfolio management tools that are likely more robust, feature-rich, and easier to adopt, it’s rare that you find an ecosystem that can do it all, to an acceptable level.

    That is the value proposition of Microsoft: the ubiquity, familiarity, and versatility. It’s the Swiss army knife of software products.

    The work management landscape is evolving

    With M365, Microsoft is angling to become the industry leader, and your organization’s hub, for work management.

    Workers lose up to 40% of their time multi-tasking and switching between applications. (Bluescape, 2018)

    25 Context switches – On average, workers switch between 10 apps, 25 times a day. (Asana, 2021)

    “Work management” is among the latest buzzwords in IT consulting.

    What is work management? It was born of a blurring of the traditional lines between operational or day-to-day tasks and project management tasks, as organizations struggle to keep up with both operational and project demands.

    To make the software easier to use, modern work management doesn’t involve the complexities from days past. You won’t find anywhere to introduce complex predecessor-successor relationships, unbalanced assignments with front-loading or back-loading, early-start/late-finish, critical path, etc.

    Indeed, with Project for the web, Azure Boards, Planner, and other M365 utilities, Microsoft is attempting to compete with lighter and better-adopted tools (e.g. Trello, Wike, Monday.com).

    The Microsoft world of work management can be understood across three broad categories

    1. Task Management

      Task management is essentially the same as keeping track of a to-do list. While you can have a project-related task, you can also have a non-project-related task. The sum of project and non-project tasks make up the work that you need to complete.
    2. Project Management

      Project management (PM) is a methodical approach to planning and guiding project processes from start to finish. Implementing PM processes helps establish repeatable steps and controls that enable project success. Documentation of PM processes leads to consistent results and dependable delivery on expectations.
    3. Portfolio Management

      Project portfolio management (PPM) is a strategic approach to approving, prioritizing, resourcing, and reporting on project. In addition, effective PPM should nurture the completion of projects in the portfolio in the most efficient way and track the extent to which the organization is realizing the intended benefits from completed projects.

    The slides ahead explain each of these modes of working in the Microsoft ecosystem in turn. Further, Info-Tech’s Task, Project, and Project Portfolio Management Tool Guides explain these areas in more detail.

    Use Info-Tech’s Tool Guides assess your MS Project and M365 work management options

    Lean on Info-Tech’s Tool Guides as you navigate Microsoft’s tasks management, project management, and project portfolio management options.

    • The slides ahead take you through a bird’s-eye view of what your MS Project and M365 work management options look like across Info-Tech’s three broad categories
    • In addition to these slides, Info-Tech has three in-depth tool guides that take you through your operational task management, project management, and project portfolio management options in MS Project and M365.
    • These tool guides can be leveraged as you determine whether Microsoft has the required toolset for your organization’s task, project, and project portfolio management needs.

    Download Info-Tech’s Task Management, Project Management, and Project Portfolio Management Tool Guides

    Task Management Overview

    What is task management?

    • It is essentially the same as keeping track of a to-do list. While you can have a project-related task, you can also have a non-project-related task. The sum of project and non-project tasks make up the work that you need to complete.

    What are the benefits of task management using applications within the MS suite?

    • Many organizations already own the tools and don't have to go out and buy something separately.
    • There is easy integration with other MS applications.

    What is personal task management?

    • Tools that allow you to structure work that is visible only to you. This can include work from tasks you are going to be completing for yourself and tasks you are completing as part of a larger work effort.

    What is team task management?

    • Tools that allow users to structure work that is visible to a group. When something is moved or changed, it affects what the group is seeing because it is a shared platform.

    Get familiar with the Microsoft product offerings for task management

    A diagram of Microsoft products and what they can help accomplish. It starts on the right with 'Teams' and 'Outlook'. Both can flow through to 'Personal Task Management' with products 'Teams Tasks' and 'To-Do', but Teams also flows into 'Team Task Management' with products 'Planner' and 'Project for the web'. See the next two slides for more details on these modes of working.

    Download the M365 Task Management Tool Guide

    Personal Task Management

    The To-Do list

    • Who does it?
      • Knowledge workers
    • What is it?
      • How each knowledge worker organizes their individual work tasks in M365
    • When is it done?
      • As needed throughout the day
    • Where is it done?
      • Paper
      • Digital location
    • How is it done?
      • DIY and self-developed
      • Usually not repeatable and evolves depending on work location and tools available
      • Not governed

    Microsoft differentiator:

    Utilities like Planner and To-Do make it easier to turn what are often ad hoc approaches into a more repeatable process.

    Team Task Management

    The SharedTo-Do list

    • Who does it?
      • Groups of knowledge workers
    • What is it?
      • Temporary and permanent collections of knowledge workers
    • When is it done?
      • As needed or on a pre-determined cadence
    • Where is it done?
      • Paper
      • Digital location
    • How is it done?
      • User norms are established organically and adapted based upon the needs of the team.
      • To whatever extent processes are repeatable in the first place, they remain repeatable only if the team is a collective.
      • Usually governed within the team and not subject to wider visibility.

    Microsoft differentiator:

    Teams has opened personal task management tactics up to more collaborative approaches.

    Project Management Overview

    2003

    Project Server: This product serves many large enterprise clients, but Microsoft has stated that it is at end of life. It is appealing to industries and organizations where privacy is paramount. This is an on-premises system that combines servers like SharePoint, SQL, and BI to report on information from Project Desktop Client. To realize the value of this product, there must be adoption across the organization and engagement at the project-task level for all projects within the portfolio.

    2013

    Project Online: This product serves many medium enterprise clients. It is appealing for IT departments who want to get a rich set of features that can be used to intake projects, assign resources, and report on project portfolio health. It is a cloud solution built on the SharePoint platform, which provides many users a sense of familiarity. However, due to the bottom-up reporting nature of this product, again, adoption across the organization and engagement at the project task level for all projects within the portfolio is critical.

    2020

    Project for the web: This product is the newest on the market and is quickly being evolved. Many O365 enthusiasts have been early adopters of Project for the web despite its limited features when compared to Project Online. It is also a cloud solution that encourages citizen developers by being built on the MS Power Platform. This positions the product well to integrate with Power BI, Power Automate, and Power Apps. It is, so far, the only MS product that lends itself to abstracted portfolio management, which means it doesn’t rely on project task level engagement to produce portfolio reports. The portfolio can also run with a mixed methodology by funneling Project, Azure Boards, and Planner boards into its roadmap function.

    Get familiar with the Microsoft product offerings for project management

    A diagram of Microsoft products and what they can help accomplish in Personal and Team Project Management. Products listed include 'Project Desktop Client', 'Project Online', 'SharePoint', 'Power Platform', 'Azure DevOps', 'Project for the web', Project Roadmap', 'Project Home', and 'Project Server'. See the next slide for more details on personal and team project management as modes of working.

    Download the M365 Project Management Tool Guide

    Project Management

    Orchestrating the delivery of project work

    • Who does it?
      • Project managers
    • What is it?
      • Individual project managers developing project plans and schedules in the MS Project Desktop Client
    • When is it done?
      • Throughout the lifecycle of the project
    • Where is it done?
      • Digital location
    • How is it done?
      • Used by individual project managers to develop and manage project plans.
      • Common approaches may or may not involve reconciliation of resource capacity through integration with Active Directory.
      • Sometimes usage norms are established by organizational project management governance standards, though individual use of the desktop client is largely ungoverned.

    Microsoft differentiator:

    For better or worse, Microsoft’s core solution is veritably synonymous with project management itself and has formally contributed to the definition of the project management space.

    Project Portfolio Management Overview

    Optimize what you’re already using and get familiar with the Power Platform.

    What does PPM look like within M365?

    • The Office suite in the Microsoft 365 suite boasts the world’s most widely used application for the purposes of abstracted and strategic PPM: Excel. For the purposes of PPM, Excel is largely implemented in a suboptimal fashion, and as a result, organizations fail to gain PPM adoption and maturation through its use.
    • Until very recently, Microsoft toolset did not explicitly address abstracted PPM needs.
    • However, with the latest version of M365 and Project for the web, Microsoft is boasting of renewed PPM capabilities from its toolset. These capabilities are largely facilitated through what Microsoft is calling its Power Platform (i.e. a suite of products that includes Power, Power Apps, and Power Automate).

    Explore the Microsoft product offering for abstracted project portfolio management

    A diagram of Microsoft products for 'Adaptive or Abstracted Portfolio Management'. Products listed include 'Excel', 'MS Lists', 'Forms', 'Teams', and the 'Power Platform' products 'Power BI', 'Power Apps', and 'Power Automate'. See the next slide for more details on adaptive or abstracted portfolio management as a mode of working.

    Download the M365 Project Portfolio Management Tool Guide

    Project Portfolio Management

    Doing the right projects, at the right time, with the right resources

    • Who does it?
      • PMO directors; portfolio managers
    • What is it?
      A strategic approach to approving, prioritizing, resourcing, and reporting on projects using applications in M365 and Project for the web. In distinction to enterprise PPM, a top-down or abstracted approach is applied, meaning PPM data is not tied to project task details.
    • Where is it done?
      • Digital tool, either homegrown or commercial
    • How is it done?
      • Currently in M365, PPM approaches are largely self-developed, though Microsoft Gold Partners are commonly involved.
      • User norms are still evolving, along with the software’s (Project for the web) function.

    Microsoft differentiator:

    Integration between Project for the web and Power Apps allows for custom approaches.

    Project Portfolio Management Overview

    Microsoft’s legacy project management toolset has contributed to the definition of traditional or enterprise PPM space.

    A robust and intensive bottom-up approach that requires task level roll-ups from projects to inform portfolio level data. For this model to work, reconciliation of individual resource capacity must be universal and perpetually current.

    If your organization has low or no maturity with PPM, this approach will be tough to make successful.

    In fact, most organizations under adopt the tools required to effectively operate with the traditional project portfolio management. Once adopted and operationalized, this combination of tools gives the executives the most precise view of the current state of projects within the portfolio.

    Explore the Microsoft product offering for enterprise project portfolio management

    A diagram of Microsoft products for 'Enterprise or Traditional Portfolio Management'. Products listed include 'Project Desktop Client', 'SharePoint', 'Project Online', 'Azure DevOps', 'Project Roadmaps', and 'Project Home'. See the next slide for more details on this as a mode of working.

    Download the M365 Project Portfolio Management Tool Guide

    Enterprise Project and Portfolio Management

    Bottom-up approach to managing the project portfolio

    • Who does it?
      • PMO and ePMO directors; portfolio managers
      • Project managers
    • What is it?
      • A strategic approach to approving, prioritizing, resourcing, and reporting on projects using applications in M365 and Project for the web. In distinction to enterprise PPM, a top-down or abstracted approach is applied, meaning PPM data is not tied to project task details.
    • Where is it done?
      • Digital tool that is usually commercial.
    • How is it done?
      • Microsoft Gold Partner involvement is highly likely in successful implementations.
      • Usage norms are long established and customized solutions are prevalent.
      • To be successful, use must be highly governed.
      • Reconciliation of individual resource capacity must be universal and perpetually current.

    Microsoft differentiator:

    Microsoft’s established network of Gold Partners helps to make this deployment a viable option.

    Assess your current tool ecosystem across work management categories

    Use Info-Tech’s Tool Audit Workbook to assess the value and satisfaction for the work management tools currently in use.

    • With the modes of working in mind that have been addressed in the previous slides and in Info-Tech’s Tool Guides, the activity slides ahead encourage you to engage your wider organization to determine all of the ways of working across individuals and teams.
    • Depending on the scope of your work management optimization, these engagements may be limited to IT or may extend to the business.
    • Use Info-Tech’s Tool Audit Workbook to help you gather and make sense of the tool data you collect. The result of this activity is to gain insight into the tools that drive value and fail to drive value across your work management categories with a view to streamline the organization’s tool ecosystem.

    Download Info-Tech’s Tool Audit Workbook

    Sample of Info-Tech's Tool Audit Workbook.

    1.2.1 Compile list of tools

    1-3 hours

    Input: Information on tools used to complete task, project, and portfolio tasks

    Output: Analyzed list of tools

    Materials: Whiteboard/Flip Charts, Tool Audit Workbook

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers, Business Stakeholders

    1. Identify the stakeholder groups that are in scope. For each group that you’ve identified, brainstorm the different tools and artifacts that are necessary to get the task, project, and project portfolio management functions done.
    2. Make sure to record the tool name and specify its category (standard document, artifact, homegrown solution, or commercial solution).
    3. Think about and discuss how often the tool is being used for each use case across the organization. Document whether its use is required. Then assess reporting functionality, data accuracy, and cost.
    4. Lastly, give a satisfaction rating for each use case.

    Excerpt from the Tool Audit Workbook

    Excerpt from Info-Tech's Tool Audit Workbook on compiling tools.

    1.2.1 Review dashboard

    1-3 hours

    Input: List of key PPM decision points, List of who is accountable for PPM decisions, List of who has PPM decision-making authority

    Output: Prioritized list of PPM decision-making support needs

    Materials: Whiteboard/Flip Charts, Tool Audit Workbook

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, CIO

    Discuss the outputs of the Dashboards tab to inform your decision maker on whether to pass or fail the tool for each use case.

    Sample of a BI dashboard used to evaluate the usefulness of tools. Written notes include: 'Slice the data based on stakeholder group, tool, use case, and category', and 'Review the results of the questionnaire by comparing cost and satisfaction'.

    1.2.1 Execute final audit

    1 hour

    Input: List of key PPM decision points, List of who is accountable for PPM decisions, List of who has PPM decision-making authority

    Output: Prioritized list of PPM decision-making support needs

    Materials: Whiteboard/Flip Charts, Tool Audit Workbook

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, CIO

    1. Using the information available, schedule time with the leadership team to present the results.
    2. Identify the accountable party to make the final decision on what current tools pass or fail the final audit.
    3. Mind the gap presented by the failed tools and look to possibilities within the M365 and Microsoft Project suite. For each tool that is deemed unsatisfactory for the future state, mark it as “Fail” in column O on tab 2 of the Tool Audit Workbook. This will ensure the item shows in the “Fail” column on tab 4 of the tool when you refresh the data.
    4. For each of the tools that “fail” your audit and that you’re going to make recommendations to rationalize in a future state, try to capture the annual total current-state spending on licenses, and the work modes the tool currently supports (i.e. task, project, and/or portfolio management).
    5. Additionally, start to think about future-state replacements for each tool within or outside of the M365/MS Project platforms. As we move forward to finalize your action plan in the last phase of this blueprint, we will capture and present this information to key stakeholders.

    Document your goals, needs, and constraints before proceeding

    Use Info-Tech’s Force Field Analysis Tool to help weigh goals and needs against risks and constraints associated with a work management change.

    • Now that you have discussed the organization’s ways of working and assessed its tool landscape – and made some initial decisions on some tool options that might need to change across that landscape – gather key stakeholders to define (a) why a change is needed at this time and (b) to document some of the risks and constraints associated with changing.
    • Info-Tech’s Force Field Analysis Tool can be used to capture these data points. It takes an organizational change management approach and asks you to consider the positive and negative forces associated with a work management tool change at this time.
    • The slides ahead walk you through a force field analysis activity and help you to navigate the relevant tabs in the Tool.

    Download Info-Tech's Force Field Analysis Tool

    Sample of Info-Tech's Force Field Analysis Tool.

    1.2.1 Identify goals and needs (1 of 2)

    Use tab 1 of the Force Field Analysis Workbook to assess goals and needs.

    30 minutes

    Input: Opportunities associated with determining the use case for Microsoft Project and M365 in your organization

    Output: Plotted opportunities based on probability and impact

    Materials: Whiteboard/Flip Charts, Force Field Analysis Tool

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers

    1. Brainstorm opportunities associated with exploring and/or implementing Microsoft Project and the Microsoft 365 suite of products for task, project, and project portfolio management.
    2. Document relevant opportunities in tab 1 of the Force Field Analysis Tool. For each driving force for the change (note: a driving force can include goals and needs) that is identified, provide a category that explains why the driving force is a concern (i.e. with this force is the organization looking to mature, integrate, scape, or accelerate?).
    3. In addition, assess the ease of achieving or realizing each goal or need and the impact of realizing them on the PMO and/or the organization.
    4. See the next slide for a screenshot that helps you navigate tab 1 of the Tool.

    Download the Force Field Analysis Tool

    1.2.1 Identify goals and needs (2 of 2)

    Screenshot of tab 1 of the Force Field Analysis Workbook.

    Screenshot of tab 1 of the Force Field Analysis Workbook. There are five columns referred to as columns B through F with the headings 'Opportunities', 'Category', 'Source', 'Ease of Achieving', and 'Impact on PMO/Organization'.

    In column B on tab 1, note the specific opportunities the group would like to call out.

    In column C, categorize the goal or need being articulated by the list of drop-down options: will it accelerate the time to benefit? Will it help to integrate systems and data sources? Will it mature processes and the organization overall? Will it help to scale across the organization? Choose the option that best aligns with the opportunity.

    In column D, categorize the source of the goal or need as internal or external.

    In column E, use the drop-down menus to indicate the ease of realizing each goal or need for the organization. Will it be relatively easy to manifest or will there be complexities to implementing it?

    In column F, use the drop-down menus to indicate the positive impact of realizing or achieving each need on the PMO and/or the organization.

    On tab 3 of the Force Field Analysis Workbook, your inputs on tab 1 are summarized in graphical form from columns B to G. On tab 3, these goals and needs results are contrasted with your inputs on tab 2 (see next slide).

    1.2.2 Identify risk and constraints (1 of 2)

    Use tab 2 of the Force Field Analysis Workbook to assess opposing forces to change.

    30 minutes

    Input: Risks associated with determining the use case for Microsoft Project and M365 in your organization

    Output: Plotted risks based on probability and impact

    Materials: Whiteboard/Flip Charts, Force Field Analysis Tool

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers

    1. With the same working group from 1.2.1, brainstorm risks, constraints, and other opposing forces pertaining to your potential future state.
    2. Document relevant opposing forces in tab 2 of the Force Field Analysis Tool. For each opposing force for the change (note: a driving force can include goals and needs) that is identified, provide a category that explains why the opposing force is a concern (i.e. will it impact or is it impacted by time, resources, maturity, budget, or culture?).
    3. In addition, assess the likelihood of the risk or constraint coming to light and the negative impact of it coming to light for your proposed change.
    4. See the next slide for a screenshot that helps you navigate tab 2 of the Force Field Analysis Tool.

    Download the Force Field Analysis Tool

    1.2.2 Identify risk and constraints (2 of 2)

    Screenshot of tab 2 of the Force Field Analysis Workbook.

    Screenshot of tab 2 of the Force Field Analysis Workbook. There are five columns referred to as columns B through F with the headings 'Risks and Constraints', 'Category', 'Source', 'Likelihood of Constraint/Risk/Resisting Force Being Felt', and 'Impact to Derailing Goals and Needs'.

    In column B on tab 2, note the specific risks and constraints the group would like to call out.

    In column C, categorize the risk or constraint being articulated by the list of drop-down options: will it impact or is it impacted by time, resources, budget, culture or maturity?

    In column D, categorize the source of the goal or need as internal or external.

    In column E, use the drop-down menus to indicate the likelihood of each risk or constraint materializing during your implementation. Will it definitely occur or is there just a small chance it could come to light?

    In column F, use the drop-down menus to indicate the negative impact of the risk or constraint to achieving your goals and needs.

    On tab 3 of the Force Field Analysis Workbook, your inputs on tab 2 are summarized in graphical form from columns I to N. On tab 3, your risk and constraint results are contrasted with your inputs on tab 1 to help you gauge the relative weight of driving vs. opposing forces.

    Step 1.2

    Explore the Microsoft Project Plans and their capabilities

    Activities

    • 1.1.1 Review the Microsoft 365 licensing features
    • 1.1.2 Explore the Microsoft Project Plan licenses
    • 1.1.3 Prepare a needs assessment for Microsoft 365 and Project Plan licenses

    This step will walk you through the following activities:

    • Review the suite of task management, project management, and project portfolio management options available in Microsoft 365.
    • Prepare a preliminary checklist of required M365 apps for your stakeholders.

    This step usually involves the following participants:

    • PMO/Portfolio Manager
    • Project Managers
    • CIO and other executive stakeholders
    • Other project portfolio stakeholders (project and IT workers)

    Outcomes of Step

    • Preliminary requirements for an M365 project management and project portfolio management tool implementation

    Microsoft recently revamped its project plans to balance its old and new tech

    Access to the new tech, Project for the web, comes with all license types, while Project Online Professional and Premium licenses have been revamped as P3 and P5.

    Navigating Microsoft licensing is never easy, and Project for the web has further complicated licensing needs for project professionals.

    As we’ll cover in step 2.1 of this blueprint, Project for the web can be extended beyond its base lightweight work management functionality using the Power Platform (Power Apps, Power Automate, and Power BI). Depending on the scope of your implementation, this can require additional Power Platform licensing.

    • In this step, we will help you understand the basics of what’s already included in your enterprise M365 licensing as well as what’s new in Microsoft’s recent Project licensing plans (P1, P3, and P5).
    • As we cover toward the end of this step, you can use Info-Tech’s MS Project and M365 Licensing Tool to help you understand your plan and licensing needs. Further assistance on licensing can be found in the Task, Project, and Portfolio Management Tool Guides that accompany this blueprint and Info-Tech’s Modernize Your Microsoft Licensing for the Cloud Era.

    Download Info-Tech’s Modernize Your Microsoft Licensing for the Cloud Era

    Licensing features for knowledge workers

    Please note that licensing packages are frequently subject to change. This is up to date as of August 2021. For the most up-to-date information on licensing, visit the Microsoft website.

    Bundles are extremely common and can be more cost effective than à la carte options for the Microsoft products.

    The biggest differentiator between M365 and O365 is that the M365 product also includes Windows 10 and Enterprise Mobility and Security.

    The color coding in the diagram indicates that the same platform/application suite is available.

    Platform or Application M365 E3 M365 E5 O365 E1 O365 E3 O365 E5
    Microsoft Forms X X X X X
    Microsoft Lists X X X X X
    OneDrive X X X X X
    Planner X X X X X
    Power Apps for Office 365 X X X X X
    Power Automate for Office X X X X X
    Power BI Pro X X
    Power Virtual Agents for Teams X X X X X
    SharePoint X X X X X
    Stream X X X X X
    Sway X X X X X
    Teams X X X X X
    To Do X X X X X

    Get familiar with Microsoft Project Plan 1

    Please note that licensing packages are frequently subject to change. This is up to date as of August 2021. For the most up to date information on licensing, visit the Microsoft website.

    Who is a good fit?

    • New project managers
    • Zero-allocation project managers
    • Individuals and organizations who want to move out of Excel into something less fragile (easily breaking formulas)

    What does it include?

    • Access to Project Home, a landing page to access all project plans you’ve created or have been assigned to.
    • Access to Grid View, Board View, and Timeline (Gantt) View to plan and manage your projects with Project for the web
    • Sharing Project for the web plans across Microsoft Teams channels
    • Co-authoring on project plans

    When does it make sense?

    • Lightweight project management
    • No process to use bottom-up approach for resourcing data
    • Critical-path analysis is not required
    • Organization does not have an appetite for project management rigor

    Get familiar with Microsoft Project Plan 3

    Please note that licensing packages are frequently subject to change. This is up to date as of August 2021. For the most up to date information on licensing, visit the Microsoft website.

    Who is a good fit?

    • Experienced and dedicated project managers
    • Organizations with complex projects
    • Large project teams are required to complete project work
    • Organizations have experience using project management software

    What does it include?

    Everything in Project Plan 1 plus the following:

    • Reporting through Power BI Report template apps (note that there are no pre-built reports for Project for the web)
    • Access to build a Roadmap of projects from Project for the web and Azure DevOps with key milestones, statuses, and deadlines
    • Project Online to submit and track timesheets for project teams
    • MS Project Desktop Client to support resource management

    When does it make sense?

    • Project management is an established discipline at the organization
    • Critical-path analysis is commonly used
    • Organization has some appetite for project management rigor
    • Resources are expected to submit timesheets to allow for more precise resource management data

    Get familiar with Microsoft Project Plan 5

    Please note that licensing packages are frequently subject to change. This is up to date as of August 2021. For the most up to date information on licensing, visit the Microsoft website.

    Who is a good fit?

    • Experienced and dedicated project managers
    • Experienced and dedicated PMO directors
    • Dedicated portfolio managers
    • Organizations proficient at sustaining data in a standard tool

    What does it include?

    Everything in Project Plan 3 plus the following:

    • Portfolio selection and optimization
    • Demand management
    • Enterprise resource planning and management through deterministic task and resource scheduling
    • MS Project Desktop Client to support resource management

    When does it make sense?

    • Project management is a key success factor at the organization
    • Organization employs a bottom-up approach for resourcing data
    • Critical-path analysis is required
    • Formal project portfolio management processes are well established
    • The organization is willing to either put in the time, energy, and resources to learn to configure the system through DIY or is willing to leverage a Microsoft Partner to help them do so

    What’s included in each plan (1 of 2)

    Plan details are up to date as of September 2021. Plans and pricing can change often. Visit the Microsoft website to validate plan options and get pricing details.
    MS Project Capabilities Info-Tech's Editorial Description P1 P3 P5
    Project Home Essentially a landing page that allows you to access all the project plans you've created or that you're assigned to. It amalgamates plans created in Project for the web, the Project for the web app in Power Apps, and Project Online. X X X
    Grid view One of three options in which to create your project plans in Project for the web (board view and timeline view are the other options). You can switch back and forth between the options. X X X
    Board view One of three options in which to create your project plans in Project for the web (grid view and timeline view are the other options). You can switch back and forth between the options. X X X
    Timeline (Gantt) view One of three options in which to create your project plans in Project for the web (board view and grid view are the other options). You can switch back and forth between the options. X X X
    Collaboration and communication This references the ability to add Project for the web project plans to Teams channels. X X X
    Coauthoring Many people can have access to the same project plan and can update tasks. X X X
    Project planning and scheduling For this the marketing lingo says "includes familiar scheduling tools to assign project tasks to team members and use different views like Grid, Board, and Timeline (Gantt chart) to oversee the schedule." Unclear how this is different than the project plans in the three view options above. X X X

    X - Functionality Included in Plan

    O - Functionality Not Included in Plan

    What’s included in each plan (2 of 2)

    Plan details are up to date as of September 2021. Plans and pricing can change often. Visit the Microsoft website to validate plan options and get pricing details.
    MS Project Capabilities Info-Tech's Editorial Description P1 P3 P5
    Reporting This seems to reference Excel reports and the Power BI Report Template App, which can be used if you're using Project Online. There are no pre-built reports for Project for the web, but third-party Power Apps are available. O X X
    Roadmap Roadmap is a platform that allows you to take one or more projects from Project for the web and Azure DevOps and create an organizational roadmap. Once your projects are loaded into Roadmap you can perform additional customizations like color status reporting and adding key days and milestones. O X X
    Timesheet submission Project Online and Server 2013 and 2016 allow team members to submit timesheets if the functionality is required. O X X
    Resource management The rich MS Project client supports old school, deterministic project scheduling at the project level. O X X
    Desktop client The full desktop client comes with P3 and P5, where it acts as the rich editor for project plans. The software enjoys a multi-decade market dominance as a project management tool but was never paired with an enterprise collaboration server engine that enjoyed the same level of success. O X X
    Portfolio selection and optimization Portfolio selection and optimization has been offered as part of the enterprise project and portfolio suite for many years. Most people taking advantage of this capability have used a Microsoft Partner to formalize and operationalize the feature. O O X
    Demand Management Enterprise demand management is targeted at the most rigorous of project portfolio management practices. Most people taking advantage of this capability have used a Microsoft Partner to formalize and operationalize the feature. O O X
    Enterprise resource planning and management The legacy MS Project Online/Server platform supports enterprise-wide resource capacity management through an old-school, deterministic task and resource scheduling engine, assuming scaled-out deployment of Active Directory. Most people succeeding with this capability have used a Microsoft Partner to formalize and operationalize the feature. O O X

    X - Functionality Included in Plan

    O - Functionality Not Included in Plan

    Use Info-Tech’s MS Project and M365 Licensing Tool

    Leverage the analysis in Info-Tech’s MS Project & M365 Licensing Tool to help inform your initial assumptions about what you need and how much to budget for it.

    • The Licensing Tool can help you determine what Project Plan licensing different user groups might need as well as additional Power Platform licensing that may be required.
    • It consists of four main tabs: two set-up tabs where you can validate the plan and pricing information for M365 and MS Project; an analysis tab where you set up your user groups and follow a survey to assess their Project Plan needs; and another analysis tab where you can document your Power Platform licensing needs across your user groups.
    • There is also a business case tab that breaks down your total licensing needs. The outputs of this tab can be used in your MS Project & M365 Action Plan Template, which we will help you develop in phase three of this blueprint.

    Download Info-Tech's Microsoft Project & M365 Licensing Tool

    Sample of Info-Tech's Microsoft Project and M365 Licensing Tool.

    1.2.1 Conduct a needs assessment

    1-2 hours

    Input: List of key user groups/profiles, Number of users and current licenses

    Output: List of Microsoft applications/capabilities included with each license, Analysis of user group needs for Microsoft Project Plan licenses

    Materials: Microsoft Project & 365 Licensing Tool

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers

    1. As a group, analyze the applications included in your current or desired 365 license and calculate any additional Power Platform licensing needs.
    2. Screenshot of the 'Application/Capabilities' screen from the 'Microsoft Project and M365 Licensing Tool'.
    3. Within the same group, use the drop-down menus to analyze your high-level MS Project requirements by selecting whether each capability is necessary or not.
    4. Your inputs to the needs assessment will determine the figures in the Business Case tab. Consider exporting this information to PDF or other format to distribute to stakeholders.
    5. Screenshot of the 'Business Case' tab from the 'Microsoft Project and M365 Licensing Tool'.

    Download Info-Tech's Microsoft Project & M365 Licensing Tool

    Step 1.3

    Assess the maturity of your current PM & PPM capabilities

    Activities

    • Assess current state project and project portfolio management processes and tools
    • Determine target state project and project portfolio management processes and tools

    This step will walk you through the following activities:

    • Assess current state project and project portfolio management processes and tools
    • Determine target state project and project portfolio management processes and tools

    This step usually involves the following participants:

    • PMO/Portfolio Manager
    • Project Managers
    • CIO and other executive stakeholders
    • Other project portfolio stakeholders (project and IT workers)

    Outcomes of Step

    • Current and target state maturity for project management and project portfolio management processes

    Project portfolio management and project management are more than tools

    Implementing commercial tools without a matching level of process discipline is a futile exercise, leaving organizations frustrated at the wasted time and money.

    • The tool is only as good as the data that is input. There is often a misunderstanding that a tool will be “automatic.” While it is true that a tool can help make certain processes easier and more convenient by aggregating information, enhancing reporting, and coauthoring, it will not make up the data. If data becomes stale, the tool is no longer valid for accurate decision making.
    • Getting people onboard and establishing a clear process is often the hardest part. As IT folk, it can be easy to get wrapped up in the technology. All too often excitement around tools can drown out the important requisites around people and process. The reality is people and process are a necessary condition for a tool to be successful. Having a tool will not be sufficient to overcome obstacles like poor stakeholder buy-in, inadequate governance, and the absence of a standard operating procedure.

    • Slow is the way to go. When deciding what tools to purchase, start small and scale up rather than going all in and all too often ending up with many unused features and fees.

    "There's been a chicken-egg debate raging in the PPM world for decades: What comes first, the tool or the process? It seems reasonable to say, ‘We don't have a process now, so we'll just adopt the one in the tool.’ But you'll soon find out that the tool doesn't have a process, and you needed to do more planning and analysis before buying the tool." (Barry Cousins, Practice Lead, Project Portfolio Management)

    Assess your process maturity to determine the right tool approach

    Take the time to consider and reflect on the current and target state of the processes for project portfolio management and project management.

    Project Portfolio Management

    • Status and Progress Reporting
      1. Intake, Approval, and Prioritization

        PPM is the practice of selecting the right projects and ensuring the organization has the necessary resources to complete them. PPM should enable executive decision makers to make sense of the excess of demand and give IT the ability to prioritize those projects that are most valuable to the business.
      2. Resource Management

      3. Project Management

        1. Initiation
        2. Planning
        3. Execution
        4. Monitoring and Controlling
        5. Closing
        Tailor a project management framework to fit your organization. Formal methodologies aren’t always the best fit. Take what you can use from formal frameworks and define a right-sized approach to your project management processes.
      4. Project Closure

      5. Benefits Tracking

    Info-Tech’s maturity assessment tools can help you match your tools to your maturity level

    Use Info-Tech’s Project Portfolio Management Maturity Assessment Tool and Project Management Maturity Assessment Tool.

    • The next few slides in this step take you through using our maturity assessment tools to help gauge your current-state and target-state maturity levels for project management (PM) and project portfolio management (PPM).
    • In addition to the process maturity assessments, these workbooks also help you document current-state support tools and desired target-state tools.
    • The outputs of these workbooks can be used in your MS Project & M365 Action Plan Template, which we will help you develop in phase three of this blueprint.

    Download Info-Tech’s Project Portfolio Management Maturity Assessment Tool and Project Management Maturity Assessment Tool

    Samples of Info-Tech's Project Portfolio Management Maturity Assessment Tool and Project Management Maturity Assessment Tool.

    Conduct a gap analysis survey for both project and project portfolio management.

    • Review the category and activity statements: For each gap analysis tab in the maturity assessments, use the comprehensive activity statements to identify gaps for the organization.
    • Assess the current state: To assess the current state, evaluate whether the statement should be labeled as:
      • Absent: There is no evidence of any activities supporting this process.
      • Initial: Activity is ad hoc and not well defined.
      • Defined: Activity is established and there is moderate adherence to its execution.
      • Repeatable: Activity is established, documented, repeatable, and integrated with other phases of the process.
      • Managed: Activity execution is tracked by gathering qualitative and quantitative feedback

    Once this is documented, take some time to describe the type of tool being used to do this (commercial, home-grown, standardized document) and provide additional details, where applicable.

    Define the target state: Repeat the assessment of activity statements for the target state. Then gauge the organizational impact and complexity of improving each capability on a scale of very low to very high.

    Excerpt from Info-Tech's Project Portfolio Management Maturity Assessment Tool, the 'PPM Current State Target State Maturity Assessment Survey'. It has five columns whose purpose is denoted in notes. Column 1 'Category within the respective discipline'; Column 2 'Statement to consider'; Column 3 'Select the appropriate answer for current and target state'; Column 4 'Define the tool type'; Column 5 'Provide addition detail about the tool'.

    Analyze survey results for project and project portfolio management maturity

    Take stock of the gap between current state and target state.

    • What process areas have the biggest gap between current and target state?
    • What areas are aligned across current and target state?

    Identify what areas are currently the least and most mature.

    • What process area causes the most pain in the organization?
    • What process area is the organization’s lowest priority?

    Note the overall current process maturity.

    • After having done this exercise, does the overall maturity come as a surprise?
    • If so, what are some of the areas that were previously overlooked?
    A table and bar graph documenting and analysis of maturity survey results. The table has four columns labelled 'Process Area', 'Current Process Completeness', 'Current Maturity Level', and 'Target State Maturity'. Rows headers in the 'Process Area' column are 'Intake, Approval, and Prioritization', 'Resource Management', 'Portfolio Reporting', 'Project Closure and Benefits Realization', 'Portfolio Administration', and finally 'Overall Maturity'. The 'Current Process Completeness' column's values are in percentages. The 'Current Maturity Level' and 'Target State Maturity' columns' values can be one of the following: 'Absent', 'Initial', 'Defined', 'Repeatable', or 'Managed'. The bar chart visualizes the levels of the 'Target State' and 'Current State' with 'Absent' from 0-20%, 'Initial' from 20-40%, 'Defined' from 40-60%, 'Repeatable' from 60-80%, and 'Managed' from 80-100%.
    • Identify process areas with low levels of maturity
    • Spot areas of inconsistency between current and target state.
    • Assess the overall gap to get a sense of the magnitude of the effort required to get to the target state.
    • 100% doesn’t need to be the goal. Set a goal that is sustainable and always consider the value to effort ratio.

    Screenshot your results and put them into the MS Project and M365 Action Plan Template.

    Review the tool overview and plan to address gaps (tabs 3 & 4)

    Tool Overview:

    Analyze the applications used to support your project management and project portfolio management processes.

    Look for:

    • Tools that help with processes across the entire PM or PPM lifecycle.
    • Tools that are only used for one specific process.

    Reflect on the overlap between process areas with pain points and the current tools being used to complete this process.

    Consider the sustainability of the target-state tool choice

    Screenshot of a 'Tool Overview' table. Chart titled 'Current-to-Target State Supporting Tools by PPM Activity' documenting the current and target states of different supporting tools by PPM Activity. Tools listed are 'N/A', 'Standardized Document', 'Homegrown Tool', and 'Commercial Tool'.

    You have the option to create an action plan for each of the areas of improvement coming out of your maturity assessment.

    This can include:

    • Tactical Optimization Action: What is the main action needed to improve capability?
    • Related Actions: Is there a cross-over with any actions for other capabilities?
    • Timeframe: Is this near-term, mid-term, or long-term?
    • Proposed Start Date
    • Proposed Go-Live Date
    • RACI: Who will be responsible, accountable, consulted, and informed?
    • Status: What is the status of this action item over time?

    Determine the Future of Microsoft Project for Your Organization

    Phase 2: Weigh Your Implementation Options

    Phase 1: Determine Your Tool Needs

    Phase 2: Weigh Your Implementation Options

    Phase 3: Finalize Your Implementation Approach
    • Step 1.1: Survey the M365 work management landscape
    • Step 1.2: Perform a process maturity assessment to help inform your M365 starting point
    • Step 1.3: Consider the right MS Project licenses for your stakeholders
    • Step 2.1: Get familiar with extending Project for the web using Power Apps
    • Step 2.2: Assess the MS Gold Partner Community
    • Step 3.1: Prepare an action plan

    Phase Outcomes

    • A decision on how best to proceed (or not proceed) with Project for the web
    • A Partner outreach plan

    Step 2.1

    Get familiar with extending Project for the web using Power Apps

    Activities

    • Get familiar with Project for the web: how it differs from Microsoft’s traditional project offerings and where it is going
    • Understand the basics of how to extend Project for the web in Power Apps
    • Perform a feasibility test

    This step will walk you through the following activities:

    • Get familiar with Project for the web
    • Understand the basics of how to extend Project for the web in Power Apps
    • Perform a feasibility test to determine if taking a DIY approach to extending Project for the web is right for your organization currently

    This step usually involves the following participants:

    • Portfolio Manager (PMO Director)
    • Project Managers
    • Other relevant PMO stakeholders

    Outcomes of Step

    • A decision on how best to proceed (or not proceed) with Project for the web

    Project for the web is the latest of Microsoft’s project management offerings

    What is Project for the web?

    • First introduced in 2019 as Project Service, Project for the web (PFTW) is Microsoft’s entry into the world of cloud-based work management and lightweight project management options.
    • Built on the Power Platform and leveraging the Dataverse for data storage, PFTW integrates with the many applications that M365 users are already employing in their day-to-day work management and collaboration activities.
    • It is available as a part of your M365 subscription with the minimum activation of P1 license – it comes with P3 and P5 licenses as well.
    • From a functionality and user experience perspective, PFTW is closer to applications like Planner or Azure Boards than it is to traditional MS Project options.

    What does it do?

    • PFTW allows for task and dependency tracking and basic timeline creation and scheduling and offers board and grid view options. It also allows real-time coauthoring of tasks among team members scheduled to the same project.
    • PFTW also comes with a product/functionality Microsoft calls Roadmap, which allows users to aggregate multiple project timelines into a single view for reporting purposes.

    What doesn't it do?

    • With PFTW, Microsoft is offering noticeably less traditional project management functionality than its existing solutions. Absent are table stakes project management capabilities like critical path, baselining, resource load balancing, etc.

    Who is it for?

    • Currently, in its base lightweight project management option, PFTW is targeted toward occasional or part-time project managers (not the PMP-certified set) tasked with overseeing and/or collaborating on small to mid-sized initiatives and projects.

    Put Project for the web in perspective

    Out of the box, PFTW occupies a liminal space when it comes to work management options

    • More than a task management tool, but not quite a full project management tool
    • Not exactly a portfolio management tool, yet some PPM reporting functionality is inherent in the PFTW through Roadmap

    The table to the right shows some of the functionality in PFTW in relation to the task management functionality of Planner and the enterprise project and portfolio management functionality of Project Online.

    Table 2.1a Planner Project for the web Project Online
    Coauthoring on Tasks X X
    Task Planning X X X
    Resource Assignments X X X
    Board Views X X X
    MS Teams Integration X X X
    Roadmap X X
    Table and Gantt Views X X
    Task Dependency Tracking X X
    Timesheets X
    Financial Planning X
    Risks and Issues Tracking X
    Program Management X
    Advanced Portfolio Management X

    Project for the web will eventually replace Project Online

    • As early as 2018 Microsoft has been foreshadowing a transition away from the SharePoint-backed Project environments of Server and Online toward something based in Common Data Service (CDS) – now rebranded as the Dataverse.
    • Indeed, as recently as the spring of 2021, at its Reimagine Project Management online event, Microsoft reiterated its plans to sunset Project Online and transition existing Online users to the new environment of Project for the web – though it provided no firm dates when this might occur.
      • The reason for this move away from Online appears to be an acknowledgment that the rigidity of the tool is awkward in our current dynamic, collaborative, and overhead-adverse work management paradigm.
      • To paraphrase a point made by George Bullock, Sr. Product Marketing Manager, for Microsoft at the Reimagine Project Management event, teams want to manage work as they see fit, but the rigidity of legacy solutions doesn’t allow for this, leading to a proliferation of tools and data sprawl. (This comment was made during the “Overview of Microsoft Project” session during the Reimagine event.)

    PFTW is Microsoft’s proposed future-state antidote to this challenge. Its success will depend on how well users are able to integrate the solution into a wider M365 work management setting.

    "We are committed to supporting our customers on Project Online and helping them transition to Project for the Web. No end-of-support has been set for Project Online, but when the time comes, we will communicate our plans on the transition path and give you plenty of advance notice." (Heather Heide, Program Manager, Microsoft Planner and Project. This comment was made during the “Overview of Microsoft Project” session during the Reimagine event.)

    Project for the web can be extended beyond its base lightweight functionality

    Project for the web can be extended to add more traditional and robust project and project portfolio management functionality using the Power Platform.

    Microsoft plans to sunset Project Online in favor of PFTW will at first be a head-scratcher for those familiar with the extensive PPM functionality in Project Online and underwhelmed by the project and portfolio management in PFTW.

    However, having built the solution upon the Power Platform, Microsoft has made it possible to take the base functionality in PFTW and extend it to create a more custom, organizationally specific user experience.

    • With a little taste of what can be done with PFTW by leveraging the Power Platform – and, in particular, Power Apps – it becomes more obvious how we, as users, can begin to evolve the base tool toward a more traditional PPM solution and how, in time, Microsoft’s developers may develop the next iteration of PFTW into something more closely resembling Project Online.

    Before users get too excited about using these tools to build a custom PPM approach, we should consider the time, effort, and skills required. The slides ahead will take you through a series of considerations to help you gauge whether your PMO is ready to go it alone in extending the solution.

    Extending the tool enhances functionality

    Table 2.1a in this step displayed the functionality in PFTW in relation to the task management tool Planner and the robust PPM functionality in Online.

    The table to the right shows how the functionality in PFTW can differ from the base solution and Project Online when it is extended using the model-driven app option in Power Apps.

    Caveat: The list of functionality and processes in this table is sample data.

    This functionality is not inherent in the solution as soon as you integrate with Power Apps. Rather it must be built – and your success in developing these functions will depend upon the time and skills you have available.

    Table 2.1b Project for the web PFTW extended with PowerApps Project Online
    Critical Path X
    Timesheets X
    Financial Planning X X
    Risks and Issues Tracking X X
    Program Management X
    Status Updates X
    Project Requests X
    Business Cases X
    Project Charters X
    Resource Planning and Capacity Management X X
    Project Change Requests X

    Get familiar with the basics of Power Apps before you decide to go it alone

    While the concept of being able to customize and grow a commercial PPM tool is enticing, the reality of low-code development and application maintenance may be too much for resource-constrained PMOs.

    Long story short: Extending PFTW in Power Apps is time consuming and can be frustrating for the novice to intermediate user.

    It can take days, even weeks, just to find your feet in Power Apps, let alone to determine requirements to start building out a custom model-driven app. The latter activity can entail creating custom columns and tables, determining relationships between tables to get required outputs, in addition to basic design activities.

    Time-strapped and resource-constrained practitioners should pause before committing to this deployment approach. To help better understand the commitment, the slides ahead cover the basics of extending PFTW in Power Apps:

    1. Dataverse environments.
    2. Navigating Power App Designer and Sitemap Designer
    3. Customizing tables and forms in the Dataverse

    See Info-Tech’s M365 Project Portfolio Management Tool Guide for more information on Power Apps in general.

    Get familiar with Power Apps licensing

    Power Apps for 365 comes with E1 through E5 M365 licenses (and F3 and F5 licenses), though additional functionality can be purchased if required.

    While extending Project for the web with Power Apps does not at this time, in normal deployments, require additional licensing from what is included in a E3 or E5 license, it is not out of the realm of possibility that a more complex deployment could incur costs not included in the Power Apps for 365 that comes with your enterprise agreement.

    The table to the right shows current additional licensing options.

    Power Apps, Per User, Per App Plan

    Per User Plan

    Cost: US$10 per user per app per month, with a daily Dataverse database capacity of 40 MB and a daily Power Platform request capacity of 1,000. Cost: US$40 per user per month, with a daily Dataverse database capacity of 250 MB and a daily Power Platform request capacity of 5,000.
    What's included? This option is marketed as the option that allows organizations to “get started with the platform at a lower entry point … [or those] that run only a few apps.” Users can run an application for a specific business case scenario with “the full capabilities of Power Apps” (meaning, we believe, that unlicensed users can still submit data via an app created by a licensed user). What's included? A per-user plan allows licensed users to run unlimited canvas apps and model-driven apps – portal apps, the licensing guide says, can be “provisioned by customers on demand.” Dataverse database limits (the 250 MB and 5,000 request capacity mentioned above) are pooled at the per tenant, not the per user plan license, capacity.

    For more on Power Apps licensing, refer to Info-Tech’s Modernize Your Microsoft Licensing for the Cloud Era for more information.

    What needs to be configured?

    Extending Project for the web requires working with your IT peers to get the right environments configured based upon your needs.

    • PFTW data is stored in the Microsoft Dataverse (formerly Common Data Service or CDS).
    • The organization’s Dataverse can be made up of one to many environments based upon its needs. Environments are individual databases with unique proprieties in terms of who can access them and what applications can store data in them.
    • Project for the web supports three different types of environments: default, production, and sandbox.
    • You can have multiple instances of a custom PFTW app deployed across these environments and across different users – and the environment you choose depends upon the use case of each instance.

    Types of Environments

    • Default Environment

      • It is the easiest to deploy and get started with the PFTW Power App in the default environment. However, it is also the most restricted environment with the least room for configuration.
      • Microsoft recommends this environment for simple deployments or for projects that span the organization. This is because everyone in the organization is by default a member of this environment – and, with the least room for configuration, the app is relatively straightforward.
      • At minimum, you need one project license to deploy PFTW in the default environment.
    • Production Environment

      • This environment affords more flexibility for how a custom app can be configured and deployed. Unlike the default environment, deploying a production environment is a manual process (through the Power Platform Admin Center) and security roles need to be set to limit users who can access the environment.
      • Because users can be limited, production environments can be used to support more advanced deployments and can support diverse processes for different teams.
      • At present, you need at least five Project licenses to deploy to production environments.
    • Sandbox Environment

      • This environment is for users who are responsible for the creation of custom apps. It offers the same functionality as a production environment but allows users to make changes without jeopardizing a production environment.

    Resources to provide your IT colleagues with to help in your PFTW deployment:

    1. Project for the web admin help (Product Documentation, Microsoft)
    2. Advanced deployment for Project for the web (Video, Microsoft)
    3. Get Started with Project Power App (Product Support Documentation, Microsoft)
    4. Project for the Web Security Roles (Product Support Documentation, Microsoft)

    Get started creating or customizing a model-driven app

    With the proper environments procured, you can now start extending Project for the web.

    • Navigate to the environment you would like to extend PFTW within. For the purposes of the slides ahead, we’ll be using a sandbox environment for an example. Ensure you have the right access set up for production and sandbox environments of your own (see links on previous slide for more assistance).
    • To begin extending PFTW, the two core features you need to be familiar with before you start in Power Apps are (1) Tables/Entities and (2) the Power Apps Designer – and in particular the Site Map.

    From the Power Apps main page in 365, you can change your environment by selecting from the options in the top right-hand corner of the screen.

    Screenshot of the Power Apps “Apps” page in a sandbox environment. The Project App will appear as “Project” when the application is installed, though it is also easy to create an app from scratch.

    Model-driven apps are built around tables

    In Power Apps, tables (formerly called entities and still referred to as entities in the Power Apps Designer) function much like tables in Excel: they are containers of columns of data for tracking purposes. Tables define the data for your app, and you build your app around them.

    In general, there are three types of tables:

    • Standard: These are out-of-the box tables included with a Dataverse environment. Most standard tables can be customized.
    • Managed: These are tables that get imported into an environment as part of a managed solution. Managed tables cannot be customized.
    • Custom: These types of tables can either be imported from another solution or created directly in the Dataverse environment. To create custom tables, users need to have System Administrator or System Customizer security roles within the Dataverse.

    Tables can be accessed under Data banner on the left-hand panel of your Power Apps screen.

    The below is a list of standard tables that can be used to customize your Project App.

    A screenshot of the 'Data' banner in 'Power Apps' and a list of table names.

    Table Name

    Display Name

    msdyn_project Project
    msdyn_projectchange Change
    msdyn_projectprogram Program
    msdyn_projectrequest Request
    msdyn_projectrisk Risk
    msdyn_projectissue Issue
    msdyn_projectstatusreport Status

    App layouts are designed in the Power App Designer

    You configure tables with a view to using them in the design of your app in the Power Apps Designer.

    • If you’re customizing a Project for the web app manually installed into your production or sandbox environment, you can access Designer by highlighting the app from your list of apps on the Apps page and clicking “Edit” in the ribbon above.
      • If you’re creating a model-driven app from scratch, Designer will open past the “Create a New App” intro screen.
      • If you need to create separate apps in your environment for different PMOs or business units, it is as easy to create an app from scratch as it is to customize the manual install.
    • The App Designer is where you can design the layout of your model-driven app and employ the right data tables.
    Screenshot of the 'App Designer' screen in 'Power Apps'.

    The Site Map determines the navigation for your app, i.e. it is where you establish the links and pages users will navigate. We will review the basics of the sitemap on the next few slides.

    The tables that come loaded into your Project Power App environment (at this time, 37) via the manual install will appear in the Power Apps Designer in the Entity View pane at the bottom of the page. You do not have to use all of them in your design.

    Navigate the Sitemap Designer

    With the components of the previous two slides in mind, let’s walk through how to use them together in the development of a Project app.

    As addressed in the previous slide, the sitemap determines the navigation for your app, i.e. it is where you establish the links and the pages that users will navigate.

    To get to the Sitemap Designer, highlight the Project App from your list of apps on the Apps page and click “Edit” in the ribbon above. If you’re creating a model-driven app from scratch, Designer will open past the “Create a New App” intro screen.

    • To start designing your app layout, click the pencil icon beside the Site Map logo on the App Designer screen.
    • This will take you into the Sitemap Designer (see screenshot to the right). This is where you determine the layout of your app and the relevant data points (and related tables from within the Dataverse) that will factor into your Project App.
    • In the Sitemap Designer, you simply drag and drop the areas, groups, and subareas you want to see in your app’s user interface (see next slide for more details).
    Screenshot of the 'Sitemap Designer' in 'Power Apps'.

    Use Areas, Groups, and Subareas as building blocks for your App

    Screenshots of the main window and the right-hand panel in the 'Sitemap Designer', and of the subarea pop-up panel where you connect components to data tables. The first two separate elements into 'Area', 'Group', and 'Subarea'.

    Drag and drop the relevant components from the panel on the right-hand side of the screen into the main window to design the core pieces that will be present within your user interface.

    For each subarea in your design, use the pop-up panel on the right-hand side of the screen to connect your component the relevant table from within your Dataverse environment.

    How do Areas, Groups, and Subareas translate into an app?

    Screenshots of the main window in the 'Sitemap Designer' and of a left-hand panel from a published 'Project App'. There are notes defining the terms 'Area', 'Group', and 'Subarea' in the context of the screenshot.

    The names or titles for your Areas and Groups can be customized within the Sitemap Designer.

    The names or titles for your Subareas is dependent upon your table name within the Dataverse.

    Area: App users can toggle the arrows to switch between Areas.

    Group: These will change to reflect the chosen Area.

    Subarea: The tables and forms associated with each subarea.

    How to properly save and publish your changes made in the Sitemap Designer and Power Apps Designer:

    1. When you are done making changes to your components within the Sitemap Designer, and want your changes to go live, hit the “Publish” button in the top right corner; when it has successfully published, select “Save and Close.”
    2. You will be taken back to the Power App Designer homepage. Hit “Save,” then “Publish,” and then finally “Play,” to go to your app or “Save and Close.”

    How to find the right tables in the Dataverse

    While you determine which tables will play into your app in the Sitemap Designer, you use the Tables link to customize tables and forms.

    Screenshots of the tables search screen and the 'Tables' page under the 'Data' banner in 'Power Apps'.

    The Tables page under the Data banner in Power Apps houses all of the tables available in your Dataverse environment. Do not be overwhelmed or get too excited. Only a small portion of the tables in the Tables folder in Power Apps will be relevant when it comes to extending PFTW.

    Find the table you would like to customize and/or employ in your app and select it. The next slides will look at customizing the table (if you need to) and designing an app based upon the table.

    To access all the tables in your environment, you’ll need to ensure your filter is set correctly on the top right-hand corner of the screen, otherwise you will only see a small portion of the tables in your Dataverse environment.

    If you’re a novice, it will take you some time to get familiar with the table structure in the Dataverse.

    We recommend you start with the list of tables listed on slide. You can likely find something there that you can use or build from for most PPM purposes.

    How to customize a table (1 of 3)

    You won’t necessarily need to customize a table, but if you do here are some steps to help you get familiar with the basics.

    Screenshot of the 'Columns' tab, open in the 'msdyn_project table' in 'Power Apps'.

    In this screenshot, we are clicked into the msdyn_project (display name: Project) table. As you can see, there are a series of tabs below the name of the table, and we are clicked into the Columns tab. This is where you can see all of the data points included in the table.

    You are not able to customize all columns. If a column that you are not able to customize does not meet your needs, you will need to create a custom column from the “+Add column” option.

    “Required” or “Optional” status pertains to when the column or field is used within your app. For customizable or custom columns this status can be set when you click into each column.

    How to customize a table (2 of 3)

    Create a custom “Status” column.

    By way of illustrating how you might need to customize a table, we’ll highlight the “msdyn_project_statecode” (display name: Project Status) column that comes preloaded in the Project (msdyn_project) table.

    • The Project Status column only gives you a binary choice. While you are able to customize what that binary choice is (it comes preloaded with “Active” and “Inactive” as the options) you cannot add additional choices – so you cannot set it to red/yellow/green, the most universally adopted options for status in the project portfolio management world.
    • Because of this, let’s look at the effort involved in creating a choice and adding a custom column to your table based upon that choice.
    Screenshots of the '+New choice' button in the 'Choices' tab and the 'New choice' pane that opens when you click it.

    From within the Choices tab, click “+New choice” option to create a custom choice.

    A pane will appear to the right of your screen. From there you can give your choice a name, and under the “Items” header, add your list of options.

    Click save. Your custom choice is now saved to the Choices tab in the Dataverse environment and can be used in your table. Further customizations can be made to your choice if need be.

    How to customize a table (3 of 3)

    Back in the Tables tab, you can put your new choice to work by adding a column to a table and selecting your custom choice.

    Screenshots of the pop-up window that appear when you click '+Add Column', and details of what happens when you select the data type 'Choice'.

    Start by selecting “+ Add Column” at the top left-hand side of your table. A window will appear on the right-hand side of the page, and you will have options to name your column and choose the data type.

    As you can see in this screenshot to the left, data type options include text, number and date types, and many more. Because we are looking to use our custom choice for this example, we are going to choose “Choice.”

    When you select “Choice” as your data type, all of the choice options available or created in your Dataverse environment will appear. Find your custom choice – in this example the one name “RYG Status” – and click done. When the window closes, be sure to select “Save Table.”

    How to develop a Form based upon your table (1 of 3 – open the form editor)

    A form is the interface users will engage with when using your Project app.

    When the Project app is first installed in your environment, the main user form will be lacking, with only a few basic data options.

    This form can be customized and additional tabs can be added to your user interface.

    1. To do this, go to the table you want to customize.
    2. In the horizontal series of tabs at the top of the screen, below the table title select the “Forms” option.
    3. Click on the main information option or select Edit Form for the form with “Main” under its form type. A new window will open where you can customize your form.
    Screenshot of the 'Forms' tab, open in the 'msdyn_project' table in 'Power Apps'.

    Select the Forms tab.

    Start with the form that has “Main” as its Format Type.

    How to develop a Form based upon your table (2 of 3 – add a component)

    Screenshot of the 'Components' window in 'Power Apps' with a list of layouts as a window to the right of the main screen where you can name and format the chosen layout.

    You can add element like columns or sections to your form by selecting the Components window.

    In this example, we are adding a 1-Column section. When you select that option from the menu options on the left of the screen, a window will open to the right of the screen where you can name and format the section.

    Choose the component you would like to add from the layout options. Depending on the table element you are looking to use, you can also add input options like number inputs and star ratings and pull in related data elements like a project timeline.

    How to develop a Form based upon your table (3 of 3 – add table columns)

    Screenshot of the 'Table Columns' window in 'Power Apps' and instructions for adding table columns.

    If you click on the “Table Columns” option on the left-hand pane, all of the column options from within your table will appear in alphabetical order.

    When clicked within the form section you would like to add the new column to, select the column from the list of option in the left-hand pane. The new data point will appear within the section. You can order and format section elements as you would like.

    When you are done editing the form, click the “Save” icon in the top right-hand corner. If you are ready for your changes to go live within your Project App, select the “Publish” icon in the top right-hand corner. Your updated form will go live within all of the apps that use it.

    The good and the bad of extending Project for the web

    The content in this step has not instructed users how to extend PFTW; rather, it has covered three basic core pieces of Power Apps that those interesting in PFTW need to be aware of: Dataverse environments, the Power Apps and Sitemaps Designers, and Tables and associated Forms.

    Because we have only covered the very tip of the iceberg, those interested in going further and taking a DIY approach to extending PFTW will need to build upon these basics to unlock further functionality. Indeed, it takes work to develop the product into something that begins to resemble a viable enterprise project and portfolio management solution. Here are some of the good and the bad elements associated with that work:

    The Good:

    • You can right-size and purpose build: add as much or as little project management rigor as your process requires. Related, you can customize the solution in multiple ways to suit the needs of specific business units or portfolios.
    • Speed to market: it is possible to get up and running quickly with a minimum-viable product.

    The Bad:

    • Work required: to build anything beyond MVP requires independent research and trial and error.
    • Time required: to build anything beyond MVP requires time and skills that many PMOs don’t have.
    • Shadow support costs: ungoverned app creation could have negative support and maintenance impacts across IT.

    "The move to Power Platform and low code development will […increase] maintenance overhead. Will low code solution hit problems at scale? [H]ow easy will it be to support hundreds or thousands of small applications?

    I can hear the IT support desks already complaining at the thought of this. This part of the puzzle is yet to hit real world realities of support because non developers are busy creating lots of low code applications." (Ben Hosking, Software Developer and Blogger, "Why low code software development is eating the world")

    Quick start your extension with the Accelerator

    For those starting out, there is a pre-built app you can import into your environment to extend the Project for the web app without any custom development.

    • If the DIY approach in the previous slides was overwhelming, and you don’t have the budget for a MS Partner route in the near-term, this doesn’t mean that evolving your Project for the web app is unattainable.
    • Thanks to a partnership between OnePlan (one of the MS Gold Partners we detail in the next step) and Microsoft, Project for the web users have access to a free resource to help them evolve the base Project app. It’s called the “Project for the web Accelerator” (commonly referred to as “the Accelerator” for short).
    • Users interested in learning more about, and accessing, this free resource should refer to the links below:
      1. The Future of Microsoft Project Online (source: OnePlan).
      2. Introducing the Project Accelerator (source: Microsoft).
      3. Project for the web Accelerator (source: GitHub)
    Screen shot from one of the dashboards that comes with the Accelerator (image source: GitHub).

    2.1.1 Perform a feasibility test (1 of 2)

    15 mins

    As we’ve suggested, and as the material in this step indicates, extending PFTW in a DIY fashion is not small task. You need a knowledge of the Dataverse and Power Apps, and access to the requisite skills, time, and resources to develop the solution.

    To determine whether your PMO and organization are ready to go it alone in extending PFTW, perform the following activity:

    1. Convene a collection of portfolio, project, and PMO staff.
    2. Using the six-question survey on tab 5 of the Microsoft Project & M365 Licensing Tool (see screenshot to the right) as a jumping off point for a discussion, consider the readiness of your PMO or project organization to undertake a DIY approach to extending and implementing PFTW at this time.
    3. You can use the recommendations on tab 5 of the Microsoft Project & 365 Licensing Tool to inform your next steps, and input the gauge graphic in section 4 of the Microsoft Project & M365 Action Plan Template.
    Screenshots from the 'Project for the Web Extensibility Feasibility Test'.

    Go to tab 5 of the Microsoft Project & M365 Licensing Tool

    See next slide for additional activity details

    2.1.1 Perform a feasibility test (2 of 2)

    Input: The contents of this step, The Project for the Web Extensibility Feasibility Test (tab 5 in the Microsoft Project & 365 Licensing Tool)

    Output: Initial recommendations on whether to proceed and how to proceed with a DIY approach to extending Project for the web

    Materials: The Project for the Web Extensibility Feasibility Test (tab 5 in the Microsoft Project & 365 Licensing Tool)

    Participants: Portfolio Manager (PMO Director), Project Managers, Other relevant PMO stakeholders

    Step 2.2

    Assess the Microsoft Gold Partner Community

    Activities

    • Review what to look for in a Microsoft Partner
    • Determine whether your needs would benefit from reaching out to a Microsoft Partner
    • Review three key Partners from the North American market
    • Create a Partner outreach plan

    This step will walk you through the following activities:

    • Review what to look for in a Microsoft Partner.
    • Determine whether your needs would benefit from reaching out to a Microsoft Partner.
    • Review three key Partners from the North American market.

    This step usually involves the following participants:

    • Portfolio Manager (PMO Director)
    • Project Managers
    • Other relevant PMO stakeholders

    Outcomes of Step

    • A better understanding of MS Partners
    • A Partner outreach plan

    You don’t have to go it alone

    Microsoft has an established community of Partners who can help in your customizations and implementations of Project for the web and other MS Project offerings.

    If the content in the previous step seemed too technical or overly complex in a way that scared you away from a DIY approach to extending Microsoft’s latest project offering (and at some point in the near future, soon to be its only project offering), Project for the web, fear not.

    You do not have to wade into the waters of extending Project for the web alone, or for that matter, in implementing any other MS Project solution.

    Instead, Microsoft nurtures a community of Silver and Gold partners who offer hands-on technical assistance and tool implementation services. While the specific services provided vary from partner to partner, all can assist in the customization and implementation of any of Microsoft’s Project offerings.

    In this step we will cover what to look for in a Partner and how to assess whether you are a good candidate for the services of a Partner. We will also highlight three Partners from within the North American market.

    The basics of the Partner community

    What is a Microsoft Partner?

    Simply put, an MS Gold Partner is a software or professional services organization that provides sales and services related to Microsoft products.

    They’re resellers, implementors, integrators, software manufacturers, trainers, and virtually any other technology-related business service.

    • Microsoft has for decades opted out of being a professional services organization, outside of its very “leading edge” offerings from MCS (Microsoft Consulting Services) for only those technologies that are so new that they aren’t yet supported by MS Partners.
    • As you can see in the chart on the next slide, to become a silver or gold certified partner, firms must demonstrate expertise in specific areas of business and technology in 18 competency areas that are divided into four categories: applications and infrastructure, business applications, data and AI, and modern workplace and security.

    More information on what it takes to become a Microsoft Partner:

    1. Partner Center (Document Center, Microsoft)
    2. Differentiate your business by attaining Microsoft competencies (Document Center, Microsoft)
    3. Partner Network Homepage (Webpage, Microsoft)
    4. See which partner offer is right for you (Webpage, Microsoft)

    Types of partnerships and qualifications

    Microsoft Partner Network

    Microsoft Action Pack

    Silver Competency

    Gold Competency

    What is it?

    The Microsoft Partner Network (MPN) is a community that offers members tools, information, and training. Joining the MPN is an entry-level step for all partners. The Action Pack is an annual subscription offered to entry-level partners. It provides training and marketing materials and access to expensive products and licenses at a vastly reduced price. Approximately 5% of firms in the Microsoft Partner Network (MPN) are silver partners. These partners are subject to audits and annual competency exams to maintain silver status. Approximately 1% of firms in the Microsoft Partner Network (MPN) are gold partners. These partners are subject to audits and annual competency exams to maintain Gold status.

    Requirements

    Sign up for a membership Annual subscription fee While requirements can vary across competency area, broadly speaking, to become a silver partner firms must:
    • Pass regular exams and skills assessments, with at least two individuals on staff with Microsoft Certified Professional Status.
    • Hit annual customer, revenue, and licensing metrics.
    • Pay the annual subscription fee.
    While requirements can vary across competency area, broadly speaking, to become a gold partner firms must:
    • Pass regular exams and skills assessments, with at least two individuals on staff with Microsoft Certified Professional Status.
    • Hit annual customer, revenue, and licensing metrics.
    • Pay the annual subscription fee.

    Annual Fee

    No Cost $530 $1800 $5300

    When would a MS Partner be helpful?

    • Project management and portfolio management practitioners might look into procuring the services of a Microsoft Partner for a variety of reasons.
    • Because services vary from partner to partner (help to extend Project for the web, implement Project Server or Project Online, augment PMO staffing, etc.) we won’t comment on specific needs here.
    • Instead, the three most common conditions that trigger the need are listed to the right.

    Speed

    When you need to get results faster than your staff can grow the needed capabilities.

    Cost

    When the complexity of the purchase decision, implementation, communication, training, configuration, and/or customization cannot be cost-justified for internal staff, often because you’ll only do it once.

    Expertise & Skills

    When your needs cannot be met by the core Microsoft technology without significant extension or customization.

    Canadian Microsoft Partners Spotlight

    As part of our research process for this blueprint, Info-Tech asked Microsoft Canada for referrals and introductions to leading Microsoft Partners. We spent six months collaborating with them on fresh research into the underlying platform.

    These vendors are listed below and are highlighted in subsequent slides.

    Spotlighted Partners:

    Logo for One Plan. Logo for PMO Outsource Ltd. Logo for Western Principles.

    Please Note: While these vendors were referred to us by Microsoft Canada and have a footprint in the Canadian market, their footprints extend beyond this to the North American and global markets.

    A word about our approach

    Photo of Barry Cousins, Project Portfolio Management Practice Lead, Info-Tech Research Group.
    Barry Cousins
    Project Portfolio Management Practice Lead
    Info-Tech Research Group

    Our researchers have been working with Microsoft Project Online and Microsoft Project Server clients for years, and it’s fair to say that most of these clients (at some point) used a Microsoft Partner in their deployment. They’re not really software products, per se; they’re platforms. As a Microsoft Partner in 2003 when Project Server got its first big push, I heard it loud and clear: “Some assembly required. You might only make 7% on the licensing, but the world’s your oyster for services.”

    In the past few years, Microsoft froze the market for major Microsoft Project decisions by making it clear that the existing offering is not getting updates while the new offering (Project for the web) doesn’t do what the old one did. And in a fascinating timing coincidence, the market substantially adopted Microsoft 365 during that period, which enables access to Project for the web.

    Many of Info-Tech’s clients are justifiably curious, confused, and concerned, while the Microsoft Partners have persisted in their knowledge and capability. So, we asked Microsoft Canada for referrals and introductions to leading Microsoft Partners and spent six months collaborating with them on fresh research into the underlying platform.

    Disclosure: Info-Tech conducted collaborative research with the partners listed on the previous slide to produce this publication. Market trends and reactions were studied, but the only clients identified were in case studies provided by the Microsoft Partners. Info-Tech’s customers have been, and remain, anonymous. (Barry Cousins, Project Portfolio Management Practice Lead, Info-Tech Research Group)

    MS Gold Partner Spotlight:

    OnePlan

    Logo for One Plan.
    Headquarters: San Marcos, California, and Toronto, Ontario
    Number of Employees: ~80
    Active Since: 2007 (as EPMLive)
    Website: www.oneplan.ai

    Who are they?

    • While the OnePlan brand has only been the marketplace for a few years, the company has been a major player in MS Gold Partner space for well over a decade.
    • Born out of EPMLive in the mid-aughts, OnePlan Solutions has evolved through a series of acquisitions, including Upland, Tivitie, and most recently Wicresoft.

    What do they do?

    • Software: Its recent rebranding is largely because OnePlan Solutions is as much a software company as it is a professional services firm. The OnePlan software product is an impressive solution that can be used on its own to facilitate the portfolio approaches outlined on the next slide and that can also integrate with the tools your organization is already using to manage tasks (see here for a full rundown of the solutions within the Microsoft stack and beyond OnePlan can integrate with).
    • Beyond its ability to integrate with existing solutions, as a software product, OnePlan has modules for resource planning, strategic portfolio planning, financial planning, time tracking, and more.

    • PPM Consulting Services: The OnePlan team also offers portfolio management consulting services. See the next slide for a list of its approaches to project portfolio management.

    Markets served

    • US, Canada, Europe, and Australia

    Channel Differentiation

    • OnePlan scales to all the PPM needs of all industry types.
    • Additionally, OnePlan offers insights and functionality specific to the needs of BioTech-Pharma.

    What differentiates OnePlan?

    • OnePlan co-developed the Project Accelerator for Project for the web with Microsoft. The OnePlan team’s involvement in developing the Accelerator and making it free for users to access suggests it is aligned to and has expertise in the purpose-built and collaborative vision behind Microsoft’s move away from Project Online and toward the Power Platform and Teams collaboration.
    • 2021 MS Gold Partner of the Year. At Microsoft’s recent Microsoft Inspire event, OnePlan was recognized as the Gold Partner of the Year for Project and Portfolio Management as well as a finalist for Power Apps and Power Automate.
    • OnePlan Approaches: Below is a list of the services or approaches to project portfolio management that OnePlan provides. See its website for more details.
      • Strategic Portfolio Management: Align work to objectives and business outcomes. Track performance against the proposed objectives outcomes.
      • Agile Portfolio Management: Implement Agile practices across the organization, both at the team and executive level.
      • Adaptive Portfolio Management: Allow teams to use the project methodology and tools that best suit the work/team. Maintain visibility and decision making across the entire portfolio.
      • Professional Services Automation: Use automation to operate with greater efficiency.

    "OnePlan offers a strategic portfolio, financial and resource management solution that fits the needs of every PMO. Optimize your portfolio, financials and resources enterprise wide." (Paul Estabrooks, Vice President at OnePlan)

    OnePlan Case Study

    This case study was provided to Info-Tech by OnePlan.

    Brambles

    INDUSTRY: Supply Chain & Logistics
    SOURCE: OnePlan

    Overview: Brambles plays a key role in the delivery or return of products amongst global trading partners such as manufacturers, distributors and retailers.

    Challenge

    Brambles had a variety of Project Management tools with no easy way of consolidating project management data. The proliferation of project management solutions was hindering the execution of a long-term business transformation strategy. Brambles needed certain common and strategic project management processes and enterprise project reporting while still allowing individual project management solutions to be used as part of the PPM platform.

    Solution

    As part of the PMO-driven business transformation strategy, Brambles implemented a project management “operating system” acting as a foundation for core processes such as project intake, portfolio management, resource, and financial planning and reporting while providing integration capability for a variety of tools used for project execution.

    OnePlan’s new Adaptive PPM platform, combining the use of PowerApps and OnePlan, gives Brambles the desired PPM operating system while allowing for tool flexibility at the execution level.

    Results

    • Comprehensive picture of progress across the portfolio.
    • Greater adoption by allowing flexibility of work management tools.
    • Modern portfolio management solution that enables leadership to make confident decision.

    Solution Details

    • OnePlan
    • Project
    • Power Apps
    • Power Automate
    • Power BI
    • Teams

    Contacting OnePlan Solutions

    www.oneplan.ai

    Joe Larscheid: jlarscheid@oneplan.ai
    Paul Estabrooks: pestabrooks@oneplan.ai
    Contact Us: contact@oneplan.ai
    Partners: partner@oneplan.ai

    Partner Resources. OnePlan facilitates regular ongoing live webinars on PPM topics that anyone can sign up for on the OnePlan website.

    For more information on upcoming webinars, or to access recordings of past webinars, see here.

    Additional OnePlan Resources

    1. How to Extend Microsoft Teams into a Collaborative Project, Portfolio and Work Management Solution (on-demand webinar, OnePlan’s YouTube channel)
    2. What Does Agile PPM Mean To The Modern PMO (on-demand webinar, OnePlan’s YouTube channel)
    3. OnePlan is fused with the Microsoft User Experience (blog article, OnePlan)
    4. Adaptive Portfolio Management Demo – Bringing Order to the Tool Chaos with OnePlan (product demo, OnePlan’s YouTube channel)
    5. How OnePlan is aligning with Microsoft’s Project and Portfolio Management Vision (blog article, OnePlan)
    6. Accelerating Office 365 Value with a Hybrid Project Portfolio Management Solution (product demo, OnePlan’s YouTube channel)

    MS Gold Partner Spotlight:

    PMO Outsource Ltd.

    Logo for PMO Outsource Ltd.

    Headquarters: Calgary, Alberta, and Mississauga, Ontario
    Website: www.pmooutsource.com

    Who are they?

    • PMO Outsource Ltd. is a Microsoft Gold Partner and PMI certified professional services firm based in Alberta and Ontario, Canada.
    • It offers comprehensive project and portfolio management offerings with a specific focus on project lifecycle management, including demand management, resource management, and governance and communication practices.

    What do they do?

    • Project Online and Power Platform Expertise. The PMO Outsource Ltd. team has extensive knowledge in both Microsoft’s old tech (Project Server and Desktop) and in its newer, cloud-based technologies (Project Online, Project for the web, the Power Platform, and Dynamics 365). As the case study in two slides demonstrates, PMO Outsource Ltd. Uses its in-depth knowledge of the Microsoft suite to help organizations automate project and portfolio data collection process, create efficiencies, and encourage cloud adoption.
    • PPM Consulting Services: In addition to its Microsoft platform expertise, the PMO Outsource Ltd. team also offers project and portfolio management consulting services, helping organizations evolve their process and governance structures as well as their approaches to PPM tooling.

    Markets served

    • Global

    Channel Differentiation

    • PMO Outsource Ltd. scales to all the PPM needs of all industry types.

    What differentiates PMO Outsource Ltd.?

    • PMO Staff Augmentation. In addition to its technology and consulting services, PMO Outsource Ltd. offers PMO staff augmentation services. As advertised on its website, it offers “scalable PMO staffing solutions. Whether you require Project Managers, Business Analysts, Admins or Coordinators, [PMO Outsource Ltd.] can fulfill your talent search requirements from a skilled pool of resources.”
    • Multiple and easy-to-understand service contract packages. PMO Outsource Ltd. offers many prepackaged service offerings to suit PMOs’ needs. Those packages include “PMO Management, Admin, and Support,” “PPM Solution, Site and Workflow Configuration,” and “Add-Ons.” For full details of what’s included in these services packages, see the PMO Outsource Ltd. website.
    • PMO Outsource Ltd. Services: Below is a list of the services or approaches to project portfolio management that PMO Outsource Ltd. Provides. See its website for more details.
      • Process Automation, Workflows, and Tools. Facilitate line of sight by tailoring Microsoft’s technology to your organization’s needs and creating custom workflows.
      • PMO Management Framework. Receive a professionally managed PPM methodology as well as governance standardization of processes, tools, and templates.
      • Custom BI Reports. Leverage its expertise in reporting and dashboarding to create the visibility your organization needs.

    "While selecting an appropriate PPM tool, the PMO should not only evaluate the standard industry tools but also analyze which tool will best fit the organization’s strategy, budget, and culture in the long run." (Neeta Manghnani, PMO Strategist, PMO Outsource Ltd.)

    PMO Outsource Ltd. Case Study

    This case study was provided to Info-Tech by PMO Outsource Ltd.

    SAMUEL

    INDUSTRY: Manufacturing
    SOURCE: PMO Outsource Ltd.

    Challenge

    • MS Project 2013 Server (Legacy/OnPrem)
    • Out-of-support application and compliance with Office 365
    • Out-of-support third-party application for workflows
    • No capability for resource management
    • Too many manual processes for data maintenance and server administration

    Solution

    • Migrate project data to MS Project Online
    • Recreate workflows using Power Automate solution
    • Configure Power BI content packs for Portfolio reporting and resource management dashboards
    • Recreate OLAP reports from legacy environment using Power BI
    • Cut down nearly 50% of administrative time by automating PMO/PPM processes
    • Save costs on Server hardware/application maintenance by nearly 75%

    Full Case Study Link

    • For full details about how PMO Outsource Ltd. assisted Samuel in modernizing its solution and creating efficiencies, visit the Microsoft website where this case study is highlighted.

    Contacting PMO Outsource Ltd.

    www.pmooutsource.com

    700 8th Ave SW, #108
    Calgary, AB T2P 1H2
    Telephone : +1 (587) 355-3745
    6045 Creditview Road, #169
    Mississauga, ON L5V 0B1
    Telephone : +1 (289) 334-1228
    Information: info@pmooutsource.com
    LinkedIn: https://www.linkedin.com/company/pmo-outsource/

    Partner Resources. PMO Outsource Ltd.’s approach is rooted within a robust and comprehensive PPM framework that is focused on driving strategic outcomes and business success.

    For a full overview of its PPM framework, see here.

    Additional PMO Outsource Ltd. Resources

    1. 5 Benefits of PPM tools and PMO process automation (blog article, PMO Outsource Ltd.)
    2. Importance of PMO (blog article, PMO Outsource Ltd.)
    3. Meet the Powerful and Reimagined PPM tool for Everyone! (video, PMO Outsource Ltd. LinkedIn page)
    4. MS Project Tips: How to add #Sprints to an existing Project? (video, PMO Outsource Ltd. LinkedIn page)
    5. MS Project Tips: How to add a milestone to your project? (video, PMO Outsource Ltd. LinkedIn page)
    6. 5 Benefits of implementing Project Online Tools (video, PMO Outsource Ltd. LinkedIn page)

    MS Gold Partner Spotlight:

    Western Principles

    Logo for Western Principles.

    Headquarters: Vancouver, British Columbia
    Years Active: 16 Years
    Website: www.westernprinciples.com

    Who are they?

    • Western Principles is a Microsoft Gold Partner and UMT 360 PPM software provider based in British Columbia with a network of consultants across Canada.
    • In the last sixteen years, it has successfully conducted over 150 PPM implementations, helping in the implementation, training, and support of Microsoft Project offerings as well as UMT360 – a software solution provider that, much like OnePlan, enhances the PPM capabilities of the Microsoft platform.

    What do they do?

    • Technology expertise. The Western Principles team helps organizations maximize the value they are getting form the Microsoft Platform. Not only does it offer expertise in all the solutions in the MS Project ecosystem, it also helps organizations optimize their use and understanding of Teams, SharePoint, the Power Platform, and more. In addition to the Microsoft platform, Western Principles is partnered with many other technology providers, including UMT360 for strategic portfolio management, the Simplex Group for project document controls, HMS for time sheets, and FluentPro for integration, back-ups, and migrations.
    • PPM Consulting Services: In addition to its technical services and solutions, Western Principles offers PPM consulting and staff augmentation services.

    Markets served

    • Canada

    Channel Differentiation

    • Western Principles scales to all the PPM needs of all industry types, public and private sector.
    • In addition, its website offers persona-specific information based on the PPM needs of engineering and construction, new product development, marketing, and more.

    What differentiates Western Principles?

    • Gold-certified UMT 360 partner. In addition to being a Microsoft Gold Partner, Western Principles is a gold-certified UMT 360 partner. UMT 360 is a strategic portfolio management tool that integrates with many other work management solutions to offer holistic line of sight into the organization’s supply-demand pain points and strategic portfolio management needs. Some of the solutions UMT 360 integrates with include Project Online and Project for the web, Azure DevOps, Jira, and many more. See here for more information on the impressive functionality in UMT360.
    • Sustainment Services. Adoption can be the bane of most PPM tool implementations. Among the many services Western Principles offers, its “sustainment services” stand out. According to Western Principles’ website, these services are addressed to those who require “continual maintenance, change, and repair activities” to keep PPM systems in “good working order” to help maximize ROI.
    • Western Principles Services: In addition to the above, below is a list of some of the services that Western Principles offers. See its website for a full list of services.
      • Process Optimization: Determine your requirements and process needs.
      • Integration: Create a single source of truth.
      • Training: Ensure your team knows how to use the systems you implement.
      • Staff Augmentation: Provide experienced project team members based upon your needs.

    "One of our principles is to begin with the end in mind. This means that we will work with you to define a roadmap to help you advance your strategic portfolio … and project management capabilities. The roadmap for each customer is different and based on where you are today, and where you need to get to." (Western Principles, “Your Strategic Portfolio Management roadmap,” Whitepaper)

    Contacting Western Principles

    www.westernprinciples.com

    610 – 700 West Pender St.
    Vancouver, BC V6C 1G8
    +1 (800) 578-4155
    Information: info@westernprinciples.com
    LinkedIn: https://www.linkedin.com/company/western-principle...

    Partner Resources. Western Principles provides a multitude of current case studies on its home page. These case studies let you know what the firm is working on this year and the type of support it provides to its clientele.

    To access these case studies, see here.

    Additional Western Principles Resources

    1. Program and Portfolio Roll ups with Microsoft Project and Power BI (video, Western Principles YouTube Channel)
    2. Dump the Spreadsheets for Microsoft Project Online (video, Western Principles YouTube Channel)
    3. Power BI for Project for the web (video, Western Principles YouTube Channel)
    4. How to do Capacity Planning and Resource Management in Microsoft Project Online [Part 1 & Part 2] (video, Western Principles YouTube Channel)
    5. Extend & Integrate Microsoft Project (whitepaper, Western Principles)
    6. Your COVID-19 Return-to-Work Plan (whitepaper, Western Principles)

    Watch Info-Tech’s Analyst-Partner Briefing Videos to lean more

    Info-Tech was able to sit down with the partners spotlighted in this step to discuss the current state of the PPM market and Microsoft’s place within it.

    • All three partners spotlighted in this step contributed to Info-Tech’s research process for this publication.
    • For two of the partners, OnePlan and PMO Outsource Ltd., Info-Tech was able to record a conversation where our analysts and the partners discuss Microsoft’s current MS Project offerings, the current state of the PPM tool market, and the services and the approaches of each respective partner.
    • A third video briefing with Western Principles has not happened yet due to logistical reasons. We are hoping we can include a video chat with our peers at Western Principles in the near future.
    Screenshot form the Analyst-Partner Briefing Videos. In addition to the content covered in this step, you can use these videos for further information about the partners to inform your next steps.

    Download Info-Tech’s Analyst-Partner Briefing Videos (OnePlan & PMO Outsource Ltd.)

    2.2.1 Create a partner outreach plan

    1-3 hours

    Input: Contents of this step, List of additional MS Gold Partners

    Output: A completed partner outreach program

    Materials: MS Project & M365 Action Plan Template

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers, CIO

    1. With an understanding of the partner ecosystem, compile a working group of PMO peers and stakeholders to produce a gameplan for engaging the MS Gold Partner ecosystem.
      • For additional partner options see Microsoft’s Partner Page.
    2. Using slide 20 in Info-Tech’s MS Project and M365 Action Plan Template, document the Partners you would want or have scheduled briefings with.
      • As you go through the briefings and research process, document the pros and cons and areas of specialized associated with each vendor for your particular work management implementation.

    Download the Microsoft Project & M365 Action Plan Template

    2.2.2 Document your PM and PPM requirements

    1-3 hours

    Input: Project Portfolio Management Maturity Assessment, Project Management Maturity Assessment

    Output: MS Project & M365 Action Plan Template

    Materials: Project Portfolio Management Maturity Assessment, Project Management Maturity Assessment, MS Project & M365 Action Plan Template

    Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers, CIO

    1. As you prepare to engage the Partner Community, you should have a sense of where your project management and project portfolio management gaps are to better communicate your tooling needs.
    2. Leverage tab 4 from both your Project Portfolio Management Assessment and Project Management Assessment from step 1.3 of this blueprint to help document and communicate your requirements. Those tabs prioritize your project and portfolio management needs by highest impact for the organization.
    3. You can use the outputs of the tab to inform your inputs on slide 23 of the MS Project & M365 Action Plan Template to present to organizational stakeholders and share with the Partners you are briefing with.

    Download the Microsoft Project & M365 Action Plan Template

    Determine the Future of Microsoft Project for Your Organization

    Phase 3: Finalize Your Implementation Approach

    Phase 1: Determine Your Tool NeedsPhase 2: Weigh Your Implementation Options

    Phase 3: Finalize Your Implementation Approach

    • Step 1.1: Survey the M365 work management landscape
    • Step 1.2: Perform a process maturity assessment to help inform your M365 starting point
    • Step 1.3: Consider the right MS Project licenses for your stakeholders
    • Step 2.1: Get familiar with extending Project for the web using Power Apps
    • Step 2.2: Assess the MS Gold Partner Community
    • Step 3.1: Prepare an action plan

    Phase Outcomes

    An action plan concerning what to do with MS Project and M365 for your PMO or project organization.

    Step 3.1

    Prepare an action plan

    Activities

    • Compile the current state results
    • Prepare an Implementation Roadmap
    • Complete your presentation deck

    This step will walk you through the following activities:

    • Assess the impact of organizational change for the project
    • Develop your vision for stakeholders
    • Compile the current state results and document the implementation approach
    • Create clarity through a RACI and proposed implementation timeline

    This step usually involves the following participants:

    • Portfolio Manager (PMO Director)
    • PMO Admin Team
    • Business Analysts
    • Project Managers

    Outcomes of Step

    • Microsoft Project and M365 Action Plan

    Assess the impact of organizational change

    Be prepared to answer: “What’s in it for me?”

    Before jumping into licensing and third-party negotiations, ensure you’ve clearly assessed the impact of change.

    Tailor the work effort involved in each step, as necessary:

    1. Assess the impact
      • Use the impact assessment questions to identify change impacts.
    2. Plan for change
      • Document the impact on each stakeholder group.
      • Anticipate their response.
      • Curate a compelling message for each stakeholder group.
      • Develop a communication plan.
    3. Act according to plan
      • Identify your executive sponsor.
      • Enable the sponsor to drive change communication.
      • Coach managers on how they can drive change at the individual level.

    Impact Assessment Questions

    • Will the change impact how our clients/customers receive, consume, or engage with our products/services?
    • Will there be a price increase?
    • Will there be a change to compensation and/or rewards?
    • Will the vision or mission of the job change?
    • Will the change span multiple locations/time zones?
    • Are multiple products/services impacted by this change?
    • Will staffing levels change?
    • Will this change increase the workload?
    • Will the tools of the job be substantially different?
    • Will a new or different set of skills be needed?
    • Will there be a change in reporting relationships?
    • Will the workflow and approvals be changed?
    • Will there be a substantial change to scheduling and logistics?

    Master Organizational Change Management Practices blueprint

    Develop your vision for stakeholders

    After careful analysis and planning, it’s time to synthesize your findings to those most impacted by the change.

    Executive Brief

    • Prepare a compelling message about the current situation.
    • Outline the considerations the working group took into account when developing the action plan.
    • Succinctly describe the recommendations proposed by the working group.

    Goals

    • Identify the goals for the project.
    • Explain the details for each goal to develop the organizational rationale for the project.
    • These goals are the building blocks for the change communication that the executive sponsor will use to build a coalition of sponsors.

    Future State Vision

    • Quantify the high-level costs and benefits of moving forward with this project.
    • Articulate the future- state maturity level for both the project and project portfolio management process.
    • Reiterate the organizational rationale and drivers for change.

    "In failed transformations, you often find plenty of plans, directives, and programs, but no vision…A useful rule of thumb: If you can’t communicate the vision to someone in five minutes or less and get a reaction that signifies both understanding and interest, you are not yet done…" (John P. Kotter, Leading Change)

    Get ready to compile the analysis completed throughout this blueprint in the subsequent activities. The outputs will come together in your Microsoft Project and M365 Action Plan.

    Use the Microsoft Project & M365 Action Plan Template to help communicate your vision

    Our boardroom-ready presentation and communication template can be customized using the outputs of this blueprint.

    • Getting stakeholders to understand why you are recommending specific work management changes and then communicating exactly what those changes are and what they will cost is key to the success of your work management implementation.
    • To that end, the slides ahead walk you through how to customize the Microsoft Project & M365 Action Plan Template.
    • Many of the current-state analysis activities you completed during phase 1 of this blueprint can be directly made use of within the template as can the decisions you made and requirements you documented during phase 2.
    • By the end of this step, you will have a boardroom-ready presentation that will help you communicate your future-state vision.
    Screenshot of Info-Tech's Microsoft Project and M365 Action Plan Template with a note to 'Update the presentation or distribution date and insert your name, role, and organization'.

    Download Info-Tech’s Microsoft Project & M365 Action Plan Template

    3.1.1 Compile current state results

    1-3 hours

    Input: Force Field Analysis Tool, Tool Audit Workbook, Project Management Maturity Assessment Tool, Project Portfolio Management Maturity Assessment Tool

    Output: Section 1: Executive Brief, Section 2: Context and Constraints

    Materials: Microsoft Project and M365 Action Plan Template

    Participants: PMO Director, PMO Admin Team, Business Analysts, Project Managers

    1. As a group, review the results of the tools introduced throughout this blueprint. Use this information along with organizational knowledge to document the business context and current state.
    2. Update the driving forces for change and risks and constraints slides using your outputs from the Force Field Analysis Tool.
    3. Update the current tool landscape, tool satisfaction, and tool audit results slides using your outputs from the Tool Audit Workbook.
    4. Update the gap analysis results slides using your outputs from the Project Management and Project Portfolio Management Maturity Assessment Tools.

    Screenshots of 'Business Context and Current State' screen from the 'Force Field Analysis Tool', the 'Tool Audit Results' screen from the 'Tool Audit Workbook', and the 'Project Portfolio Management Gap Analysis Results' screen from the 'PM and PPM Maturity Assessments Tool'.

    Download the Microsoft Project & M365 Action Plan Template

    3.2.1 Option A: Prepare a DIY roadmap

    1-3 hours; Note: This is only applicable if you have chosen the DIY route

    Input: List of key PPM decision points, List of who is accountable for PPM decisions, List of who has PPM decision-making authority

    Output: Section 3: DIY Implementation Approach

    Materials: Microsoft Project and M365 Action Plan Template

    Participants: PMO Director, PMO Admin Team, Business Analysts, Project Managers

    1. As a group, review the results of the Microsoft Project and M365 Licensing Tool. Use this information along with organizational knowledge and discussion with the working group to complete Section 3: DIY Implementation Approach.
    2. Copy and paste your results from tab 5 of the Microsoft Project and M365 Licensing Tool. Update the Implementation Approach slide to detail the rationale for selecting this option.
    3. Update the Action Plan to articulate the details for total and annual costs of the proposed licensing solution.
    4. Facilitate a discussion to determine roles and responsibilities for the implementation. Based on the size, risk, and complexity of the implementation, create a reasonable timeline.
    Screenshots from the 'Microsoft Project and M365 Action Plan Template' outlining the 'DIY Implementation Approach'.

    Download the Microsoft Project and M365 Action Plan Template

    3.2.1 Option b: Prepare a Partner roadmap

    1-3 hours; Note: This is only applicable if you have chosen the Partner route

    Input: Microsoft Project and M365 Licensing Tool, Information on Microsoft Partners

    Output: Section 4: Microsoft Partner Implementation Route

    Materials: Microsoft Project and M365 Action Plan Template

    Participants: PMO Director, PMO Admin Team, Business Analysts, Project Managers

    1. As a group, review the results of the Microsoft Project and M365 Licensing Tool. Use this information along with organizational knowledge and discussion with the working group to complete Section 4: Microsoft Partner Implementation Route.
    2. Copy and paste your results from tab 5 of the Microsoft Project and M365 Licensing Tool. Update the Implementation Approach slide to detail the rationale for selecting this option.
    3. Develop an outreach plan for the Microsoft Partners you are planning to survey. Set targets for briefing dates and assign an individual to own any back-and-forth communication. Document the pros and cons of each Partner and gauge interest in continuing to analyze the vendor as a possible solution.
    4. Facilitate a discussion to determine roles and responsibilities for the implementation. Based on the size, risk, and complexity of the implementation, create a reasonable timeline.

    Screenshots from the 'Microsoft Project and M365 Action Plan Template' outlining the 'Microsoft Partner Implementation Route'.

    Microsoft Project and M365 Action Plan Template

    3.1.2 Complete your presentation deck

    1-2 hours

    Input: Outputs from the exercises in this blueprint

    Output: Section 5: Future-State Vision and Goals

    Materials: Microsoft Project and M365 Action Plan Template

    Participants: PMO Director, PMO Admin Team, Business Analysts, Project Managers

    1. Put the finishing touches on your presentation deck by documenting your future- state vision and goals.
    2. Prepare to present to your stakeholders.
      • Understand your audience, their needs and priorities, and their degree of knowledge and experiences with technology. This informs what to include in your presentation and how to position the message and goal.
    3. Review the deck beginning to end and check for spelling, grammar, and vertical logic.
    4. Practice delivering the vision for the project through several practice sessions.

    Screenshots from the 'Microsoft Project and M365 Action Plan Template' regarding finishing touches.

    Microsoft Project and M365 Action Plan Template

    Pitch your vision to key stakeholders

    There are multiple audiences for your pitch, and each audience requires a different level of detail when addressed. Depending on the outcomes expected from each audience, a suitable approach must be chosen. The format and information presented will vary significantly from group to group.

    Audience

    Key Contents

    Outcome

    Business Executives

    • Section 1: Executive Brief
    • Section 2: Context and Constraints
    • Section 5: Future-State Vision and Goals
    • Identify executive sponsor

    IT Leadership

    • Sections 1-5 with a focus on Section 3 or 4 depending on implementation approach
    • Get buy-in on proposed project
    • Identify skills or resourcing constraints

    Business Managers

    • Section 1: Executive Brief
    • Section 2: Context and Constraints
    • Section 5: Future-State Vision and Goals
    • Get feedback on proposed plan
    • Identify any unassessed risks and organizational impacts

    Business Users

    • Section 1: Executive Brief
    • Support the organizational change management process

    Summary of Accomplishment

    Problem Solved

    Knowledge Gained
    • How you work: Work management and the various ways of working (personal and team task management, strategic project portfolio management, formal project management, and enterprise project and portfolio management).
    • Where you need to go: Project portfolio management and project management current- and target-state maturity levels.
    • What you need: Microsoft Project Plans and requisite M365 licensing.
    • The skills you need: Extending Project for the web.
    • Who you need to work with: Get to know the Microsoft Gold Partner community.
    Deliverables Completed
    • M365 Tool Guides
    • Tool Audit Workbook
    • Force Field Analysis Tool
    • Project Portfolio Management Maturity Assessment Tool
    • Project Management Maturity Assessment Tool
    • Microsoft Project & M365 Action Plan Template

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

    Contact your account representative for more information
    workshops@infotech.com
    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Photo of Barry Cousins.
    Contact your account representative for more information
    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Perform a work management tool audit

    Gain insight into the tools that drive value or fail to drive value across your work management landscape with a view to streamline the organization’s tool ecosystem.

    Prepare an action plan for your tool needs

    Prepare the right work management tool recommendations for your IT teams and/or business units and develop a boardroom-ready presentation to communicate needs and next steps.

    Research Contributors and Experts

    Neeta Manghnani
    PMO Strategist
    PMO Outsource Ltd.

    Photo of Neeta Manghnani, PMO Strategist, PMO Outsource Ltd.
    • Innovative, performance-driven executive with significant experience managing Portfolios, Programs & Projects, and technical systems for international corporations with complex requirements. A hands-on, dynamic leader with over 20 years of experience guiding and motivating cross-functional teams. Highly creative and brings a blend of business acumen and expertise in multiple IT disciplines, to maximize the corporate benefit from capital investments.
    • Successfully deploys inventive solutions to automate processes and improve the functionality, scalability and security of critical business systems and applications. Leverages PMO/PPM management and leadership skills to meet the strategic goals and business initiatives.

    Robert Strickland
    Principal Consultant & Owner
    PMO Outsource Ltd.

    Photo of Robert Strickland, Principal Consultant and Owner, PMO Outsource Ltd.
    • Successful entrepreneur, leader, and technologist for over 15 years, is passionate about helping organizations leverage the value of SharePoint, O365, Project Online, Teams and the Power Platform. Expertise in implementing portals, workflows and collaboration experiences that create business value. Strategic manager with years of successful experience building businesses, developing custom solutions, delivering projects, and managing budgets. Strong transformational leader on large implementations with a technical pedigree.
    • A digital transformation leader helping clients move to the cloud, collaborate, automate their business processes and eliminate paper forms, spreadsheets and other manual practices.

    Related Info-Tech Research

    • Develop a Project Portfolio Management Strategy
      Time is money; spend it wisely.
    • Establish Realistic IT Resource Management Practices
      Holistically balance IT supply and demand to avoid overallocation.
    • Tailor Project Management Processes to Fit Your Projects
      Spend less time managing processes and more time delivering results

    Bibliography

    “13 Reasons not to use Microsoft Project.” Celoxis, 14 Sept. 2018. Accessed 17 Sept. 2021.

    Advisicon. “Project Online vs Project for the Web.” YouTube, 13 Nov. 2013. Accessed 17 Sept. 2021.

    Branscombe, Mary. “Is Project Online ready to replace Microsoft Project?” TechRepublic, 23 Jan. 2020. Accessed 17 Sept. 2021.

    Chemistruck, Dan. “The Complete Office 365 and Microsoft 365 Licensing Comparison.” Infused Innovations, 4 April 2019. Accessed 17 Sept. 2021.

    “Compare Project management solutions and costs.” Microsoft. Accessed 17 Sept. 2021.

    Day to Day Dynamics 365. “Microsoft Project for the web - Model-driven app.” YouTube, 29 Oct. 2019. Accessed 17 Sept. 2021.

    “Deploying Project for the web.” Microsoft, 24 Aug. 2021. Accessed 17 Sept. 2021.

    “Differentiate your business by attaining Microsoft competencies.” Microsoft, 26 Jan. 2021. Accessed 17 Sept. 2021.

    “Extend & Integrate Microsoft Project.” Western Principles. Accessed 17 Sept. 2021.

    “Get Started with Project Power App.” Microsoft. Accessed 17 Sept. 2021.

    Hosking, Ben. “Why low code software development is eating the world.” DevGenius, May 2021. Accessed 17 Sept. 2021.

    “How in the World is MS Project Still a Leading PM Software?” CBT Nuggets, 12 Nov. 2018. Accessed 17 Sept. 2021.

    Integent. “Project for the Web - Create a Program Entity and a model-driven app then expose in Microsoft Teams.” YouTube, 25 Mar. 2020. Accessed 17 Sept. 2021.

    “Introducing the Project Accelerator.” Microsoft, 10 Mar. 2021. Accessed 17 Sept. 2021.

    “Join the Microsoft Partner Network.” Microsoft. Accessed 17 Sept. 2021.

    Kaneko, Judy. “How Productivity Tools Can Lead to a Loss of Productivity.” Bluescape, 2 Mar. 2018 Accessed 17 Sept. 2021.

    Kotter, John. Leading Change. Harvard Business School Press, 1996.

    Leis, Merily. “What is Work Management.” Scoro. Accessed 17 Sept. 2021.

    Liu, Shanhong. “Number of Office 365 company users worldwide as of June 2021, by leading country.” Statistica, 2021. Web.

    Manghnani, Neeta. “5 Benefits of PPM tools and PMO process automation.” PMO Outsource Ltd., 11 Apr. 2021. Accessed 17 Sept. 2021.

    “Microsoft 365 and Office 365 plan options.” Microsoft, 31 Aug. 2021. Accessed 17 Sept. 2021.

    “Microsoft 365 for enterprise.” Microsoft. Accessed 17 Sept. 2021

    “Microsoft Office 365 Usage Statistics.” Thexyz blog, 18 Sept. 2020. Accessed 17 Sept. 2021.

    “Microsoft Power Apps, Microsoft Power Automate and Microsoft Power Virtual Agents Licensing Guide.” Microsoft, June 2021. Web.

    “Microsoft Project service description.” Microsoft, 31 Aug. 2021. Accessed 17 Sept. 2021.

    “Microsoft Project Statistics.” Integent Blog, 12 Dec. 2013. Accessed 17 Sept. 2021.

    Nanji, Aadil . Modernize Your Microsoft Licensing for the Cloud Era. Info-Tech Research Group, 12 Mar. 2020. Accessed 17 Sept. 2021.

    “Number of Office 365 company users worldwide as of June 2021, by leading country.” Statista, 8 June 2021. Accessed 17 Sept. 2021.

    “Overcoming disruption in a digital world.” Asana. Accessed 17 Sept. 2021.

    Pajunen, Antti. “Customizing and extending Project for the web.” Day to Day Dynamics 365, 20 Jan. 2020. Accessed 17 Sept. 2021.

    “Partner Center Documentation.” Microsoft. Accessed 17 Sept. 2021.

    Pragmatic Works. “Building First Power Apps Model Driven Application.” YouTube, 21 June 2019. Accessed 17 Sept. 2021.

    “Project architecture overview.” Microsoft, 27 Mar. 2020. Accessed 17 Sept. 2021.

    “Project for the web Accelerator.” GitHub. Accessed 17 Sept. 2021.

    “Project for the web admin help.” Microsoft, 28 Oct. 2019. Accessed 17 Sept. 2021.

    “Project for the Web – The New Microsoft Project.” TPG. Accessed 17 Sept. 2021.

    “Project for the Web Security Roles.” Microsoft, 1 July 2021. Accessed 17 Sept. 2021.

    “Project Online: Project For The Web vs Microsoft Project vs Planner vs Project Online.” PM Connection, 30 Nov. 2020. Accessed 17 Sept. 2021.

    Redmond, Tony. “Office 365 Insights from Microsoft’s FY21 Q2 Results.” Office 365 for IT Pros, 28 Jan. 2021. Accessed 17 Sept. 2021.

    Reimagine Project Management with Microsoft. “Advanced deployment for Project for the web.” YouTube, 4 Aug. 2021. Accessed 17 Sept. 2021.

    Reimagine Project Management with Microsoft. “Overview of Microsoft Project.” YouTube, 29 July 2021. Accessed 17 Sept. 2021.

    “See which partner offer is right for you.” Microsoft. Accessed 17 Sept. 2021.

    Shalomova, Anna. “Microsoft Project for Web 2019 vs. Project Online: What’s Best for Enterprise Project Management?” FluentPro, 23 July 2020. Accessed 17 Sept. 2021.

    Speed, Richard. “One Project to rule them all: Microsoft plots end to Project Online while nervous Server looks on.” The Register, 28 Sept. 2018. Accessed 17 Sept. 2021.

    Spataro, Jared. “A new vision for modern work management with Microsoft Project.” Microsoft, 25 Sept. 2018. Accessed 17 Sept. 2021.

    Stickel, Robert. “OnePlan Recognized as Winner of 2021 Microsoft Project & Portfolio Management Partner of the Year.” OnePlan, 8 July 2021. Accessed 17 Sept. 2021.

    Stickel, Robert. “The Future of Project Online.” OnePlan, 2 Mar. 2021. Accessed 17 Sept. 2021.

    Stickel, Robert. “What It Means to be Adaptive.” OnePlan, 24 May 2021. Accessed 17 Sept. 2021.

    “The Future of Microsoft Project Online.” OnePlan. Accessed 17 Sept. 2021.

    Weller, Joe. “Demystifying Microsoft Project Licensing.” Smartsheet, 10 Mar. 2016. Accessed 17 Sept. 2021.

    Western Principles Inc. “Dump the Spreadsheets for Microsoft Project Online.” YouTube, 2 July 2020. Accessed 17 Sept. 2021.

    Western Principles Inc. “Project Online or Project for the web? Which project management system should you use?” YouTube, 11 Aug. 2020. Accessed 17 Sept. 2021.

    “What is Power Query?” Microsoft, 22 July 2021. Web.

    Wicresoft. “The Power of the New Microsoft Project and Microsoft 365.” YouTube, 29 May 2020. Accessed 17 Sept. 2021.

    Wicresoft. “Why the Microsoft Power Platform is the Future of PPM.” YouTube, 11 June 2020. Accessed 17 Sept. 2021.

    Implement Hardware Asset Management

    • Buy Link or Shortcode: {j2store}312|cart{/j2store}
    • member rating overall impact (scale of 10): 9.4/10 Overall Impact
    • member rating average dollars saved: $29,447 Average $ Saved
    • member rating average days saved: 25 Average Days Saved
    • Parent Category Name: Asset Management
    • Parent Category Link: /asset-management
    • Executives are often aware of the benefits asset management offers, but many organizations lack a defined program to manage their hardware.
    • Efforts to implement hardware asset management (HAM) are stalled because organizations feel overwhelmed navigating the process or under use the data, failing to deliver value.

    Our Advice

    Critical Insight

    • Organizations often implement an asset management program as a one-off project and let it stagnate.
    • Organizations often fail to dedicate adequate resources to the HAM process, leading to unfinished processes and inconsistent standards.
    • Hardware asset management programs yield a large amount of useful data. Unfortunately, this data is often underutilized. Departments within IT become data siloes, preventing effective use of the data.

    Impact and Result

    • As the IT environment continues to change, it is important to establish consistency in the standards around IT asset management.
    • A current state assessment of your HAM program will shed light on the steps needed to safeguard your processes.
    • Define the assets that will need to be managed to inform the scope of the ITAM program before defining processes.
    • Build and involve an ITAM team in the process from the beginning to help embed the change.
    • Define standard policies, processes, and procedures for each stage of the hardware asset lifecycle, from procurement through to disposal.

    Implement Hardware Asset Management Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should Implement Hardware Asset Management, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Lay foundations

    Build the foundations for the program to succeed.

    • Implement Hardware Asset Management – Phase 1: Lay Foundations
    • HAM Standard Operating Procedures
    • HAM Maturity Assessment Tool
    • IT Asset Manager
    • IT Asset Administrator

    2. Procure & receive

    Define processes for requesting, procuring, receiving, and deploying hardware.

    • Implement Hardware Asset Management – Phase 2: Procure and Receive
    • HAM Process Workflows (Visio)
    • HAM Process Workflows (PDF)
    • Non-Standard Hardware Request Form
    • Purchasing Policy

    3. Maintain & dispose

    Define processes and policies for managing, securing, and maintaining assets then disposing or redeploying them.

    • Implement Hardware Asset Management – Phase 3: Maintain and Dispose
    • Asset Security Policy
    • Hardware Asset Disposition Policy

    4. Plan implementation

    Plan the hardware budget, then build a communication plan and roadmap to implement the project.

    • Implement Hardware Asset Management – Phase 4: Plan Implementation 
    • HAM Budgeting Tool
    • HAM Communication Plan
    • HAM Implementation Roadmap
    [infographic]

    Workshop: Implement Hardware Asset Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Lay Foundations

    The Purpose

    Build the foundations for the program to succeed.

    Key Benefits Achieved

    Evaluation of current challenges and maturity level

    Defined scope for HAM program

    Defined roles and responsibilities

    Identified metrics and reporting requirements

    Activities

    1.1 Outline hardware asset management challenges.

    1.2 Conduct HAM maturity assessment.

    1.3 Classify hardware assets to define scope of the program.

    1.4 Define responsibilities.

    1.5 Use a RACI chart to determine roles.

    1.6 Identify HAM metrics and reporting requirements.

    Outputs

    HAM Maturity Assessment

    Classified hardware assets

    Job description templates

    RACI Chart

    2 Procure & Receive

    The Purpose

    Define processes for requesting, procuring, receiving, and deploying hardware.

    Key Benefits Achieved

    Defined standard and non-standard requests for hardware

    Documented procurement, receiving, and deployment processes

    Standardized asset tagging method

    Activities

    2.1 Identify IT asset procurement challenges.

    2.2 Define standard hardware requests.

    2.3 Document standard hardware request procedure.

    2.4 Build a non-standard hardware request form.

    2.5 Make lease vs. buy decisions for hardware assets.

    2.6 Document procurement workflow.

    2.7 Select appropriate asset tagging method.

    2.8 Design workflow for receiving and inventorying equipment.

    2.9 Document the deployment workflow(s).

    Outputs

    Non-standard hardware request form

    Procurement workflow

    Receiving and tagging workflow

    Deployment workflow

    3 Maintain & Dispose

    The Purpose

    Define processes and policies for managing, securing, and maintaining assets then disposing or redeploying them.

    Key Benefits Achieved

    Policies and processes for hardware maintenance and asset security

    Documented workflows for hardware disposal and recovery/redeployment

    Activities

    3.1 Build a MAC policy, request form, and workflow.

    3.2 Design process and policies for hardware maintenance, warranty, and support documentation handling.

    3.3 Revise or create an asset security policy.

    3.4 Identify challenges with IT asset recovery and disposal and design hardware asset recovery and disposal workflows.

    Outputs

    User move workflow

    Asset security policy

    Asset disposition policy, recovery and disposal workflows

    4 Plan Implementation

    The Purpose

    Select tools, plan the hardware budget, then build a communication plan and roadmap to implement the project.

    Key Benefits Achieved

    Shortlist of ITAM tools

    Hardware asset budget plan

    Communication plan and HAM implementation roadmap

    Activities

    4.1 Generate a shortlist of ITAM tools that will meet requirements.

    4.2 Use Info-Tech’s HAM Budgeting Tool to plan your hardware asset budget.

    4.3 Build HAM policies.

    4.4 Develop a communication plan.

    4.5 Develop a HAM implementation roadmap.

    Outputs

    HAM budget

    Additional HAM policies

    HAM communication plan

    HAM roadmap tool

    Further reading

    Implement Hardware Asset Management

    Build IT services value on the foundation of a proactive asset management program.

    ANALYST PERSPECTIVE

    IT asset data impacts the entire organization. It’s time to harness that potential.

    "Asset management is like exercise: everyone is aware of the benefits, but many struggle to get started because the process seems daunting. Others fail to recognize the integrative potential that asset management offers once an effective program has been implemented.

    A proper hardware asset management (HAM) program will allow your organization to cut spending, eliminate wasteful hardware, and improve your organizational security. More data will lead to better business decision-making across the organization.

    As your program matures and your data gathering and utility improves, other areas of your organization will experience similar improvements. The true value of asset management comes from improved IT services built upon the foundation of a proactive asset management program." - Sandi Conrad, Practice Lead, Infrastructure & Operations Info-Tech Research Group

    Our understanding of the problem

    This Research Is Designed For:

    • Asset Managers and Service Delivery Managers tasked with developing an asset management program who need a quick start.
    • CIOs and CFOs who want to reduce or improve budgeting of hardware lifecycle costs.
    • Information Security Officers who need to mitigate the risk of sensitive data loss due to insecure assets.

    This Research Will Help You:

    • Develop a hardware asset management (HAM) standard operating procedure (SOP) that documents:
      • Process roles and responsibilities.
      • Data classification scheme.
      • Procurement standards, processes, and workflows for hardware assets.
      • Hardware deployment policies, processes, and workflows.
      • Processes and workflows for hardware asset security and disposal.
    • Identify requirements for an IT asset management (ITAM) solution to help generate a shortlist.
    • Develop a hardware asset management implementation roadmap.
    • Draft a communication plan for the initiative.

    Executive summary

    Situation

    • Executives are aware of the numerous benefits asset management offers, but many organizations lack a defined ITAM program and especially a HAM program.
    • Efforts to implement HAM are stalled because organizations cannot establish and maintain defined processes and policies.

    Complication

    • Organizations often implement an asset management program as a one- off project and let it stagnate, but asset management needs to be a dynamic, continually involving process to succeed.
    • Organizations often fail to dedicate adequate resources to the HAM process, leading to unfinished processes and inconsistent standards.
    • Hardware asset management programs yield a large amount of useful data. Unfortunately, this data is often underused. Departments within IT become data siloes, preventing effective use of the data.

    Resolution

    • As the IT environment continues to change, it is important to establish consistency in the standards around IT asset management.
    • A current state assessment of your HAM program will shed light on the steps needed to safeguard your processes.
    • Define the assets that will need to be managed to inform the scope of the ITAM program before defining processes.
    • Build and involve an ITAM team in the process from the beginning to help embed the change.
    • Define standard policies, processes, and procedures for each stage of the hardware asset lifecycle, from procurement through to disposal.
    • Pace yourself; a staged implementation will make your ITAM program a success.

    Info-Tech Insight

    1. HAM is more than just tracking inventory. A mature asset management program provides data for proactive planning and decision making to reduce operating costs and mitigate risk.
    2. ITAM is not just IT. IT leaders need to collaborate with Finance, Procurement, Security, and other business units to make informed decisions and create value across the enterprise.
    3. Treat HAM like a process, not a project. HAM is a dynamic process that must react and adapt to the needs of the business.

    Implement HAM to reduce and manage costs, gain efficiencies, and ensure regulatory compliance

    Save & Manage Money

    • Companies with effective HAM practices achieve cost savings through redeployment, reduction of lost or stolen equipment, power management, and on-time lease returns.
    • The right HAM system will enable more accurate planning and budgeting by business units.

    Improve Contract Management

    • Real-time asset tracking to vendor terms and conditions allows for more effective negotiation.

    Inform Technology Refresh

    • HAM provides accurate information on hardware capacity and compatibility to inform upgrade and capacity planning

    Gain Service Efficiencies

    • Integrating the hardware lifecycle with the service desk will enable efficiencies through Install/Moves/Adds/Changes (IMAC) processes, for larger organizations.

    Meet Regulatory Requirements

    • You can’t secure organizational assets if you don’t know where they are! Meet governance and privacy laws by knowing asset location and that data is secure.

    Prevent Risk

    • Ensure data is properly destroyed through disposal processes, track lost and stolen hardware, and monitor hardware to quickly identify and isolate vulnerabilities.

    HAM is more than just inventory; 92% of organizations say that it helps them provide better customer support

    Hardware asset management (HAM) provides a framework for managing equipment throughout its entire lifecycle. HAM is more than just keeping an inventory; it focuses on knowing where the product is, what costs are associated with it, and how to ensure auditable disposition according to best options and local environmental laws.

    Implementing a HAM practice enables integration of data and enhancement of many other IT services such as financial reporting, service management, green IT, and data and asset security.

    Cost savings and efficiency gains will vary based on the organization’s starting state and what measures are implemented, but most organizations who implement HAM benefit from it. As organizations increase in size, they will find the greatest gains operationally by becoming more efficient at handling assets and identifying costs associated with them.

    A 2015 survey by HDI of 342 technical support professionals found that 92% say that HAM has helped their teams provide better support to customers on hardware-related issues. Seventy-seven percent have improved customer satisfaction through managing hardware assets. (HDI, 2015)

    HAM delivers cost savings beyond only the procurementstage

    HAM cost savings aren’t necessarily realized through the procurement process or reduced purchase price of assets, but rather through the cost of managing the assets.

    HAM delivers cost savings in several ways:

    • Use a discovery tool to identify assets that may be retired, redeployed, or reused to cut or reallocate their costs.
    • Enforce power management policies to reduce energy consumption as well as costs associated with wasted energy.
    • Enforce policies to lock down unauthorized devices and ensure that confidential information isn’t lost (and you don’t have to waste money recovering lost data).
    • Know the location of all your assets and which are connected to the network to ensure patches are up to date and avoid costly security risks and unplanned downtime.
    • Scan assets to identify and remediate vulnerabilities that can cause expensive security attacks.
    • Improve vendor and contract management to identify areas of hardware savings.

    The ROI for HAM is significant and measurable

    Benefit Calculation Sample Annual Savings

    Reduced help desk support

    • The length of support calls should be reduced by making it easier for technicians to identify PC configuration.
    # of hardware-related support tickets per year * cost per ticket * % reduction in average call length 2,000 * $40 * 20% = $16,000

    Greater inventory efficiency

    • An ITAM solution can automate and accelerate inventory preparation and tasks.
    Hours required to complete inventory * staff required * hourly pay rate for staff * number of times a year inventory required 8 hours * 5 staff * $33 per hour * 2 times a year = $2,640

    Improved employee productivity

    • Organizations can monitor and detect unapproved programs that result in lost productivity.
    # of employees * percentage of employees who encounter productivity loss through unauthorized software * number of hours per year spent using unauthorized software * average hourly pay rate 500 employees * 10% * 156 hours * $18 = $140,400

    Improved security

    • Improved asset tracking and stronger policy enforcement will reduce lost and stolen devices and data.
    # of devices lost or stolen last year * average replacement value of device + # of devices stolen * value of data lost from device (50 * $1,000) + (50 * $5,000) = $300,000
    Total Savings: $459,040
    1. Weigh the return against the annual cost of investing in an ITAM solution to calculate the ROI.
    2. Don’t forget about the intangible benefits that are more difficult to quantify but still significant, such as increased visibility into hardware, more accurate IT planning and budgeting, improved service delivery, and streamlined operations.

    Avoid these common barriers to ITAM success

    Organizations that struggle to implement ITAM successfully usually fall victim to these barriers:

    Organizational resistance to change

    Senior-level sponsorship, engagement, and communication is necessary to achieve the desired outcomes of ITAM; without it, ITAM implementations stall and fail or lack the necessary resources to deliver the value.

    Lack of dedicated resources

    ITAM often becomes an added responsibility for resources who already have other full-time responsibilities, which can quickly cause the program to lose focus. Increase the chance of success through dedicated resources.

    Focus on tool over process

    Many organizations buy a tool thinking it will do most of the work for them, but without supporting processes to define ITAM, the data within the tool can become unreliable.

    Choosing a tool or process that doesn’t scale

    Some organizations are able to track assets through manual discovery, but as their network and user base grows, this quickly becomes impossible. Choose a tool and build processes that will support the organization as it grows.

    Using data only to respond to an audit without understanding root causes

    Often, organizations implement ITAM only to the extent necessary to achieve compliance for audits, but without investigating the underlying causes of non-compliance and thus not solving the real problems.

    To help you make quick progress, Info-Tech Research Group parses hardware asset management into essential processes

    Focus on hardware asset lifecycle management essentials:

    IT Asset Procurement:

    • Define procurement standards for new hardware along with related warranties and support options.
    • Develop processes and workflows for purchasing and work out financial implications to inform budgeting later.

    IT Asset Intake and Deployment:

    • Define policies, processes, and workflows for hardware and receiving, inventory, and tracking practices.
    • Develop processes and workflows for managing imaging, change and moves, and large-scale rollouts.

    IT Asset Security and Maintenance:

    • Develop processes, policies, and workflows for asset tracking and security.
    • Maintain contracts and agreements.

    IT Asset Disposal or Recovery:

    • Manage the employee termination and equipment recovery cycle.
    • Securely wipe and dispose of assets that have reached retirement stage.

    The image is a circular graphic, with Implement HAM written in the middle. Around the centre circle are four phrases: Recover or Dispose; Plan & Procure; Receive & Deploy; Secure & Maintain. Around that circle are six words: Retire; Plan; Request; Procure; Receive; Manage.

    Follow Info-Tech’s methodology to build a plan to implement hardware asset management

    Phase 1: Assess & Plan Phase 2: Procure & Receive Phase 3: Maintain & Dispose Phase 4: Plan Budget & Build Roadmap
    1.1 Assess current state & plan scope 2.1 Request & procure 3.1 Manage & maintain 4.1 Plan budget
    1.2 Build team & define metrics 2.2 Receive & deploy 3.2 Redeploy or dispose 4.2 Communicate & build roadmap
    Deliverables
    Standard Operating Procedure (SOP)
    HAM Maturity Assessment Procurement workflow User move workflow HAM Budgeting Tool
    Classified hardware assets Non-standard hardware request form Asset security policy HAM Communication Plan
    RACI Chart Receiving & tagging workflow Asset disposition policy HAM Roadmap Tool
    Job Descriptions Deployment workflow Asset recovery & disposal workflows Additional HAM policies

    Asset management is a key piece of Info-Tech's COBIT- inspired IT Management and Governance Framework

    The image shows a graphic which is a large grid, showing Info-Tech's research, sorted into categories.

    Cisco IT reduced costs by upwards of $50 million through implementing ITAM

    CASE STUDY

    Industry IT

    Source Cisco Systems, Inc.

    Cisco Systems, Inc.

    Cisco Systems, Inc. is the largest networking company in the world. Headquartered in San Jose, California, the company employees over 70,000 people.

    Asset Management

    As is typical with technology companies, Cisco boasted a proactive work environment that encouraged individualism amongst employees. Unfortunately, this high degree of freedom combined with the rapid mobilization of PCs and other devices created numerous headaches for asset tracking. At its peak, spending on hardware alone exceeded $100 million per year.

    Results

    Through a comprehensive ITAM implementation, the new asset management program at Cisco has been a resounding success. While employees did have to adjust to new rules, the process as a whole has been streamlined and user-satisfaction levels have risen. Centralized purchasing and a smaller number of hardware platforms have allowed Cisco to cut its hardware spend in half, according to Mark Edmondson, manager of IT services expenses for Cisco Finance.

    This case study continues in phase 1

    The image shows four bars, from bottom to top: 1. Asset Gathering; 2. Asset Distribution; 3. Asset Protection; 4. Asset Data. On the right, there is an arrow pointing upwards labelled ITAM Program Maturity.

    Info-Tech delivers: Use our tools and templates to accelerate your project to completion

    HAM Standard Operating Procedures (SOP)

    HAM Maturity Assessment

    Non-Standard Hardware Request Form

    HAM Visio Process Workflows

    HAM Policy Templates

    HAM Budgeting Tool

    HAM Communication Plan

    HAM Implementation Roadmap Tool

    Measured value for Guided Implementations (GIs)

    Engaging in GIs doesn’t just offer valuable project advice, it also results in significant cost savings.

    GI Measured Value
    Phase 1: Lay Foundations
    • Time, value, and resources saved by using Info-Tech’s tools and templates to assess current state and maturity, plan scope of HAM program, and define roles and metrics.
    • For example, 2 FTEs * 14 days * $80,000/year = $8,615
    Phase 2: Procure & Receive
    • Time, value, and resources saved by using Info-Tech’s tools and templates to build processes for hardware request, procurement, receiving, and deployment.
    • For example, 2 FTEs * 14 days * $80,000/year = $8,615
    Phase 3: Maintain & Dispose
    • Time, value, and resources saved by following Info-Tech’s tools and methodology to build processes and policies for managing and maintaining hardware and disposing or redeploying of equipment.
    • For example, 2 FTE * 14 days * $80,000/year = $8,615
    Phase 4: Plan Implementation
    • Time, value, and resources saved by following Info-Tech’s tools and methodology to select tools, plan the hardware budget, and build a roadmap.
    • For example, 2 FTE * 14 days * $80,000/year = $8,615
    Total savings $25,845

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation overview

    1. Lay Foundations 2. Procure & Receive 3. Maintain & Dispose 4. Budget & Implementation
    Best-Practice Toolkit

    1.1 Assess current state & plan scope

    1.2 Build team & define metrics

    2.1 Request & procure

    2.2 Receive & deploy

    3.1 Manage & maintain

    3.2 Redeploy or dispose

    4.1 Plan budget

    4.2 Communicate & build roadmap

    Guided Implementation
    • Assess current state.
    • Define scope of HAM program.
    • Define roles and metrics.
    • Define standard and non-standard hardware.
    • Build procurement process.
    • Determine asset tagging method and build equipment receiving and deployment processing.
    • Define processes for managing and maintaining equipment.
    • Define policies for maintaining asset security.
    • Build process for redeploying or disposing of assets.
    • Discuss best practices for effectively managing a hardware budget.
    • Build communications plan and roadmap.
    Results & Outcomes
    • Evaluation of current maturity level of HAM
    • Defined scope for the HAM program including list of hardware to track as assets
    • Defined roles and responsibilities
    • Defined and documented KPIs and metrics to meet HAM reporting requirements
    • Defined standard and non- standard requests and processes
    • Defined and documented procurement workflow and purchasing policy
    • Asset tagging method and process
    • Documented equipment receiving and deployment processes
    • MAC policies and workflows
    • Policies and processes for hardware maintenance and asset security
    • Documented workflows for hardware disposal and recovery/redeployment
    • Shortlist of ITAM tools
    • Hardware asset budget plan
    • Communication plan and HAM implementation roadmap

    Workshop overview

    Contact your account representative or email Workshops@InfoTech.comfor more information.

    Phases: Teams, Scope & Hardware Procurement Hardware Procurement and Receiving Hardware Maintenance & Disposal Budgets, Roadmap & Communications
    Duration* 1 day 1 day 1 day 1 day
    * Activities across phases may overlap to ensure a timely completion of the engagement
    Projected Activities
    • Outline hardware asset management goals
    • Review HAM maturity and anticipated milestones
    • Define scope and classify hardware assets
    • Define roles and responsibilities
    • Define metrics and reporting requirements
    • Define standard and non-standard hardware requests
    • Review and document procurement workflow
    • Discuss appropriate asset tagging method
    • Design and document workflow for receiving and inventorying equipment
    • Review/create policy for hardware procurement and receiving
    • Identify data sources and methodology for inventory and data collection
    • Define install/moves/adds/changes (MAC) policy
    • Build workflows to document user MAC processes and design request form
    • Design process and policies for hardware maintenance, warranty, and support documentation handling
    • Design hardware asset recovery and disposal workflows
    • Define budgeting process and review Info-Tech’s HAM Budgeting Tool
    • Develop a communication plan
    • Develop a HAM implementation plan
    Projected Deliverables
    • Standard operating procedures for hardware
    • Visio diagrams for all workflows
    • Workshop summary with milestones and task list
    • Budget template
    • Policy draft

    Phase 1

    Lay Foundations

    Implement Hardware Asset Management

    A centralized procurement process helped cut Cisco’s hardware spend in half

    CASE STUDY

    Industry IT

    Source Cisco Systems, Inc.

    Challenge

    Cisco Systems’ hardware spend was out of control. Peaking at $100 million per year, the technology giant needed to standardize procurement processes in its highly individualized work environment.

    Users had a variety of demands related to hardware and network availability. As a result, data was spread out amongst multiple databases and was managed by different teams.

    Solution

    The IT team at Cisco set out to solve their hardware-spend problem using a phased project approach.

    The first major step was to identify and use the data available within various departments and databases. The heavily siloed nature of these databases was a major roadblock for the asset management program.

    This information had to be centralized, then consolidated and correlated into a meaningful format.

    Results

    The centralized tracking system allowed a single point of contact (POC) for the entire lifecycle of a PC. This also created a centralized source of information about all the PC assets at the company.

    This reduced the number of PCs that were unaccounted for, reducing the chance that Cisco IT would overspend based on its hardware needs.

    There were still a few limitations to address following the first step in the project, which will be described in more detail further on in this blueprint.

    This case study continues in phase 2

    Step 1.1: Assess current state and plan scope

    Phase 1: Assess & Plan

    1.1 Assess current state & plan scope

    1.2 Build team & define metrics

    This step will walk you through the following activities:

    1.1.1 Complete MGD (optional)

    1.1.2 Outline hardware asset management challenges

    1.1.3 Conduct HAM maturity assessment

    1.1.4 Classify hardware assets to define scope of the program

    This step involves the following participants:

    • CIO/CFO
    • IT Director
    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Security (optional)
    • Operations (optional)

    Step Outcomes

    • Understand key challenges related to hardware asset management within your organization to inform program development.
    • Evaluate current maturity level of hardware asset management components and overall program to determine starting point.
    • Define scope for the ITAM program including list of hardware to track as assets.

    Complete the Management & Governance Diagnostic (MGD) to weigh the effectiveness of ITAM against other services

    1.1.1 Optional Diagnostic

    The MGD helps you get the data you need to confirm the importance of improving the effectiveness of your asset management program.

    The MGD allows you to understand the landscape of all IT processes, including asset management. Evaluate all team members’ perceptions of each process’ importance and effectiveness.

    Use the results to understand the urgency to change asset management and its relevant impact on the organization.

    Establish process owners and hold team members accountable for process improvement initiatives to ensure successful implementation and realize the benefits from more effective processes.

    To book a diagnostic, or get a copy of our questions to inform your own survey, visit Info-Tech’s Benchmarking Tools, contact your account manager, or call toll-free 1-888-670-8889 (US) or 1-844-618-3192 (CAN).

    Sketch out challenges related to hardware asset management to shape the direction of the project

    Common HAM Challenges

    Processes and Policies:

    • Existing asset management practices are labor intensive and time consuming
    • Manual spreadsheets are used, making collaboration and automation difficult
    • Lack of HAM policies and standard operating procedures
    • Asset management data is not centralized
    • Lack of clarity on roles and responsibilities for ITAM functions
    • End users don’t understand the value of asset management

    Tracking:

    • Assets move across multiple locations and are difficult to track
    • Hardware asset data comes from multiple sources, creating fragmented datasets
    • No location data is available for hardware
    • No data on ownership of assets

    Security and Risk:

    • No insight into which assets contain sensitive data
    • There is no information on risks by asset type
    • Rogue systems need to be identified as part of risk management best practices
    • No data exists for assets that contain critical/sensitive data

    Procurement:

    • No centralized procurement department
    • Multiple quotes from vendors are not currently part of the procurement process
    • A lack of formal process can create issues surrounding employee onboarding such as long lead times
    • Not all procurement standards are currently defined
    • Rogue purchases create financial risk

    Receiving:

    • No formal process exists, resulting in no assigned receiving location and no assigned receiving role
    • No automatic asset tracking system exists

    Disposal:

    • No insight into where disposed assets go
    • Formal refresh and disposal system is needed

    Contracts:

    • No central repository exists for contracts
    • No insight into contract lifecycle, hindering negotiation effectiveness and pricing optimization

    Outline hardware asset management challenges

    1.1.1 Brainstorm HAM challenges

    Participants

    • CIO/CFO
    • IT Director
    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Security
    • Operations (optional)

    A. As a group, outline the hardware asset management challenges facing the organization.

    Use the previous slide to help you get started. You can use the following headings as a guide or think of your own:

    • Processes and Policies
    • Tracking
    • Procurement
    • Receiving
    • Security and Risk
    • Disposal
    • Contracts

    B. If you get stuck, use the Hardware Asset Management Maturity Assessment Tool to get a quick view of your challenges and maturity targets and kick-start the conversation.

    To be effective with hardware asset management, understand the drivers and potential impact to the organization

    Drivers of effective HAM Results of effective HAM
    Contracts and vendor licensing programs are complex and challenging to administer without data related to assets and their environment. Improved access to accurate data on contracts, licensing, warranties, installed hardware and software for new contracts, renewals, and audit requests.
    Increased need to meet compliance requires a formal approach to tracking and managing assets, regardless of device type. Encryption, hardware tracking and discovery, software application controls, and change notifications all contribute to better asset controls and data security.
    Cost cutting is on the agenda, and management is looking to reduce overall IT spend in the organization in any possible way. Reduction of hardware spend by as much as 5% of the total budget through data for better forecasting and planning.
    Assets with sensitive data are not properly secured, go missing, or are not safely disposed of when retired. Document and enforce security policies for end users and IT staff to ensure sensitive data is properly secured, preventing costs much larger than the cost of only the device.

    Each level of HAM maturity comes with its own unique challenges

    Maturity People & Policies Processes Technology
    Chaos
    • No dedicated staff
    • No policies published
    • Procedures not documented or standardized
    • Hardware not safely secured or tagged
    • Hardware purchasing decisions not based on data
    • Minimal tracking tools in place
    Reactive
    • Semi-focused HAM manager
    • No policies published
    • Reliance on suppliers to provide reports for hardware purchases
    • Hardware standards are enforced
    • Discovery tools and spreadsheets used to manage hardware
    Controlled
    • Full-time HAM manager
    • End-user policies published
    • HAM manager involved in budgeting and planning sessions
    • Inventory tracking is in place
    • Hardware is secured and tagged
    • Discovery and inventory tools used to manage hardware
    • Compliance reports run as needed
    Proactive
    • Extended HAM team, including Help Desk, HR, Purchasing
    • Corporate hardware use policies in place and enforced
    • HAM process integrated with help desk and HR processes
    • More complex reporting and integrated financial information and contracts with asset data
    • Hardware requests are automated where possible
    • Product usage reports and alerts in place to harvest and reuse licenses
    • Compliance and usage reports used to negotiate software contracts
    Optimized
    • HAM manager trained and certified
    • Working with HR, Legal, Finance, and IT to enforce policies
    • Quarterly meetings with ITAM team to review policies, procedures, upcoming contracts, and rollouts; data is reviewed before any financial decisions made
    • Full transparency into hardware lifecycle
    • Aligned with business objectives
    • Detailed savings reports provided to executive team annually
    • Automated policy enforcement and process workflows

    Conduct a hardware maturity assessment to understand your starting point and challenges

    1.1.3 Complete HAM Maturity Assessment Tool

    Complete the Hardware Asset Management Maturity Assessment Tool to understand your organization’s overall maturity level in HAM, as well as the starting maturity level aligned with each step of the blueprint, in order to identify areas of strength and weakness to plan the project. Use this to track progress on the project.

    An effective asset management project has four essential components, with varying levels of management required

    The hardware present in your organization can be classified into four categories of ascending strategic complexity: commodity, inventory, asset, and configuration.

    Commodity items are devices that are low-cost, low-risk items, where tracking is difficult and of low value.

    Inventory is tracked primarily to identify location and original expense, which may be depreciated by Finance. Typically there will not be data on these devices and they’ll be replaced as they lose functionality.

    Assets will need the full lifecycle managed. They are identified by cost and risk. Often there is data on these devices and they are typically replaced proactively before they become unstable.

    Configuration items will generally be tracked in a configuration management database (CMDB) for the purpose of enabling the support teams to make decisions involving dependencies, configurations, and impact analysis. Some data will be duplicated between systems, but should be synchronized to improve accuracy between systems.

    See Harness Configuration Management Superpowers to learn more about building a CMDB.

    Classify your hardware assets to determine the scope and strategy of the program

    Asset: A unique device or configuration of devices that enables a user to perform productive work tasks and has a defined location and ownership attributes.

    • Hardware asset management involves tracking and managing physical components from procurement through to retirement. It provides the base for software asset management and is an important process that can lead to improved lifecycle management, service request fulfillment, security, and cost savings through harvesting and redeployment.
    • When choosing your strategy, focus on those devices that are high cost and high risk/function such as desktops, laptops, servers, and mobile devices.

    ASSET - Items of high importance and may contain data, such as PCs, mobile devices, and servers.

    INVENTORY - Items that require significant financial investment but no tracking beyond its existence, such as a projector.

    COMMODITY - Items that are often in use but are of relatively low cost, such as keyboards or mice.

    Classify your hardware assets to define the scope of the program

    1.1.4 Define the assets to be tracked within your organization

    Participants

    • Participants
    • CIO/CFO
    • IT Director
    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Security (optional)
    • Operations (optional)

    Document

    Document in the Standard Operating Procedures, Section 1 – Overview & Scope

    1. Determine value/risk threshold at which items should be tracked (e.g. over $1,000 and holding data).
    2. Divide a whiteboard or flip chart into three columns: commodity, asset, and inventory.
    3. Divide participants into groups by functional role to brainstorm devices in use within the organization. Write them down on sticky notes.
    4. Place the sticky notes in the column that best describes the role of the product in your organization.

    Align the scope of the program with business requirements

    CASE STUDY

    Industry Public Administration

    Source Client Case Study

    Situation

    A state government designed a process to track hardware worth more than $1,000. Initially, most assets consisted of end-user computing devices.

    The manual tracking process, which relied on a series of Excel documents, worked well enough to track the lifecycle of desktop and laptop assets.

    However, two changes upended the organization’s program: the cost of end-user computing devices dropped dramatically and the demand for network services led to the proliferation of expensive equipment all over the state.

    Complication

    The existing program was no longer robust enough to meet business requirements. Networking equipment was not only more expensive than end-user computing devices, but also more critical to IT services.

    What was needed was a streamlined process for procuring high-cost, high-utility equipment, tracking their location, and managing their lifecycle costs without compromising services.

    Resolution

    The organization decided to formalize, document, and automate hardware asset management processes to meet the new challenges and focus efforts on high-cost, high-utility end-user computing devices only.

    Step 1.2: Build team and define metrics

    Phase 1: Assess & Plan

    1.1 Assess current state & plan scope

    1.2 Build team and define metrics

    This step will walk you through the following activities:

    1.2.1 Define responsibilities for Asset Manager and Asset Administrator

    1.2.2 Use a RACI chart to determine roles within HAM team

    1.2.3 Further clarify HAM responsibilities for each role

    1.2.4 Identify HAM reporting requirements

    This step involves the following participants:

    • CIO/CFO
    • IT Director
    • IT Managers
    • Asset Manager
    • Asset Coordinators
    • ITAM Team
    • Service Desk
    • End-User Device Support Team

    Step Outcomes:

    • Defined responsibilities for Asset Manager and Asset Administrator
    • Documented RACI chart assigning responsibility and accountability for core HAM processes
    • Documented responsibilities for ITAM/HAM team
    • Defined and documented KPIs and metrics to meet HAM reporting requirements

    Form an asset management team to lead the project

    Asset management is an organizational change. To gain buy-in for the new processes and workflows that will be put in place, a dedicated, passionate team needs to jump-start the project.

    Delegate the following roles to team members and grow your team accordingly.

    Asset Manager

    • Responsible for setting policy and governance of process and data accuracy
    • Support budget process
    • Support asset tracking processes in the field
    • Train employees in asset tracking processes

    Asset Administrator

    • The front-lines of asset management
    • Communicates with and supports asset process implementation teams
    • Updates and contributes information to asset databases
    Service Desk, IT Operations, Applications
    • Responsible for advising asset team of changes to the IT environment, which may impact pricing or ability to locate devices
    • Works with Asset Coordinator/Manager to set standards for lifecycle stages
    • The ITAM team should visit and consult with each component of the business as well as IT.
    • Engage with leaders in each department to determine what their pain points are.
    • The needs of each department are different and their responses will assist the ITAM team when designing goals for asset management.
    • Consultations within each department also communicates the change early, which will help with the transition to the new ITAM program.

    Info-Tech Insight

    Ensure that there is diversity within the ITAM team. Assets for many organizations are diverse and the composition of your team should reflect that. Have multiple departments and experience levels represented to ensure a balanced view of the current situation.

    Define the responsibilities for core ITAM/HAM roles of Asset Manager and Asset Administrator

    1.2.1 Use Info-Tech’s job description templates to define roles

    The role of the IT Asset Manager is to oversee the daily and long-term strategic management of software and technology- related hardware within the organization. This includes:

    • Planning, monitoring, and recording software licenses and/or hardware assets to ensure compliance with vendor contracts.
    • Forming procurement strategies to optimize technology spend across the organization.
    • Developing and implementing procedures for tracking company assets to oversee quality control throughout their lifecycles.

    The role of the IT Asset Administrator is to actively manage hardware and software assets within the organization. This includes:

    • Updating and maintaining accurate asset records.
    • Planning, monitoring, and recording software licenses and/or hardware assets to ensure compliance with vendor contracts.
    • Administrative duties within procurement and inventory management.
    • Maintaining records and databases regarding warranties, service agreements, and lifecycle management.
    • Product standardization and tracking.

    Use Info-Tech’s job description templates to assist in defining the responsibilities for these roles.

    Organize your HAM team based on where they fit within the strategic, tactical, and operational components

    Typically the asset manager will answer to either the CFO or CIO. Occasionally they answer to a vendor manager executive. The hierarchy may vary based on experience and how strategic a role the asset manager will play.

    The image shows a flowchart for organizing the HAM team, structured by three components: Strategic (at the top); Tactical (in the middle); and Operational (at the bottom). The chart shows how the job roles flow together within the hierarchy.

    Determine the roles and responsibilities of the team who will support your HAM program

    1.2.2 Complete a RACI

    A RACI chart will identify who should be responsible, accountable, consulted, and informed for each key activity during the consolidation.

    Participants

    • Project Sponsor
    • IT Director, CIO
    • Project Manager
    • IT Managers and Asset Manager(s)
    • ITAM Team

    Document

    Document in the Standard Operating Procedure.

    Instructions:

    1. Write out the list of all stakeholders along the top of a whiteboard. Write out the key initiative steps for the consolidation project along the left side (use this list as a starting point).
    2. For each initiative, identify each team member’s role. Are they:
      • Responsible? The one responsible for getting the job done.
      • Accountable? Only one person can be accountable for each task.
      • Consulted? Involved through input of knowledge and information.
      • Informed? Receive information about process execution and quality.
    3. As you proceed through the initiative, continue to add tasks and assign responsibility to this RACI chart.

    A sample RACI chart is provided on the next slide

    Start with a RACI chart to determine the responsibilities

    1.2.2 Complete a RACI chart for your organization

    HAM Tasks CIO CFO HAM Manager HAM Administrator Service Desk (T1,T2, T3) IT Operations Security Procurement HR Business Unit Leaders Compliance /Legal Project Manager
    Policies and governance A I R I I C I C C I I
    Strategy A R R R R
    Data entry and quality management C I A I C C I I C C
    Risk management and asset security A R C C R C C
    Process compliance auditing A R I I I I I
    Awareness, education, and training I A I I C
    Printer contracts C A C C C R C C
    Hardware contract management A I R R I I R R I I
    Workflow review and revisions I A C C C C
    Budgeting A R C I C
    Asset acquisition A R C C C C I C C
    Asset receiving (inspection/acceptance) I A R R I
    Asset deployment A R R I I
    Asset recovery/harvesting A R R I I
    Asset disposal C A R R I I
    Asset inventory (input/validate/maintain) I I A/R R R R I I I

    Further clarify HAM responsibilities for each role

    1.2.3 Define roles and responsibilities for the HAM team

    Participants

    • Participants IT Asset Managers and Coordinators
    • ITAM Team
    • IT Managers and IT Director

    Document

    1. Discuss and finalize positions to be established within the ITAM/HAM office as well as additional roles that will be involved in HAM.
    2. Review the sample responsibilities below and revise or create responsibilities for each key position within the HAM team.
    3. Document in the HAM Standard Operating Procedures.
    Role Responsibility
    IT Manager
    • Responsible for writing policies regarding asset management and approving final documents
    • Build and revise budget, tracking actual spend vs. budget, seeking final approvals from the business
    • Process definition, communication, reporting and ensuring people are following process
    • Awareness campaign for new policy and process
    Asset Managers
    • Approval of purchases up to $10,000
    • Inventory and contract management including contract review and recommendations based on business and IT requirements
    • Liaison between business and IT regarding software and hardware
    • Monitor and improve workflows and asset related processes
    • Monitor controls, audit and recommend policies and procedures as needed
    • Validate, manage and analyze data as related to asset management
    • Provide reports as needed for decision making and reporting on risk, process effectiveness and other purposes as required
    • Asset acquisition and disposal
    Service Desk
    Desktop team
    Security
    Infrastructure teams

    Determine criteria for success: establish metrics to quantify and demonstrate the results and value of the HAM function

    HAM metrics fall in the following categories:

    HAM Metrics

    • Quantity e.g. inventory levels and need
    • Cost e.g. value of assets, budget for hardware
    • Compliance e.g. contracts, policies
    • Quality e.g. accuracy of data
    • Duration e.g. time to procure or deploy hardware

    Follow a process for establishing metrics:

    1. Identify and obtain consensus on the organization’s ITAM objectives, prioritized if possible.
    2. For each ITAM objective, select two or three metrics in the applicable categories (not all categories will apply to all objectives); be sure to select metrics that are achievable with reasonable effort.
    3. Establish a baseline measurement for each metric.
    4. Establish a method and accountability for ongoing measurement and analysis/reporting.
    5. Establish accountability for taking action on reported results.
    6. As ITAM expands and matures, change or expand the metrics as appropriate.

    Define KPIs and associated metrics

    • Identify the critical success factors (CSFs) for your hardware asset management program based on strategic goals.
    • For each success factor, identify the key performance indicators (KPIs) to measure success and specific metrics that will be tracked and reported on.
    • Sample metrics are below:
    CSF KPI Metrics
    Improve accuracy of IT budget and forecasting
    • Asset costs and value
    • Average cost of workstation
    • Total asset spending
    • Total value of assets
    • Budget vs. spend
    Identify discrepancies in IT environment
    • Unauthorized or failing assets
    • Number of unauthorized assets
    • Assets identified as cause of service failure
    Avoid over purchasing equipment
    • Number of unused and underused computers
    • Number of unaccounted-for computers
    • Money saved from harvesting equipment instead of purchasing new
    Make more-effective purchasing decisions
    • Predicted replacement time and cost of assets
    • Deprecation rate of assets
    • Average cost of maintaining an asset
    • Number of workstations in repair
    Improve accuracy of data
    • Accuracy of asset data
    • Accuracy rate of inventory data
    • Percentage improvement in accuracy of audit of assets
    Improved service delivery
    • Time to deploy new hardware
    • Mean time to purchase new hardware
    • Mean time to deploy new hardware

    Identify hardware asset reporting requirements and the data you need to collect to meet them

    1.2.4 Identify asset reporting requirements

    Participants

    • CIO/CFO
    • IT Director
    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Operations (optional)

    Document

    Document in the Standard Operating Procedures, Section 13: Reporting

    1. Discuss the goals and objectives of implementing or improving hardware asset management, based on challenges identified in Step 1.2.
    2. From the goals, identify the critical success factors for the HAM program
    3. For each CSF, identify one to three key performance indicators to evaluate achievement of the success factor.
    4. For each KPI, identify one to three metrics that can be tracked and reported on to measure success. Ensure that the metrics are tangible and measurable and will be useful for decision making or to take action.
    5. Determine who needs this information and the frequency of reporting.
    6. If you have existing ITAM data, record the baseline metric.
    CSF KPI Metrics Stakeholder/frequency

    Phase 1 Guided Implementation

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Lay Foundations

    Proposed Time to Completion: 4 weeks

    Step 1.1: Assess current state and plan scope

    Start with an analyst kick-off call:

    • Review challenges.
    • Assess current HAM maturity level.
    • Define scope of HAM program.

    Then complete these activities…

    • Complete MGD (optional).
    • Outline hardware asset management challenges.
    • Conduct HAM maturity assessment.
    • Classify hardware assets to define scope of the program.

    With these tools & templates:

    HAM Maturity Assessment

    Standard Operating Procedures

    Step 1.2: Build team and define metrics

    Review findings with analyst:

    • Define roles and responsibilities.
    • Assess reporting requirements.
    • Document metrics to track.

    Then complete these activities…

    • Define responsibilities for Asset Manager and Asset Administrator.
    • Use a RACI chart to determine roles within HAM team.
    • Document responsibilities for HAM roles.
    • Identify HAM reporting requirements.

    With these tools & templates:

    RACI Chart

    Asset Manager and Asset Administrator Job Descriptions

    Standard Operating Procedures

    Phase 1 Results & Insights:

    For asset management to succeed, it needs to support the business. Engage business leaders to determine needs and build your HAM program around these goals.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.1.4 Classify hardware assets to define scope of the program

    Determine value/risk threshold at which assets should be tracked, then divide a whiteboard into four quadrants representing four categories of assets. Participants write assets down on sticky notes and place them in the appropriate quadrant to classify assets.

    1.2.2 Build a RACI chart to determine responsibilities

    Identify all roles within the organization that will play a part in hardware asset management, then document all core HAM processes and tasks. For each task, assign each role to be responsible, accountable, consulted, or informed.

    Phase 2

    Procure and Receive

    Implement Hardware Asset Management

    Step 2.1: Request and Procure Hardware

    Phase 2: Procure & Receive

    2.1 Request & Procure

    2.2 Receive & Deploy

    This step will walk you through the following activities:

    2.1.1 Identify IT asset procurement challenges

    2.1.2 Define standard hardware requests

    2.1.3 Document standard hardware request procedure

    2.1.4 Build a non-standard hardware request form

    2.1.5 Make lease vs. buy decisions for hardware assets

    2.1.6 Document procurement workflow

    2.1.7 Build a purchasing policy

    This step involves the following participants:

    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Operations (optional)
    • CFO or other management representative from Finance

    Step Outcomes:

    • Definition of standard hardware requests for roles, including core vs. optional assets
    • End-user request process for standard hardware
    • Non-standard hardware request form
    • Lease vs. buy decisions for major hardware assets
    • Defined and documented procurement workflow
    • Documented purchasing policy

    California saved $40 million per year using a green procurement strategy

    CASE STUDY

    Industry Government

    Source Itassetmanagement.net

    Challenge

    Signed July 27, 2004, Executive order S-20-04, the “Green Building Initiative,” placed strict regulations on energy consumption, greenhouse gas emissions, and raw material usage and waste.

    In compliance with S-20-04, the State of California needed to adopt a new procurement strategy. Its IT department was one of the worst offenders given the intensive energy usage by the variety of assets managed under the IT umbrella.

    Solution

    A green IT initiative was enacted, which involved an extensive hardware refresh based on a combination of agent-less discovery data and market data (device age, expiry dates, power consumption, etc.).

    A hardware refresh of almost a quarter-million PCs, 9,500 servers, and 100 email systems was rolled out as a result.

    Other changes, including improved software license compliance and data center consolidation, were also enacted.

    Results

    Because of the scale of this hardware refresh, the small changes meant big savings.

    A reduction in power consumption equated to savings of over $40 million per year in electricity costs. Additionally, annual carbon emissions were trimmed by 200,000 tons.

    Improve your hardware asset procurement process to…

    Asset Procurement

    • Standardization
    • Aligned procurement processes
    • SLAs
    • TCO reduction
    • Use of centralized/ single POC

    Standardize processes: Using standard products throughout the enterprise lowers support costs by reducing the variety of parts that must be stocked for onsite repairs or for provisioning and supporting equipment.

    Align procurement processes: Procurement processes must be aligned with customers’ business requirements, which can have unique needs.

    Define SLAs: Providing accurate and timely performance metrics for all service activities allows infrastructure management based on fact rather than supposition.

    Reduce TCO: Management recognizes service infrastructure activities as actual cost drivers.

    Implement a single POC: A consolidated service desk is used where the contact understands both standards (products, processes, and practices) and the user’s business and technical environment.

    Identify procurement challenges to identify process improvement needs

    2.1.1 Identify IT asset procurement challenges

    Participants

    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Operations (optional)
    1. As a group, brainstorm existing challenges related to IT hardware requests and procurement.
    2. If you get stuck, consider the common challenges listed below.
    3. Use the results of the discussion to focus on which problems can be resolved and integrated into your organization as operational standards.

    Document hardware standards to speed time to procure and improve communications to users regarding options

    The first step in your procurement workflow will be to determine what is in scope for a standard request, and how non-standard requests will be handled. Questions that should be answered by this procedure include:

    • What constitutes a non-standard request?
    • Who is responsible for evaluating each type of request? Will there be one individual or will each division in IT elect a representative to handle requests specific to their scope of work?
    • What additional security measures need to be taken?
    • Are there exceptions made for specific departments or high-ranking individuals?

    If your end-user device strategy requires an overhaul, schedule time with an Info-Tech analyst to review our blueprint Build an End-User Computing Strategy.

    Once you’ve answered questions like these, you can outline your hardware standards as in the example below:

    Use Case Mobile Standard Mac Standard Mobile Power User
    Asset Lenovo ThinkPad T570 iMac Pro Lenovo ThinkPad P71
    Operating system Windows 10 Pro Mac OSX Windows 10 Pro, 64 bit
    Display 15.6" 21.5" 17.3”

    Memory

    32GB 8GB 64GB
    Processor Intel i7 – 7600U Processor 2.3GHz Xeon E3 v6 Processor
    Drive 500GB 1TB 1TB
    Warranty 3 year 1 year + 2 extended 3 year

    Info-Tech Insight

    Approach hardware standards from a continual improvement frame of mind. Asset management is a dynamic process. Hardware standards will need to adapt over time to match the needs of the business. Plan assessments at routine intervals to ensure your current hardware standards align with business needs.

    Document specifications to meet environmental, security, and manageability requirements

    Determine environmental requirements and constraints.

    Power management

    Compare equipment for power consumption and ability to remotely power down machines when not in use.

    Heat and noise

    Test equipment run to see how hot the device gets, where the heat is expelled, and how much noise is generated. This may be particularly important for users who are working in close quarters.

    Carbon footprint

    Ask what the manufacturer is doing to reduce post-consumer waste and eliminate hazardous materials and chemicals from their products.

    Ensure security requirements can be met.

    • Determine if network/wireless cards meet security requirements and if USB ports can be turned off to prevent removal of data.
    • Understand the level of security needed for mobile devices including encryption, remote shut down or wipe of hard drives, recovery software, or GPS tracking.
    • Decide if fingerprint scanners with password managers would be appropriate to enable tighter security and reduce the forgotten-password support calls.

    Review features available to enhance manageability.

    • Discuss manageability goals with your IT team to see if any can be solved with added features, for example:
      • Remote control for troubleshooting and remote management of data security settings.
      • Asset management software or tags for bar coding, radio frequency identification (RFID), or GPS, which could be used in combination with strong asset management practices to inventory, track, and manage equipment.

    If choosing refurbished equipment, avoid headaches by asking the right questions and choosing the right vendor

    • Is the equipment functional and for how long is it expected to last?
    • How long will the vendor stand behind the product and what support can be expected?
      • This is typically two to five years, but will vary from vendor to vendor.
      • Will they repair or replace machines? Many will just replace the machine.
    • How big is the inventory supply?
      • What kind of inventory does the vendor keep and for how long can you expect the vendor to keep it?
      • How does the vendor source the equipment and do they have large quantities of the same make and model for easier imaging and support?
    • How complete is the refurbishment process?
      • Do they test all components, replace as appropriate, and securely wipe or replace hard drives?
      • Are they authorized to reload MS Windows OEM?
    • Is the product Open Box or used?
      • Open Box is a new product returned back to the vendor. Even if it is not used, the product cannot be resold as a new product. Open Box comes with a manufacturer’s warranty and the latest operating system.
      • If used, how old is the product?

    "If you are looking for a product for two or three years, you can get it for less than half the price of new. I bought refurbished equipment for my call center for years and never had a problem". – Glen Collins, President, Applied Sales Group

    Info-Tech Insight

    Price differences are minimal between large and small vendors when dealing with refurbished machines. The decision to purchase should be based on ability to provide and service equipment.

    Define standard hardware requests, including core and optional assets

    2.1.2 Identify standards for hardware procurement by role

    Participants

    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Operations (optional)
    • Representatives from all other areas of the business

    Document

    Document in the Standard Operating Procedures, Section 7: Procurement.

    1. Divide a whiteboard into columns representing all major areas of the business.
    2. List the approximate number of end users present at each tier and record these totals on the board.
    3. Distribute sticky notes. Use two different sizes: large sizes represent critically important hardware and small sizes represent optional hardware.
    4. Define core hardware assets for each division as well as optional hardware assets.
    5. Focus on the small sticky notes to determine if these optional purchases are necessary.
    6. Finalize the group decision to determine the standard hardware procurement for each role in the organization. Record results in a table similar to the example below:
    Department Core Hardware Assets Optional Hardware Assets
    IT PC, tablet, monitor Second monitor
    Sales PC, monitor Laptop
    HR PC, monitor Laptop
    Marketing PC (iMac) Tablet, laptop

    Document procedures for users to make standard hardware requests

    2.1.3 Document standard hardware request procedure

    Participants

    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Operations (optional)
    • Representatives from all other areas of the business

    Document

    Document in the Standard Operating Procedures, Section 6: End-User Request Process.

    Discuss and document the end-user request process:

    1. In which cases can users request a primary device?
    2. In which cases can users request a secondary (optional device)?
    3. What justification is needed to approve of a secondary device?
      1. E.g. The request for a secondary device should be via email to the IS Projects and Procurements Officer. This email should outline the business case for why multiple devices are required.
    4. Will a service catalog be available and integrated with an ITAM solution for users to make standard requests? If so, can users also configure their options?
    5. Document the process in the standard operating procedure. Example:

    End-User Request Process

    • Hardware and software will be purchased through the user-facing catalog.
    • Peripherals will be ordered as needed.
    • End-user devices will be routed to business managers for approval prior to fulfillment by IT.
    • Requests for secondary devices must be accompanied by a business case.
    • Equipment replacements due to age will be managed through IT replacement processes.

    Improve the process for ordering non-standard hardware by formalizing the request process, including business needs

    2.1.4 Build a non-standard hardware request form

    • Although the goal should be to standardize as much as possible, this isn’t always possible. Ensure users who are requesting non-standard hardware have a streamlined process to follow that satisfies the justifications for increased costs to deliver.
    • Use Info-Tech’s template to build a non-standard hardware request form that may be used by departments/users requesting non-standard hardware in order to collect all necessary information for the request to be evaluated, approved, and sent to procurement.
    • Ensure that the requestor provides detailed information around the equipment requested and the reason standard equipment does not suffice and includes all required approvals.
    • Include instructions for completing and submitting the form as well as expected turnaround time for the approval process.

    Info-Tech Insight

    Include non-standard requests in continual improvement assessment. If a large portion of requests are for non-standard equipment, it’s possible the hardware doesn’t meet the recommended requirements for specialized software in use with many of your business users. Determine if new standards need to be set for all users or just “power users.”

    Identify the information you need to collect to ensure a smooth purchasing process

    Categories Peripherals Desktops/Laptops Servers
    Financial
    • Operational expenses
    • Ordered for inventory with the exceptions of monitors that will be ordered as needed
    • Equipment will be purchased through IT budget
    • Capital expenses
    • Ordered as needed…
    • Inventory kept for…
    • End-user devices will be purchased through departmental budgets
    • Capital expenses
    • Ordered as needed to meet capacity or stability requirements
    • Devices will be purchased through IT budgets
    Request authorization
    • Any user can request
    • Users who are traveling can purchase and expense peripherals as needed, with manager approvals
    • Tier 3 technicians
    Required approvals
    • Manager approvals required for monitors
    • Infrastructure and applications manager up to [$]
    • CIO over [$]
    Warranty requirements
    • None
    • Three years
    • Will be approved with project plan
    Inventory requirements
    • Minimum inventory at each location of 5 of each: mice, keyboards, cables
    • Docking stations will be ordered as needed
    • Laptops (standard): 5
    • Laptops (ultra light): 1
    • Desktops: 5
    • Inventory kept in stock as per DR plan
    Tracking requirements
    • None
    • Added to ITAM database, CMDB
    • Asset tag to be added to all equipment
    • Added to ITAM database, CMDB

    Info-Tech Best Practice

    Take into account the possibility of encountering taxation issues based on where the equipment is being delivered as well as taxes imposed or incurred in the location from which the asset was shipped or sent. This may impact purchasing decisions and shipping instructions.

    Develop a procurement plan to get everyone in the business on the same page

    • Without an efficient and structured process around how IT purchases are budgeted and authorized, maverick spending and dark procurement can result, limiting IT’s control and visibility into purchases.
    • The challenge many IT departments face is that there is a disconnect between meeting the needs of the business and bringing in equipment according to existing policies and procedures.
    • The asset manager should demonstrate how they can bridge the gaps and improve tracking mechanisms at the same time.

    Improve procurement decisions:

    • Demonstrate how technology is a value-add.
    • Make a clear case for the budget by using the same language as the rest of the business.
    • Quantify the output of technology investments in tangible business terms to justify the cost.
    • Include the refresh cycle in the procurement plan to ensure mission- critical systems will include support and appropriate warranty.
    • Plan technology needs for the future and ensure IT technology will continue to meet changing needs.
    • Synchronize redundant organizational procurement chains in order to lower cost.

    Document the following in your procurement procedure:

    • Process for purchase requests
    • Roles and responsibilities, including requestors and approvers
    • Hardware assets to purchase and why they are needed
    • Timelines for purchase
    • Process for vendors

    Info-Tech Insight

    IT procurement teams are often heavily siloed from ITAM teams. The procurement team is typically found in the finance department. One way to bridge the gap is to implement routine, reliable reporting between departments.

    Determine if it makes sense to lease or buy your equipment; weigh the pros and cons of leasing hardware

    Pros

    • Keeps operational costs low in the short term by containing immediate cost.
    • Easy, predictable payments makes it easier to budget for equipment over long term.
    • Get the equipment you need to start doing business right away if you’re just starting out.
    • After the leasing term is up, you can continue the lease and update your hardware to the latest version.
    • Typical leases last 2 or 3 years, meaning your hardware can get upgrades when it needs it and your business is in a better position to keep up with technology.
    • Leasing directly from the vendor provides operational flexibility.
    • Focus on the business and let the vendor focus on equipment service and updates as you don’t have to pay for maintenance.
    • Costs structured as OPEX.

    Cons

    • In the long term, leasing is almost always more expensive than buying because there’s no equity in leased equipment and there may be additional fees and interest.
    • Commitment to payment through the entire lease period even if you’re not using the equipment anymore.
    • Early termination fees if you need to get out of the lease.
    • No option to sell equipment once you’re finished with it to make money back.
    • Maintenance is up to leasing company’s specifications.
    • Product availability may be limited.

    Recommended for:

    • Companies just starting out
    • Business owners with limited capital or budget
    • Organizations with equipment that needs to be upgraded relatively often

    Weigh the pros and cons of purchasing hardware

    Pros

    • Complete control over assets.
    • More flexible and straightforward procurement process.
    • Tax incentives: May be able to fully deduct the cost of some newly purchased assets or write off depreciation for computers and peripherals on taxes.
    • Preferable if your equipment will not be obsolete in the next two or three years.
    • You can resell the asset once you don’t need it anymore to recover some of the cost.
    • Customization and management of equipment is easier when not bound by terms of leasing agreement.
    • No waiting on vendor when maintenance is needed; no permission needed to make changes.

    Cons

    • High initial cost of investment with CAPEX expense model.
    • More paperwork.
    • You (as opposed to vendor) are responsible for equipment disposal in accordance with environmental regulations.
    • You are responsible for keeping up with upgrades, updates, and patches.
    • You risk ending up with out-of-date or obsolete equipment.
    • Hardware may break after terms of warranty are up.

    Recommended for:

    • Established businesses
    • Organizations needing equipment with long-term lifecycles

    Make a lease vs. buy decision for equipment purchases

    2.1.4 Decide whether to purchase or lease

    Participants

    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Operations (optional)
    • Representatives from all other areas of the business

    Document

    Document policy decisions in the Standard Operating Procedures – Section 7: Procurement

    1. Identify hardware equipment that requires a purchase vs. lease decision.
    2. Discuss with Finance whether it makes sense to purchase or lease each major asset, considering the following:
    • Costs of equipment through each method
    • Tax deductions
    • Potential resale value
    • Potential revenue from using the equipment
    • How quickly the equipment will be outdated or require refresh
    • Size of equipment
    • Maintenance and support requirements
    • Overall costs
  • The leasing vs. buying decision should take considerable thought and evaluation to make the decision that best fits your organizational needs and situation.
  • Determine appropriate warranty and service-level agreements for your organization

    Determine acceptable response time, and weigh the cost of warranty against the value of service.

    • Standard warranties vary by manufacturer, but are typically one or three years.
    • Next-day, onsite service may be part of the standard offering or may be available as an uplift.
    • Four-hour, same-day service can also be added for high availability needs.
    • Extended warranties can be purchased beyond three years, although not many organizations take advantage of this offering.
    • Other organizations lower or remove the warranty and have reported savings of as much as $150 per machine.

    Speak to your partner to see how they can help the process of distributing machines.

    • Internal components change frequently with laptops and desktops. If purchasing product over time rather than buying in bulk, ensure the model will be available for a reasonable term to reduce imaging and support challenges.
    • Determine which services are important to your organization and request these services as part of the initial quote. If sending out a formal RFQ or RFP, document required services and use as the basis for negotiating SLAs.
    • Document details of SLA, including expectations of services for manufacturer, vendor, and internal team.
    • If partner will be providing services, request they stock an appropriate number of hot spares for frequently replaced parts.
    • If self-certifying, review resource capabilities, understand skill and certification requirements; for example, A+ certification may be a pre-requisite.
    • Understand DOA policy and negotiate a “lemon policy,” meaning if product dies within 15 or 30 days it can be classified as DOA. Seek clarity on return processes.

    Consider negotiation strategies, including how and when to engage with different partners during acquisition

    Direct Model

    • Dell’s primary sales model is direct either through a sales associate or through its e-commerce site. Promotions are regularly listed on the website, or if customization is required, desktops and laptops have some flexibility in configuration. Discounts can be negotiated with a sales rep on quantity purchases, but the discount level changes based on the model and configuration.
    • Other tier-one manufacturers typically sell direct only from their e-commerce sites, providing promotions based on stock they wish to move, and providing some configuration flexibility. They rely heavily on the channel for the majority of their business.

    Channel Model

    • Most tier one manufacturers have processes in place to manage a smaller number of partners rather than billing and shipping out to individual customers. Deviating from this process and dealing direct with end customers can create order processing issues.
    • Resellers have the ability to negotiate discounts based on quantities. Discounts will vary based on model, timing (quarter or year end), and quantity commitment.
    • Negotiations on large quantities should involve a manufacturer rep as well as the reseller to clearly designate roles and services, ensure processes are in place to fulfill your needs, and agree on pricing scheme. This will prevent misunderstandings and bring clarity to any commitments.
    • Often the channel partners are authorized to provide repair services under warranty for the manufacturer.
    • Dell also uses the channel model for distribution where customers demand additional services.

    Expect discounts to reflect quantity and method of purchase

    Transaction-based purchases will receive the smallest discounting.

    • Understand requirements to find the most appropriate make and model of equipment.
    • Prepare a forecast of expected purchases for the year and discuss discounting.
    • Typically initial discounts will be 3-5% off suggested retail price.
    • Once a history is in place, and the vendor is receiving regular orders, it may extend deeper discounts.

    Bulk purchases will receive more aggressive discounting of 5-15% off suggested retail price, depending on quantities.

    • Examine shipping options and costs to take advantage of bulk deliveries; in some cases vendors may waive shipping fees as an extension of the discounting.
    • If choosing end-of-line product, ensure appropriate quantity of a single model is available to efficiently roll out equipment.
    • Various pricing models can be used to obtain best price.

    Larger quantities rolled out over time will require commitments to the manufacturer to obtain deepest discounts.

    • Discuss all required services as part of negotiation to ensure there are no surprise charges.
    • Several pricing models can be used to obtain the best price.
      • Suggested retail price minus as much as 20%.
      • Cost plus 3% up to 10% or more.
      • Fixed price based on negotiating equipment availability with budget requirements.

    If sending out to bid, determine requirements and scoring criteria

    It’s nearly impossible to find two manufacturers with the exact same specifications, so comparisons between vendors is more art than science.

    New or upgraded components will be introduced into configurations when it makes the most sense in a production cycle. This creates a challenge in comparing products, especially in an RFP. The best way to handle this is to:

    • Define and document minimum technology requirements.
    • Define and document service needs.
    • Compare vendors to see if they’ve met the criteria or not; if yes, compare prices.
    • If the vendors have included additional offerings, see if they make sense for your organization. If they do, include that in the scoring. If not, exclude and score based on price.
    • Recognize that the complexity of the purchase will dictate the complexity of scoring.

    "The hardware is the least important part of the equation. What is important is the warranty, delivery, imaging, asset tagging, and if they cannot deliver all these aspects the hardware doesn’t matter." – Doug Stevens, Assistant Manager Contract Services, Toronto District School Board

    Document and analyze the hardware procurement workflow to streamline process

    The procurement process should balance the need to negotiate appropriate pricing with the need to quickly approve and fulfill requests. The process should include steps to follow for approving, ordering, and tracking equipment until it is ready for receipt.

    Within the process, it is particularly important to decide if this is where equipment is added into the database or if it will happen upon receipt.

    A poorly designed procurement workflow:

    • Includes many bottlenecks, stopping and starting points.
    • May impact project and service requests and requires unrealistic lead times.
    • May lead to lost productivity for users and lost credibility for the IT department.

    A well-designed hardware procurement workflow:

    • Provides reasonable lead times for project managers and service or hardware request fulfillment.
    • Provides predictability for technical resources to plan deployments.
    • Reduces bureaucracy and workload for following up on missing shipments.
    • Enables improved documentation of assets to start lifecycle management.

    Info-Tech Insight

    Where the Hardware Asset Manager is unable to affect procurement processes to reduce time to deliver, consider bringing inventory onsite or having your hardware vendor keep stock, ready to ship on demand. Projects, replacements, and new-user requests cannot be delayed in a service-focused IT organization due to bureaucratic processes.

    Document and analyze your procurement workflow to identify opportunities for improvement and communicate process

    Determine if you need one workflow for all equipment or multiples for small vs. large purchases.

    Occasionally large rollouts require significant changes from lower dollar purchases.

    Watch for:

    • Back and forth communications
    • Delays in approvals
    • Inability to get ETAs from vendors
    • Too many requests for quotes for small purchases
    • Entry into asset database

    This sample can be found in the HAM Process Workflows.

    The image shows a workflow, titled Procurement-Equipment-Small Quantity. On the left, the chart is separated into categories: IT Procurment; Tier 2 or Tier 3; IT Director; CIO.

    Design the process workflow for hardware procurement

    2.1.6 Illustrate procurement workflow with a tabletop exercise

    Participants

    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Operations (optional)
    • CFO or other management representative from Finance

    Document

    Document in the Standard Operating Procedures, Section 7: Procurement

    1. In a group, distribute sticky notes or cue cards.
    2. Designate a space on the table/whiteboard to plot the workflow.
    3. Determine which individuals are responsible for handling non-standard requests. Establish any exceptions that may apply to your defined hardware standard.
    4. Gather input from Finance on what the threshold will be for hardware purchases that will require further approval.
    5. Map the procurement process for a standard hardware purchase.
    6. If applicable, map the procurement process for a non-standard request separately.
    7. Evaluate the workflow to identify any areas of inefficiency and make any changes necessary to improve the process.
    8. Be sure to discuss and include:
      • All necessary approvals
      • Time required for standard equipment process
      • Time required for non-standard equipment process
      • How information will be transferred to ITAM database

    Document and share an organizational purchasing policy

    2.1.7 Build a purchasing policy

    A purchasing policy helps to establish company standards, guidelines, and procedures for the purchase of all information technology hardware, software, and computer-related components as well as the purchase of all technical services.

    The policy will ensure that all purchasing processes are consistent and in alignment with company strategy. The purchasing policy is key to ensuring that corporate purchases are effective and the best value for money is obtained.

    Implement a purchasing policy to prevent or reduce:

    • Costly corporate conflict of interest cases.
    • Unauthorized purchases of non-standard, difficult to support equipment.
    • Unauthorized purchases resulting in non-traceable equipment.
    • Budget overruns due to decentralized, equipment acquisition.

    Download Info-Tech’s Purchasing Policytemplate to build your own purchasing policy.

    Step 2.2: Receive and Deploy Hardware

    Phase 2: Procure & Receive

    2.1 Request & Procure

    2.2 Receive & Deploy

    This step will walk you through the following activities:

    2.2.1 Select appropriate asset tagging method

    2.2.2 Design workflow for receiving and inventorying equipment

    2.2.3 Document the deployment workflow(s)

    This step involves the following participants:

    • Asset Manager
    • Purchasing
    • Receiver (optional)
    • Service Desk Manager
    • Operations (optional)

    Step Outcomes:

    • Understanding of the pros and cons of various asset tagging methods
    • Defined asset tagging method, process, and location by equipment type
    • Identified equipment acceptance, testing, and return procedures
    • Documented equipment receiving and inventorying workflow
    • Documented deployment workflows for desktop hardware and large-scale deployments

    Cisco implemented automation to improve its inventory and deployment system

    CASE STUDY

    Industry Networking

    Source Cisco IT

    Challenge

    Although Cisco Systems had implemented a centralized procurement location for all PCs used in the company, inventory tracking had yet to be addressed.

    Inventory tracking was still a manual process. Given the volume of PCs that are purchased each year, this is an incredibly labor-intensive process.

    Sharing information with management and end users also required the generation of reports – another manual task.

    Solution

    The team at Cisco recognized that automation was the key component holding back the success of the inventory management program.

    Rolling out an automated process across multiple offices and groups, both nationally and internationally, was deemed too difficult to accomplish in the short amount of time needed, so Cisco elected to outsource its PC management needs to an experienced vendor.

    Results

    As a result of the PC management vendor’s industry experience, the implementation of automated tracking and management functions drastically improved the inventory management situation at Cisco.

    The vendor helped determine an ideal leasing set life of 30 months for PCs, while also managing installations, maintenance, and returns.

    Even though automation helped improve inventory and deployment practices, Cisco still needed to address another key facet of asset management: security.

    This case study continues in phase 3.

    An effective equipment intake process is critical to ensure product is correct, documented, and secured

    Examine your current process for receiving assets. Typical problems include:

    Receiving inventory at multiple locations can lead to inconsistent processes. This can make invoice reconciliation challenging and result in untracked or lost equipment and delays in deployment.

    Equipment not received and secured quickly. Idle equipment tends to go missing if left unsupervised for too long. Missed opportunities to manage returns where equipment is incorrect or defective.

    Disconnect between procurement and receiving where ETAs are unknown or incorrect. This can create an issue where no one is prepared for equipment arrival and is especially problematic on large orders.

    How do you solve these problems? Create a standardized workflow that outlines clear steps for asset receiving.

    A workflow will help to answer questions such as:

    • How do you deal with damaged shipments? Incorrect shipments?
    • Did you reach an agreement with the vendor to replace damaged/incorrect shipments within a certain timeframe?
    • When does the product get tagged and entered into the system as received?
    • What information needs to get captured on the asset tag?

    Standardize the process for receiving your hardware assets

    The first step in effective hardware asset intake is establishing proper procedures for receiving and handling of assets.

    Process: Start with information from the procurement process to determine what steps need to follow to receive into appropriate systems and what processes will enable tagging to happen as soon as possible.

    People: Ensure anyone who may impact this process is aware of the importance of documenting before deployment. Having everyone who may be handling equipment on board is key to success.

    Security: Equipment will be secured at the loading dock or reception. It will need to be secured as inventory and be secured if delivering directly to the bench for imaging. Ensure all receiving activities are done before equipment is deployed.

    Tools: A centralized ERP system may already provide a place to receive and reconcile with purchasing and invoicing, but there may still be a need to receive directly into the ITAM and/or CMDB database rather than importing directly from the ERP system.

    Tagging: A variety of methods can be used to tag equipment to assist with inventory. Consider the overall lifecycle management when determining which tagging methods are best.

    Info-Tech Insight

    Decentralized receiving doesn’t have to mean multiple processes. Take advantage of enterprise solutions that will centralize the data and ensure everyone follows the same processes unless there is an uncompromising and compelling logistical reason to deviate.

    Evaluate the pros and cons of different asset tagging methods

    Method Cost Strengths Weaknesses Recommendation
    RFID with barcoding – asset tag with both a barcode and RFID solution $$$$
    • Secure, fast, and robust
    • Track assets in real time
    • Quick and efficient
    • Most expensive option, requiring purchase of barcode scanner with RFID reader and software)
    • Does not work as well in an environment with less control over assets
    • Requires management of asset database
    • Best in a controlled environment with mature processes and requirement for secure assets
    RFID only – small chip with significant data capacity $$$
    • Track assets from remote locations
    • RFID can be read through boxes so you don’t have to unpack equipment
    • Scan multiple RFID-tagged hardware simultaneously
    • Large data capacity on small chip
    • Expensive, requiring purchase of RFID reading equipment and software
    • Ideal if your environment is spread over multiple locations
    Barcoding only – adding tags with unique barcodes $$
    • Reasonable security
    • Report inventory directly to database
    • Relatively low cost
    • Only read one at a time
    • Need to purchase barcode scanners and software
    • Can be labor intensive to deploy with manual scanning of individual assets
    • Less secure
    • Can’t hold as much data
    • Not as secure as barcodes with RFID but works for environments that are more widely distributed and less controlled

    Evaluate the pros and cons of different asset tagging methods

    Method Cost Strengths Weaknesses Recommendation
    QR codes – two-dimensional codes that can store text, binary, image, or URL data $$
    • Easily scannable from many angles
    • Save and print on labels
    • Can be read by barcode scanning apps or mobile phones
    • Can encode more data than barcodes
    • QR codes need to be large enough to be usable, which can be difficult with smaller IT assets
    • Scanning on mobile devices takes longer than scanning barcodes
    • Ideal if you need to include additional data and information in labels and want workers to use smartphones to scan labels
    Manual tags – tag each asset with your own internal labels and naming system $
    • Most affordable
    • Manual
    • Tags are not durable
    • Labor intensive and time consuming
    • Leaves room for error, misunderstanding, and process variances between locations
    • As this is the most time consuming and resource intensive with a low payoff, it is ideal for low maturity organizations looking for a low-cost option for tagging assets
    Asset serial numbers – tag assets using their serial number $
    • Less expensive
    • Unique serial numbers identified by vendor
    • Serial numbers have to be added to database manually, which is labor intensive and leaves room for error
    • Serial numbers can rub off over time
    • Hard to track down already existing assets
    • Doesn’t help track location of assets after deployment
    • Potential for duplicates
    • Inconsistent formats of serial numbers by manufacturers makes this method prone to error and not ideal for asset management

    Select the appropriate method for tagging and tracking your hardware assets

    2.2.1 Select asset tagging method

    Participants

    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Operations (optional)

    Document

    Document in the Standard Operating Procedures, Section 8

    1. Define your asset tagging method. For most organizations, asset tracking is done via barcoding or QR codes, either by using one method or a combination of the two. Other methods, including RFID, may be applicable based on cost or tracking complexity. Overall, barcodes embedded with RFID are the most robust and efficient method for asset tagging, but also the most expensive. Choose the best method for your organization, taking into account affordability, labor-intensiveness, data complexity needs, and ease of deployment.
    2. Define the process for tagging assets, including how soon they should receive the tag, whose responsibility it is, and whether the tag type varies depending on the asset type.
    3. Define the location of asset tags according to equipment type. Example:
    Asset Type Asset Tag Location
    PC desktop Right upper front corner
    Laptop Right corner closest to user when laptop is closed
    Server Right upper front corner
    Printer Right upper front corner
    Modems Top side, right corner

    Inspect and test equipment before accepting it into inventory to ensure it’s working according to specifications

    Upon receipt of procured hardware, validate the equipment before accepting it into inventory.

    1. Receive - Upon taking possession of the equipment, stage them for inspection before placing them into inventory or deploying for immediate use.
    2. Inspect - The inspection process should involve at minimum examining the products that have been delivered to determine conformance to purchase specifications.
    3. Test -Depending on the type and cost of hardware, some assets may benefit from additional testing to determine if they perform at a satisfactory level before being accepted.
    4. Accept - If the products conform to the requirements of the purchase order, acknowledge receipt so the supplier may be paid. Most shipments are automatically considered as accepted and approved for payment within a specific timeframe.

    Assign responsibility and accountability for inspection and acceptance of equipment, verifying the following:

    • The products conform to purchase order requirements.
    • The quantity ordered is the same as the quantity delivered.
    • There is no damage to equipment.
    • Delivery documentation is acceptable.
    • Products are operable and perform according to specifications.
    • If required, document an acceptance testing process as a separate procedure.

    Build the RMA procedure into the receiving process to handle receipt of defective equipment

    The return merchandise authorization (RMA) process should be a standard part of the receiving process to handle the return of defective materials to the vendor for either repair or replacement.

    If there is a standard process in place for all returns in the organization, you can follow the same process for returning hardware equipment:

    • Call the vendor to receive a unique RMA number that will be attached to the equipment to be returned, then follow manufacturer specifications for returning equipment within allowable timelines according to the contract where applicable.
    • Establish a lemon policy with vendors, allowing for full returns up to 30 days after equipment is deployed if the product proves defective after initial acceptance.

    Info-Tech Insight

    Make sure you’re well aware of the stipulations in your contract or purchase order. Sometimes acceptance is assumed after 60 days or less, and oftentimes the clock starts as soon as the equipment is shipped out rather than when it is received.

    Info-Tech Best Practice

    Keep in mind that the serial number on the received assed may not be the asset that ultimately ends up on the user’s desk if the RMA process is initiated. Record the serial number after the RMA process or add a correction process to the workflow to ensure the asset is properly accounted for.

    Determine what equipment should be stocked for quick deployment where demand is high or speed is crucial

    The most important feature of your receiving and inventory process should be categorization. A well-designed inventory system should reflect not only the type of asset, but also the usage level.

    A common technique employed by asset managers is to categorize your assets using an ABC analysis. Assets are classified as either A, B, or C items. The ratings are based on the following criteria:

    A

    A items have the highest usage. Typically, 10-20% of total assets in your inventory account for upwards of 70-80% of the total asset requests.

    A items should be tightly controlled with secure storage areas and policies. Avoiding stock depletion is a top priority.

    B

    B items are assets that have a moderate usage level, with around 30% of total assets accounting for 15-25% of total requests.

    B items must be monitored; B items can transition to A or C items, especially during cycles of heavier business activity.

    C

    C items are assets that have the lowest usage, with upwards of 50% of your total inventory accounting for just 5% of total asset requests.

    C items are reordered the least frequently, and present a low demand and high risk for excessive inventory (especially if they have a short lifecycle). Many organizations look to move towards an on-demand policy to mitigate risk.

    Info-Tech Insight

    Get your vendor to keep stock of your assets. If large quantities of a certain asset are required but you lack the space to securely store them onsite, ask your vendor to keep stock for you and release as you issue purchase orders. This speeds up delivery and delays warranty activation until the item is shipped. This does require an adherence to equipment standards and understanding of demand to be effective.

    Define the process for receiving equipment into inventory

    Define the following in your receiving process:

    • When will equipment be opened once delivered?
    • Who will open and validate equipment upon receipt?
    • How will discrepancies be resolved?
    • When will equipment be tagged and identified in the tracking tool?
    • When will equipment be locked in secure storage?
    • Where will equipment go if it needs to be immediately deployed?

    The image shows a workflow chart titled Receiving and Tagging. The process is split into two sections, labelled on the left as: Desktop Support Team and Procurement.

    Design the workflow for receiving and inventorying equipment

    2.2.2 Illustrate receiving workflow with a tabletop exercise

    Participants

    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Operations (optional)
    • CFO or other management representative from Finance

    Document

    Document in the Standard Operating Procedures, Section 8: Receiving and Equipment Inventory

    Option 1: Whiteboard

    1. Discuss the workflow and draw it on the whiteboard.
    2. Assess whether you are using the best workflow. Modify it if necessary.
    3. Use the sample workflow from this step as a guide if starting from scratch.
    4. Engage the team in refining the process workflow.
    5. Transfer data to Visio and add to the SOP.

    Option 2: Tabletop Exercise

    1. Distribute index cards to each member of the team.
    2. Have each person write a single task they perform on the index card. Be granular. Include the title or the name of the person responsible.
    3. Mark cards that are decision points. Use a card of a different color or use a marker to make a colored dot.
    4. Arrange the index cards in order, removing duplicates.
    5. Assess whether you are using the best workflow. Engage the team to refine it if necessary.
    6. Transfer data to Visio and add to the SOP.

    Improve device deployment by documenting software personas for each role

    • Improve the deployment process for new users by having a comprehensive list of software used by common roles within the organization. With large variations in roles, it may be impossible to build a complete list, but as you start to see patterns in requirements, you may find less distinct personas than anticipated.
    • Consider a survey to business units to determine what they need if this will solve some immediate problems. If this portion of the project will be deferred, use the data uncovered in the discovery process to identify which software is used by which roles.
    • Replacement equipment can have the software footprint created by what was actually utilized by the user, not necessarily what software was installed on the previous device.

    The image shows 4 bubbles, representing software usage. The ARC-GIS bubble is the largest, Auto CAD the second largest, and MS Office and Adobe CS equal in size.

    A software usage snapshot for an urban planner/engineer.

    • Once software needs are determined, use this information to review the appropriate device for each persona.
      • Ensure hardware is appropriate for the type of work the user does and supports required software.
      • If it is more appropriate for a user to have a tablet, ensure the software they use can be used on any device.
    • Review deployment methods to determine if there is any opportunity to improve the imaging or software deployment process with better tools or methodologies.
    • Document the device’s location if it will be static, or if the user may be more mobile, add location information for their primary location.
    • Think about the best place to document – if this information can be stored in Active Directory and imported to the ITAM database, you can update once and use in multiple applications. But this process is built into your add/move/change workflows.

    Maintain a lean library to simplify image management

    Simplify, simplify, simplify. Use a minimal number of desktop images and automate as much as you can.

    • Embrace minimalism. When it comes to managing your desktop image library, your ultimate goal should be to minimize the manual effort involved in provisioning new desktops.
    • Less is more. Try to maintain as few standard desktop images as possible and consider a thin gold image, which can be patched and updated on a regular basis. A thin image with efficient application deployment will improve the provisioning process.
    • Standardize and repeat. System provisioning should be a repeatable process. This means it is ripe for standardization and automation. Look at balancing the imaging process with software provisioning, using group policy and deployment tools to reduce time to provision and deliver equipment.
    • Outsource where appropriate. Imaging is one of the most employed services, where the image is built in-house and deployed by the hardware vendor. As a minimum, quarterly updates should still be provided to integrate the latest patches into the operating system.

    Document the process workflow for hardware deployment

    Define the process for deploying hardware to users.

    Include the following in your workflow:

    • How will equipment be configured and imaged before deployment?
    • Which images will be used for specific roles?
    • Which assets are assigned to specific roles?
    • How will the device status be changed in the ITAM tool once deployed?

    The image shows a workflow chart titled Hardware Deployment. It is divided into two categories, listed on the left: Desktop Support Team and Procurement.

    Large-scale deployments should be run as projects, benefitting from economies of scale in each step

    Large-scale desktop deployments or data center upgrades will likely be managed as projects.

    These projects should include project plans, including resources, timelines, and detailed procedures.

    Define the process for large-scale deployment if it will differ from the regular deployment process.

    The image is a graphic of a flowchart titled Deployment-Equipment-Large Quantity Rollout. It is divided into three categories, listed on the left: IT Procurement; Desktop Rollout Team; Asset Manager.

    Document the deployment workflow(s)

    2.2.3 Document deployment workflows for desktop and large-scale deployment

    Participants

    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Operations (optional)
    • CFO or other management representative from Finance

    Document

    Document in the Standard Operating Procedures, Section 9: Deployment

    Document each step in the system deployment process with notecards or on a whiteboard. Identify the challenges faced by your organization and strategize potential solutions.

    1. Outline each step in the process of desktop deployment. Be as granular as possible. On each card, describe the step as well as the individual responsible for it.
    2. When you are satisfied that each step is accurately captured, use a second color of notecard to document any challenges, inefficiencies, or pains associated with each step. Consider further documenting the time on each task.
    3. Examine each challenge or pain point. Discuss whether or not there is a clear solution to the problem. If yes, document the solution and amend the workflow. If not, engage in a broader discussion of possible solutions, taking into account people, processes, and available technology.
    4. Document separately the process for large-scale deployment if required.

    Look for opportunities to improve the request and deployment process with better communication and tools

    The biggest challenge in deploying equipment is meeting expectations of the business, and without cooperation from multiple departments, this becomes significantly more difficult.

    • Work with the procurement and the services team to ensure inventory is accessible, and regularly validate that inventory levels in the ITAM database are accurate.
    • Work with the HR department to predict (where possible) anticipated new hires. Plan for inventory ebbs and flows to match the hiring timelines where there are large variations.
    • If service catalogs will be made available for communicating options and SLAs for equipment purchases, work with the service catalog administrators to automate inventory checks and notifications. Work with the end-user device managers to set standards and reduce equipment variations to a manageable amount.
    • Where deployments are part of equipment refresh, ensure data is up to date for the services team to plan the project rollouts and know which software should be redeployed with the devices.
    • Infrastructure and security teams may have specific hardware assets relating to networking, data centers, and security, which may bypass the end-user device workflows but need to be tagged and entered into inventory early in the process. Work with these teams to have their equipment follow the same receiving and inventory processes. Deployment will vary based on equipment type and location.

    Automate hardware deployment where users are dispersed and deployment volume is high

    Self-serve kiosks (vending machines) can provide cost reductions in delivery of up to 25%. Organizations that have a high distribution rate are seeing reductions in cost of peripherals averaging 30-35% and a few extreme cases of closer to 85%.

    Benefits of using vending machines:

    • Secure equipment until deployed.
    • Equipment can be either purchased by credit card or linked to employee ID cards, enabling secure transactions and reporting.
    • Access rights can be controlled in real time, preventing terminated employees from accessing equipment or managing how many devices can be deployed to each user.
    • Vending machines can be managed through a cellular or wireless network.
    • Technology partners can be tasked with monitoring and refilling vending machines.
    • Employees are able to access technology wherever a vending machine can be located rather than needing to travel to the help desk.
    • Equipment loans and new employee packages can be managed through vending machines.

    Phase 2 Guided Implementation

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Request, Procure, Receive, and Deploy

    Proposed Time to Completion: 4 weeks

    Step 2.1: Request & Procure

    Start with an analyst kick-off call:

    • Define standard and non-standard hardware.
    • Weigh the pros and cons of leasing vs. buying.
    • Build the procurement process.

    Then complete these activities…

    • Define standard hardware requests.
    • Document standard hardware request procedure.
    • Document procurement workflow.
    • Build a purchasing policy.

    With these tools & templates:

    • Standard Operating Procedures
    • Non-Standard Hardware Request Form
    • Hardware Procurement Workflow
    • Purchasing Policy

    Step 2.2: Receive & Deploy

    Review findings with analyst:

    • Determine appropriate asset tagging method.
    • Define equipment receiving process.
    • Define equipment deployment process.

    Then complete these activities…

    • Select appropriate asset tagging method.
    • Design workflow for receiving and inventorying equipment.
    • Document the deployment workflow(s).

    With these tools & templates:

    • Standard Operating Procedures
    • Equipment Receiving & Tagging Workflow
    • Deployment Workflow

    Phase 2 Insight: Bridge the gap between IT and Finance to build a smoother request and procurement process through communication and routine reporting. If you’re unable to affect procurement processes to reduce time to deliver, consider bringing inventory onsite or having your hardware vendor keep stock, ready to ship on demand.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    2.1.2 Define standard hardware requests

    Divide whiteboard into columns representing core business areas. Define core hardware assets for end users in each division along with optional hardware assets. Discuss optional assets to narrow and define standard equipment requests.

    2.2.1 Select appropriate method for tagging and tracking assets

    Discuss the various asset tagging methods and choose the tagging method that is most appropriate for your organization. Define the process for tagging assets and document the standard asset tag location according to equipment type.

    Phase 3

    Maintain and Dispose

    Implement Hardware Asset Management

    Cisco overcame organizational resistance to change to improve asset security

    CASE STUDY

    Industry Networking

    Source Cisco IT

    Challenge

    Cisco Systems had created a dynamic work environment that prized individuality. This environment created high employee satisfaction, but it also created a great deal of risk surrounding device security.

    Cisco lacked an asset security policy; there were no standards for employees to follow. This created a surplus of not only hardware, but software to support the variety of needs amongst various teams at Cisco.

    Solution

    The ITAM team at Cisco recognized that their largest problem was the lack of standardization with respect to PCs. Variance in cost, lifecycle, and software needs/compatibility were primary issues.

    Cisco introduced a PC leasing program with the help of a PC asset management vendor to correct these issues. The primary goal was to increase on-time returns of PCs. A set life of 30 months was defined by the vendor.

    Results

    Cisco engaged employees to help contribute to improving its asset management protocols, and the approach worked.

    On-time returns increased from 60% to 80%. Costs were reduced due to active tracking and disposal of any owned assets still present.

    A reduction in hardware and software platforms has cut costs and increased security thanks to improved tracking capabilities.

    This case study continues in phase 4

    Step 3.1: Manage, Maintain, and Secure Hardware Assets

    Phase 3: Maintain & Dispose

    3.1 Manage & Maintain

    3.2 Dispose or Redeploy

    This step will walk you through the following activities:

    3.1.1 Build a MAC policy and request form

    3.1.2 Build workflows to document user MAC processes

    3.1.3 Design process and policies for hardware maintenance, warranty, and support documentation handling

    3.1.4 Revise or create an asset security policy

    This step involves the following participants:

    • Asset Manager
    • Service Desk Manager
    • Operations (optional)
    • Security Department

    Step Outcomes

    • Understanding of inventory management process best practices
    • Templates for move/add/change request policy and form
    • Documented process workflows for the user move/add/change process
    • Process and policies for hardware maintenance, warranty, and support documentation handling
    • Defined policies for maintaining asset security

    Determine methods for performing inventory audits on equipment

    Auto-discovery

    • Auto-discovery tools will be crucial to the process of understanding what equipment is connected to the network and in use.
    • The core functionality of discovery tools is to scan the environment and collect configuration data from all connected assets, but most tools can also be used to collect usage data, network monitoring, and software asset management data including software distribution, compliance, and license information.
    • These tools may not connect to peripheral devices such as monitors and external drives, will not scan devices that are turned off or disconnected from the network, may not inventory remote users, and will rarely provide location information. This often results in a need to complete physical audits as well.

    Info-Tech Insight

    One of the most common mistakes we see when it comes to asset management is to assume that the discovery tool will discovery most or all of your inventory and do all the work. It is better to assume only 80-90% coverage by the discovery tool and build ownership records to uncover the unreportable assets that are not tied into the network.

    Physical audit

    • The physical audit can be greatly improved with barcode, RFID, or QR codes, allowing items to be scanned, records opened, then updated.
    • If not everything is tagged or entered into the ITAM database, then searching closets, cabinets, and desk drawers may be required to tag and enter those devices into the database.
    • Provide the inventory team with exact instructions on what needs to be collected, verified, and recorded. Depending on the experience and thoroughness of the team, spot checks early in the process may alleviate quality issues often discovered at the end of the inventory cycle.

    Determine requirements for performing inventory audits on equipment

    Conduct an annual hardware audit to ensure hardware is still assigned to the person and location identified in your ITAM system, and assess its condition.

    Perform a quarterly review of hardware stock levels in order to ensure all equipment is relevant and usable. The table below is an example of how to organize this information.

    Item Target Stock Levels Estimated $ Value
    Desktop computers
    Standard issue laptops
    Mice
    Keyboards
    Network cables
    Phones

    Info-Tech Insight

    Don’t forget about your remotely deployed assets. Think about how you plan to inventory remotely deployed equipment. Some tools will allow data collection through an agent that will talk to the server over the internet, and some will completely ignore those assets or provide a way to manually collect the data and email back to the asset manager. Mobile device management tools may also help with this inventory process. Determine what is most appropriate based on the volume of remote workers and devices.

    Build an inventory management process to maintain an accurate view of owned hardware assets

    • Your inventory should capture which assets are on hand, where they are located, and who owns them, at minimum. Maintaining an accurate, up-to-date view of owned hardware assets allows you to see at any time the actual state of the components that make up your infrastructure across the enterprise.
    • Automated inventory practices save time and effort from doing physical inventories and also reduce the interruption to business users while improving accuracy of data.
    • If you are just starting out, define the process for conducting an inventory of deployed assets, and then define the process for regular upkeep and audit of inventory data.

    Inventory Methods

    • Electronic – captures networked asset information only and can be deployed over the network with no deskside service interaction.
    • Physical – captures environmental detail and must be performed manually by a service technician with possible disruption to users.
    • Full inventory – both physical and electronic inventory of assets.

    Internal asset information to collect electronically

    • Hardware configuration
    • Installed software
    • Operating system
    • System BIOS
    • Network configuration
    • Network drive mappings
    • Printer setups
    • System variables

    External asset information that cannot be detected electronically

    • Assigned user
    • Associated assets
    • Asset/user location
    • Usage of asset
    • Asset tag number

    IMAC (Install, Move, Add, Change) services will form the bulk of asset management work while assets are deployed

    IMAC services are usually performed at a user’s deskside by a services technician and can include:

    • Installing new desktops or peripherals
    • Installing or modifying software
    • Physically moving an end user’s equipment
    • Upgrading or adding components to a desktop

    Specific activities may include:

    Changes

    • Add new user IDs
    • Manage IDs
    • Network changes
    • Run auto-discovery scan

    Moves

    • Perform new location site survey
    • Coordinate with facilities
    • Disconnect old equipment
    • Move to new location
    • Reconnect at new location
    • Test installed asset
    • Obtain customer acceptance
    • Close request

    Installs and Adds

    • Perform site survey
    • Perform final configuration
    • Coordinate with Facilities
    • Asset tagging
    • Transfer data from old desktop
    • Wipe old desktop hard drive
    • Test installed asset
    • Initiate auto-discovery scan
    • Obtain customer acceptance
    • Close request

    A strong IMAC request process will lessen the burden on IT asset managers

    • When assets are actively in use, Asset Managers must also participate in the IMAC (Install-Move-Add-Change) process and ensure that any changes to asset characteristics or locations are updated and tracked in the asset management tool and that the value and usefulness of the asset is monitored.
    • The IMAC process should not only be reactive in response to requests, but proactive to plan for moves and relocations during any organizational change events.

    Recommendations:

    Automate. Wherever possible, use tools to automate the IMAC process.

    E-forms, help desk, ticketing, or change management software can automate the request workflow by allowing the requestor to submit a request ticket that can then be automatically assigned to a designated team member according to the established chain of command. As work is completed, the ticket can be updated, and the requestor will be able to check the status of the work at any time.

    Communicate the length of any downtime associated with execution of the IMAC request to lessen the frustration and impatience among users.

    Involve HR. When it comes to adding or removing user accounts, HR can be a valuable resource. As most new employees should be hired through HR, work with them to improve the onboarding process with enough advanced notice to set up accounts and equipment. Role changes with access rights and software modifications can benefit from improved communications. Review the termination process as well, to secure data and equipment.

    Build a MAC request policy and form for end users

    A consistent Move, Add, Change (MAC) request process is essential for lessening the burden on the IT department. MAC requests are used to address any number of tasks, including:

    • Relocation of PCs and/or peripherals.
    • New account setup.
    • Hardware or software upgrades.
    • Equipment swaps or replacements.
    • User account/access changes.
    • Document generation.
    • User acceptance testing.
    • Vendor coordination.

    Create a request form.

    If you are not using help desk or other ticketing software, create a request template that must be submitted for each MAC. The request should include:

    • The name and department of the requester.
    • The date of the request.
    • Severity of the request. For example, severity can be graded on a score of high, medium, or low where high represents a mission-critical change that could compromise business continuity if not addressed immediately, and low represents a more cosmetic change that will not negatively affect operations. The severity of the request can be determined by the service-level agreement (SLA) associated with the service.
    • Date the request must be completed by. Or at least, what would be the ideal date for completion. This will vary greatly depending on the severity of the request. For example, deleting the access of a terminated employee would be very time sensitive.
    • Item or service to be moved, added, or changed. Include location, serial number, or other designated identifier where possible.
    • If the item or service is to be moved, indicated where it is being moved.
    • It is a good idea to include a comments section where the requester can add any additional questions or details.

    Use Info-Tech’s templates to build your MAC policy and request form

    3.1.1 Build a MAC policy and request form

    Desktop Move/Add/Change Policy

    This desktop move/add/change policy should be put in place to mitigate the risk associated with unauthorized changes, minimize disruption to the business, IT department, and end users, and maintain consistent expectations.

    Move, Add, Change Request Form

    Help end users navigate the move/add/change process. Use the Move/Add/Change Request Form to increase efficiency and organization for MAC requests.

    Document the process for user equipment moves

    Include the following in your process documentation:

    • How and when will any changes to user or location information be made in the ITAM tool?
    • Will any changes in AD automatically update in the ITAM tool?
    • How should requests for equipment moves or changes be made?
    • How will resources be scheduled?

    The image shows a flowchart titled SErvice Request - User Moves. The chart of processes is split into three categories, listed on the left side of the chart: User Manager; IT Coordinator; and Tier 2 & Facilities.

    Build workflows to document user MAC processes

    3.1.2 Build MAC process workflows

    Participants

    • Asset Manager
    • Service Desk Manager
    • Operations (optional)

    Document

    Document in the Standard Operating Procedures, Section 10: Equipment Install, Adds, Moves, and Changes

    Document each step in the system deployment process using notecards or on a whiteboard. Identify the challenges faced by your organization and strategize potential solutions.

    1. Outline each step in the process of desktop deployment. Be as granular as possible. On each card, describe the step as well as the individual responsible for each step.
    2. When you are satisfied that each step is accurately captured, use a second color of notecard to document any challenges, inefficiencies, or pains associated with each step. Consider further documenting the time on each task.
    3. Examine each challenge or pain point. Discuss whether or not there is a clear solution to the problem. If so, document the solution and amend the workflow. If not, engage in a broader discussion of possible solutions, taking into account people, processes, and available technology.
    4. Document separately the process for large-scale deployment if required.

    Define a policy to ensure effective maintenance of hardware assets

    Effective maintenance and support of assets provides longer life, higher employee productivity, and increased user satisfaction.

    • Your asset management documentation and database should store equipment maintenance contract information so that it can be consulted whenever hardware service is required.
    • Record who to contact as well as how, warranty information, and any SLAs that are associated with the maintenance agreement.
    • Record all maintenance that hardware equipment receives, which will be valuable for evaluating asset and supplier performance.
    • In most cases, the Service Desk should be the central point of contact for maintenance calls to all suppliers.

    Sample equipment maintenance policy terms:

    • Maintenance and support arrangements are required for all standard and non-standard hardware.
    • All onsite hardware should be covered by onsite warranty agreements with appropriate response times to meet business continuity needs.
    • Defective items under warranty should be repaired in a timely fashion.
    • Service, maintenance, and support shall be managed through the help desk ticketing system.

    Design process and policies for hardware maintenance, warranty, and support documentation handling

    3.1.3 Design process for hardware maintenance

    Participants

    • Asset Manager
    • Purchasing
    • Service Desk Manager
    • Security
    • Operations (optional)

    Document

    Document in the Standard Operating Procedures, Section 10

    1. Discuss and document the policy for hardware maintenance, warranty, and support.
    2. Key outcomes should include:
    • Who signs off on policies?
    • What is the timeline for documentation review?
    • Where are warranty and maintenance documents stored?
    • How will equipment be assessed for condition during audits?
    • How often will deployed equipment be reimaged?
    • How will equipment repair needs be requested?
    • How will repairs for equipment outside warranty be handled?
  • Document in the Standard Operating Procedure.
  • Use your HAM program to improve security and meet regulatory requirements

    ITAM complements and strengthens security tools and processes, improving the company’s ability to protect its data and systems and reduce operational risk.

    It’s estimated that businesses worldwide lose more than $221 billion per year as a result of security breaches. HAM is one important factor in securing data, equipment investment, and meeting certain regulatory requirements.

    How does HAM help keep your organization secure?

    • Educating users on best practices for securing their devices, and providing physical security such as cable locks and tracking mechanisms.
    • Best practices for reporting lost or stolen equipment for quickly removing access and remotely wiping devices.
    • Accurate location and disposal records will enable accurate reporting for HIPAA and PCI DSS audits where movement of media or hardware containing data is a requirement. Best practices for disposal will include properly wiping drives, recording information, and ensuring equipment is disposed of according to environmental regulations.
    • Secure access to data through end-user mobile devices. Use accurate records and MDM tools to securely track, remove access, and wipe mobile devices if compromised.
    • Encrypt devices that may be difficult to track such as USB drives or secure ports to prevent data from being copied to external drives.
    • Managed hardware allows software to be managed and patched on a regular basis.

    Best Practices

    1. Educate end users about traveling with equipment. Phones and laptops are regularly stolen from cars; tablets and phones are left on planes. Encourage users to consider how they store equipment on the way home from work.
    2. Cable locks used at unsecured offsite or onsite work areas should be supplied to employees.
    3. Equipment stored in IT must be secured at all times.

    Implement mobile device management (MDM) solutions

    Organizations with a formal mobile management strategy have fewer problems with their mobile devices.

    Develop a secure MDM to:

    • Provide connection and device support when the device is fully subsidized by the organization to increase device control.
    • Have loaner devices for when traveling to limit device theft or data loss.
    • Personal devices not managed by MDM should be limited to internet access on a guest network.
    • Limit personal device access to only internet access or a limited zone for data access and a subset of applications.
    • Advanced MDM platforms provide additional capabilities including containerization.

    The benefits of a deployed MDM solution:

    • Central management of a variety of devices and platforms is the most important advantage of MDM. Administrators can gain visibility into device status and health, set policies to groups of users, and control who has access to what.
    • Security features such as enforcing passcodes and remote wipe are also essential, given the increased risk of mobile devices.
      • Remote wipe should be able to wipe either the whole device or just selected areas.
    • Separation of personal data is becoming increasingly important as BYOD becomes the norm. This is a feature that vendors are approaching radically differently.
    • Device lock: Be able to lock the device itself, its container, or its SIM. Even if the SIM is replaced, the device should still remain locked. Consider remote locking a device if retrieval is possible.

    Mobile device management is constantly evolving to incorporate new features and expand to new control areas. This is a high-growth area that warrants constant up-to-date knowledge on the latest developments.

    What can be packed into an MDM can vary and be customized in many forms for what your organization needs.

    Secure endpoint devices to protect the data you cannot control

    Endpoint Encryption

    Endpoints Average None
    Desktop 73% 4%
    Laptops 65% 9%
    Smartphones 27% 28%
    Netbooks 26% 48%
    Tablets 16% 59%
    Grand average 41%

    Benefits from endpoint encryption:

    • Reduced risk associated with mobile workers.
    • Enabled sharing of data in secured workspace.
    • Enhanced end-user accountability.
    • Reduced number of data breach incidents.
    • Reduced number of regulatory violations.

    Ways to reduce endpoint encryption costs:

    • Use multiple vendors (multiple platforms): 33%
    • Use a single vendor (one platform): 40%
    • Use a single management console: 22%
    • Outsource to managed service provider: 26%
    • Permit user self-recovery: 26%

    Remote Wiping

    • If all else fails, a device can always be erased of all its data, protecting sensitive data that may have been on it.
    • Selective wipe takes it a step further by erasing only sensitive data.

    Selective wipe is not perfect.

    It is nearly impossible to keep the types of data separate, even with a sandbox approach. Selective wipe will miss some corporate data, and even a full remote wipe can only catch some of users’ increasingly widely distributed data.

    Selective wipe can erase:

    • Corporate profiles, email, and network settings.
    • Data within a corporate container or other sandbox.
    • Apps deployed across the enterprise.

    Know when to perform a remote wipe.

    Not every violation of policy warrants a wipe. Playing Candy Crush during work hours probably does not warrant a wipe, but jail breaking or removing a master data management client can open up security holes that do warrant a wipe.

    Design an effective asset security policy to protect the business

    Data security is not simply restricted to compromised software. In fact, 70% of all data breaches in the healthcare industry since 2010 are due to device theft or loss, not hacking. (California Data Breach Report – October, 2014) ITAM is not just about tracking a device, it is also about tracking the data on the device.

    Organizations often struggle with the following with respect to IT asset security:

    • IT hardware asset removal control.
    • Personal IT hardware assets (BYOD).
    • Data removal from IT hardware assets.
    • Inventory control with respect to leased hardware and software.
    • Unused software.
    • Repetitive versions of software.
    • Unauthorized software.

    Your security policy should seek to protect IT hardware and software that:

    • Have value to the business.
    • Require ongoing maintenance and support.
    • Create potential risk in terms of financial loss, data loss, or exposure.

    These assets should be documented and controlled in order to meet security requirements.

    The asset security policy should encompass the following:

    • Involved parties.
    • Hardware removal policy/documentation procedure.
    • End-user asset security responsibilities.
    • Theft/loss reporting procedure.
    • BYOD standards, procedures, and documentation requirements.
    • Data removal.
    • Software usage.
    • Software installation.

    Info-Tech Insight

    Hardware can be pricey; data is priceless. The cost of losing a device is minimal compared to the cost of losing data contained on a device.

    Revise or create an asset security policy

    3.1.4 Develop IT asset security policy

    Participants

    • CIO or IT Director
    • Asset Manager
    • Service Desk Manager
    • Security
    • Operations (optional)

    Document

    Document in the Asset Security Policy.

    1. Identify asset security challenges within your organization. Record them in a table like the one below.
    Challenge Current Security Risk Target Policy
    Hardware removal Secure access and storage, data loss Designated and secure storage area
    BYOD No BYOD policy in place N/A → phasing out BYOD as an option
    Hardware data removal Secure data disposal Data disposal, disposal vendor
    Unused software Lack of support/patching makes software vulnerable Discovery and retirement of unused software
    Unauthorized software Harder to track, less secure Stricter stance on pirated software
    1. Brainstorm the reasons for why these challenges exist.
    2. Identify target policy details that pertain to each challenge. Record the outcomes in section(s) 5.1, 5.2, or 5.3 of the Asset Security Policy.

    Poor asset security and data protection had costly consequences for UK Ministry of Justice

    CASE STUDY

    Industry Legal

    Source ICO

    Challenge

    The Ministry of Justice (MoJ) in the UK had a security problem: hard drives that contained sensitive prisoner data were unencrypted and largely unprotected for theft.

    These hard drives contained information related to health, history of drug use, and past links to organized crime.

    After two separate incidents of hard drive theft that resulted in data breaches, the Information Commissioner’s Office (ICO), stepped in.

    Solution

    It was determined that after the first hard drive theft in October 2011, replacement hard drives with encryption software were provisioned to prisons managed by the MoJ.

    Unfortunately, the IT security personnel employed by the MoJ were unaware that the encryption software required manual activation.

    When the second hard drive theft occurred, the digital encryption could not act as a backup to poor physical security (the hard drive was not secured in a locker as per protocol).

    Results

    The perpetrators were never found and the stolen hard drives were never recovered.

    As a result of the two data breaches, the MoJ had to implement costly security upgrades to its data protection system.

    The ICO fined the MoJ £180,000 for its repeated security breaches. This costly fine could have been avoided if more diligence was present in the MoJ’s asset management program.

    Step 3.2: Dispose or Redeploy Assets

    3.1 Manage & Maintain

    3.2 Dispose or Redeploy

    This step will walk you through the following activities:

    3.2.1 Identify challenges with IT asset recovery and disposal

    3.2.2 Design hardware asset recovery and disposal workflows

    3.2.3 Build a hardware asset disposition policy

    This step involves the following participants:

    • Infrastructure Director/Manager
    • Asset Manager
    • Service Desk Manager
    • Operations (optional)

    Step Outcomes:

    • Defined process to determine when to redeploy vs. dispose of hardware assets
    • Process for recovering and redeploying hardware equipment
    • Process for safely disposing of assets that cannot be redeployed
    • Comprehensive asset disposition policy

    Balance the effort to roll out new equipment against the cost to maintain equipment when building your lifecycle strategy

    The image shows two line graphs. The graph on the left is titled: Desktop Refresh Rate by Company Size (based on Revenue). The graph on the right is titled: Laptop Refresh Rate by Company Size (based on Revenue). Each graph has four lines, defined by a legend in the centre of the image: yellow is small ($25mm); dark blue is Mid ($25-500MM); light blue is large ( data-verified=$500MM); and orange is Overall.">

    (Info-Tech Research Group; N=96)

    Determining the optimal length of time to continue to use equipment will depend on use case and equipment type

    Budget profiles Refresh methods

    Stretched

    Average equipment age: 7+ years

    To save money, some organizations will take a cascading approach, using the most powerful machines for engineers or scientists to ensure processing power, video requirements and drives will meet the needs of their applications and storage needs; then passing systems down to departments who will require standard-use machines. The oldest and least powerful machines are either used as terminals or disposed.

    Generous

    Average equipment age: 3 years

    Organizations that do not want to risk user dissatisfaction or potential compatibility or reliability issues will take a more aggressive replacement approach. These organizations often have less people assigned to end-user device maintenance and will not repair equipment outside of warranty. There is little variation in processing power among devices, with major differences determined by mobility and operating system.

    Cautious

    Average equipment age: 4 to 5 years

    Organizations that fit between the other two profiles will look to stretch the budget beyond warranty years, but will keep a close eye on maintenance requirements. Repairs needed outside of warranty will require an eye to costs, efforts, and subsequent administrative work of loaning equipment to keep the end user productive while waiting on service.

    Recommendations to keep users happy and equipment in prime form is to check condition at the 2-3 year mark, reimage at least once to improve performance, and have backup machines, if equipment starts to become problematic.

    Build a process to determine when and how to redeploy or dispose of hardware assets at end of use

    • When equipment is no longer needed for the function or individual to whom it was assigned, the Hardware Asset Manager needs to use data to ensure the right decision is made as to what to do with the asset.
    • End of use involves evaluating options for either continuing to use the equipment in another capacity or by another individual or determining that the asset has no remaining value to the organization in any capacity and it is time to retire it.
    • If the asset is retired, it may still have capacity for continued use outside of the organization or it may be disposed.

    Redeployment

    • Deliver the asset to a new user if it is no longer needed by the original user but still has value and usability.
    • Redeployment saves money and prevents unnecessary purchases.
    • Common when employees leave the company or a merge or acquisition changes the asset pool.

    VS.

    Disposal

    • When an asset is no longer of use to the organization, it may be disposed of.
    • Need to consider potential financial and public relations considerations if disposal is not done according to environmental legislation.
    • Need to ensure proper documentation and data removal is built into disposition policy.

    Use persistent documentation and communication to improve hardware disposal and recovery

    Warning! Poor hardware disposal and recovery practices can be caused by the following:

    1. Your IT team is too busy and stretched thin. Data disposal is one of many services your IT team is likely to have to deal with, but this service requires undivided attention. By standardizing hardware refreshes, you can instill more predictability with your hardware life cycles and better manage disposal.
    2. Poor inventory management. Outdated data and poor tracking practices can result in lost assets during the disposal phase. It only takes a single lost asset to cause a disastrous data breach in your supply chain.
    3. Obliviousness to disposal regulations. Electronic disposal and electronically stored data are governed by strict regulation.

    How do you improve your hardware disposal and recovery process?

    • A specific, controlled process needs to be in place to wipe all equipment and verify that it’s been wiped properly. Otherwise, companies will continue to spend money to protect data while equipment is in use, but overlook the dangerous implications of careless IT asset disposal. Create a detailed documentation process to track your assets every step of the way to ensure that data and applications are properly disposed of. Detailed documentation can also help bolster sustainability reporting for organizations wishing to track such data.
    • Better communication should be required. Most decommissioning or refresh processes use multiple partners for manufacturing, warehousing, data destruction, product resale, and logistics. Setting up and vetting these networks can take years, and even then, managing them can be like playing a game of telephone; transparency is key.

    Address three core challenges of asset disposal and recovery

    Asset Disposal

    Data Security

    Sixty-five percent of organizations cite data security as their top concern. Many data breaches are a result of hardware theft or poor data destruction practices.

    Choosing a reputable IT disposal company or data removal software is crucial to ensuring data security with asset disposal.

    Environmental

    Electronics contain harmful heavy metals such as mercury, arsenic, and cadmium.

    Disposal of e-waste is heavily regulated, and improper disposal can result in hefty fines and bad publicity for organizations.

    Residual value

    Many obsolete IT assets are simply confined to storage at their end of life.

    This often imposes additional costs with maintenance or storage fees and leaves a lot of value on the table through assets that could be sold or re-purposed within the organization.

    Identify challenges with IT asset recovery and disposal with a triple bottom line scorecard

    3.2.1 Identify challenges with IT asset recovery and disposal

    Participants

    • Infrastructure Director/Manager
    • Asset Manager
    • Service Desk Manager
    • Operations (optional)
    1. Divide the whiteboard into three boxes: Social, Economic, and Environmental.
    2. Divide each box into columns like the one shown below:
    Economic
    Challenge Objectives Targets Initiatives
    No data capture during disposal Develop reporting standards 80% disposed assets recorded Work with Finance to develop reporting procedure
    Idle assets Find resale market/dispose of idle assets 50% of idle assets disposed of within the year Locate resale vendor and disposal service
    1. Ask participants to list challenges associated with each area.
    2. Once challenges facing recovery and disposal have been exhausted from the group, assign a significance of 1-5 (1 being the lowest and 5 being the highest) to each challenge.
    3. Discuss the most significant challenges and how they might be addressed through the next steps of building recovery & disposal processes.

    Build a process for recovery and redeployment of hardware

    • Having hardware standards in place makes redeploying easier by creating a larger pool of possible users for a standardized asset.
    • Most redeployment activities will be carried out by the Help Desk as a service request ticket, so it is important to have clear communication and guidelines with the Help Desk as to which tasks need to be carried out as part of the request.

    Ensure the following are addressed:

    • Where will equipment be stored before being redeployed?
    • Will shipping be required and are shipping costs factored into analysis?
    • Ensure equipment is cleaned before it is redeployed.
    • Do repairs and reconfigurations need to be made?
    • How will software be removed and licenses harvested and reported to Software Asset Manager?
    • How will data be securely wiped and protected?

    The image shows a work process in flowchart format titled Equipment Recovery. The chart is divided into two sections, listed on the left: Business Manager/HR and Desktop Support Team.

    Define the process for safely disposing of assets that cannot be redeployed

    Asset Disposal Checklist

    1. Review the data stored on the device.
    2. Determine if there has been any sensitive or confidential information stored.
    3. Remove all sensitive/confidential information.
    4. Determine if software licenses are transferable.
    5. Remove any non- transferable software prior to reassignment.
    6. Update the department’s inventory record to indicate new individual assigned custody.
    7. In the event of a transfer to another department, remove data and licensed software.
    8. If sensitive data has been stored, physically destroy the storage device.
    • Define the process for retiring and disposing of equipment that has reached replacement age or no longer meets minimum conditions or standards.
    • Clearly define the steps that need to be taken both before and after the involvement of an ITAD partner.

    The image shows a flowchart titled Equipment Disposal. It is divided into two sections, labelled on the left as: Desktop Support Team and Asset Manager.

    Design hardware asset recovery and disposal workflows

    3.2.2 Design hardware asset recovery and disposal policies and workflows

    Participants

    • Infrastructure Director/Manager
    • Asset Manager
    • Service Desk Manager
    • Operations (optional)

    Document

    Document in the Standard Operating Procedures, Sections 11 and 12

    Document each step in the recovery and disposal process in two separate workflows using notecards or on a whiteboard. Identify the challenges faced by your organization and strategize potential solutions.

    1. Keeping in mind current challenges around hardware asset recovery and disposal, design the target state for both the asset recovery and disposal processes.
    2. Outline each step of the process and be as granular as possible.
    3. When you are satisfied that each step is accurately captured, use a second color of notecard to document any challenges, inefficiencies, or pains associated with each step. Consider further documenting the time on each task.
    4. Examine each challenge or pain point. Discuss whether or not there is a clear solution to the problem. If so, document the solution and amend the workflow. If not, engage in a broader discussion of possible solutions, taking into account people, processes, and available technology.
    5. Review the checklists on the previous slides to ensure all critical tasks are accounted for in your process workflows.

    Add equipment disposition to asset lifecycle decisions to meet environmental regulations and mitigate risk

    Although traditionally an afterthought in asset management, IT asset disposition (ITAD) needs to be front and center. Increase focus on data security and concern surrounding environmental sustainability and develop an awareness of the cost efficiencies possible through best-practices disposition.

    Optimized ITAD solutions:

    1. Protect sensitive or valuable data
    2. Support sustainability
    3. Focus on asset value recovery

    Info-Tech Insight

    A well-thought-out asset management program mitigates risk and is typically less costly than dealing with a large-scale data loss incident or an inappropriate disposal suit. Also, it protects your company’s reputation – which is difficult to put a price on.

    Partner with an ITAD vendor to support your disposition strategy

    Maximizing returns on assets requires knowledge and skills in asset valuation, upgrading to optimize market return, supply chain management, and packaging and shipping. It’s unlikely that the return will be adequate to justify that level of investment, so partnering with a full-service ITAD vendor is a no-brainer.

    • An ITAD vendor knows the repurpose and resale space better than your organization. They know the industry and have access to more potential buyers.
    • ITAD vendors can help your organization navigate costly environmental regulations for improper disposal of IT assets.

    Disposal doesn’t mean your equipment has to go to waste.

    Additionally, your ITAD vendor can assist with a large donation of hardware to a charitable organization or a school.

    Donating equipment to schools or non-profits may provide charitable receipts that can be used as taxable benefits.

    Before donating:

    • Ensure equipment is needed and useful to the organization.
    • Be prepared for an appraisal requirement. Receipts can only be issued for fair market value.
    • Prevent compromised data by thoroughly wiping or completely replacing drives.
    • Ensure official transfer of ownership to prevent liability if improper disposal practices follow.

    Info-Tech Insight

    Government assistance grants may be available to help keep your organization’s hardware up to date, thereby providing incentives to upgrade equipment while older equipment still has a useful life.

    Protect the organization by sufficiently researching potential ITAD partners

    Research ITAD vendors as diligently as you would primary hardware vendors.

    Failure to thoroughly investigate a vendor could result in a massive data breach, fines for disposal standards violations, or a poor resale price for your disposed assets. Evaluate vendors using questions such as the following:

    • Are you a full-service vendor or are you connected to a wholesaler?
    • Who are your collectors and processors?
    • How do you handle data wiping? If you erase the data, how many passes do you perform?
    • What do you do with the e-waste? How much is reused? How much is recycled?
    • Do you have errors and omissions insurance in case data is compromised?
    • How much will it cost to recycle or dispose of worthless equipment?
    • How much will I receive for assets that still have useful life?

    ITAD vendors that focus on recycling will bundle assets to ship to an e-waste plant – leaving money on the table.

    ITAD vendors with a focus on reuse will individually package salable assets for resale – which will yield top dollars.

    Info-Tech Insight

    To judge the success of a HAM overhaul, you need to establish a baseline with which to compare final results. Be sure to take HAM “snapshots” before ITAD partnering so it’s easy to illustrate the savings later.

    Work with ITAD partner or equipment supplier to determine most cost-effective method and appropriate time for disposal

    2-4 Two-to-four year hardware refresh cycle

    • Consider selling equipment to an ITAD partner who specializes in sales of refurbished equipment.
    • Consider donating equipment to schools or non-profits, possibly using an ITAD partner who specializes in refurbishing equipment and managing the donation process.

    5-7 Five-to-seven year hardware refresh cycle

    • At this stage equipment may still have a viable life, but would not be appropriate for school or non-profit donations, due to a potentially shorter lifespan. Consider selling equipment to an ITAD partner who has customers interested in older, refurbished equipment.

    7+ Seven or more years hardware refresh cycle

    • If keeping computers until they reach end of life, harvest parts for replacement on existing machines and budget for disposal fees.
    • Ask new computer supplier about disposal services or seek out ITAD partner who will disassemble and dispose of equipment in an environmentally responsible manner.

    Info-Tech Insight

    • In all cases, ensure hard drives are cleansed of data with no option for data recovery. Many ITAD partners will provide a drive erasure at DoD levels as part of their disposal service.
    • Many ITAD partners will provide analysts to help determine the most advantageous time to refresh.

    Ensure data security and compliance by engaging in reliable data wiping before disposition

    Failure to properly dispose of data can not only result in costly data breaches, but also fines and other regulatory repercussions. Choosing an ITAD vendor or a vendor that specializes in data erasure is crucial. Depending on your needs, there are a variety of data wiping methods available.

    Certified data erasure is the only method that leaves the asset’s hard drive intact for resale or donation. Three swipes is the bare minimum, but seven is recommended for more sensitive data (and required by the US Department of Defense). Data erasure applications may be destructive or non-destructive – both methods overwrite data to make it irretrievable.

    Physical destruction must be done thoroughly, and rigorous testing must be done to verify data irretrievability. Methods such as hand drilling are proven to be unreliable.

    Degaussing uses high-powered magnets to erase hard drives and makes them unusable. This is the most expensive option; degaussing devices can be purchased or rented.

    Info-Tech Best Practice

    Data wiping can be done onsite or can be contracted to an ITAD partner. Using an ITAD partner can ensure greater security at a more affordable price.

    Make data security a primary driver of asset disposition practices

    It is estimated that 10-15% of data loss cases result from insecure asset disposal. Protect yourself by following some simple disposition rules.

    1. Reconcile your data onsite
    • Verify that bills of landing and inventory records match before assets leave. Otherwise, you must take the receiver’s word on shipment contents.
  • Wipe data at least once onsite
    • Do at least one in-house data wipe before the assets leave the site for greater data security.
  • Transport promptly after data wiping
    • Prompt shipment will minimize involvement with the assets, and therefore, cost. Also, the chance of missing assets will drop dramatically.
  • Avoid third-party transport services
    • Reputable ITAD companies maintain strict chain of custody control over assets. Using a third party introduces unnecessary risk.
  • Keep detailed disposition records
    • Records will protect you in the event of an audit, a data loss incident, or an environmental degradation claim. They could save you millions.
  • Wipe all data-carrying items
    • Don’t forget cell phones, fax machines, USB drives, scanners, and printers – they can carry sensitive information that can put the organization at risk.
  • Only partner with insured ITAD vendors
    • You are never completely out of danger with regards to liability, but partnering with an insured vendor is potent risk mitigation.
  • Work these rules into your disposition policy to mitigate data loss risk.

    Support your HAM efforts with a comprehensive disposition policy

    3.2.3 Build a Hardware Asset Disposition Policy

    Implementation of a HAM program is a waste of time if you aren’t going to maintain it. Maintenance requires the implementation of detailed policies, training, and an ongoing commitment to proper management.

    Use Info-Tech’s Hardware Asset Disposition Policy to:

    1. Establish and define clear standards, procedures, and restrictions surrounding disposition.
    2. Ensure continual compliance with applicable data security and environmental legislation.
    3. Assign specific responsibilities to individuals or groups to ensure ongoing adherence to policy standards and that costs or benefits are in line with expectations.

    Phase 3 Guided Implementation

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Maintain & Dispose

    Proposed Time to Completion: 4 weeks

    Start with an analyst kick-off call:

    • Discuss inventory management best practices.
    • Build process for moves, adds, and changes.
    • Build process for hardware maintenance.
    • Define policies for maintaining asset security.

    Then complete these activities…

    • Build a MAC policy and request form.
    • Build workflows to document user MAC processes.
    • Design processes and policies for hardware maintenance, warranty, and support documentation handling.
    • Build an asset security policy.

    With these tools & templates:

    • Standard Operating Procedures
    • Asset Security Policy

    Step 3.2: Dispose or Redeploy Assets

    Review findings with analyst:

    • Discuss when to dispose vs. redeploy assets.
    • Build process for redeploying vs. disposing of assets.
    • Review ITAD vendors.

    Then complete these activities…

    • Identify challenges with IT asset recovery and disposal.
    • Design hardware asset recovery and disposal workflows.
    • Build a hardware asset disposition policy.

    With these tools & templates:

    • Standard Operating Procedures
    • Asset Recovery Workflow
    • Asset Disposal Workflow
    • Hardware Asset Disposition Policy

    Phase 3 Insight: Not all assets are created equal. Taking a blanket approach to asset maintenance and security is time consuming and costly. Focus on the high-cost, high-use, and data-sensitive assets first.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.1.4 Revise or create an asset security policy

    Discuss asset security challenges within the organization; brainstorm reasons the challenges exist and process changes to address them. Document a new asset security policy.

    3.2.2 Design hardware asset recovery and disposal workflows

    Document each step in the hardware asset recovery and disposal process, including all decision points. Examine challenges and amend the workflow to address them.

    Phase 4

    Plan Budget Process and Build Roadmap

    Implement Hardware Asset Management

    Cisco deployed an enterprise-wide re-education program to implement asset management

    CASE STUDY

    Industry Networking

    Source Cisco IT

    Challenge

    Even though Cisco Systems had designed a comprehensive asset management program, implementing it across the enterprise was another story.

    An effective solution, complete with a process that could be adopted by everyone within the organization, would require extensive internal promotion of cost savings, efficiencies, and other benefits to the enterprise and end users.

    Cisco’s asset management problem was as much a cultural challenge as it was a process challenge.

    Solution

    The ITAM team at Cisco began discussions with departments that had been tracking and managing their own assets.

    These sessions were used as an educational tool, but also as opportunities to gather internal best practices to deploy across the enterprise.

    Eventually, Cisco introduced weekly meetings with global representation to encourage company-wide communication and collaboration.

    Results

    By establishing a process for managing PC assets, we have cut our hardware costs in half.” – Mark Edmonson, Manager – IT Services Expenses

    Cisco reports that although change was difficult to adopt, end-user satisfaction has never been higher. The centralized asset management approach has resulted in better contract negotiations through better data access.

    A reduced number of hardware and software platforms has streamlined tracking and support, and will only drive down costs as time goes on.

    Step 4.1: Plan Hardware Asset Budget

    Phase 4: Plan Budget & Build Roadmap

    4.1 Plan Budget

    4.2 Communicate & Build Roadmap

    This step will walk you through the following activities:

    4.1 Use Info-Tech’s HAM Budgeting Tool to plan your hardware asset budget

    This step involves the following participants:

    • IT Director
    • Asset Manager
    • Finance Department

    Step Outcomes

    • Know where to find data to budget for hardware needs accurately
    • Learn how to manage a hardware budget
    • Plan hardware asset budget with a budgeting tool

    Gain control of the budget to increase the success of HAM

    A sophisticated hardware asset management program will be able to uncover hidden costs, identify targets for downsizing, save money through redistributing equipment, and improve forecasting of equipment to help control IT spending.

    While some asset managers may not have experience managing budgets, there are several advantages to ITAM owning the hardware budget:

    • Be more involved in negotiating pricing with suppliers.
    • Build better relationships with stakeholders across the business.
    • Forecast requirements more accurately.
    • Inform benchmarks for hardware performance.
    • Gain more responsibility and have a greater influence on purchasing decisions.
    • Directly impact the reduction in IT spend.
    • Manage the asset database more easily and have a greater understanding of hardware needs.
    • Build a continuous rolling refresh.

    Use ITAM data to forecast hardware needs accurately and realistically

    Your IT budget should be realistic, accounting for business needs, routine maintenance, hardware replacement costs, unexpected equipment failures, and associated support and warranty costs. Know where to find the data you need and who to work with to forecast hardware needs as accurately as possible.

    What type of data should I take into account?

    Plan for:

    • New hardware purchases required
      • Planned refreshes based on equipment lifecycle
      • Inventory for break and fix
      • Standard equipment for new hires
      • Non-standard equipment required
      • Hardware for planned projects
      • Implementation and setup costs
      • Routine hardware implementation
      • Large hardware implementation for projects
      • Support and warranty costs

    Take into account:

    • Standard refresh cycle for each hardware asset
    • Amount of inventory to keep on hand
    • Length of time from procurement to inventory
    • Current equipment costs and equipment price increases
    • Equipment depreciation rates and resale profits

    Where do I find the information I need to budget accurately?

    • Work with HR to forecast equipment needs for new hires.
    • Work with the Infrastructure Manager to forecast devices and equipment needed for approved and planned projects.
    • Use the asset management database to forecast hardware refresh and replacement needs based on age and lifecycle.
    • Work with business stakeholders to ensure all new equipment needs are accounted for in the budget.

    Use Info-Tech’s HAM Budgeting Tool to plan your hardware asset budget

    4.1.1 Build HAM budget

    This tool is designed to assist in developing and justifying the budget for hardware assets for the upcoming year. The tool will allow you to budget for projects requiring hardware asset purchases as well as equipment requiring refresh and to adjust the budget as needed to accommodate both projects and refreshes. Follow the instructions on each tab to complete the tool.

    The hardware budget should serve as a planning and communications tool for the organization

    The most successful relationships have a common vocabulary. Thus, it is important to translate “tech speak” into everyday language and business goals and initiatives as you plan your budget.

    One of the biggest barriers that infrastructure and operations team face with regards to equipment budgeting is the lack of understanding of IT infrastructure and how it impacts the rest of the organization. The biggest challenge is to help the rest of the organization overcome this barrier.

    There are several things you can do to overcome this barrier:

    • Avoid using technical terms or jargon. Terms many would consider common knowledge, such as “WLAN,” are foreign to many.
    • Don’t assume the business knows how the technology you’re referring to will impact their day-to-day work. You will need to demonstrate it to them.
    • Help the audience understand the business impact of not implementing each initiative. What does this mean for them?
    • Discuss the options on the table in terms of the business value that the hardware can enable. Review how deferring refresh projects can impact user-facing applications, systems, and business unit operations.
    • Present options. If you can’t implement everything on the project list, present what you can do at different levels of funding.

    Info-Tech Insight

    Err on the side of inviting more discussion. Your budgeting process relies on business decision makers and receiving actionable feedback requires an ongoing exchange of information.

    Help users understand the importance of regular infrastructure refreshes

    Getting business users to support regular investments in maintenance relies on understanding and trust. Present the facts in plain language. Provide options, and clearly state the impact of each option.

    Example: Your storage environment is nearing capacity.

    Don’t:

    Explain the project exclusively in technical terms or slang.

    We’re exploring deduping technology as well as cheap solid state, SATA, and tape storage to address capacity.”

    Do:

    • Explain impact in terms that the business can understand.

    Deduplication technology can reduce our storage needs by up to 50%, allowing us to defer a new storage purchase.”

    • Be ready to present project alternatives and impacts.

    Without implementing deduplication technology, we will need to purchase additional storage by the end of the year at an estimated cost of $25,000.”

    • Connect the project to business initiatives and strategic priorities.

    This is a cost-effective technique to increase storage capacity to manage annual average data growth at around 20% per year.

    Step 4.2: Build Communication Plan and Roadmap

    Phase 4: Plan Budget & Build Roadmap

    4.1 Plan Budget

    4.2 Communicate & Build Roadmap

    This step will walk you through the following activities:

    4.2 Develop a HAM implementation roadmap

    This step involves the following participants:

    • CIO
    • IT Director
    • Asset Manager
    • Service Desk Manager

    Step Outcomes

    • Documented end-user hardware asset management policies
    • Communications plan to achieve support from end users and other business units
    • HAM implementation roadmap

    Educate end users through ITAM training to increase program success

    As part of your communication plan and overall HAM implementation, training should be provided to end users within the organization.

    All facets of the business, from management to new hires, should be provided with ITAM training to help them understand their role in the project’s success.

    ITAM solutions are complex by nature with both business process and technical knowledge required to use them correctly. Keep the message appropriate to the audience – end users don’t need to know the complete process, but will need to know policy and how to request.

    Management may have priorities that appear to clash with new processes. Engage management by making them aware of the benefits and importance of ITAM. Include the benefits and consequences of not implementing ITAM in your education approach. Encourage them to support efforts by reinforcing your messages to end users.

    New hires should have ITAM training bundled into their onboarding process. Fresh minds are easier to train and the ITAM program will be seen as an organizational standard, not merely a change.

    Policy documents can help summarize end users’ obligations and clarify processes. Consider an IT Resources Acceptable UsePolicy.

    "The lowest user is the most important user in your asset management program. New employees are your most important resource. The life cycle of the assets will go much smoother if new employees are brought on board." – Tyrell Hall, ITAM Program Coordinator

    Info-Tech Insight

    During training, you should present the material through the lens of “what’s in it for me?” Otherwise, you risk alienating end users through implementing organizational change viewed as low value.

    Include policy design and enforcement in your communication plan

    • Hardware asset management policies should define the actions to be taken to protect and preserve technology assets from failure, loss, destruction, theft, or damage.
    • Implementing asset management policies enforces the notion that the organization takes its IT assets and the management of them seriously, and will help ensure the benefits of ITAM are achieved.
    • Designing, approving, documenting, and adopting one set of standard ITAM policies for each department to follow will ensure the processes are enforced equally across the organization.
    • Good ITAM policies answer the “what, how, and why” of IT asset management, provide the means for ITAM governance, and provide a basis for strategy and decision making.

    Info-Tech Insight

    Use policy templates to jumpstart your policy development and ensure policies are comprehensive, but be sure to modify and adapt policies to suit your corporate culture or they will not gain buy-in from employees. For a policy to be successful, it must be a living document and have participation and involvement from the committees and departments to whom it will pertain.

    Use Info-Tech’s policy templates to build HAM policies

    4.2.1 Build HAM policies

    Use these HAM policy templates to get started:

    Information Technology Standards Policy

    This policy establishes standards and guidelines for a company’s information technology environment to ensure the confidentiality, integrity, and availability of company computing resources.

    Desktop Move/Add/Change Policy

    This desktop move/add/change policy is put in place for users to request to change their desktop computing environments. This policy applies configuration changes within a company.

    Purchasing Policy

    The purchasing policy helps to establish company standards, guidelines, and procedures for the purchase of all information technology hardware, software, and computer-related components as well as the purchase of all technical services.

    Hardware Asset Disposition Policy

    This policy assists in creating guidelines around disposition in the last stage of the asset lifecycle.

    Additional policy templates

    Info-Tech Insight

    Use policy templates to jumpstart your policy development and ensure policies are comprehensive, but modify and adapt them to suit your corporate culture or they will not gain buy-in from employees. For a policy to be successful, it must be a living document and have participation from the committees and departments to whom it will pertain.

    Create a communication plan to achieve end-user support and adherence to policies

    Communication is crucial to the integration and overall implementation of your ITAM program. An effective communication plan will:

    • Gain support from management at the project proposal phase.
    • Create end-user buy-in once the program is set to launch.
    • Maintain the presence of the program throughout the business.
    • Instill ownership throughout the business from top-level management to new hires.

    Use the variety of components as part of your communication plan in order to reach the organization.

    1. Advertise successes.
    • Regularly demonstrate the value of the ITAM program with descriptive statistics focused on key financial benefits.
    • Share data with the appropriate personnel; promote success to obtain further support from senior management.
  • Report and share asset data.
    • Sharing detailed asset-related reports frequently gives decision makers useful data to aid in their strategy.
    • These reports can help your organization prepare for audits, adjust asset budgeting, and detect unauthorized assets.
  • Communicate the value of ITAM.
    • Educate management and end users about how they fit into the bigger picture.
    • Individuals need to know that their behaviors can adversely affect data quality and, ultimately, lead to better decision making.
  • Develop a communication plan to convey the right messages

    4.2.2 Develop a communication plan to convey the right messages

    Participants

    • CIO
    • IT Director
    • Asset Manager
    • Service Desk Manager

    Document

    Document in the HAM Communication Plan

    1. Identify the groups that will be affected by the HAM program as those who will require communication.
    2. For each group requiring a communication plan, identify the following:
    • Benefits of HAM for that group of individuals (e.g. better data, security).
    • The impact the change will have on them (e.g. change in the way a certain process will work).
    • Communication method (i.e. how you will communicate).
    • Timeframe (i.e. when and how often you will communicate the changes).
  • Complete this information in a table like the one below and document in the Communication Plan.
  • Group Benefits Impact Method Timeline
    Service Desk Improve end-user device support Follow new processes Email campaign 3 months
    Executives Mitigate risks, better security, more data for reporting Review and sign off on policies
    End Users Smoother request process Adhere to device security and use policies
    Infrastructure Faster access to data and one source of truth Modified processes for centralized procurement and inventory

    Implement ITAM in a phased, constructive approach

    • One of the most difficult decisions to make when implementing ITAM is: “where do we start?”
    • The pyramid to the right mirrors Maslow’s hierarchy of needs. The base is the absolute bare minimum that should be in place, and each level builds upon the previous one.
    • As you track up the pyramid, your ITAM program will become more and more mature.

    Now that your asset lifecycle environment has been constructed in full, it’s time to study it. Gather data about your assets and use the results to create reports and new solutions to continually improve the business.

    • Asset Data
    • Asset Protection: safely protect and dispose of assets once they are mass distributed throughout your organization.
    • Asset Distribution: determine standards for asset provisioning and asset inventory strategy.
    • Asset Gathering: define what assets you will procure, distribute, and track. Classifying your assets by tier will allow you to make decisions as you progress up the pyramid.

    ↑ ITAM Program Maturity

    Integrate your HAM program into the organization to assist its implementation

    The HAM program cannot perform on its own – it must be integrated with other functional areas of the organization in order to maintain its stability and support.

    • Effective IT asset management is supported by a comprehensive set of processes as part of its implementation.
    • For example, integration with the purchasing/procurement team is required to gather hardware and software purchase data to control asset costs and mitigate software license compliance risk.
    • Integration with Finance is required to support internal cost allocations and charge backs.

    To integrate your ITAM program into your organization effectively, a clear implementation roadmap needs to be designed. Prioritize “quick wins” in order to demonstrate success to the business early and gain buy-in from your team. Long-term goals should be designed that will be supported by the outcomes of the short-term gains of your ITAM program.

    Short-term goal Long-term goal
    Identify inventory classification and tool (hardware first) Hardware contract data integration (warranty, maintenance, lease)
    Create basic ITAM policies and processes Continual improvement through policy impact review and revision
    Implement ITAM auto-discovery tools Software compliance reports, internal audits

    Info-Tech Insight

    Installing an ITAM tool does not mean you have an effective asset management program. A complete solution needs to be built around your tool, but the strength of ITAM comes from processes embedded in the organization that are shaped and supported by your ITAM data.

    Develop an IT hardware asset management implementation roadmap

    4.2.3 Develop a HAM implementation roadmap

    Participants

    • CIO
    • IT Director
    • Asset Manager
    • Service Desk Manager

    Document

    Document in the IT Hardware Asset Management Implementation Roadmap

    1. Identify up to five streams to work on initiatives for the hardware asset management project.
    2. Fill out key tasks and objectives for each process. Assign responsibility for each task.
    3. Select a start date and end date for each task. See tab 1 of the tool for instructions on which letters to input for each stage of the process.
    4. Once your list is complete, open tab 3 of the tool to see your completed sunshine diagram.
    5. Keep this diagram visible for your team and use it as a guide to task completion as you work towards your future-state value stream.

    Focus on continual improvement to sustain your ITAM program

    Periodically review the ITAM program in order to achieve defined goals, objectives, and benefits.

    Act → Plan → Do → Check

    Once ITAM is in place in your organization, a focus on continual improvement creates the following benefits:

    • Remain in sync with the business: your asset management program reflects the current and desired future states of your organization at the time of its creation. But the needs of the business change. As mentioned previously, asset management is a dynamic process, so in order for your program to keep pace, a focus on continual improvement is needed.
      • For example, imagine if your organization had designed your ITAM program before cloud-based solutions were an option. What if your asset classification scheme did not include personal devices or tablets or your asset security policy lacked a section on BYOD?
    • Create funding for new projects through ITAM continual improvement: one of the goals is to save money through more efficient use of your assets by “sweating” out underused hardware and software.
      • It may be tempting to simply present the results to Finance as savings, but instead, describe the results as “available funds for other projects.” Otherwise, Finance may view the savings as a nod to restrict IT’s budget and allocate funds elsewhere. Make it clear that any saved funds are still required, albeit in a different capacity.

    Info-Tech Best Practice

    Look for new uses for ITAM data. Ask management what their goals are for the next 12-18 months. Analyze the data you are gathering and determine how your ITAM data can assist with achieving these goals.

    Phase 4 outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Step 4.1: Plan Budget

    Start with an analyst kick-off call:

    • Know where to find data to budget for hardware needs accurately.
    • Learn how to manage a hardware budget.

    Then complete these activities…

    • Plan hardware asset budget.

    With these tools & templates:

    HAM Budgeting Tool

    Step 4.2: Communicate & Roadmap

    Review findings with analyst:

    • Develop policies for end users.
    • Build communications plan.
    • Build an implementation roadmap.

    Then complete these activities…

    • Build HAM policies.
    • Develop a communication plan.
    • Develop a HAM implementation roadmap.

    With these tools & templates:

    HAM policy templates

    HAM Communication Plan

    HAM Implementation Roadmap

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    4.1.1 Build a hardware asset budget

    Review upcoming hardware refresh needs and projects requiring hardware purchases. Use this data to forecast and budget equipment for the upcoming year.

    4.2.2 Develop a communication plan

    Identify groups that will be affected by the new HAM program and for each group, document a communications plan.

    Insight breakdown

    Overarching Insights

    HAM is more than just tracking inventory. A mature asset management program provides data for proactive planning and decision making to reduce operating costs and mitigate risk.

    ITAM is not just IT. IT leaders need to collaborate with Finance, Procurement, Security, and other business units to make informed decisions and create value across the enterprise.

    Treat HAM like a process, not a project. HAM is a dynamic process that must react and adapt to the needs of the business.

    Phase 1 Insight

    For asset management to succeed, it needs to support the business. Engage business leaders to determine needs and build your HAM program around these goals.

    Phase 2 Insight

    Bridge the gap between IT and Finance to build a smoother request and procurement process through communication and routine reporting. If you’re unable to affect procurement processes to reduce time to deliver, consider bringing inventory onsite or having your hardware vendor keep stock, ready to ship on demand.

    Phase 3 Insight

    Not all assets are created equal. Taking a blanket approach to asset maintenance and security is time consuming and costly. Focus on the high-cost, high-use, and data-sensitive assets first.

    Phase 4 Insight

    Deploying a fancy ITAM tool will not make hardware asset management implementation easier. Implementation is a project that requires you focus on people and process first – the technology comes after.

    Related Info-Tech research

    Implement Software Asset Management

    Build an End-User Computing Strategy

    Find the Value – and Remain Valuable – With Cloud Asset Management

    Consolidate IT Asset Management

    Harness Configuration Management Superpowers

    IT Asset Management Market Overview

    Bibliography

    Chalkley, Martin. “Should ITAM Own Budget?” The ITAM Review. 19 May 2011. Web.

    “CHAMP: Certified Hardware Asset Management Professional Manual.” International Association of Information Technology Asset Managers, Inc. 2008. Web.

    Foxen, David. “The Importance of Effective HAM (Hardware Asset Management).” The ITAM Review. 19 Feb. 2015. Web.

    Foxen, David. “Quick Guide to Hardware Asset Tagging.” The ITAM Review. 5 Sep. 2014. Web.

    Galecki, Daniel. “ITAM Lifecycle and Savings Opportunities – Mapping out the Journey.” International Association of IT Asset Managers, Inc. 16 Nov. 2014. Web.

    “How Cisco IT Reduced Costs Through PC Asset Management.” Cisco IT Case Study. 2007. Web.

    Irwin, Sherry. “ITAM Metrics.” The ITAM Review. 14 Dec. 2009. Web.

    “IT Asset and Software Management.” ECP Media LLC, 2006. Web.

    Rains, Jenny. “IT Hardware Asset Management.” HDI Research Brief. May 2015. Web.

    Riley, Nathan. “IT Asset Management and Tagging Hardware: Best Practices.” Samanage Blog. 5 March 2015. Web.

    “The IAITAM Practitioner Survey Results for 2016 – Lean Toward Ongoing Value.” International Association of IT Asset Managers, Inc. 24 May 2016. Web.

    Create and Implement an IoT Strategy

    • Buy Link or Shortcode: {j2store}57|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Disruptive & Emerging Technologies
    • Parent Category Link: /disruptive-emerging-technologies

    While the Internet of Things (IoT) or smart devices have the potential to transform businesses, they have to be implemented strategically to drive value. The business often engages directly with vendors, and many IoT solutions are implemented as point solutions with IT being brought in very late in the process.

    This leads to challenges with integration, communication, and data aggregation and storage. IT is often also left grappling with many new devices that need to be inventoried, added to lifecycle management practices, and secured.

    Unlock the true potential of IoT with early IT involvement

    As IoT solutions become more common, IT leaders must work closely with business stakeholders early in the process to ensure that IoT solutions make the most of opportunities and mitigate risks.

    1. Ensure that IoT solutions meet business needs: Assess IoT solutions to ensure that they meet business requirements and align with business strategy.
    2. Make integration and management smooth: Build and execute plans so IoT devices integrate with existing infrastructure and multiple devices can be managed efficiently.
    3. Ensure privacy and security: IoT solutions should meet clearly outlined privacy and security requirements and comply with regulations such as GDPR and CCPA.
    4. Collect and store data systematically: Manage what data will be collected and aggregated and how it will be stored so that the business can recognize value from the data with minimal risk.

    Create and Implement an IoT Strategy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create and Implement an IoT Strategy Deck – A framework to assess and onboard IoT devices into your environment.

    The storyboard will help to create a steering committee and a playbook to quickly assess IoT ideas to determine the best way to support these ideas, test them in Proof of concepts, when appropriate, and give the business the confidence they need to get the right solution for the job and to know that IT can support them long term.

    • Create and Implement an IoT Strategy – Phases 1-3

    2. Steering Committee Charter Template – Improve governance starting with a steering committee charter to help you clearly define the role of the steering committee to improve outcomes.

    Create a steering committee to improve success of IoT implementations.

    • IoT Steering Committee Charter Template

    3. IoT Solution Playbook – Create an IoT playbook to define a framework to quickly assess new solutions and determine the best time and method for onboarding into your operational environment.

    Create a framework to quickly evaluate IoT solutions to mitigate risks and increase success.

    • IoT Solution Playbook

    Infographic

    Further reading

    Create and Implement an IoT Strategy

    Gain control of your IoT environment

    Create and Implement an IoT Strategy

    Gain control of your IoT environment

    EXECUTIVE BRIEF

    Table of Contents

    Page Contents Page Contents
    4 Analyst Perspective 27 Phase 2: Define the intake & assessment process
    5 Executive Summary 29 Define requirements for requesting new IoT solutions
    7 Common Obstacles 32 Define procedures for reviewing proposals and projects – BA/BRM
    8 Framework 38 Define criteria for assessing proposals and projects – data specialists
    9 Insight Summary 43 Define criteria for assessing proposals & projects – Privacy & Security
    10 Blueprint deliverables 47 Define criteria for assessing proposals & projects – Infrastructure & Operations
    11 Blueprint benefits 48 Define service objectives & evaluation process
    13 Measure the value of IoT 49 Phase 3: Prepare for a proof of value
    15 Guided Implementation 58 Create a template for designing a proof of value
    16 Phase 1: Define your governance process 59 Communications
    21 Define the committee’s roles & responsibilities 60 Research contributors and experts
    23 Define the IoT steering committee’s vision statement and mandate 61 Related InfoTech Research
    26 Define procedures for reviewing proposals and projects

    Analyst perspective

    IoT is an extremely efficient automated data collection system which produces millions of pieces of data. Many organizations will purchase point solutions to help with their primary business function to increase efficiency, increase profitability, and most importantly provide scalable services that cannot exist without automated data collection and analytical tools.

    Most of the solutions available are designed to perform a specific function within the parameters of the devices and applications designed by vendors. As these specific use cases proliferate within any organization, the data collected can end up housed in many places, owned by each specific business unit and used only for the originally designed purpose. Imagine though, if you could take the health information of many patients, anonymize it, and compare overall health of specific regions, rather than focusing only on the patient record as a correlated point; or many data points within cities to look at pedestrian, bike, and vehicle traffic to better plan infrastructure changes, improve city plans, and monitor pollution, then compared to other cities for additional modeling.

    In order to make these dramatic shifts to using many IoT solutions, it’s time to look at creating an IoT strategy that will ensure all systems meet strategic goals and will enable disparate data to be aggregated for greater insights. The act of aggregation of systems and data will require additional scrutiny to mitigate the potential perils for privacy, management, security, and auditability

    The strategy identifies who stewards use of the data, who manages devices, and how IT enables broader use of this technology. But with the increased volume of devices and data, operational efficiency as part of the strategy will also be critical to success.

    This project takes you through the process of defining vision and governance, creating a process for evaluating proposed solutions for proof of value, and implementing operational effectiveness.

    Photo of Sandi Conrad, Principal Research Director, Info-Tech Research Group.

    Sandi Conrad
    Principal Research Director
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    The business needs to move quickly to adopt new ways to collect and analyze data or automate actions. IoT may be the right answer, but it can be complex and create new challenges for IT teams.

    Many of these solutions are implemented by vendors as point solutions, but more organizations are recognizing they need to bring the data in-house to start driving insights.

    As IoT solutions become more prolific, the need to get more involved in securing and managing these solutions has become evident.

    Common Obstacles

    The business is often engaging directly with the vendors to better understand how they can benefit from these solutions, and IT is often brought in when the solution is ready to go live.

    When IT isn’t involved early, there may be challenges around integrations, communications, and getting access to data.

    Management becomes challenging as many devices are suddenly entering the environment, which need to be inventoried, added to lifecycle management practices, and secured.

    Info-Tech’s Approach

    Info-Tech’s approach starts with assessing the proposed solutions to:

    • Ensure they will meet the business need.
    • Understand data structure for integration to central data store.
    • Ensure privacy and security needs can be met.
    • Determine effort and technical requirements for integration into the infrastructure and appropriate onboarding into operations.

    Early intervention will improve results. IoT is one of the biggest challenges for IT departments to manage today. The large volume of devices and lack of insight into vendor solutions is making it significantly harder to plan for upgrades and contract renewals, and to guarantee security protocols are being met. Create a multistep onboarding process, starting with an initial assessment process to increase success for the business, then look to derive additional benefits to the business and mitigate risks.

    Your challenge

    Scaling up and out from an IoT point solution is complicated and requires collaboration from stakeholders that may not have worked well together before
    • Point solutions may be installed and configured with support outsourced to vendors, where integrations may be light or non-existent.
    • Each point solution will be owned by the business, with data used for a specific purpose, and may only require infrastructure support from the internal IT department.
    • Operational needs must be met to protect the business’ investment, and without involving IT early, agreements may be signed that don’t meet long-term goals of high value at reasonable prices.
    • To fully realize value from multiple disparate systems, a cohesive strategy to bring together data will be required, but with that comes a need to improve technology, determine data ownership, and improve oversight with strengthened security, privacy, and communications.
    • Where IoT is becoming a major source of data, taking a piecemeal approach will no longer be enough to be successful.

    IoT solutions may be chosen by the business, but to be successful and meet their requirements, a partnership with IT will ensure better communications with the service provider for a less stressful implementation with governance over security needs and protection of the organization’s data, and it will ensure that continual value is enabled through effective operations.

    Pie chart titled 'IoT project success' with '12% Fully successful', '30% Mostly successful', '40% Mostly unsuccessful', and 'Not at all successful'.
    (Source: Beecham Research qtd. in Software AG)

    Common obstacles

    These barriers make IoT challenging to implement for many organizations:
    • Solutions managed outside of IT, whether through an operational technology team or an outsourced vender, will require a comprehensive approach that encourages collaboration, common understandings of risk, and the ability to embrace change.
    • Technical expertise required will be broad and deep for a multi-solution implementation. Many types of devices, with varied connections and communications methods, will need to be architected with flexibility to accommodate changing technology and scalability needs.
    • Understanding the myriad options available and where it makes sense to deploy cutting-edge vs. proven technologies, as well as edge computing and digital twins.
    • External consultants specializing in IoT may need to be engaged to make these complex solutions successful, and they also need to be skilled in facilitating discussions within teams to bring them to a common understanding.
    • Analysis skills and a data strategy will be key to successfully correlating data from multiple sources, and AI will be key to making sense of vast amounts of data available and be able to use it for predictive work. According to the Microsoft IoT Signals report of October 2020, “79% of organizations adopt AI as part of their IoT solution, and those who do perceive IoT to be more critical to their company’s success (95% vs. 82%) and are more satisfied with IoT (96% vs. 87%).“
    Pie chart with two tiers titled 'Challenges to using IT'. The inner circle are challenge categories like 'Security', 'Lack of budget/staff', and the outer circle are the more specific challenges within them, such as 'Concerned about consumer privacy' and 'No human resources to implement & manage'.
    (Source: Microsoft IoT Signals, Edition 2, October 2020 n=3,000)

    Internet of Things Framework

    Interoperability of multiple IoT systems and data will be required to maximize value.

    GOVERNANCE

    What should I build? What are my concerns?
    Where should I build it? Why does it need to be built?

    DATA MODEL ——› BUSINESS OPERATING MODEL
    Data quality
    Metadata
    Persistence
    Lifecycle
    Sales, marketing
    Product manufacturing
    Service delivery
    Operations

    |—›

    BUSINESS USE CASE

    ‹—|
    Customer facing Internal facing ROI
    ˆ
    |
    ETHICS
    Deliberate misuse
    Unintentional consequences
    Right to informed consent
    Active vs. passive consent
    Bias
    Profit vs. common good
    Acceptable/fair use
    Responsibility assignment
    Autonomous action
    Transparency
    Vendor ethical implications
    ˆ
    |
    TECHNICAL OPERATIONAL MODEL
    Personal data
    Customer data
    Non-customer data
    Public data
    Third-party business data
    Data rights/proprietary data
    Identification
    Vendor data
    Profiling (Sharing/linkage of data sets)

    CONTROLS

    How do I operate and maintain it?

    1. SECURITY
      • Risk identification and assessment
      • Threat modeling – ineffective because of scale
      • Dumb, cheap endpoints without users
      • Massive attack surface
      • Data/system availability
      • Physical access to devices
      • Response to anonymized individuals
    2. COMPLIANCE
      • Internal
      • External
        NIST, SOC, ISO
        Profession/industry
      • Ethics
      • Regulatory
        PII, GDPR, PIPEDA
        Audit process
    1. OPERATIONAL STANDARDS
      • Industry best practices
      • Open standards vs. proprietary ones
      • Standardization
      • Automation
      • Vendor management
    2. TECHNICAL OPERATIONAL MODEL
      • Platforms
      • Insourcing/outsourcing
      • Acquisition
      • Asset management
      • Patching
      • Data protection
      • Source image control
      • Software development lifecycle
      • Vendor management
      • Disposition/disposal

    BRIDGING THE PHYSICAL WORLD AND THE VIRTUAL WORLD

    How should it be built?

    Diagram with 'Physical World' 'Internet of Things Devices' on the left, connected to 'Virtual World' 'Central Compute (Cloud/Data Center)', 'Edge Computing', and 'Business Systems and Applications' via 'Data - data-verified= Data Normalization' from physical to virtual and 'Instructions' from virtual to physical.">

    Insight summary

    Real value to the business will come from insights derived from data

    Many point solutions will solve many business issues and produce many data sets. Ensure your strategy includes plans on how to leverage data to further your organizational goals. A data specialist will make a significant difference in helping you determine how best to aggregate and analyze data to meet those needs.

    Provide the right level of oversight to help the business adopt IoT

    Regardless of who is initiating the request or installing the solution, it’s critical to have a framework that protects the organization and their data and a plan for managing the devices.

    The business doesn’t always know what questions to ask, so it’s important for IT to enable them if moving to a business-led innovation model, and it’s critical to helping them achieve business value early.

    Do a pre-implementation assessment to engage early and at the right level

    Many IoT solutions are business- and vendor-led and are hosted outside of the organization or managed inside the business unit.

    Having IT engage early allows the business to determine what level of support is appropriate for them, allows IT to ensure data integrity, and allows IT to ensure that security, privacy, and long-term operational needs are managed appropriately.

    Blueprint deliverables

    IoT Steering Committee Charter

    Create a steering committee to improve success of IoT implementations

    Sample of the IoT Steering Committee Charter.

    IoT Solution Playbook

    Create a framework to quickly evaluate IoT solutions to mitigate risks and increase success

    Sample of the IoT Solution Playbook.

    Blueprint benefits

    IT Benefits

    • Aggregation of processes and data may have compelling implications for increasing effectiveness of the business, but this may also increase risk. A framework will help to drive value while putting in appropriate guardrails.
    • IoT use cases may be varied within many industries, and the use of many types of sensors and devices complicates management and maintenance. A common understanding of how devices will be tracked, managed, and maintained is imperative to IT securing their systems and data.
    • A pilot program to evaluate effectiveness and either reject or move forward with a plan to onboard the solution as quickly as possible will ensure quick time to value and enable immediate implementation of controls to meet operational and security requirements.

    Business Benefits

    • Aggregation of many disparate groups of data can provide new insights into the way an organization interacts with its clients and how clients are using products and services.
    • As organizations innovate and new IoT solutions are introduced to the environment, solutions need to be evaluated quickly to determine if they’re going to meet the business case and then determine what needs to be put in place for technology, process, and policy to ensure success.
    • As new solutions are introduced, anyone who may be impacted through this new data-collection process will need to be informed and feel secure in the way information is analyzed and managed. This project will provide the framework to quickly assess the risks and develop a communications plan.

    Evaluate digital transformation opportunities with these guiding principles for smart solutions

    Problem & opportunity focus
    • Search for real problems to solve, with visible improvement possibilities
    • Don’t choose technology for technology’s sake
    • Keep an eye to the future
    • Strategic foresight
    Piece by piece
    • Avoid the “Big Bang” approach
    • Test technologies in multiple conditions
    • Run inexpensive pilots
    • Increase flexibility
    • Technology ecosystem
    User buy-in
    • Collaborate with the community
    • Gain and sustain support
    • Increase uptake of city technology
    • Crowdsource community ideas
    Recommendations:
    Focus on real problems • Be a fast follower • Build a technology ecosystem

    Info-Tech Insight

    When looking for a quick win, consider customer journey mapping exercises to find out what it takes to do the work today, for example, map the journey to apply for a building permit, renew a license, or register a patient.

    Measure the value of IoT

    There is a broad range of solutions for IoT all designed to collect information and execute actions in a way designed to increase profitability and/or improve services. McKinsey estimates value created through interoperability will account for 40% to 60% of the potential value of IoT applications.

    Revenue Generating
    • Production increases and efficiency
    • Reliability as data quality increases
    • New product development opportunities through better understanding of how your products are used
    • New product offerings with automated data collection and analysis of aggregated data
    Improved outcomes
    • Improved wellness programs for employees and patients through proactive health management
      • Reduction in health care/insurance costs
      • Reduction in time off for illness
    • Reduction in human error
    • Improved safety – fewer equipment malfunction incidents
    • Sustainability – reduction in emissions
    Increased access to data, especially if aggregating with other data sources, will increase opportunities for data analysis leading to more informed decision making.
    Cost Avoidance
    • Cost efficiency – lower energy consumption, less waste, improved product consumption
    • Reliability – reduced downtime of equipment due to condition-based maintenance
    • Security – decrease in malware attacks
    Operational Metrics
    • # supported devices
    • % of projects using IoT
    • % of managed systems
    • % of increase in equipment optimization

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 4 to 8 calls over the course of 2 to 4 months.

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3
    Call #1: Determine steering committee members and mandates.

    Call #2: Define process for meeting and assessing requests.

    Call #3: Define the intake process.

    Call #4: Define the role of the BRM & assessment criteria.

    Call #5: Define the process to secure funding.

    Call #6: Define assessment requirements for other IT groups.

    Call #7: Define proof of value process.

    Create and Implement an IoT Strategy

    Phase 1

    Define your governance process

    Steering Committee

    1.1 Define the committee’s roles and responsibilities in the IoT Steering Committee Charter

    1.2 Define the IoT steering committee’s vision statement and mandates

    1.3 Define procedures for reviewing proposals and roles and responsibilities

    Intake Process

    2.1 Define requirements for requesting new IoT solutions

    2.2 Define procedures for reviewing proposals and projects – BA/BRM

    2.3 Define procedures for reviewing proposals and projects – Data specialists

    2.4 Define procedures for reviewing proposals and projects – Privacy & Security

    2.5 Define procedures for reviewing proposals and projects – Infrastructure & Operations

    2.6 Define service objectives and evaluation process

    Proof of Value

    3.1 Determine the criteria for running a proof of value

    3.2 Define the template and process for running a proof of value

    This phase will provide the following activities

    • Create the steering committee project charter
    If a steering committee exists, it may be appropriate to define IoT governance under their mandate. If a committee doesn’t already exist or their mandate will not include IoT, consider creating a committee to set standards and processes and quickly evaluate solutions for feasibility and implementation.

    Create an IoT steering committee to ensure value will be realized and operational needs will be met

    The goals of the steering committee should be:

    • To align IoT initiatives with organizational goals. 
    • To effectively evaluate, approve, and prioritize IoT initiatives.
    • To approve IoT strategy & evaluation criteria.
    • To reinforce and define risk evaluation criteria as they relate to IoT technology.
    • To review pilot results and confirm the value achievement of approved IoT initiatives.
    • To ensure the investment in IoT technology can be integrated and managed using defined parameters.

    Assemble the right team to ensure the success of your IoT ecosystem

    Business stakeholders will provide clarity for their strategy and provide input into how they envision IoT solutions furthering those goals and how they may gain relevant insights from secondary data.

    As IoT solutions move beyond their primary goals, it will be critical to evaluate the continually increasing data to mitigate risks of unintended consequences as new data sets converge. The security team will need to evaluate solutions and enforce standards.

    CDO and analysts will assess opportunities for data convergence to create new insights into how your services are used.

    Lightbulb with the word 'Value' surrounded by categories relative to the adjacent paragraph, 'Data Scientists', 'Security and Privacy', 'Business Leaders', 'IT Executives', 'Operations', and 'Infrastructure & Enterprise Architects'. IT stakeholders will be driving these projects forward and ensuring all necessary resources are available and funded.

    Operational plans will include asset management, monitoring, and support to meet functional goals and manage throughout the asset lifecycle.

    Each solution added to the environment will need to be chosen and architected to meet primary functions and secondary data collection.

    Identify IoT steering committee participants to ensure broad assessment capabilities are available

    • The committee should include team members experienced enough to provide an effective assessment of IoT projects, and to provide input and oversight regarding business value, privacy, security, operational support, infrastructure, and architectural support.
    • A data specialist will be critical for evaluating opportunities to expand use of data and ensure data can be effectively validated and aggregated. Additional oversight will be needed to review aggregated data to protect against the unintended consequences of having data combined and creating personas that will identify individuals.
    • Additional experts may be invited to committee meetings as appropriate, and ideas should be discussed and clarified with the business unit bringing the ideas forward or that may be impacted by solutions.
    • Invite appropriate IT and business leaders to the initial meeting to gain agreement and form the governance model.

    Determine responsibilities of the committee to gain consensus and universal understanding

    Icon of binoculars. STRATEGIC
    ALIGNMENT
    • Define the IoT vision in alignment with the organizational strategy and mission.
    • Define strategy, policies and communication requirements for IoT projects.
    • Assess and bring forward proposals to utilize IoT to further organizational strategy.
    Icon of a person walking up an ascending bar graph. VALUE
    DELIVERY
    • Define criteria for evaluating and prioritizing proposals and projects.
    • Validate the IoT proposals to ensure value drivers are understood and achievable.
    • Identify opportunities to combine data sets for secondary analysis and insights.
    Icon of a lightbulb. RISK
    OPTIMIZATION
    • Evaluate data and combined data sets to avoid unintended consequences.
    • Ensure security standards are adhered to when integrating new solutions.
    • Reinforce privacy regulations, policy, and communications requirements.
    Icon of an arrow in a bullseye. RESOURCE
    OPTIMIZATION
    • Identify and validate investment and resource requirements.
    • Evaluate technical requirements and capabilities.
    • Align IoT management requirements to operations goals within IT.
    Icon of a handshake. PERFORMANCE
    MANAGEMENT
    • Assess validity of pilot project plan, including success criteria.
    • Identify corner cases to assess functionality and potential risks beyond core features.
    • Monitor progress, evaluate results, and ensure organizational needs will be met.
    • Evaluate pilot to determine if it will be moved into full production, reworked, or rejected.

    1.1 Exercise:
    Define the committee’s roles & responsibilities in the IoT steering committee charter

    1-3 hours

    Input: Current policies and assessment tools for security and privacy, Current IT strategy for introducing new solutions and setting standards

    Output: List of roles and responsibilities, High-level discussion points

    Materials: Whiteboard/flip charts, Steering committee workbook

    Participants: IT executive, Privacy & Security senior staff, Infrastructure & Operations senior staff, Senior data specialist, Senior business executive(s)

    1. Identify and document core and auxiliary members of the committee, ensuring all important facets of the IoT environment can be assessed.
    2. Identify and document the committee chair.
    3. Gain consensus on responsibilities of the steering committee.

    Download the IoT Steering Committee Charter

    Define the vision statement for the IoT committee to clarify mandate and communicate to stakeholders

    The vision statement will define what you’re trying to achieve and how. You may have the statement already solidified, but if not, start with brainstorming several outcomes and narrow to less than 5 focus areas.

    A vision statement should be concise and should be in support of the overall IT strategy and organizational mission. The vision statement will be used as a high-level guide for defining and assessing proposed solutions and evaluating potential outcomes. It can be used as a limiter to quickly weed out ideas that don’t fit within the mandate, but it can also inspire new ideas.

    • Support innovation
    • Enable the business
    • Enable operations for continual value

    New York City has a broad plan for implementing IoT to meet several aspects of their overall strategy and subsequently their IT strategy. Their strategic plan includes several focus areas that will benefit from IoT:
    • A vibrant democracy
    • An inclusive economy
    • Thriving neighborhoods
    • Healthy lives
    • Equity and excellence in education
    • A livable climate
    • Efficient mobility
    • Modern infrastructure
    Their overall mission is: “OneNYC 2050 is a strategy to secure our city’s future against the challenges of today and tomorrow. With bold actions to confront our climate crisis, achieve equity, and strengthen our democracy, we are building a strong and fair city. Join us.”

    In order to accomplish this overall mission, they’ve created a specific IT vision statement: “Improve digital infrastructure to meet the needs of the 21st century.”

    This may seem broad, and it includes not just IoT, but also the need to upgrade infrastructure to be able to enable IoT as a tool to meet the needs to collect data, take action, and better understand how people move and live within the city. You can read more of their strategy at this
    link: http://onenyc.cityofnewyork.us/about/

    1.2 Exercise:
    Define the IoT steering committee’s vision statement and mandate

    1 hour

    Input: Organizational vision and IT strategy

    Output: Vision statement

    Materials: Whiteboard/flip charts, Steering committee workbook

    Participants: Steering committee, which may include: IT executive, Privacy & Security senior staff, Infrastructure & Operations senior staff, Senior data specialist, Senior business executive(s)

    1. Starting with the organizational mission statement, brainstorm areas of focus with the steering committee and narrow down the statement.
    2. Make sure it’s broad enough to encompass your goals, but succinct enough to allow you to identify projects that don’t meet the vision.
    3. Test with a few existing ideas.
    4. Document in your steering committee charter.

    Download the IoT Steering Committee Charter

    Use the COPIS methodology to define your project review process

    COPIS is a customer-focused methodology used to focus on the areas around the process, ensuring a holistic view starting with who the customer is and what they need, then building out the process and defining what will be required to be successful and who will be involved in fulfilling the work.

    Customer

    • Executive leadership
    • Business leaders

    Outputs

    • Risk assessment
    • Approvals to proceed
    • Pilot plan
    • Assessment to approve for production or reject

    Process

    • Review proposals
    • Ask questions and discuss with proposer & committee
    • Review pilot & testing plan
    • Engage with IT Team to define requirements

    Inputs

    • Request form including:
    • New idea
    • Business value defined
    • Data collected
    • Initial risk assessment
    • Implementation plan
    • Definition of success

    Suppliers

    • IT operations team
    • Device and software vendors
    • IT leaders
    • Risk committee
    Agenda & process flow



    Determine where people will access request form Ending point
    Sequence of right-facing arrows labelled 'Agenda & process flow'. Text in each arrow from left to right reads 'Confirm attendees required are in attendance', 'Review open action items', 'Assess new items', 'Assess prioritization', 'Review metrics & pilots in progress', 'Decisions & recommendations'.

    Create a committee charter to ensure roles are clarified and mandates can be met

    The purpose of the committee is to quickly assess and protect organizational interests while furthering the needs of the business

    The committee needs to be seen as an enabler to the business, not as a gatekeeper, so it must be thorough but responsive.

    The charter should include:
    • The vision to ensure clarity of purpose.
    • IoT mandates to focus the committee on assessment criteria.
    • Roles, responsibilities, and assignments to engage the right people who will provide the kind of guidance needed to ensure success.
    • Procedures to make the best use of each committee member’s time.
    • Process flow to guide evaluations to avoid unnecessary delays while reducing organizational risks.
    Stock image of someone reading on a tablet.

    1.3 Exercise:
    Define procedures for reviewing proposals and projects

    2-3 hours

    Input: Schedules of committee members, Process documentation for evaluating new technology

    Output: Procedures for reviewing proposals, Reference documentation for evaluating proposals

    Materials: Whiteboard/flip charts, Steering committee workbook

    Participants: Steering committee, which may include: IT executive, Privacy & Security senior staff, Infrastructure & Operations senior staff, Senior data specialist, Senior business executive(s)

    1. Discuss as a group how often you will meet for reviews and project updates. Which roles will have veto rights on project approvals?
    2. Define the intake process and requirements for scheduling based on average lead time to get the group together and preview documentation.
    3. Identify where process documentation already exists to use for evaluation of proposals and projects, and what needs to be created to quickly move from evaluation to action phases.
    4. Define basic rules of engagement.
    5. Define process flow using COPIS methodology as a framework. Note the different stages that may be part of the intake flow. Some business partners may bring solutions to IT, and others may just have an idea that needs to be solutioned.

    Download the IoT Steering Committee Charter

    Create and Implement an IoT Strategy

    Phase 2

    Define the intake and assessment process

    Steering Committee

    1.1 Define the committee’s roles and responsibilities in the IoT Steering Committee Charter

    1.2 Define the IoT steering committee’s vision statement and mandates

    1.3 Define procedures for reviewing proposals and roles and responsibilities

    Intake Process

    2.1 Define requirements for requesting new IoT solutions

    2.2 Define procedures for reviewing proposals and projects – BA/BRM

    2.3 Define procedures for reviewing proposals and projects – Data specialists

    2.4 Define procedures for reviewing proposals and projects – Privacy & Security

    2.5 Define procedures for reviewing proposals and projects – Infrastructure & Operations

    2.6 Define service objectives and evaluation process

    Proof of Value

    3.1 Determine the criteria for running a proof of value

    3.2 Define the template and process for running a proof of value

    This phase will provide the following activities

    • Define requirements for requesting new IoT solutions
    • Define procedures for review proposals and projects
    • Define service objectives and evaluation process for reviewing proposals and projects

    Determine what information is necessary to start the intake process

    To encourage your business leaders to engage IT in evaluating and appropriately supporting the solution, start with an intake process that is simple and easily populated with business information.
    • Review intake forms from the PMO or build your own from the IoT Solution Playbook:
    • Start by asking for a clear picture of the solution. Ensure the requester can clearly articulate the business benefit to the solution, including what issues are being resolved and what success looks like.
    • Requesters may not be expected to seek out all relevant information to make the decision.
      • Consider providing a business analyst (BA) to assist with data gathering for further assessment and to launch the review process.
      • Review may require additional steps if it is not clear the proposed solution will perform as expected and could include conversations with the vendor or a determination that a full requirements-gathering process may need to be done.
    • Typically, a BA will launch the review process to have appropriate experts assess the feasibility of the solution; assess regulatory, privacy, and security concerns; and determine the level of involvement needed by IT and the project managers.
    • Have options for different starting points. Some requesters may be further along in their research as they know exactly what they want, while others will be early in the idea stage. Don’t discourage innovation by creating more work than they’re able to execute.

    Business goals and benefits are important to ensure the completed solution meets the intended purpose and enables appropriate collection, analysis, and use of data in the larger business context.

    Ongoing operational support and service need to be considered to ensure ongoing value, and adherence to security and privacy policies is critical.

    2.1 Exercise:
    Define requirements for requesting new IoT solutions

    1 hour

    Input: Business requirements for requesting IT solutions

    Output: Request form for business users, Section 1 of the IoT Solution Playbook

    Materials: Whiteboard/flip charts, IoT Solution Playbook

    Participants: Steering committee, which may include: IT executive, Privacy & Security senior staff, Infrastructure & Operations senior staff, Senior data specialist, Senior business executive(s)

    1. Review template for the IoT Solution Playbook to ensure it meets your needs; modify as necessary.
    2. Determine requirements for initiating an assessment.
      1. Will a business case be necessary to start, or can the assessment feed into the business case?
      2. How can you best access the work already done by the requester to not start over?
      3. Determine the right questions to understand how they will define success to ensure this solution will do what they need.
      4. Do you need a breakdown of the way they do the job today?
      5. What level of authorization needs to be on the request to move forward?
    3. Try to balance the effort of the requester against their role. Don’t expect them to investigate solutions beyond the business value.
    4. Provide them with a means to provide you any information they have gathered, especially if they have already spoken to vendors.

    Download the IoT Solution Playbook

    Define what role the BA or BRM will play to support the request process

    Identify questions that will need to be answered in order to assess if the solution will be fit for purpose, to help build out business cases, and to enable the appropriate assessments and engagement with project managers and technical teams.
    • Project sponsorship is key to moving the project ahead. Ensure the project sponsor and business owner will be in alignment on the solution and business needs.
    • Note any information that will help to prioritize this project among all other requests. This will feed into implementation timing and the project management needs, resourcing, and vendor engagement required.
    • Determine if a proof of value would be an asset. A proof of value can be time consuming, but it can mitigate the risks of large-scale failures.
    • Ask about data collection and data type, which will be a major part of the assessment for the data team and for security, privacy, infrastructure, and operational assessments.
    • Determine if any actions will need to be taken, which might include data transfer, notifications and alerts, or others. This may require additional discussions on actuators, RPA, data stores, and integrations.
    • Determine if any automation will be part of the solution, as this will help to inform future discussions on power, connectivity, security, and privacy.

    Download the blueprint Embed Business Relationship Management in IT if you need help to support the business in a more strategic manner.

    Info-Tech Insight

    Understanding the business issue more deeply can help the business analyst determine if the solution needs a review of business process as well as helping to build out the requirements well enough to improve chances of success.

    The BA should be able to determine initial workload and involvement of project managers and evaluators.

    Clearly articulate the business benefits to secure funding and resources

    If the business users need to build a business case, the information being collected will help to define the value, estimate costs, and evaluate risk

    IoT point solutions can be straightforward to articulate the business benefits as they will have very specific benefits which will likely fit into one of these categories:
    • Financial – to increase profitability or reduce costs through predictive maintenance and efficiency.
    • Business Development – innovation for new products, services, and methodologies
    • Improve specific outcomes – typically these will be industry specific, such as improved patient health care, reduced traffic congestion or use of city resources, improved billing, or fire prevention for utility companies.

    As you start to look at the bigger picture of how these different systems can bring together disparate data sets, the benefits will be harder to define, and the costs to implement this next level of data analysis can be daunting and expensive.

    This doesn’t necessitate a complete alignment of data collection purposes; there may be benefits to improving operations in secondary areas such as updating HVAC systems to reduce energy costs in a hospital, though the updated systems may also include sensors to monitor air quality and further improve patient outcomes.

    In these cases, there may be future opportunities to use this data in unexpected ways, but even where there aren’t, applying the same standards for security, privacy, and operations should apply.

    Table titled 'Increasing productivity through efficiency and yield are the top benefits organizations expect to see from IoT implementations' with three columns, one for type of benefit (ie efficiency, yield, quality, etc), one for different IoT implementations and one for percent increase.
    (Microsoft IoT Signals Report 2020, n= 3,000 IT Professionals)

    2.2 Exercise – BA/BRM: Define procedures for reviewing proposals and projects

    1 hour

    Input: Process documentation for evaluating new technology, Business case requirements

    Output: Interview questions and assessment criteria for BA/BRM

    Materials: Whiteboard/flip charts, IoT Solution Playbook

    Participants: Steering committee, which may include: Business analyst or business relationship manager, IT executive(s), Senior data specialist, Senior business executive(s)

    1. Review template for the IoT Solution Playbook to ensure it meets your needs; modify as necessary.
    2. Identify the questions that will need to be asked of the business to determine whether the request will be fit for purpose.
    3. Additional questions may help to:
      1. Identify project sponsors to determine if requirements are defined or need to be, and who will champion this project through to implementation.
      2. Identify what additional work will be needed for you to shepherd the project through the various stage gates.
      3. Identify any prioritization criteria including business-specific milestones and outcomes.
    4. Document when a formal business case needs to be created.

    Download the IoT Solution Playbook

    Assess the vendor’s solution for accessibility to ensure data will be available and useable

    Data governance, including stewardship and ownership; lineage; and the ability to scale, deduplicate, normalize, validate, and aggregate disparate data will be critical to being able to analyze data to execute on strategic goals.

    If your organization isn’t poised to manage and make the best use of the data, see Info-Tech’s related blueprints:

    Relevant Research: Diagnostic:
    Data ownership is important to establish early on, as the owner(s) will be accountable for how data is used and accessed. Data needs to be owned by the organization (not the vendor) and needs to be accessible for:
    • Regulatory compliance.
    • Data quality and validation.
    • Data normalization.
    • Data aggregation and analysis.
    Vendor assessments need to investigate how data will be accessed, where data is normalized and how data will be validated.
    Data validation will have different levels of importance depending on the use case. Where data validation is critical, there may be a need to double up sensors in key areas, validate against adjacent sensors, better understand how and where data will be collected.
    • Infrared sensors may include intelligence to count people or objects.
    • Cameras might require manual counts but may provide better images.
    • Good quality images may require technology to distort faces for privacy.
    If data validation will include non-sensor data, such as validation against a security access database or visitor log, access to the data for validation may be required in near real time.

    Determine how often you need to access and download data

    Requirements will vary depending on whether sensors are collecting data for later analysis or if they are actuators that need to process data at the source.

    Determine where the data will reside and how it will be structured. If it will be open and controlled within your own environment, confer with your data team to ensure the solution is integrated into your data systems. If, however, the solution is a point solution which will be hosted by the vendor, understand who will be normalizing the data and how frequently you can export or transfer it into your own data repository. If APIs will need to be installed to enable data transfer, work with the vendor to test them.

    Self-contained or closed solutions may be quick to install and configure and may require minimal technical support from within your own IT team, but they will not provide visibility to the inner workings of the solution. This may create issues around integration and interoperability which could limit the functionality and usability beyond the point solution.

    If the solution chosen is a closed system, determine how you will need to interact with the vendor to gain access to the data. Interoperability may not be an option, so work with the vendor to set up a regular cadence for accessing the data.

    Questions for the vendor could include:

    1. How often can we access the data? Will the vendor push it on a regular basis? Is it on demand?
    2. Or will we need to pull the data? Is there an API?
    3. Will the data be normalized?
    4. Will the data be transferred, or will the vendor keep a historical record?
    5. Are there additional fees for archiving or for data extraction?
    Stock image of a large key inserted into the screen of a laptop.

    Identify whether digital twins are needed

    Create a virtual world to safely test and fail without impacting the real-world applications.

    As actuators are processing information and executing actions, there may be a benefit to assess the effectiveness and impact of various scenarios in a safe environment. Digital twins enable the creation of a virtual world to test these new use cases using real world scenarios.

    These virtual replicas will not be necessary for every IoT application as many solutions will be very straightforward in their application. But for those complex systems, such as smart buildings, smart cities and mechanically complex projects, digital twins can be created to run multiple simulations to aid in business continuity planning, performance assessments, R&D and more.

    Due to the expense and complexity of creating a full digital twin, carefully weighing the benefits, and identifying how it will be used, can help to build the business case to invest in the technology. Without the skills in house, reliance on a vendor to create the model and test scenarios will likely be part of the overall solution.

    The assessment will also include understanding what data will be transferred into the model, how often it will be updated, how it will be protected and who will need to be involved in the modeling process.

    Download the blueprint: Double Your Organization’s Effectiveness With a Digital Twin. if you need more information on how to leverage digital twin technology.

    Stock image of a twin mirroring the original person's action.

    To fully realize value in IoT, think beyond single use case solutions to leverage the data collected

    Expertise in data analysis will be key to moving forward with an enterprise approach to IoT and the data it produces.
    • A single IoT solution can add hundreds of sensors, collecting a wide variety of data for specific purposes. If multiple solutions are in place, there may be divergent data sets that may never be seen by anyone other than their specific data stewards.
    • Many organizations have started out with one or two solutions that support their primary business and may include some more mature offerings such as HVAC systems, which have used sensors for years. However, not all data is used today. In many cases, data is used for anomaly detection to improve operations, and only the non-standard information is used for alerting. McKinsey estimates less than 1% of data is used in these applications, with the remaining data stored or deleted, rather than used for optimization and predictive analysis.
    • Thinking beyond the initial use cases, there may be opportunities to create new services, improve services for existing products, or improve insights through analysis of juxtaposed data.
    • McKinsey reports up to $11.1 trillion a year in economic value may be possible by 2025 through the linking of the physical and digital worlds. Personal devices and all industries are potential growth areas – though factories and anywhere that could use predictive maintenance, cities, retail, and transportation will see the largest probable increases. Interoperability was identified as being required to maximize value, accounting for 40% to 60% of the potential value of IT applications.
    • Where data is used to correct and control anomalies, very little data is retained and used for optimization or predictive analysis. By taking a deliberate approach to normalize, correlate, and analyze data, organizations can gain insight into the way their products are used, benefit from predictive maintenance, improve health care, reduce costs, and more.
    (Source: McKinsey, 2015)

    By 2025 an estimated data volume of 79.4 zettabytes will be attributed to connected IoT devices. (Statistia)

    Build data governance and analysis into your strategy to find new insights from correlating new and existing data

    As a point solution, IoT provides a means to collect large amounts of data quickly and act. When determining the use case for IoT and best fit solutions, it’s important to think about what data needs to be collected and what actions will need to be coordinated. As the need for more than just a few IoT solutions surfaces, the complexity and potential usefulness of data increases. This can lead to significant changes to the scope of data collection, storage, and analysis and may lead to unintended consequences.
    • Some industries, such as governments looking to build smart cities, will have a very broad range of opportunities for IoT devices, as well as high levels of difficulty managing very disparate systems; other industries, such as healthcare, will have very focused prospects for data collection and analysis.
    • In any case, the introduction of new IoT solutions can create very large amounts of data quickly, and if used only for a single purpose, there may be lost opportunity for expanding use of data to better understand your product, customers, or environment.
    • Don’t limit analysis to only IoT-collected data, as this can be consolidated with other sources for validation, enhancement, and insights. For example, fleet transponders can be connected to travel logs and dispatch records for validation and evaluation of fuel and resource consumption.
    • Determine the best time and methods for consolidation and normalization; consider using data consolidation vendors if the expertise is not available in-house.
    • As data combines, there may be unintended consequences of unique anonymous identifiers combining to identify employees or customers, and the potential for privacy breeches will need to be evaluated as all new systems come on-line.

    “We find very little IoT data in real life flows through analytics solutions, regardless of customer size. Even in the large organizations, they tend to build at-purpose applications, rather than creating those analytical scenarios or think of consolidating the IoT data in a data lake like environment.” (Rajesh Parab, Info-Tech Research Group)

    2.3 Exercise – data specialists: Define criteria for assessing proposals and projects

    1-2 hours

    Input: Process documentation for evaluating new technology, Data governance documents

    Output: Interview questions and assessment criteria for data specialists

    Materials: Whiteboard/flip charts, IoT Solution Playbook

    Participants: Steering committee, which may include: Business analyst or business relationship manager, IT executive, Senior data specialist, Senior business executive(s), Privacy & Security senior staff, Infrastructure & Operations senior staff

    1. Review template for the IoT Solution Playbook to ensure it meets your needs; modify as necessary.
    2. Identify the questions that will need to be asked of the solution to ensure data governance and accessibility needs will be met.
    3. Additional questions may help to:
      1. Identify data owners or stewards to determine who will have authority over data and ensure their needs will be met.
      2. Identify what additional work will be needed for the data team to access, validate, normalize, and centralize data.
      3. Identify any concerns that will identify the solution as unviable.
      4. Identify any risks to data accessibility which will require mitigation.

    This initial review is designed to identify risks to data ownership or integrity and ensure data is available for additional uses as deemed appropriate to the organizational goals. This assessment is designed to find major flaws and to mitigate and integrate should the project be approved as viable.

    Download the IoT Solution Playbook

    Security assessments will need to include risk reviews specific to IoT

    The increase of data collectors and actuators creates a large attack surface that could easily provide an entry point for hackers to connect into an organization’s network. Assess existing protocols and risk registry to ensure all IoT systems are reviewed for security threats.

    The significant increase in devices and applications will require a review of security practices related to IoT to understand and mitigate risks. Even if the data collected is not considered integral to the business, such as with automated HVAC systems or an aquarium monitoring system, the devices can provide an entry point to access the network.

    IoT and ICS devices are functionally diverse and may include more mature solutions that have been acquired many times over. There are a wide variety of protocols that may not be recognized by vulnerability scanners as safe to operate in your environment. Many of these solutions will be agentless and may not be picked up by scanners on the network. Without knowing these devices exist or understanding the data traffic patterns, protecting the devices, data, and systems they’re attached to becomes challenging.

    Discovery and vulnerability scanners tuned specifically for IoT to look for and allow unusual protocols and traffic patterns will enable these devices to operate as designed without being shut down by vulnerability scanners protecting more traditional devices and traffic on an IT network. Orphaned devices can be found and removed. Solutions that will provide detailed asset inventories and network topologies will improve vulnerability detection.

    Systems that are air gapped or completely segregated may provide a layer of protection between IoT devices and the corporate network, but this may create additional difficulties in vulnerability assessment, identifying and responding to active threats, or managing the operational side. Additionally, if there are still functional connections between these systems for traffic to flow back to central repositories, operational systems, or remote connections, there are still potential threats.

    If security controls are not yet documented, see Info-Tech’s related blueprints:

    Relevant Research: Diagnostic:

    Align risk assessments to your existing risk registry, to quickly approve low-risk solutions and mitigate high risk

    Work with the business owner to understand how these systems are designed to work. Tracking normal patterns of behavior and traffic flow may be key to fine-tuning security settings to accommodate these solutions and prevent false positive shutdowns, especially if using automated remediation. Is the business owner identified, and will they be accessible throughout the lifecycle of the solution?

    Physical security: Will these systems be accessible to the public, and can they be secured in a way to minimize theft and vandalism? Will they require additional housing or waterproofing? Could access be completely secured? For example, could anyone access and install malware on a disconnected camera’s SD card?

    Security settings: For ease of service and installation, a vendor may use default security settings and passwords. This can create easy access for hackers to access the network and access sensitive data. Is there a possibility of IP theft though access by sensors? Determine who will have remote access to the system, and if the vendor will be supporting the system, will they be using least privilege or zero trust models? Determine their adherence to your security policy.

    Internet and network access and monitoring: Review connectivity and data transmission requirements and whether these can be accommodated in a way that balances security with operational needs. Will there be a need for air gapping, firewalls, or secure tunnelling, and will these solutions allow for discovery and monitoring? Can the vendor guarantee there are no back doors built into the code? Will the system be monitored for unauthorized access and activity, and what is the response process? Can it be integrated into your security operations center?

    Failover state: IoT devices with actuators or that may impact health and safety will need to be examined. Can you ensure actions in event of a failure will not be negatively impactful? For example, a door that locks on failover and cannot be opened from the inside will create safety risks; however, a door that opens on failover could result in theft of property or IP. Who controls and can access these settings?

    Firmware updates: Assess the history of updates released by the vendor and determine how these updates are sent to the devices and validated. Ensure the product has been developed using trusted platforms with security lifecycle models. Many devices will have embedded security solutions. Ensure these can be integrated into organizational security solutions and risk mitigation strategies.

    Enterprise IoT strategy will require a focus on privacy and risk

    Data aggregation creates new privacy concerns as data may be used outside of the original project parameters. The change of scope will need to be evaluated to determine personally identifiable information and what new issues it can create for the program, organization, and your audience.

    As a point solution, IoT provides a means to collect large amounts of data and, if actuators are completing tasks, act quickly. When determining the use case for IoT and best fit solutions, it’s important to think about what data needs to be collected and what actions will need to be coordinated.

    As the need for more than just a few IoT solutions surfaces, the complexity and potential usefulness of data increases. This can lead to significant changes to the scope of data collection, storage, and analysis, and may lead to unintended consequences.

    Questions to ask your vendors:
    1. Where may there be physical access to sensors and a possibility of theft, and can the data be encrypted?
    2. What type of information is captured by sensors and stored in the solution?
    3. Where is personally identifiable information captured, and where is it stored? How will you meet regulatory requirements such as GDPR? Where does the data fit within existing retention policies, and how long should it be kept?
    4. Will there be a need to post signage or update privacy statements in response to the information being collected?

    If data classification, privacy, and security controls are not yet documented, see Info-Tech’s related blueprints:

    Relevant Research:

    Don’t make assumptions about the type of data gathered with devices – ask the vendor to clearly state how and what is collected

    Carefully review how this information can be used by machine learning, in combination with other solutions, and if there is a possibility of unintended consequences that will create issues for your customers and therefore your own data sets.

    Look for ways of capturing information that will meet your business requirements while mitigating risk of capturing personally identifiable information. Examples would be LiDAR to capture movement instead of video, or AI to blur faces or license plate numbers at time of image capture.

    This chart identifies data collected by smartphone accelerometers which could be used to identify and profile an individual and understand their behaviors.

    Mobile device accelerometer data

    Table of Mobile device accelerometer data with columns 'Detection of sound vibrations', 'Body movements', and 'Motion trajectory of the device', and a key for color-coding labelling purple items as 'Health', yellow items as 'Personality traits, moods & emotions', and green items 'Identification'.
    Overview of sensitive inferences that can be drawn from accelerometer data. (Source: Association for Computing Machinery, 2019.)

    2.4 Exercise – Privacy & Security specialists: Define criteria for assessing proposals and projects

    1-2 hours

    Input: Process documentation for evaluating new technology, Data governance documents

    Output: Interview questions and assessment criteria for Privacy & Security specialists

    Materials: Whiteboard/flip charts, IoT Solution Playbook

    Participants: Steering committee, which may include: Business analyst or business relationship manager, IT executive, Senior data specialist, Senior business executive(s), Privacy & Security senior staff, Infrastructure & Operations senior staff

    1. Review template for the IoT Solution Playbook to ensure it meets your needs; modify as necessary.
    2. Identify the questions that will need to be asked of the solution to ensure security and privacy needs will be met.
    3. Additional questions may help to:
      1. Identify biggest risks created by a large influx of sensors and additional vendors.
      2. Identify options for mitigating risks for privacy and regulatory requirements.

    This initial review is designed to identify risks to data ownership or integrity and ensure data is available for additional uses as deemed appropriate to the organizational goals. This assessment is designed to find major flaws and to mitigate and integrate should the project be approved as viable.

    Download the IoT Solution Playbook

    Review infrastructure requirements to proactively engage with vendors

    A modernized architecture will provide needed flexibility for onboarding new IoT solutions as well as providing the structure to collect, transport, and house data; however, not everything will be on the network. Knowing requirements for integrations, communications, and support will eliminate surprises during implementation.

    The supporting applications will be collecting and analyzing data for each of these solutions, with most being hosted on public clouds or privately by the vendor. Access to the applications for data collection may require APIs or other middleware to transfer data outside of their application. Data transfer may be unimportant if the data collected will stand alone and never be integrated to other systems, but it will be critical if IoT plans include retrieving, aggregating, and analyzing data from most systems. If these systems are closed, determine the process to get this information, whether it’s through scheduled exports or batch transfers.

    Determine if data will be backed up by the vendor or if backups are the responsibility of your team. Work with the business owner to better understand business continuity requirements to plan appropriately for data transmission, storage, and archiving.

    Network and communications will vary dramatically depending on where sensors and actuators are located. On-premises solutions may rely on Wi-Fi on your network or may require an air-gapped or segregated network. External sensors may rely on public Wi-Fi, cellular, or satellite, and this may impact reliability and serviceability. If manual data collection is required, such as collecting SD cards on trail cams, who will be responsible, and will they have the tools and data repository they need to upload data manually? Are you able to work with the vendor to estimate traffic on these networks, and how will that impact costs for cellular or satellite service?

    Investigate power requirements. On-premises solutions may require additional wiring, but if using wind or solar, what is the backup? If using batteries, what is the expected lifespan? Who will be monitoring, and who will be changing the batteries?

    Determine monitoring requirements. Who should be responsible for performance monitoring, outages, data transmission, and validation? Is this a vendor premium service or a process to manage in-house? If managed by the vendor, discuss required SLAs and their ability to meet them.

    If your organization is dealing with technical debt and older architecture which could prevent progress, see Info-Tech’s related blueprints to build out the foundation.

    Relevant Research:

    Determine operational readiness to support and secure IoT solutions

    Availability and capacity planning, business continuity planning, and management of all operational and support requirements will need to be put in place. Execution of controls, maintenance plans, and operational support will be required to mitigate risks and reduce value of the solutions.

    One of the biggest challenges organizations that have already adopted IoT face is management of these systems. Without an accurate inventory, it’s impossible to know how secure the IoT systems are. Abandoned sensors, stolen cameras, and old and unpatched firmware all contribute to security risks.

    Existing asset management solutions may provide the right solution, but they are limited in many cases by the discovery tools in place. Many discovery tools are designed to scan the network and may not have access to segregated or air-gapped networks or a means to access anything in the cloud or requiring remote access. Evaluate the effectiveness of current tools, and if they prove to be inadequate, look for solutions that are geared specifically to IoT as they may provide additional useful management capabilities.

    IoT management tools will provide more than just inventory. They can discover IoT devices in a variety of environments, possibly adding micro-agents to access device attributes such as name, type, and date of build, and allowing metadata and tags to be added. Additionally, these solutions will provide the means to deploy firmware updates, change configuration settings, send notifications if devices are taken offline, and run vulnerability assessments. Some may even have diagnostics tools for troubleshooting and remediation.

    If operational processes aren’t in place, see Info-Tech’s related blueprints to build out the foundation.

    Relevant Research: Diagnostic:

    Identify what needs to happen to onboard these solutions into your support portfolio

    Evaluate support options to determine the best way to support the business. Even if support is completely outsourced, a support plan will be critical for holding vendors to account, bringing support in-house if support doesn’t meet your needs, and understanding dependencies while navigating through incidents and problem- and change-enablement processes.

    Regular maintenance for your team may include battery swaps, troubleshooting camera outages or intermittent sensors, or deploying patches. Understand the support requirements for the product lifecycle and who will be responsible for that work. If the vendor will be applying patches and upgrading firmware, get clarity on how often and how they’ll be deployed and validated. Ask the vendor about support documentation and offerings.

    Determine the best ways of collecting inventory on the solution. Determine what the solution offers to help with this process; however, if the project plan requires specific location details to add sensors, the project list may be the best way to initially onboard the sensors into inventory.

    Determine if warranty offerings are an appropriate solution for devices in each project, to schedule and record appropriate maintenance details and plan replacements as sensors reach end of life. Document dependencies for future planning.

    Stock image of an electrical worker fixing a security camera.

    2.5 Exercise – Infrastructure & Operations specialists: Define criteria for assessing proposals and projects

    1-2 hours

    Input: Process documentation for evaluating new technology, Data governance documents

    Output: Interview questions and assessment criteria for Infrastructure & Operations specialists

    Materials: Whiteboard/flip charts, IoT Solution Playbook

    Participants: Steering committee, which may include: Business analyst or business relationship manager, IT executive, Senior data specialist, Senior business executive(s), Privacy & Security senior staff, Infrastructure & Operations senior staff

    1. Review template for the IoT Solution Playbook to ensure it meets your needs; modify as necessary.
    2. Identify the questions that will need to be asked of the solutions to ensure the solutions can be integrated into the existing environment and operational processes.
    3. Additional questions may help to:
      1. Reduce risks and project failures from solutions that will be difficult to integrate or secure.
      2. Improve project planning for projects that are often driven by the vendor and the business.
      3. Reduce operational risks due to lack of integration with asset and operational processes.

    This initial review is designed to identify risks to data ownership or integrity and ensure data is available for additional uses as deemed appropriate to the organizational goals. This assessment is designed to find major flaws and to mitigate and integrate should the project be approved as viable.

    Download the IoT Solution Playbook

    2.6 Exercise: Define service objectives and evaluation process

    1 hour

    Input: List of criteria in the playbook, Understanding of resource availability of solution evaluators

    Output: Steering committee criteria for progressing projects through the process

    Materials: Whiteboard/flip charts, IoT Steering Committee Charter workbook

    Participants: Steering committee, which may include: Business analyst or business relationship manager, IT executive, Senior data specialist, Senior business executive(s), Privacy & Security senior staff, Infrastructure & Operations senior staff

    Now that you’ve defined the initial review requirements, meet as a group once more to finalize the process for reviewing requests. Look for ways to speed the process, including asynchronous communications and reviews. Consider meeting as a group for any solutions that may be deemed high risk or highly complex.

    1. Agree on what can be identified as a reasonable SLA to respond to the business on these requests.
    2. Agree on methods of communication between committee members and the business.
    3. Determine the criteria for determining when a proof of value should be initiated, and who will lead the process.

    Download the IoT Steering Committee Charter

    Create and Implement an IoT Strategy

    Phase 3

    Prepare for a Proof of Value

    Steering Committee

    1.1 Define the committee’s roles and responsibilities in the IoT Steering Committee Charter

    1.2 Define the IoT steering committee’s vision statement and mandates

    1.3 Define procedures for reviewing proposals and roles and responsibilities

    Intake Process

    2.1 Define requirements for requesting new IoT solutions

    2.2 Define procedures for reviewing proposals and projects – BA/BRM

    2.3 Define procedures for reviewing proposals and projects – Data specialists

    2.4 Define procedures for reviewing proposals and projects – Privacy & Security

    2.5 Define procedures for reviewing proposals and projects – Infrastructure & Operations

    2.6 Define service objectives and evaluation process

    Proof of Value

    3.1 Determine the criteria for running a proof of value

    3.2 Define the template and process for running a proof of value

    This phase will provide the following activities

    • Create proof of value criteria
    • Create proof of value template

    A proof of value can quickly help you prove value or fail fast

    Investing a small amount of time and money up front will validate the possibility of your proposed solution.

    A proof of value will require a vision and definition of your criteria for success, which will be necessary to determine if the project should go ahead. It should take no longer than three months and may be as short as a week.

    When should you run a proof of value?

    • When it is difficult to confirm that the solution is fit for purpose.
    • When the value of the solution is indeterminate.
    • When the solution is early in its lifecycle and not widely proven in the marketplace.
    • When scalability is questionable or unproven.
    • When the solution requires customization or configuration.

    Info-Tech Insight
    Where a solution is well known in the market, requires minimal customization, and is proven to be fit for purpose, a shorter evaluation or conversations with reference clients or partners may be all that is necessary.

    Table titled 'Reasons IoT proof of value projects fail'. There is a column for type of project (ie Scaling, Business, etc), one for reasons, and one for percentages.
    (Microsoft IoT Signals Report 2020, n= 3,000 IT Professionals)

    3.1 Exercise: Define the criteria for running a proof of value

    1 hour

    Input: Agreement of steering committee members to create a process to mitigate risk for complex solutions.

    Output: Proof of value template for use as appropriate to evaluate IoT solutions.

    Materials: IoT Solution Playbook

    Participants: Steering committee, which may include: Business analyst or business relationship manager, IT executive, Senior data specialist, Senior business executive(s), Privacy & Security senior staff, Infrastructure & Operations senior staff

    1. As a group, review the circumstances for when to run a proof of value.
    2. Determine who will help to build the proof of value plan.
    3. Determine requirements for participation in the proof of value process. Consider project size, complexity and risk and visibility.

    Download IoT Solution Playbook

    Design your proof of value to test the viability of the solution

    Engage the right stakeholders early to gather feedback and analysis and determine suitability

    Determine the proof of value methodology to ensure plan allows for fast testing
    • Go back to the original request: What are the goals for implementing this solution? Has this been clearly defined with criteria for success?
    • Define the technical team that will configure the solution, including vendors and technicians. Ensure the vendor fully understands your use cases and goals. Identify the level of support you’ll need to be implement and assess the solution.
    • Define the testing team, including technical and business users. Complete a journey map if needed to define the use case(s) at the right level of detail.
    • Ensure the test use case(s) have been defined and they all agree on the definition of success.
    • Make sure the team is available to do the testing and provide feedback, as high adoption will improve feedback which will be critical to successfully implementing the full solution.
    • Determine how to evaluate scalability with process, resources, and capacity.
    • Evaluate the risks and obstacles to reject the solution or mitigate and prevent scope creep.
    • Evaluate the vendor’s roadmap, training materials, and technical support options.

    Info-Tech Insight

    Additional information on building out a process for testing new technology can be found in the blueprint: Exploit Disruptive Infrastructure Technology.

    “Although scope creep is not the only nemesis a project can have, it does tend to have the farthest reach. Without a properly defined project and/or allowing numerous changes along the way, a project can easily go over budget, miss the deadline, and wreak havoc on project success.” (University Alliance, Villanova University)

    Define your objectives for the proof of value

    Referencing documents submitted to the committee, continue to refine the problem statement.

    Objectives are a key first step to show the solution will meet your needs.
    • Every technology is designed to solve a problem faced by somebody somewhere. For each technology that your team has decided to move forward with, identify and clearly state the problem it would solve.
    • A clear problem statement is a crucial part of a new technology’s business case. It is impossible to earn buy-in from the rest of the organization without demonstrating the necessity of a solution.
    • Perfection is impossible to achieve, especially during a proof of value (POV). However, knowing the pain points of the way things are done without this technology, and noting a reduction in pain and increase in efficiency and accuracy of data gathering will help in the initial feedback of the tests. Ensure the proof of value includes data validation to test accuracy.

    Info-Tech Insight

    Know your metrics going into the proof of value. Document performance, quality, and time to do the work and compare to metrics in the proof of value. Agree on what success looks like, to ensure that improvements are substantial enough to justify the expense and effort of implementing the solution.

    Questions to consider:
    • What are the project’s goals?
    • What is the desired future state?
    • What problems must be solved to call the POV a viable solution?
    • Where will the project be rolled out? Are there any concerns about communications and power that may need to be addressed?
    • Are there any risks to watch for?

    Info-Tech Insight

    Be sure to avoid scope creep! Remember: the goal of the proof of value project is to produce a minimum case for viability in a carefully defined area. Reserve a detailed accounting of costs and benefits for after the proof of value stage.

    Define use cases to test against current methods

    Outline the solution to the problem

    Determine how the solution should perform in completing tasks. Be careful not to focus too heavily on how things are done today: You’re looking for dramatic improvements, not going back to existing workarounds.
    • The use case will help to define the scope of the project, define adjacent use cases or tasks that will be out of scope, and to contain the test to a reasonable effort and time frame, while still testing core functionality.
    • Map processes based on expectations of how the solution should work, and compare these to the way things are done today. Identify if there are obvious improvements to the existing processes that if done, would change the existing results significantly. Take this into account when reviewing results. (This will also be useful if the project isn’t approved or is delayed.)
    • Identify where tasks and data collection will be automated and where they will need to stay manual or require additional integrations or solutions such as RPA. These other solutions may not factor into the proof of value but will need to be identified on the solution roadmap if it goes ahead.

    Blocks with arrows in between them, like an example of a step progression.

    Define steps to reach these goals today:
    • Discuss steps to completion
    • Effort to collect data
    • Effort to validate and correct data
    • Effort and ability to use the data for decision making, understanding your customers, and process improvements
    • Quality of data available with current methods compared to quality and volume of data using an IoT solution

    Determine the appropriate project team

    Bring in team members from the business and technical sides to test for those functions that matter most to each team. This effort will enable them to quickly identify risks and mitigate them as part of the product rollout or start the process to look at alternative solutions.
    • Stakeholders: Anyone who is impacted by the new technology and who will end up using, approving, or implementing it. Identify team members who will be willing and able to test the systems for data quality, collection, and workflow improvements.
    • Data analysts: Include someone who can validate the usefulness of data to meet the needs of the organization.
    • Security & Privacy: Include these team members to validate their expectations of how privacy and security needs can be met.
    • Infrastructure & Operations: These team members can test integrations, data collections, traffic flow, etc.
    • Vendor: Discuss what part the vendor can play in setting up the solution for running the proof of value.
    • Other business units: Identify business units that could benefit or be impacted by this solution. Invite them to participate in the roof of value, but remember to contain scope.
    Leverage the insights of the diverse working group
    • Processes are designed to transform inputs into outputs. All business activities can be mapped into processes.
    • A process map illustrates the sequence of actions and decisions that transform an input into an output.
    • Effective mapping gives managers an “aerial” view of the company’s processes, making it easier to identify inefficiencies, reduce waste, and ultimately streamline operations.
    • To identify business processes, have group members familiar with the affected business units identify how jobs are typically accomplished within those units.
    • Ensure they have the time to test the solution and provide valid feedback.

    Estimate the resources required for the pilot

    Time, money, technology, resources

    The benefit of running a proof of value is to make a decision on viability of a solution without the expense of implementing a full solution. This isn’t necessary for low-risk, highly proven solutions, which could be validated with references instead.

    Estimate

    Estimate the number of hours needed to implement the proof of value.

    Estimate

    Estimate the hours needed for business users to test.

    Estimate

    Estimate the costs of technology. If the solution can be run in a vendor sandbox or in a test/dev instance in the cloud, you may be able to keep these costs very low.

    Determine

    Determine the appropriate number of devices to test in multiple locations and environments; work with the vendor to see if they have evaluation devices or discounts for proof of value purposes.

    Conduct a post-proof of value review to finalize the decision to move forward

    Gather evaluators together to ensure the pilot team completed their assessments. A common failure of pilots is making assumptions around the level of participation that has taken place.
    • The core working group is responsible for producing a vision of the future and outlining new technology’s disruptive potential. The actual implementation of the proof of value (purchasing the hardware, negotiating the SLA with the vendor) is beyond the committee’s responsibilities.
    • If the proof of value goes ahead, the facilitator should block some time to evaluate the completed project against the key performance indicators identified in the initial plan.
    • Use the Proof of Value Template section of the IoT Solution Playbook to document POV requirements as well as finalizing the feedback loop.
    • Determine ratings for the proof of value to identify which solutions are not viable and which levels of viability are worth moving forward. Some viable solutions may need a different vendor, and some may need customization or multiple integrations. This is important for the project team to move ahead with the implementation.
    • Encourage everyone to provide enough feedback on the various processes to be confident in their declarations of worthiness and to confirm the proof of value was thorough.
    • Communicate your working group’s findings and success to a wide audience to gain interest in IoT solutions as well as to encourage the business to work with the committee to integrate solutions into the governance and operational structure.

    3.2 Exercise: Create a template for designing a proof of value

    1-3 hours

    Input: Agreement of steering committee members to create a process to mitigate risk for complex solutions

    Output: Proof of value template for use as appropriate to evaluate IoT solutions

    Materials: Whiteboard/flip charts, IoT Solution Playbook

    Participants: Steering committee, which may include: Business analyst or business relationship manager, IT executive, Senior data specialist, Senior business executive(s), Privacy & Security senior staff, Infrastructure & Operations senior staff

    1. As a group, review the Proof of Value Template section of the IoT Solution Playbook to determine if it will meet the needs of your business and technical groups.
    2. Determine who will work with the business to create the proof of value plan.
    3. Modify the template to suit your needs, keeping in mind a need for clarity of purpose, communications throughout the POV, and clearly stated goals and definitions of success.
    4. Set a target timeframe to run the POV, preferably no longer than 90 days.
    5. Determine appropriate steps to take for POVs that do not garner the expected participation to qualify a solution to move forward.
    6. Determine appropriate reporting for the evaluation process.

    Download IoT Solution Playbook

    Communications

    As with any new product, marketing and communications will be an important first step in letting the business know how to engage IT in its assessments of IoT innovations. As these solutions prove themselves, or even as you help the business to find better solutions, share your successes with the rest of the organization.

    Business units are already being courted by the vendors, so it’s up to IT to insert themselves in the process in a way that helps improve the success of the business team while still meeting IT’s objectives.

    Your customers will not willingly engage in highly bureaucratic processes and need to see a reason to engage.

    1. Keep the intake process simple.
    2. Provide support to answer the tough questions.
    3. Be clear on the benefits to the organization and the business unit by engaging with your group, and be clear about how you will help within a reasonable time frame.
      • IT will help navigate the vendor prerequisites, contracts, and product setup.
      • IT will assume some of the responsibility for the solution, especially around security and privacy.
      • The business unit will reap the rewards of the solution with minimal operational effort.

    Info-Tech Insight

    Consider building your playbook into your service catalog to make it easy for business users to start the request process. From there, you can create workflows and notifications, track progress, set and meet SLAs, and enable efficient asynchronous communications.

    Research Contributors and Experts

    Photo of John Burwash, Senior Director, Executive Services, Info-Tech Research Group.

    John Burwash
    Senior Director, Executive Services
    Info-Tech Research Group

    INFO~TECH RESEARCH GROUP

    Info-Tech Research Group is an IT research and advisory firm with over 23 years of experience helping enterprises around the world with managing and improving core IT processes. They write highly relevant and unbiased research to help leaders make strategic, timely, and well-informed decisions.

    External contributors
    4 external contributors have asked to remain anonymous.

    Photo of Jennifer Jones, Senior Research Advisor, Industry, Info-Tech Research Group.

    Jennifer Jones
    Senior Research Advisor, Industry
    Info-Tech Research Group

    Photo of Aaron Shum, Vice President, Security, Privacy & Risk, Info-Tech Research Group.

    Aaron Shum
    Vice President, Security, Privacy & Risk
    Info-Tech Research Group

    Photo of Rajesh Parab, Research Director, Applications, Data & Analytics, Info-Tech Research Group.

    Rajesh Parab
    Research Director, Applications, Data & Analytics
    Info-Tech Research Group

    Photo of Frank Sargent, Senior Director Practice Lead, Security, Privacy & Risk, Info-Tech Research Group.

    Frank Sargent
    Senior Director Practice Lead, Security, Privacy & Risk
    Info-Tech Research Group

    Photo of Scott Young, Principal Research Advisor, Infrastructure, Info-Tech Research Group.

    Scott Young
    Principal Research Advisor, Infrastructure
    Info-Tech Research Group

    Photo of Rocco Rao, Director, Research Advisor, Industry, Info-Tech Research Group.

    Rocco Rao
    Director, Research Advisor, Industry
    Info-Tech Research Group

    Bibliography

    Ayyaswamy, Regu, et al. “IoT Is Enabling Enterprise Strategies for New Beginnings.” Tata Consulting Services, 2020. Web.

    “Data Volume of Internet of Things (IoT) Connections Worldwide in 2019 and 2025.” Statistia, 2020.

    Dos Santos, Daniel, et al. “Cybersecurity in Building Automation Systems (BAS).” Forescout, 2020. Web.

    Earle, Nick. “Overcoming the Barriers to Global IoT Connectivity: How Regional Operators Can Reap Rewards From IoT.” IoTNow, 30 June 2021. Web.

    Faludi, Rob. “How Do IoT Devices Communicate?” Digi, 26 Mar. 2021. Web.

    Halper, Fern, and Philip Russom. “TDWI IoT Data Readiness Guide, Interpreting Your Assessment Score.” Cloudera, 2018. Web.

    Horwitz, Lauren. “IoT Enterprise Deployments Continue Apace, Despite COVID-19.” IoT World Today, 22 Apr. 2021.

    “How Does IoT Data Collection Work?” Digiteum, 13 Feb. 2020. Web.

    “IoT Data: How to Collect, Process, and Analyze Them.” Spiceworks, 26 Mar. 2019. Web.

    IoT Signals Report: Edition 2, Hypothesis Group for Microsoft, Oct. 2020. Web.

    King, Stacey. “4 Key Considerations for Consistent IoT Manageability and Security.” Forescout, 22 Aug. 2019. Web.

    Krämer, Jurgen. “Why IoT Projects Fail and How to Beat the Odds.” Software AG, 2020. Web.

    Kröger, Jacob Leon, et al. “Privacy Implications of Accelerometer Data: A Review of Possible Inferences” ICCSP, Jan. 2019, pp. 81-7. Web.

    Manyika, James, et al. “Unlocking the Potential of the Internet of Things.” McKinsey Global Institute, 1 June 2015. Web.

    Ricco, Emily. “How To Run a Successful Proof of Concept – Lessons From Hubspot.” Filtered. Web.

    Rodela, Jimmy. “The Blueprint, Your Complete Guide to Proof of Concept.” Motley Fool, 2 Jan 2021. Web.

    Sánchez, Julia, et al. “An Integral Pedagogical Strategy for Teaching and Learning IoT Cybersecurity.” Sensors, vol. 20, no. 14, July 2020, p. 3970.

    The IoT Generation of Vulnerabilities. SC Media, 2020. E-book.

    Woods, James P., Jr. “How Consumer IoT Devices Can Break Your Security.” HPE, 2 Nov. 2021.

    Make the Case for Product Delivery

    • Buy Link or Shortcode: {j2store}184|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $41,674 Average $ Saved
    • member rating average days saved: 13 Average Days Saved
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Organizations are traditionally organized to deliver initiatives in specific periods of time. This is in contention with product-centric delivery practices. This form of delivery acknowledges the reality that solutions of all shapes and sizes deliver continual and evolving business value over their lifetime.
    • Delivering multiple products together creates additional challenges because each product has its own pedigree, history, and goals.
    • Product owners struggle to prioritize changes to deliver product value. This creates a gap and conflict between product and enterprise goals.

    Our Advice

    Critical Insight

    • Delivering products doesn’t mean you will stop delivering projects! Product-centric delivery is intended to address the misalignment between the long-term delivery of value that organizations demand and the nature of traditional project-focused environments.

    Impact and Result

    • We will help you build a proposal deck to make the case to your stakeholders for product-centric delivery.
    • You will build this proposal deck by answering key questions about product-centric delivery so you can identify:
      • A common definition of product.
      • How this form of delivery differs from traditional project-centric approaches.
      • Key challenges and benefits.
      • The capabilities needed to effectively own products and deliver value.
      • What you are asking of stakeholders.
      • A roadmap of how to get started.

    Make the Case for Product Delivery Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Make the Case for Product Delivery Deck – A guide to help align your organization on the practices to deliver what matters most.

    This project will help you define “product” for your organization, define your drivers and goals for moving to product delivery, understand the role of product ownership, lay out the case to your stakeholders, and communicate what comes next for your transition to product.

    • Make the Case for Product Delivery Storyboard

    2. Make the Case for Product Delivery Presentation Template – A template to help you capture and detail your case for product delivery.

    Build a proposal deck to help make the case to your stakeholders for product-centric delivery.

    • Make the Case for Product Delivery Presentation Template

    3. Make the Case for Product Delivery Workbook – A tool to capture the results of exercises to build your case to change your product delivery method.

    This workbook is designed to capture the results of the exercises in the Make the Case for Product Delivery Storyboard. Each worksheet corresponds to an exercise in the storyboard. The workbook is also a living artifact that should be updated periodically as the needs of your team and organization change.

    • Make the Case for Product Delivery Workbook
    [infographic]

    Further reading

    Make the Case for Product Delivery

    Align your organization on the practices to deliver what matters most.

    Table of Contents

    Define product

    Define your drivers and goals

    Understand the role of product ownership

    Communicate what comes next

    Make the case to your stakeholders

    Appendix: Additional research

    Appendix: Product delivery strategy communication

    Appendix: Manage stakeholder influence

    Appendix: Product owner capability details

    Executive Summary

    Your Challenge
    • Products are the lifeblood of an organization. They deliver the capabilities needed to deliver value to customers, internal users, and stakeholders.
    • Organizations are under pressure to align the value they provide with the organization’s goals and overall company vision.
    • You need to clearly convey the direction and strategy of your product portfolio to gain alignment, support, and funding from your organization.
    Common Obstacles
    • IT organizations are traditionally organized to deliver initiatives in specific periods of time. This is in contention with product-centric delivery.
    • Product delivery acknowledges the reality that solutions of all shapes and sizes deliver continual and evolving business value over their lifetime.
    • Delivering multiple products together creates additional challenges because each product has its own pedigree, history, and goals.
    • Product owners struggle to prioritize changes to deliver product value. This creates a gap and conflict between product and enterprise goals.
    Info-Tech’s Approach
    • Info-Tech will enable you to build a proposal deck to make the case to your stakeholders for product-centric delivery.
    • You will build this proposal deck by answering key questions about product-centric delivery so you can identify:
      • A common definition of product.
      • How this form of delivery differs from traditional project-centric approaches.
      • Key challenges and benefits.
      • The capabilities needed to effectively own products and deliver value.
      • What you are asking of stakeholders.
      • A roadmap of how to get started.

    Info-Tech Insight

    Delivering products doesn’t mean you will stop delivering projects! Product-centric delivery is intended to address the misalignment between the long-term delivery of value that organizations demand and the nature of traditional project-focused environments.

    Many executives perceive IT as being poorly aligned with business objectives

    Info-Tech’s CIO Business Vision Survey data highlights the importance of IT initiatives in supporting the business in achieving its strategic goals.

    However, Info-Tech’s CEO-CIO Alignment Survey (2021; N=58) data indicates that CEOs perceive IT to be poorly aligned to business’ strategic goals.

    Info-Tech CEO-CIO Alignment Diagnostics, 2021 (N=58)

    40% Of CEOs believe that business goals are going unsupported by IT.

    34% Of business stakeholders are supporters of their IT departments (n=334).

    40% Of CIOs/CEOs are misaligned on the target role for IT.

    Info-Tech Insight

    Great technical solutions are not the primary driver of IT success. Focusing on delivery of digital products that align with organizational goals will produce improved outcomes and will foster an improved relationship between business and IT.

    Increase product success by involving IT, business, and customers in your product roadmaps, planning, and delivery

    Product management and delivery seek to promote improved relationships among IT, business, and customers, a critical driver for business satisfaction.

    IT

    Stock image of an IT professional.

    1

    Collaboration

    IT, business, and customers work together through all stages of the product lifecycle, from market research through the roadmapping and delivery processes and into maintenance and retirement. The goal is to ensure the risks and dependencies are realized before work is committed.

    Stakeholders, Customers, and Business

    Stock image of a business professional.

    2

    Communication

    Prioritize high-value modes of communication to break down existing silos and create common understanding and alignment across functions. This approach increases transparency and visibility across the entire product lifecycle.

    3

    Integration

    Explore methods to integrate the workflows, decision making, and toolsets among the business, IT, and customers. The goal is to become more reactive to changes in business and customer expectations and more proactive about market trends.

    Product does not mean the same thing to everyone

    Do not expect a universal definition of products.
    Every organization and industry has a different definition of what a product is. Organizations structure their people, processes, and technologies according to their definition of the products they manage. Conflicting product definitions between teams increase confusion and misalignment of product roadmaps.

    “A product [is] something (physical or not) that is created through a process and that provides benefits to a market.” (Mike Cohn, Founding Member of Agile Alliance and Scrum Alliance) “A product is something ... that is created and then made available to customers, usually with a distinct name or order number.” (TechTarget) “A product is the physical object ... , software or service from which customer gets direct utility plus a number of other factors, services, and perceptions that make the product useful, desirable [and] convenient.” (Mark Curphey)

    Organizations need a common understanding of what a product is and how it pertains to the business.

    This understanding needs to be accepted across the organization.

    “There is not a lot of guidance in the industry on how to define [products]. This is dangerous because what will happen is that product backlogs will be formed in too many areas. All that does is create dependencies and coordination across teams … and backlogs.” (Chad Beier, “How Do You Define a Product?” Scrum.org)

    Products enable the long-term and continuous delivery of value

    Diagram laying out the lifecycles and roadmaps contributing to the 'Continuous delivery of value'. Beginning with 'Project Lifecycle' in which Projects with features and services end in a Product Release that is disconnected from the continuum. Then the 'Hybrid Lifecycle' and 'Product Lifecycle' which are connected by a 'Product Roadmap' and 'Product Backlog' have Product Releases that connect to the continuum.

    Phase 1

    Build the case for product-centric delivery

    Phase 1
    1.1 Define product
    1.2 Define your drivers and goals
    1.3 Understand the role of product ownership
    1.4 Communicate what comes next
    1.5 Make the case to your stakeholders

    This phase will walk you through the following activities:

    • Define product in your context.
    • Define your drivers and goals for moving to product delivery.
    • Understand the role of product ownership.
    • Communicate what comes next for your transition to product.
    • Lay out the case to your stakeholders.

    This phase involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Step 1.1

    Define product

    Activities
    • 1.1.1 Define “product” in your context
    • 1.1.2 Consider examples of what is (and is not) a product in your organization
    • 1.1.3 Identify the differences between project and product delivery

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Outcomes of this step

    • A clear definition of product in your organization’s context.

    Make the Case for Product Delivery

    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5

    Exercise 1.1.1 Define “product” in your context

    30-60 minutes

    Output: Your enterprise/organizational definition of products and services

    Participants: Product owners, Product managers, Development team leads, Portfolio managers, Business analysts

    1. Discuss what “product” means in your organization.
    2. Create a common, enterprise-wide definition for “product.”
    “A product [is] something (physical or not) that is created through a process and that provides benefits to a market.” (Mike Cohn, Founding Member of Agile Alliance and Scrum Alliance) “A product is something ... that is created and then made available to customers, usually with a distinct name or order number.” (TechTarget) “A product is the physical object ... , software or service from which customer gets direct utility plus a number of other factors, services, and perceptions that make the product useful, desirable [and] convenient.” (Mark Curphey)

    Record the results in the Make the Case for Product-Centric Delivery Workbook.

    Example: What is a product?

    Not all organizations will define products in the same way. Take this as a general example:

    “A tangible solution, tool, or service (physical or digital) that enables the long-term and evolving delivery of value to customers and stakeholders based on business and user requirements.”

    Info-Tech Insight

    A proper definition of product recognizes three key facts:

    1. Products are long-term endeavors that don’t end after the project finishes.
    2. Products are not just “apps” but can be software or services that drive the delivery of value.
    3. There is more than one stakeholder group that derives value from the product or service.
    Stock image of an open human head with gears and a city for a brain.

    How do we know what is a product?

    What isn’t a product:
    • Features (on their own)
    • Transactions
    • Unstructured data
    • One-time solutions
    • Non-repeatable processes
    • Solutions that have no users or consumers
    • People or teams
    You have a product if the given item...
    • Has end users or consumers
    • Delivers quantifiable value
    • Evolves or changes over time
    • Has predictable delivery
    • Has definable boundaries
    • Has a cost to produce and operate

    Exercise 1.1.2 Consider examples of what is (and is not) a product in your organization

    15 minutes

    Output: Examples of what is and isn’t a product in your specific context.

    Participants: Product owners, Product managers, Development team leads, Portfolio managers, Business analysts

    1. Leverage the definition you created in exercise 1.1.1 and the explanation on the slide What is a product?
    2. Pick examples that effectively show the difference between products and non-products and facilitate a conversation on the ones that seem to be on the line. Specific server instances, or instances of providing a service, are worthwhile examples to consider.
    3. From the list you come up with, take the top three examples and put them into the Make the Case for Product Delivery Presentation Template.
    Example:
    What isn’t a product?
    • Month-end SQL scripts to close the books
    • Support Engineer doing a password reset
    • Latest research project in R&D
    What is a product?
    • Self-service password reset portal
    • Oracle ERP installation
    • Microsoft Office 365

    Record the results in the Make the Case for Product Delivery Workbook.

    Product delivery practices should consider everything required to support it, not just what users see.

    Cross-section of an iceberg above and below water with visible product delivery practices like 'Funding', 'External Relationships', and 'Stakeholder Management' above water and internal product delivery practices like 'Product Governance', 'Business Functionality', and 'R&D' under water. There are far more processes below the water.

    Products and services share the same foundation and best practices

    For the purpose of this blueprint, product/service and product owner/service owner are used interchangeably. Product is used for consistency but would apply to services as well.

    Product = Service

    “Product” and “service” are terms that each organization needs to define to fit its culture and customers (internal and external). The most important aspect is consistent use and understanding of:
    • External products
    • Internal products
    • External services
    • Internal services
    • Products as a service (PaaS)
    • Productizing services (SaaS)

    Exercise 1.1.3 Identify the differences between project and product delivery

    30-60 minutes

    Output: List of differences between project and product delivery

    Participants: Product owners, Product managers, Development team leads, Portfolio managers, Business analysts

    1. Consider project delivery and product delivery.
    2. Discuss what some differences are between the two.
      Note: This exercise is not about identifying the advantages and disadvantages of each style of delivery. This is to identify the variation between the two.
    Theme Project Delivery (Current) Product Delivery (Future)
    Timing Defined start and end Does not end until the product is no longer needed
    Funding Funding projects Funding products and teams
    Prioritization LoB sponsors Product owner
    Capacity Management Project management Managed by product team

    Record the results in the Make the Case for Product Delivery Workbook.

    Identify the differences between a project-centric and a product-centric organization

    Project Product
    Fund projects — Funding –› Fund products or teams
    Line of business sponsor — Prioritization –› Product owner
    Makes specific changes to a product —Product management –› Improves product maturity and support
    Assignment of people to work — Work allocation –› Assignment of work to product teams
    Project manager manages — Capacity management –› Team manages capacity

    Info-Tech Insights

    • Product ownership should be one of your first areas of focus when transitioning from project to product delivery.
    • Product delivery requires significant shifts in the way you complete development work and deliver value to your users. Make the changes that support improving end-user value and enterprise alignment.

    Projects can be a mechanism for funding product changes and improvements

    Diagram laying out the lifecycles and roadmaps contributing to the 'Continuous delivery of value'. Beginning with 'Project Lifecycle' in which Projects with features and services end in a Product Release that is disconnected from the continuum. Then the 'Hybrid Lifecycle' and 'Product Lifecycle' which are connected by a 'Product Roadmap' and 'Product Backlog' have Product Releases that connect to the continuum. Projects within products

    Regardless of whether you recognize yourself as a product-based or project-based shop, the same basic principles should apply.

    The purpose of projects is to deliver the scope of a product release. The shift to product delivery leverages a product roadmap and backlog as the mechanism for defining and managing the scope of the release.

    Eventually, teams progress to continuous integration/continuous delivery (CI/CD) where they can release on demand or as scheduled, requiring org change management.

    Step 1.2

    Define your drivers and goals

    Activities
    • 1.2.1 Understand your drivers for product-centric delivery
    • 1.2.2 Define the goals for your product-centric organization

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Outcomes of this step

    • A clear understanding of your motivations and desired outcomes for moving to product delivery.

    Make the Case for Product Delivery

    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5

    Exercise 1.2.1 Understand your drivers for product-centric delivery

    30-60 minutes

    Output: Organizational drivers to move to product-centric delivery.

    Participants: Product owners, Product managers, Development team leads, Portfolio managers, Business analysts

    1. Identify your pain points in the current delivery model.
    2. What is the root cause of these pain points?
    3. How will a product-centric delivery model fix the root cause (drivers)?
    Pain Points
    • Lack of ownership
    Root Causes
    • Siloed departments
    Drivers
    • Accountability

    Record the results in the Make the Case for Product Delivery Workbook.

    Exercise 1.2.2 Define the goals for your product-centric organization

    30 minutes

    Output: Goals for product-centric delivery

    Participants: Product owners, Product managers, Development team leads, Portfolio managers, Business analysts

    1. Review the differences between project and product delivery from exercise 1.1.3 and the list of drivers from exercise 1.2.1.
    2. Define your goals for achieving a product-centric organization.
      Note: Your drivers may have already covered the goals. If so, review if you would like to change the drivers based on your renewed understanding of the differences between project and product delivery.
    Pain Points
    • Lack of ownership
    Root Causes
    • Siloed departments
    Drivers
    • Accountability
    Goals
    • End-to-end ownership

    Record the results in the Make the Case for Product Delivery Workbook.

    Step 1.3

    Understand the role of product ownership

    Activities
    • 1.3.1 Identify product ownership capabilities

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Outcomes of this step

    • Product owner capabilities that you agree are critical to start your product transformation.

    Make the Case for Product Delivery

    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5

    Accountability for the delivery of value through product ownership is not optional

    Tree of 'Enterprise Goals and Priorities' leading to 'Product' through a 'Product Family'.

    Info-Tech Insight

    People treat the assignment of accountability for products (aka product ownership) as optional. Without assigning accountability up front, your transition to product delivery will stall. Accountable individuals will be focused on the core outcome for product delivery, which is the delivery of the right value, at the right time, to the right people.

    Description of the tree levels shown in the diagram on the left. First is 'Enterprise Goals and Priorities', led by 'Executive Leadership' using the 'Enterprise Strategic Roadmap'. Second is 'Product Family', led by 'Product Manager' using the 'Product Family Roadmap'. Last is 'Product', led by the 'Product Owner' using the 'Product Roadmap' and 'Backlog' on the strategic end, and 'Releases' on the Tactical end. In the holistic context, 'Product Family is considered 'Strategic' while 'Product' is 'Tactical'.

    Recognize the different product owner perspectives

    Business
    • Customer facing, revenue generating
    Technical
    • IT systems and tools
    Operations
    • Keep the lights on processes

    Info-Tech Best Practice

    Product owners must translate needs and constraints from their perspective into the language of their audience. Kathy Borneman, Digital Product Owner at SunTrust Bank, noted the challenges of finding a common language between lines of business and IT (e.g. what is a unit?).

    Info-Tech Insight

    Recognize that product owners represent one of three primary perspectives. Although all share the same capabilities, how they approach their responsibilities is influenced by their perspective.

    “A Product Owner in its most beneficial form acts like an Entrepreneur, like a 'mini-CEO'. The Product Owner is someone who really 'owns' the product.” (Robbin Schuurman, “Tips for Starting Product Owners”)

    Implement the Info-Tech product owner capability model

    As discussed in Build a Better Product Owner, most product owners operate with an incomplete knowledge of the skills and capabilities needed to perform the role. Common gaps include focusing only on product backlogs, acting as a proxy for product decisions, and ignoring the need for key performance indicators (KPIs) and analytics in both planning and value realization. 'Product Owner Capabilities': 'Vision', 'Leadership', 'Product Lifecycle Management', 'Value Realization'.
    Vision
    • Market Analysis
    • Business Alignment
    • Product Roadmap
    Leadership
    • Soft Skills
    • Collaboration
    • Decision Making
    Product Lifecycle Management
    • Plan
    • Build
    • Run
    Value Realization
    • KPIs
    • Financial Management
    • Business Model

    Details on product ownership capabilities can be found in the appendix.

    Exercise 1.3.1 Identify product ownership capabilities

    60 minutes

    Output: Product owner capability mapping

    Participants: Product owners, Product managers, Development team leads, Portfolio managers, Business analysts

    1. Write down the capabilities product owners need to perform their duties (one per sticky note) in order to describe product ownership in your organization. Consider people, processes, and tools.
    2. Mark each capability with a plus (current capability), circle (some proficiency), or dash (missing capability).
    3. Discuss each capability and place on the appropriate quadrant.

    'Product Owner Capabilities': 'Vision', 'Leadership', 'Product Lifecycle Management', 'Value Realization'.

    Record the results in the Make the Case for Product Delivery Workbook.

    Differentiate between product owners and product managers

    Product Owner (Tactical Focus)
    • Backlog management and prioritization
    • Epic/story definition, refinement in conjunction with business stakeholders
    • Sprint planning with Scrum Master
    • Working with Scrum Master to minimize disruption to team velocity
    • Ensuring alignment between business and Scrum teams during sprints
    • Profit and loss (P&L) product analysis and monitoring
    Product Manager (Strategic Focus)
    • Product strategy, positioning, and messaging
    • Product vision and product roadmap
    • Competitive analysis and positioning
    • New product innovation/definition
    • Release timing and focus (release themes)
    • Ongoing optimization of product-related marketing and sales activities
    • P&L product analysis and monitoring

    Info-Tech Insight

    “Product owner” and “product manager” are terms that should be adapted to fit your culture and product hierarchy. These are not management relationships but rather a way to structure related products and services that touch the same end users.

    Step 1.4

    Communicate what comes next

    Activities
    • 1.4.1 How do we get started?

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Outcomes of this step

    • A now, next, later roadmap indicating your overall next steps.

    Make the Case for Product Delivery

    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5

    Make a plan in order to make a plan!

    Consider some of the techniques you can use to validate your strategy.

    Cyclical diagram of the 'Continuous Delivery of Value' within 'Business Value'. Surrounding attributes are 'User Centric', 'Adaptable', 'Accessible', 'Private & Secured', 'Informative & Insightful', 'Seamless Application Connection', 'Relationship & Network Building', 'Fit for Purpose'.

    Go to your backlog and prioritize the elements that need to be answered sooner rather than later.

    Possible areas of focus:

    • Regulatory requirements or questions to answer around accessibility, security, privacy.
    • Stress testing any new processes against situations that may occur.
    Learning Milestones

    The completion of a set of artifacts dedicated to validating business opportunities and hypotheses.

    Possible areas of focus:

    • Align teams on product strategy prior to build
    • Market research and analysis
    • Dedicated feedback sessions
    • Provide information on feature requirements
    Stock image of people learning.
    Sprint Zero (AKA Project-before-the-project)

    The completion of a set of key planning activities, typically the first sprint.

    Possible areas of focus:

    • Focus on technical verification to enable product development alignment
    • Sign off on architectural questions or concerns
    Stock photo of a person writing on a board of sticky notes.

    The “Now, Next, Later” roadmap

    Use this when deadlines and delivery dates are not strict. This is best suited for brainstorming a product plan when dependency mapping is not required.

    • Now
      What are you going to do now?
    • Next
      What are you going to do very soon?
    • Later
      What are you going to do in the future?
    A priority map laid out as a half rainbow with 'Now' as the inner, 'Next' as the middle, and 'Later' as the outer. Various 'Features', 'Releases', and an 'MVP' are mapped into the sections.
    (Source: “Tips for Agile product roadmaps & product roadmap examples,” Scrum.org, 2017)

    Exercise 1.4.1 How do we get started?

    30-60 minutes

    Output: Product transformation critical steps and basic roadmap

    Participants: Product owners, Product managers, Development team leads, Portfolio managers, Business analysts

    1. Identify what the critical steps are for the organization to embrace product-centric delivery.
    2. Group each critical step by how soon you need to address it:
      • Now: Let’s do this ASAP.
      • Next: Sometime very soon, let’s do these things.
      • Later: Much further off in the distance, let’s consider these things.
    A priority map laid out as a half rainbow with 'Now' as the inner, 'Next' as the middle, and 'Later' as the outer. Various 'Features', 'Releases', and an 'MVP' are mapped into the sections.
    (Source: “Tips for Agile product roadmaps & product roadmap examples,” Scrum.org, 2017)

    Record the results in the Make the Case for Product Delivery Workbook.

    Example

    Example table for listing tasks to complete Now, Next, or Later

    Step 1.5

    Make the case to your stakeholders

    Activities
    • 1.5.1 Identify what support you need from your stakeholders
    • 1.5.2 Build your pitch for product delivery

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Outcomes of this step

    • A deliverable that helps make the case for product delivery.

    Make the Case for Product Delivery

    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5

    Develop a stakeholder strategy to define your product owner landscape

    Stakeholder Influence

    Stakeholders are a critical cornerstone to product ownership. They provide the context, alignment, and constraints that influence or control what a product owner is able to accomplish.

    Product teams operate within this network of stakeholders who represent different perspectives within the organization.

    See the appendix for activities and guidance on how to devise a strategy for managing stakeholders.

    Image of four puzzle pieces being put together, labelled 'Product Lifecycle', 'Project Delivery', 'Operational Support', 'and Stakeholder Management'.

    Exercise 1.5.1 Identify what support you need from your stakeholders

    30 minutes

    Output: Clear understanding of stakeholders, what they need from you, and what you need from them.

    Participants: Product owners, Product managers, Development team leads, Portfolio managers, Business analysts

    1. If you don’t yet know who your stakeholders are, consider completing one or more of the stakeholder management exercises in the appendix.
    2. Identify your key stakeholders who have an interest in solution delivery.
    3. Consider their perspective on product-centric delivery. (For example: For head of support, what does solution delivery mean to them?)
    4. Identify what role each stakeholder would play in the transformation.
      • This role represents what you need from them for this transformation to product-centric delivery.
    Stakeholder
    What does solution delivery mean to them?
    What do you need from them in order to be successful?

    Record the results in the Make the Case for Product Delivery Workbook.

    Exercise 1.5.2 Build your pitch deck

    30 minutes (and up)

    Output: A completed presentation to help you make the case for product delivery.

    Participants: Product owners, Product managers, Development team leads, Portfolio managers, Business analysts

    1. Take the results from the Make the Case for Product Delivery Workbook and transfer them into the presentation template.
    2. Follow the instructions on each page listed in the instruction bubbles to know what results to place where.
    3. This is meant to be a template; you are welcome to add and remove slides as needed to suit your audience!

    Sample of slides from the Make the Case for Product Delivery Workbook with instruction bubbles overlaid.

    Record the results in the Make the Case for Product Delivery Workbook.

    Appendix

    Additional research to start your journey

    Related Info-Tech Research

    Product Delivery

    Deliver on Your Digital Product Vision

    • Build a product vision your organization can take from strategy through execution.

    Build a Better Product Owner

    • Strengthen the product owner role in your organization by focusing on core capabilities and proper alignment.

    Build Your Agile Acceleration Roadmap

    • Quickly assess the state of your Agile readiness and plan your path forward to higher value realization.

    Implement Agile Practices That Work

    • Improve collaboration and transparency with the business to minimize project failure.

    Implement DevOps Practices That Work

    • Streamline business value delivery through the strategic adoption of DevOps practices.

    Deliver Digital Products at Scale

    • Deliver value at the scale of your organization through defining enterprise product families.

    Extend Agile Practices Beyond IT

    • Further the benefits of Agile by extending a scaled Agile framework to the business.

    Build Your BizDevOps Playbook

    • Embrace a team sport culture built around continuous business-IT collaboration to deliver great products.

    Embed Security Into the DevOps Pipeline

    • Shift security left to get into DevSecOps.

    Spread Best Practices With an Agile Center of Excellence

    • Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Related Info-Tech Research

    Application Portfolio Management

    Application Portfolio Management (APM) Research Center

    • See an overview of the APM journey and how we can support the pieces in this journey.

    Application Portfolio Management for Small Enterprises

    • There is no one-size-fits-all rationalization. Tailor your framework to meet your goals.

    Streamline Application Maintenance

    • Effective maintenance ensures the long-term value of your applications.

    Build an Application Rationalization Framework

    • Manage your application portfolio to minimize risk and maximize value.

    Modernize Your Applications

    • Justify modernizing your application portfolio from both business and technical perspectives.

    Review Your Application Strategy

    • Ensure your applications enable your business strategy.

    Application Portfolio Management Foundations

    • Ensure your application portfolio delivers the best possible return on investment.

    Streamline Application Management

    • Move beyond maintenance to ensuring exceptional value from your apps.

    Optimize Applications Release Management

    • Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Embrace Business-Managed Applications

    • Empower the business to implement their own applications with a trusted business-IT relationship.

    Related Info-Tech Research

    Value, Delivery Metrics, Estimation

    Build a Value Measurement Framework

    • Focus product delivery on business value–driven outcomes.

    Select and Use SDLC Metrics Effectively

    • Be careful what you ask for, because you will probably get it.

    Application Portfolio Assessment: End User Feedback

    • Develop data-driven insights to help you decide which applications to retire, upgrade, re-train on, or maintain to meet the demands of the business.

    Create a Holistic IT Dashboard

    • Mature your IT department by measuring what matters.

    Refine Your Estimation Practices With Top-Down Allocations

    • Don’t let bad estimates ruin good work.

    Estimate Software Delivery With Confidence

    • Commit to achievable software releases by grounding realistic expectations

    Reduce Time to Consensus With an Accelerated Business Case

    • Expand on the financial model to give your initiative momentum.

    Optimize IT Project Intake, Approval, and Prioritization

    • Deliver more projects by giving yourself the voice to say “no” or “not yet” to new projects.

    Enhance PPM Dashboards and Reports

    • Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Related Info-Tech Research

    Org Design and Performance

    Redesign Your IT Organizational Structure

    • Focus product delivery on business value–driven outcomes.

    Build a Strategic IT Workforce Plan

    • Have the right people, in the right place, at the right time.

    Implement a New IT Organizational Structure

    • Reorganizations are inherently disruptive. Implement your new structure with minimal pain for staff while maintaining IT performance throughout the change.

    Build an IT Employee Engagement Program

    • Measure employee sentiment to drive IT performance

    Set Meaningful Employee Performance Measures

    • Set holistic measures to inspire employee performance.

    Master Organizational Change Management Practices

    • PMOs, if you don't know who is responsible for org change, it's you.

    Appendix

    Product delivery strategy communication

    Product roadmaps guide delivery and communicate your strategy

    In Deliver on Your Digital Product Vision, we demonstrate how the product roadmap is core to value realization. The product roadmap is your communicated path, and as a product owner, you use it to align teams and changes to your defined goals while aligning your product to enterprise goals and strategy.

    Diagram on how to get from product owner capabilities to 'Business Value Realization' through 'Product Roadmap' with a 'Tiered Backlog', 'Delivery Capacity and Throughput' via a 'Product Delivery Pipeline'.
    (Adapted from: Pichler, “What Is Product Management?”)

    Info-Tech Insight

    The quality of your product backlog – and your ability to realize business value from your delivery pipeline – is directly related to the input, content, and prioritization of items in your product roadmap.

    Define product value by aligning backlog delivery with roadmap goals

    In each product plan, the backlogs show what you will deliver.
    Roadmaps identify when and in what order you will deliver value, capabilities, and goals.

    Two-part diagram showing the 'Product Backlog' segmented into '1. Current: Features/ Stories', '2. Near-term: Capabilities', and '3. Future: Epics', and then the 'Product Roadmap' with the same segments placed into a timeline.

    Multiple roadmap views can communicate differently, yet tell the same truth

    Product managers and product owners have many responsibilities, and a roadmap can be a useful tool to complete those objectives through communication or organization of tasks.

    However, not all roadmaps address the correct audience and achieve those objectives. Care must be taken to align the view to the given audience.

    Pie Chart showing the surveyed most important reason for using a product roadmap. From largest to smallest are 'Communicate a strategy', 'Plan and prioritize', 'Communicate milestones and releases', 'Get consensus on product direction', and 'Manage product backlog'.
    Surveyed most important reason for using a product roadmap (Source: ProductPlan, 2018)

    Audience
    Business/ IT leaders Users/Customers Delivery teams
    Roadmap View
    Portfolio Product Technology
    Objectives
    To provide a snapshot of the portfolio and priority apps To visualize and validate product strategy To coordinate and manage teams and show dev. progress
    Artifacts
    Line items or sections of the roadmap are made up of individual apps, and an artifact represents a disposition at its highest level. Artifacts are generally grouped by various product teams and consist of strategic goals and the features that realize those goals. Artifacts are grouped by the teams who deliver that work and consist of features and technical enablers that support those features.

    Appendix

    Managing stakeholder influence

    From Build a Better Product Owner

    Step 1.3 (from Build a Better Product Owner)

    Manage Stakeholder Influence

    Activities
    • 1.3.1 Visualize interrelationships to identify key influencers
    • 1.3.2 Group your product owners into categories
    • 1.3.3 Prioritize your stakeholders
    • 1.3.4 Delegation Poker: Reach better decisions

    This step will walk you through the following activities:

    To be successful, product owners need to identify and manage all stakeholders for their products. This step will build a stakeholder map and strategy.

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Outcomes of this step

    • Relationships among stakeholders and influencers
    • Categorization of stakeholders and influencers
    • Stakeholder and influencer prioritization
    • Better understanding of decision-making approaches and delegation
    Product Owner Foundations
    Step 1.1 Step 1.2 Step 1.3

    Develop a product owner stakeholder strategy

    Stakeholder Influence

    Stakeholders are a critical cornerstone to product ownership. They provide the context, alignment, and constraints that influence or control what a product owner is able to accomplish.

    Product owners operate within this network of stakeholders who represent different perspectives within the organization.

    First, product owners must identify members of their stakeholder network. Next, they should devise a strategy for managing stakeholders.

    Without accomplishing these missing pieces, product owners will encounter obstacles, resistance, or unexpected changes.

    Image of four puzzle pieces being put together, labelled 'Product Lifecycle', 'Project Delivery', 'Operational Support', 'and Stakeholder Management'.

    Create a stakeholder network map to product roadmaps and prioritization

    Follow the trail of breadcrumbs from your direct stakeholders to their influencers to uncover hidden stakeholders.

    Legend
    Black arrow with a solid line and single direction. Black arrows indicate the direction of professional influence
    Green arrow with a dashed line and bi-directional. Dashed green arrows indicate bidirectional, informal influence relationships

    Info-Tech Insight

    Your stakeholder map defines the influence landscape your product operates in. It is every bit as important as the teams who enhance, support, and operate your product directly.

    Use “connectors” to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have informal yet substantive relationships with your stakeholders.

    1.3.1 Visualize interrelationships to identify key influencers

    60 minutes

    Input: List of product stakeholders

    Output: Relationships among stakeholders and influencers

    Materials: Whiteboard/flip charts, Markers, Build a Better Product Owner Workbook

    Participants: Product owners, Product managers, Development team leads, Portfolio managers, Business analysts

    1. List direct stakeholders for your product.
    2. Determine the stakeholders of your stakeholders and consider adding each of them to the stakeholder list.
    3. Assess who has either formal or informal influence over your stakeholders; add these influencers to your stakeholder list.
    4. Construct a diagram linking stakeholders and their influencers together.
      1. Use black arrows to indicate the direction of professional influence.
      2. Use dashed green arrows to indicate bidirectional, informal influence relationships.
    5. Record the results in the Build a Better Product Owner Workbook.

    Record the results in the Build a Better Product Owner Workbook.

    Categorize your stakeholders with a prioritization map

    A stakeholder prioritization map helps product owners categorize their stakeholders by their level or influence and ownership in the product and/or teams.

    Stakeholder prioritization map split into four quadrants along two axes, 'Influence', and 'Ownership/Interest': 'Players' (high influence, high interest); 'Mediators' (high influence, low interest); 'Noisemakers' (low influence, high interest); 'Spectators' (low influence, low interest). Source: Info-Tech Research Group

    There are four areas in the map, and the stakeholders within each area should be treated differently.
    • Players – players have a high interest in the initiative and the influence to effect change over the initiative. Their support is critical, and a lack of support can cause significant impediment to the objectives.
    • Mediators – mediators have a low interest but significant influence over the initiative. They can help to provide balance and objective opinions to issues that arise.
    • Noisemakers – noisemakers have low influence but high interest. They tend to be very vocal and engaged, either positively or negatively, but have little ability to enact their wishes.
    • Spectators – generally, spectators are apathetic and have little influence over or interest in the initiative.

    1.3.2 Group your product owners into categories

    30 minutes

    Input: Stakeholder map

    Output: Categorization of stakeholders and influencers

    Materials: Whiteboard/flip charts, Markers, Build a Better Product Owner Workbook

    Participants: Product owners, Product managers, Development team leads, Portfolio managers, Business analysts

    1. Identify your stakeholder’s interest in and influence on your Agile implementation as high, medium, or low by rating the attributes below.
    2. Map your results to the model below to determine each stakeholder’s category.
    3. Record the results in the Build a Better Product Owner Workbook.
    Same stakeholder prioritization map as before but with example positions mapped onto it.
    Level of Influence
    • Power: Ability of a stakeholder to effect change.
    • Urgency: Degree of immediacy demanded.
    • Legitimacy: Perceived validity of stakeholder’s claim.
    • Volume: How loud their “voice” is or could become.
    • Contribution: What they have that is of value to you.
    Level of Interest

    How much are the stakeholder’s individual performance and goals directly tied to the success or failure of the product?

    Record the results in the Build a Better Product Owner Workbook.

    Prioritize your stakeholders

    There may be too many stakeholders to be able to manage them all. Focus your attention on the stakeholders that matter most.

    Stakeholder prioritization table with 'Stakeholder Category' as row headers ('Player', 'Mediator', 'Noisemaker', 'Spectator') and 'Level of Support' as column headers ('Supporter', 'Evangelist', 'Neutral', 'Blocker'). Importance ratings are 'Critical', 'High', 'Medium', 'Low', and 'Irrelevant'.

    Consider the three dimensions for stakeholder prioritization: influence, interest, and support. Support can be determined by rating the following question: how likely is it that your stakeholder would recommend your product? These parameters are used to prioritize which stakeholders are most important and should receive the focus of your attention. The table to the right indicates how stakeholders are ranked.

    1.3.3 Prioritize your stakeholders

    30 minutes

    Input: Stakeholder matrix, Stakeholder prioritization

    Output: Stakeholder and influencer prioritization

    Materials: Whiteboard/flip charts, Markers, Build a Better Product Owner Workbook

    Participants: Product owners, Product managers, Development team leads, Portfolio managers, Business analysts

    1. Identify the level of support of each stakeholder by answering the following question: how likely is it that your stakeholder would endorse your product?
    2. Prioritize your stakeholders using the prioritization scheme on the previous slide.
    3. Record the results in the Build a Better Product Owner Workbook.
    Stakeholder Category Level of Support Prioritization
    CMO Spectator Neutral Irrelevant
    CIO Player Supporter Critical

    Record the results in the Build a Better Product Owner Workbook.

    Define strategies for engaging stakeholders by type

    Stakeholder strategy map assigning stakeholder strategies to stakeholder categories, as described in the adjacent table.

    Info-Tech Insight

    Each group of stakeholders draws attention and resources away from critical tasks. By properly identifying your stakeholder groups, the product owner can develop corresponding actions to manage stakeholders in each group. This can dramatically reduce wasted effort trying to satisfy Spectators and Noisemakers, while ensuring the needs of the Mediators and Players are met.

    Type Quadrant Actions
    Players High influence; high interest – actively engage Keep them updated on the progress of the project. Continuously involve Players in the process and maintain their engagement and interest by demonstrating their value to its success.
    Mediators High influence; low interest – keep satisfied They can be the game changers in groups of stakeholders. Turn them into supporters by gaining their confidence and trust and including them in important decision-making steps. In turn, they can help you influence other stakeholders.
    Noisemakers Low influence; high interest – keep informed Try to increase their influence (or decrease it if they are detractors) by providing them with key information, supporting them in meetings, and using Mediators to help them.
    Spectators Low influence; low interest – monitor They are followers. Keep them in the loop by providing clarity on objectives and status updates.

    Appendix

    Product owner capability details

    From Build a Better Product Owner

    Develop product owner capabilities

    Capability 'Vision' with sub-capabilities 'Market Analysis, 'Business Alignment', and 'Product Roadmap'.

    Each capability has three components needed for successful product ownership.

    Definitions are on the following slides.

    Central diagram title 'Product Owner Capabilities'.

    Define the skills and activities in each component that are directly related to your product and culture.

    Capability 'Leadership' with sub-capabilities 'Soft Skills', 'Collaboration', and 'Decision Making'.
    Capability 'Product Lifecycle Management' with sub- capabilities 'Plan', 'Build', and 'Run'. Capability 'Value Realization' with sub-capabilities 'KPIs', 'Financial Management', and 'Business Model'.

    Capabilities: Vision

    Market Analysis

    • Unique solution: Identify the target users and unique value your product provides that is not currently being met.
    • Market size: Define the size of your user base, segmentation, and potential growth.
    • Competitive analysis: Determine alternative solutions, products, or threats that affect adoption, usage, and retention.

    Business Alignment

    • SWOT analysis: Complete a SWOT analysis for your end-to-end product lifecycle. Use Info-Tech’s Business SWOT Analysis Template.
    • Enterprise alignment: Align product to enterprise goals, strategies, and constraints.
    • Delivery strategy: Develop a delivery strategy to achieve value quickly and adapt to internal and external changes.

    Product Roadmap

    • Roadmap strategy: Determine the duration, detail, and structure of your roadmap to accurately communicate your vision.
    • Value prioritization: Define criteria used to evaluate and sequence demand.
    • Go to market strategy: Create organizational change management, communications, and a user implementation approach.

    Info-Tech Insight

    Data comes from many places and may still not tell the complete story.

    Capability 'Vision' with sub-capabilities 'Market Analysis, 'Business Alignment', and 'Product Roadmap'.

    “Customers are best heard through many ears.” (Thomas K. Connellan, Inside the Magic Kingdom)

    Capabilities: Leadership

    Soft Skills

    • Communication: Maintain consistent, concise, and appropriate communication using SMART guidelines (specific, measurable, attainable, relevant, and timely).
    • Integrity: Stick to your values, principles, and decision criteria for the product to build and maintain trust with your users and teams.
    • Influence: Manage stakeholders using influence and collaboration over contract negotiation.

    Collaboration

    • Stakeholder management: Build a communications strategy for each stakeholder group, tailored to individual stakeholders.
    • Relationship management: Use every interaction point to strengthen relationships, build trust, and empower teams.
    • Team development: Promote development through stretch goals and controlled risks to build team capabilities and performance.

    Decision Making

    • Prioritized criteria: Remove personal bias by basing decisions off data analysis and criteria.
    • Continuous improvement: Balance new features with the need to ensure quality and create an environment of continuous improvement.
    • Team empowerment/negotiation: Push decisions to teams closest to the problem and solution, using Delegation Poker to guide you.

    Info-Tech Insight

    Product owners cannot be just a proxy for stakeholder decisions. The product owner owns product decisions and management of all stakeholders.

    Capability 'Leadership' with sub-capabilities 'Soft Skills', 'Collaboration', and 'Decision Making'.

    “Everything walks the walk. Everything talks the talk.” (Thomas K. Connellan, Inside the Magic Kingdom)

    Capabilities: Product lifecycle management

    Plan

    • Product backlog: Follow a schedule for backlog intake, refinement, updates, and prioritization.
    • Journey map: Create an end-user journey map to guide adoption and loyalty.
    • Fit for purpose: Define expected value and intended use to ensure the product meets your end user’s needs.

    Build

    • Capacity management: Work with operations and delivery teams to ensure consistent and stable outcomes.
    • Release strategy: Build learning, release, and critical milestones into a repeatable release plan.
    • Compliance: Build policy compliance into delivery practices to ensure alignment and reduce avoidable risk (privacy, security).

    Run

    • Adoption: Focus attention on end-user adoption and proficiency to accelerate value and maximize retention.
    • Support: Build operational support and business continuity into every team.
    • Measure: Measure KPIs and validate expected value to ensure product alignment to goals and consistent product quality.

    Info-Tech Insight

    Product owners must actively manage the full lifecycle of the product.

    Capability 'Product Lifecycle Management' with sub- capabilities 'Plan', 'Build', and 'Run'.

    “Pay fantastic attention to detail. Reward, recognize, celebrate.” (Thomas K. Connellan, Inside the Magic Kingdom)

    Capabilities: Value realization

    Key Performance Indicators (KPIs)

    • Usability and user satisfaction: Assess satisfaction through usage monitoring and end-user feedback.
    • Value validation: Directly measure performance against defined value proposition, goals, and predicted ROI.
    • Fit for purpose: Verify the product addresses the intended purpose better than other options.

    Financial Management

    • P&L: Manage each product as if it were its own business with profit and loss statements.
    • Acquisition cost/market growth: Define the cost of acquiring a new consumer, onboarding internal users, and increasing product usage.
    • User retention/market share: Verify product usage continues after adoption and solution reaches new user groups to increase value.

    Business Model

    • Defines value proposition: Dedicate your primary focus to understanding and defining the value your product will deliver.
    • Market strategy and goals: Define your acquisition, adoption, and retention plan for users.
    • Financial model: Build an end-to-end financial model and plan for the product and all related operational support.

    Info-Tech Insight

    Most organizations stop with on-time and on-budget. True financial alignment needs to define and manage the full lifecycle P&L.

    Capability 'Value Realization' with sub-capabilities 'KPIs', 'Financial Management', and 'Business Model'.

    “The competition is anyone the customer compares you with.” (Thomas K. Connellan, Inside the Magic Kingdom)

    Avoid common capability gaps

    Vision

    • Focusing solely on backlog refining (tactical only)
    • Ignoring or failing to align product roadmap to enterprise goals
    • Operational support and execution
    • Basing decisions on opinion rather than market data
    • Ignoring or missing internal and external threats to your product

    Leadership

    • Failing to include feedback from all teams who interact with your product
    • Using a command-and-control approach
    • Viewing product owner as only a delivery role
    • Acting as a proxy for stakeholder decisions
    • Avoiding tough strategic decisions in favor of easier tactical choices

    Product Lifecycle Management

    • Focusing on delivery and not the full product lifecycle
    • Ignoring support, operations, and technical debt
    • Failing to build knowledge management into the lifecycle
    • Underestimating delivery capacity, capabilities, or commitment
    • Assuming delivery stops at implementation

    Value Realization

    • Focusing exclusively on “on time/on budget” metrics
    • Failing to measure a 360-degree end-user view of the product
    • Skipping business plans and financial models
    • Limiting financial management to project/change budgets
    • Ignoring market analysis for growth, penetration, and threats

    Bibliography – Product Ownership

    A, Karen. “20 Mental Models for Product Managers.” Medium, Product Management Insider, 2 Aug. 2018. Web.

    Adams, Paul. “Product Teams: How to Build & Structure Product Teams for Growth.” Inside Intercom, 30 Oct. 2019. Web.

    Agile Alliance. “Product Owner.” Agile Alliance, n.d. Web.

    Banfield, Richard, et al. “On-Demand Webinar: Strategies for Scaling Your (Growing) Enterprise Product Team.” Pluralsight, 31 Jan. 2018. Web.

    Blueprint. “10 Ways Requirements Can Sabotage Your Projects Right From the Start.” Blueprint, 2012. Web.

    Breddels, Dajo, and Paul Kuijten. “Product Owner Value Game.” Agile2015 Conference, 2015. Web.

    Cagan, Martin. “Behind Every Great Product.” Silicon Valley Product Group, 2005. Web.

    Cohn, Mike “What is a product?” Mountain Goat Software, 16 Sept. 2016, Web

    Connellan, Thomas K. Inside the Magic Kingdom. Bard Press, 1997. Print.

    Curphey, Mark, “Product Definition.” slideshare.net, 25 Feb. 2007. Web

    Eringa, Ron. “Evolution of the Product Owner.” RonEringa.com, 12 June 2016. Web.

    Fernandes, Thaisa. “Spotify Squad Framework - Part I.” Medium.com, 6 March 2017. Web.

    Galen, Robert. “Measuring Product Ownership – What Does ‘Good’ Look Like?” RGalen Consulting, 5 Aug. 2015. Web.

    Halisky, Merland, and Luke Lackrone. “The Product Owner’s Universe.” Agile Alliance, Agile2016, 2016. Web.

    Kamer, Jurriaan. “How to Build Your Own ‘Spotify Model’.” Medium.com, 9 Feb. 2018. Web.

    Kendis Team. “Exploring Key Elements of Spotify’s Agile Scaling Model.” Medium.com, 23 July 2018. Web.

    Lindstrom, Lowell. “7 Skills You Need to Be a Great Product Owner.” Scrum Alliance, n.d. Web.

    Lukassen, Chris. “The Five Belts Of The Product Owner.” Xebia.com, 20 Sept. 2016. Web.

    Management 3.0. “Delegation Poker Product Image.” Management 3.0, n.d. Web.

    McCloskey, Heather. “Scaling Product Management: Secrets to Defeating Common Challenges.” ProductPlan, 12 July 2019. Web.

    Bibliography – Product Ownership

    McCloskey, Heather. “When and How to Scale Your Product Team.” UserVoice, 21 Feb. 2017. Web.

    Mironov, Rich. “Scaling Up Product Manager/Owner Teams: Rich Mironov's Product Bytes.” Rich Mironov's Product Bytes, Mironov Consulting, 12 April 2014 . Web.

    Overeem, Barry. “A Product Owner Self-Assessment.” Barry Overeem, 6 March 2017. Web.

    Overeem, Barry. “Retrospective: Using the Team Radar.” Barry Overeem, 27 Feb. 2017. Web.

    Pichler, Roman. “How to Scale the Scrum Product Owner.” Roman Pichler, 28 June 2016 . Web.

    Pichler, Roman. “Product Management Framework.” Pichler Consulting Limited, 2014. Web.

    Pichler, Roman. “Sprint Planning Tips for Product Owners.” LinkedIn, 4 Sept. 2018. Web.

    Pichler, Roman. “What Is Product Management?” Pichler Consulting Limited, 26 Nov. 2014. Web.

    Radigan, Dan. “Putting the ‘Flow' Back in Workflow With WIP Limits.” Atlassian, n.d. Web.

    Schuurman, Robbin. “10 Tips for Product Owners on Agile Product Management.” Scrum.org, 28 Nov. 2017. Web.

    Schuurman, Robbin. “10 Tips for Product Owners on (Business) Value.” Scrum.org, 30 Nov. 2017. Web.

    Schuurman, Robbin. “10 Tips for Product Owners on Product Backlog Management.” Scrum.org, 5 Dec. 2017. Web.

    Schuurman, Robbin. “10 Tips for Product Owners on the Product Vision.” Scrum.org, 29 Nov. 2017. Web.

    Schuurman, Robbin. “Tips for Starting Product Owners.” Scrum.org, 27 Nov. 2017. Web.

    Sharma, Rohit. “Scaling Product Teams the Structured Way.” Monetary Musings, 28 Nov. 2016. Web.

    Bibliography – Product Ownership

    Steiner, Anne. “Start to Scale Your Product Management: Multiple Teams Working on Single Product.” Cprime, 6 Aug. 2019. Web.

    Shirazi, Reza. “Betsy Stockdale of Seilevel: Product Managers Are Not Afraid To Be Wrong.” Austin VOP #50, 2 Oct. 2018. Web.

    “The Standish Group 2015 Chaos Report.” The Standish Group, 2015. Web.

    Theus, Andre. “When Should You Scale the Product Management Team?” ProductPlan, 7 May 2019. Web.

    Tolonen, Arto. “Scaling Product Management in a Single Product Company.” Smartly.io, 26 Apr. 2018. Web.

    Ulrich, Catherine. “The 6 Types of Product Managers. Which One Do You Need?” Medium.com, 19 Dec. 2017. Web.

    VersionOne. “12th Annual State of Agile Report.” VersionOne, 9 April 2018. Web.

    Verwijs, Christiaan. “Retrospective: Do The Team Radar.” Medium.com, 10 Feb. 2017. Web.

    “How do you define a product?” Scrum.org, 4 April 2017, Web.

    “Product Definition.” TechTarget, Sept. 2005. Web

    Bibliography – Product Roadmap

    Ambysoft. “2018 IT Project Success Rates Survey Results.” Ambysoft. 2018. Web.

    Bastow, Janna. “Creating Agile Product roadmaps Everyone Understands.” ProdPad, 22 Mar. 2017. Accessed Sept. 2018.

    Bastow, Janna. “The Product Tree Game: Our Favorite Way To Prioritize Features.” ProdPad, 21 Feb. 2016. Accessed Sept. 2018.

    Chernak, Yuri. “Requirements Reuse: The State of the Practice.” 2012, Herzlia, Israel, 2012 IEEE International Conference on Software Science, Technology and Engineering, 12 June 2012. Web.

    Fowler, Martin. “Application Boundary.” MartinFowler.com, 11 Sept. 2003. Accessed 20 Nov. 2017.

    Harrin, Elizabeth. “Learn What a Project Milestone Is.” The Balance Careers, 10 May 2018. Accessed Sept. 2018.

    “How to create a product roadmap.” Roadmunk, n.d. Accessed Sept. 2018.

    Johnson, Steve. “How to Master the 3 Horizons of Product Strategy.” Aha!, 24 Sept. 2015. Accessed Sept. 2018.

    Johnson, Steve. “The Product Roadmap vs. the Technology Roadmap.” Aha!, 23 June 2016. Accessed Sept. 2018

    Juncal, Shaun. “How Should You Set Your Product Roadmap Timeframes?” ProductPlan, n.d. Accessed Sept. 2018.

    Leffingwell, Dean. “SAFe 4.0.” Scaled Agile, Inc., 2017. Web.

    Maurya, Ash. “What is a Minimum Viable Product (MVP)?” LEANSTACK, 12 June 2017. Accessed Sept. 2018.

    Pichler, Roman. “10 Tips for Creating an Agile Product Roadmap.” Roman Pichler, 20 July 2016. Accessed Sept. 2018.

    Pichler, Roman. Strategize: Product Strategy and Product Roadmap Practices for the Digital Age. Pichler Consulting, 2016.

    “Product Roadmap Contents: What Should You Include?” ProductPlan, n.d. Accessed 20 Nov. 2017.

    Saez, Andrea. “Why Your Roadmap Is Not a Release Plan.” ProdPad, 23 Oct. 2015. Accessed Sept. 2018.

    Schuurman, Robbin. “Tips for Agile product roadmaps & product roadmap examples.” Scrum.org, 7 Dec. 2017. Accessed Sept. 2018

    Research Contributors and Experts

    Photo of Emily Archer, Lead Business Analyst, Enterprise Consulting, authentic digital agency.

    Emily Archer
    Lead Business Analyst,
    Enterprise Consulting, authentic digital agency

    Emily Archer is a consultant currently working with Fortune 500 clients to ensure the delivery of successful projects, products, and processes. She helps increase the business value returned for organizations’ investments in designing and implementing enterprise content hubs and content operations, custom web applications, digital marketing, and e-commerce platforms.

    Photo of David Berg, Founder & CTO, Strainprint Technologies Inc.

    David Berg
    Founder & CTO
    Strainprint Technologies Inc.

    David Berg is a product commercialization expert that has spent the last 20 years of his career delivering product management and business development services across a broad range of industries. Early in his career, David worked with product management and engineering teams to build core network infrastructure products that secure and power the internet we benefit from today. David’s experience also includes working with clean technologies in the area of clean power generation, agritech, and Internet of Things infrastructure. Over the last five years, David has been focused on his latest venture, Strainprint Technologies, a data and analytics company focused on the medical cannabis industry. Strainprint has built the largest longitudinal medical cannabis dataset in the world with the goal to develop an understanding of treatment behavior, interactions, and chemical drivers to guide future product development.

    Research Contributors and Experts

    Blank photo template.

    Kathy Borneman
    Digital Product Owner, SunTrust Bank

    Kathy Borneman is a senior product owner who helps people enjoy their jobs again by engaging others in end-to-end decision making to deliver software and operational solutions that enhance the client experience and allow people to think and act strategically.

    Photo of Charlie Campbell, Product Owner, Merchant e-Solutions.

    Charlie Campbell
    Product Owner, Merchant e-Solutions

    Charlie Campbell is an experienced problem solver with the ability to quickly dissect situations and recommend immediate actions to achieve resolution, liaise between technical and functional personnel to bridge the technology and communication gap, and work with diverse teams and resources to reach a common goal.

    Research Contributors and Experts

    Photo of Yarrow Diamond, Sr. Director, Business Architecture, Financial Services.

    Yarrow Diamond
    Sr. Director, Business Architecture
    Financial Services

    Yarrow Diamond is an experienced professional with expertise in enterprise strategy development, project portfolio management, and business process reengineering across financial services, healthcare and insurance, hospitality, and real estate environments. She has a master’s in Enterprise Architecture from Penn State University, LSSMBB, PMP, CSM, ITILv3.

    Photo of Cari J. Faanes-Blakey, CBAP, PMI-PBA, Enterprise Business Systems Analyst, Vertex, Inc.

    Cari J. Faanes-Blakey, CBAP, PMI-PBA
    Enterprise Business Systems Analyst,
    Vertex, Inc.

    Cari J. Faanes-Blakey has a history in software development and implementation as a Business Analyst and Project Manager for financial and taxation software vendors. Active in the International Institute of Business Analysis (IIBA), Cari participated on the writing team for the BA Body of Knowledge 3.0 and the certification exam.

    Research Contributors and Experts

    Photo of Kieran Gobey, Senior Consultant Professional Services, Blueprint Software Systems.

    Kieran Gobey
    Senior Consultant Professional Services
    Blueprint Software Systems

    Kieran Gobey is an IT professional with 24 years of experience, focused on business, technology, and systems analysis. He has split his career between external and internal customer-facing roles, and this has resulted in a true understanding of what is required to be a Professional Services Consultant. His problem-solving skills and ability to mentor others have resulted in successful software implementations.

    Kieran’s specialties include deep system troubleshooting and analysis skills, facilitating communications to bring together participants effectively, mentoring, leadership, and organizational skills.

    Photo of Rupert Kainzbauer, VP Product, Digital Wallets, Paysafe Group.

    Rupert Kainzbauer
    VP Product, Digital Wallets
    Paysafe Group

    Rupert Kainzbauer is an experienced senior leader with a passion for defining and delivering products that deliver real customer and commercial benefit. Together with a team of highly experienced and motivated product managers, he has successfully led highly complex, multi-stakeholder payments initiatives, from proposition development and solution design through to market delivery. Their domain experience is in building online payment products in high-risk and emerging markets, remittance, prepaid cards, and mobile applications.

    Research Contributors and Experts

    Photo of Saeed Khan, Founder, Transformation Labs.

    Saeed Khan
    Founder,
    Transformation Labs

    Saeed Khan has been working in high tech for 30 years in both Canada and the US and has held a number of leadership roles in Product Management over that time. He speaks regularly at conferences and has been writing publicly about technology product management since 2005.

    Through Transformation Labs, Saeed helps companies accelerate product success by working with product teams to improve their skills, practices, and processes. He is a cofounder of ProductCamp Toronto and currently runs a Meetup group and global Slack community called Product Leaders, the only global community of senior-level product executives.

    Photo of Hoi Kun Lo, Product Owner, Nielsen.

    Hoi Kun Lo
    Product Owner
    Nielsen

    Hoi Kun Lo is an experienced change agent who can be found actively participating within the IIBA and WITI groups in Tampa, FL, and a champion for Agile, architecture, diversity, and inclusion programs at Nielsen. She is currently a Product Owner in the Digital Strategy team within Nielsen Global Watch Technology.

    Research Contributors and Experts

    Photo of Abhishek Mathur, Sr Director, Product Management, Kasisto, Inc.

    Abhishek Mathur
    Sr Director, Product Management
    Kasisto, Inc.

    Abhishek Mathur is a product management leader, an artificial intelligence practitioner, and an educator. He has led product management and engineering teams at Clarifai, IBM, and Kasisto to build a variety of artificial intelligence applications within the space of computer vision, natural language processing, and recommendation systems. Abhishek enjoys having deep conversations about the future of technology and helping aspiring product managers enter and accelerate their careers.

    Photo of Jeff Meister, Technology Advisor and Product Leader.

    Jeff Meister
    Technology Advisor and Product Leader

    Jeff Meister is a technology advisor and product leader. He has more than 20 years of experience building and operating software products and the teams that build them. He has built products across a wide range of industries and has built and led large engineering, design, and product organizations.

    Jeff most recently served as Senior Director of Product Management at Avanade, where he built and led the product management practice. This involved hiring and leading product managers, defining product management processes, solution shaping and engagement execution, and evangelizing the discipline through pitches, presentations, and speaking engagements.

    Jeff holds a Bachelor of Applied Science (Electrical Engineering) and a Bachelor of Arts from the University of Waterloo, an MBA from INSEAD (Strategy), and certifications in product management, project management, and design thinking.

    Research Contributors and Experts

    Photo of Vincent Mirabelli, Principal, Global Project Synergy Group.

    Vincent Mirabelli
    Principal,
    Global Project Synergy Group

    With over 10 years of experience in both the private and public sectors, Vincent Mirabelli possesses an impressive track record of improving, informing, and transforming business strategy and operations through process improvement, design and re-engineering, and the application of quality to business analysis, project management, and process improvement standards.

    Photo of Oz Nazili, VP, Product & Growth, TWG.

    Oz Nazili
    VP, Product & Growth
    TWG

    Oz Nazili is a product leader with a decade of experience in both building products and product teams. Having spent time at funded startups and large enterprises, he thinks often about the most effective way to deliver value to users. His core areas of interest include Lean MVP development and data-driven product growth.

    Research Contributors and Experts

    Photo of Mark Pearson, Principal IT Architect, First Data Corporation.

    Mark Pearson
    Principal IT Architect
    First Data Corporation

    Mark Pearson is an executive business leader grounded in the process, data, technology, and operations of software-driven business. He knows the enterprise software landscape and is skilled in product, technology, and operations design and delivery within information technology organizations, outsourcing firms, and software product companies.

    Photo of Brenda Peshak, Product Owner, Widget Industries, LLC.

    Brenda Peshak
    Product Owner,
    Widget Industries, LLC

    Brenda Peshak is skilled in business process, analytical skills, Microsoft Office Suite, communication, and customer relationship management (CRM). She is a strong product management professional with a Master’s focused in Business Leadership (MBL) from William Penn University.

    Research Contributors and Experts

    Photo of Mike Starkey, Director of Engineering, W.W. Grainger.

    Mike Starkey
    Director of Engineering
    W.W. Grainger

    Mike Starkey is a Director of Engineering at W.W. Grainger, currently focusing on operating model development, digital architecture, and building enterprise software. Prior to joining W.W. Grainger, Mike held a variety of technology consulting roles throughout the system delivery lifecycle spanning multiple industries such as healthcare, retail, manufacturing, and utilities with Fortune 500 companies.

    Photo of Anant Tailor, Cofounder & Head of Product, Dream Payments Corp.

    Anant Tailor
    Cofounder & Head of Product
    Dream Payments Corp.

    Anant Tailor is a cofounder at Dream Payments where he currently serves as the COO and Head of Product, having responsibility for Product Strategy & Development, Client Delivery, Compliance, and Operations. He has 20+ years of experience building and operating organizations that deliver software products and solutions for consumers and businesses of varying sizes.

    Prior to founding Dream Payments, Anant was the COO and Director of Client Services at DonRiver Inc, a technology strategy and software consultancy that he helped to build and scale into a global company with 100+ employees operating in seven countries.

    Anant is a Professional Engineer with a Bachelor’s degree in Electrical Engineering from McMaster University and a certificate in Product Strategy & Management from the Kellogg School of Management at Northwestern University.

    Research Contributors and Experts

    Photo of Angela Weller, Scrum Master, Businessolver.

    Angela Weller
    Scrum Master, Businessolver

    Angela Weller is an experienced Agile business analyst who collaborates with key stakeholders to attain their goals and contributes to the achievement of the company’s strategic objectives to ensure a competitive advantage. She excels when mediating or facilitating teams.

    Drive Successful Sourcing Outcomes With a Robust RFP Process

    • Buy Link or Shortcode: {j2store}216|cart{/j2store}
    • member rating overall impact (scale of 10): 9.4/10 Overall Impact
    • member rating average dollars saved: $25,860 Average $ Saved
    • member rating average days saved: 14 Average Days Saved
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • Most IT organizations do not have standard RFP templates and tools.
    • Many RFPs lack sufficient requirements.
    • Most RFP team members are not adequately trained on RFP best practices.
    • Most IT departments underestimate the amount of time that is required to perform an effective RFP.

    Our Advice

    Critical Insight

    • Vendors generally do not like RFPs
      Vendors view RFPs as time consuming and costly to respond to and believe that the decision is already made.
    • Dont ignore the benefits of an RFI
      An RFI is too often overlooked as a tool for collecting information from vendors about their product offerings and services.
    • Leverage a pre-proposal conference to maintain an equal and level playing field
      Pre-proposal conference is a convenient and effective way to respond to vendors’ questions ensuring all vendors have the same information to provide a quality response.

    Impact and Result

    • A bad or incomplete RFP results in confusing and incomplete vendor RFP responses which consume time and resources.
    • Incomplete or misunderstood requirements add cost to your project due to the change orders required to complete the project.

    Drive Successful Sourcing Outcomes With a Robust RFP Process Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Storyboard – Leverage your vendor sourcing process to get better results

    Discover a proven process for your RFPs. Review Info-Tech’s process and understand how you can prevent your organization from leaking negotiation leverage while preventing vendors from taking control of your RFP. Our 7-phase process prevents a bad RFP from taking your time, money, and resources.

    • Drive Successful Sourcing Outcomes With a Robust RFP Process Storyboard

    2. Define your RFP Requirements Tool – A convenient tool to gather your requirements and align them to your negotiation strategy.

    Use this tool to assist you and your team in documenting the requirements for your RFP. Use the results of this tool to populate the requirements section of your RFP.

    • RFP Requirements Worksheet

    3. RFP Development Suite of Tools – Use Info-Tech’s RFP, pricing, and vendor response tools and templates to increase your efficiency in your RFP process.

    Configure this time-saving suite of tools to your organizational culture, needs, and most importantly the desired outcome of your RFP initiative. This suite contains four unique RFP templates. Evaluate which template is appropriate for your RFP. Also included in this suite are a response evaluation guidebook and several evaluation scoring tools along with a template to report the RFP results to stakeholders.

    • RFP Calendar and Key Date Tool
    • Vendor Pricing Tool
    • Lean RFP Template
    • Short-Form RFP Template
    • Long-Form RFP Template
    • Excel Form RFP Tool
    • RFP Evaluation Guidebook
    • RFP Evaluation Tool
    • Vendor TCO Tool
    • Consolidated Vendor RFP Response Evaluation Summary
    • Vendor Recommendation Presentation

    Infographic

    Workshop: Drive Successful Sourcing Outcomes With a Robust RFP Process

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Foundation for Creating Requirements

    The Purpose

    Problem Identification

    Key Benefits Achieved

    Current process mapped and requirements template configured

    Activities

    1.1 Overview and level-setting

    1.2 Identify needs and drivers

    1.3 Define and prioritize requirements

    1.4 Gain business authorization and ensure internal alignment

    Outputs

    Map Your Process With Gap Identification

    Requirements Template

    Map Your Process With Gap Identification

    Requirements Template

    Map Your Process With Gap Identification

    Requirements Template

    Map Your Process With Gap Identification

    Requirements Template

    2 Creating a Sourcing Process

    The Purpose

    Define Success Target

    Key Benefits Achieved

    Baseline RFP and evaluation templates

    Activities

    2.1 Create and issue RFP

    2.2 Evaluate responses/proposals and negotiate the agreement

    2.3 Purchase goods and services

    Outputs

    RFP Calendar Tool

    RFP Evaluation Guidebook

    RFP Respondent Evaluation Tool

    3 Configure Templates

    The Purpose

    Configure Templates

    Key Benefits Achieved

    Configured Templates

    Activities

    3.1 Assess and measure

    3.2 Review templates

    Outputs

    Long-Form RFP Template

    Short-Form RFP Template

    Excel-Based RFP Template

    Further reading

    Drive Successful Sourcing Outcomes With a Robust RFP Process

    Leverage your vendor sourcing process to get better results.

    EXECUTIVE BRIEF

    Drive Successful Sourcing Outcomes with a Robust RFP Process

    Lack of RFP Process Causes...
    • Stress
    • Confusion
    • Frustration
    • Directionless
    • Exhaustion
    • Uncertainty
    • Disappointment
    Solution: RFP Process
    Steps in an RFP Process, 'Identify Need', 'Define Business Requirements', 'Gain Business Authorization', 'Perform RFI/RFP', 'Negotiate Agreement', 'Purchase Good and Services', and 'Assess and Measure Performance'.
    • Best value solutions
    • Right-sized solutions
    • Competitive Negotiations
    • Better requirements that feed negotiations
    • Internal alignment on requirements and solutions
    • Vendor Management Governance Plan
    Requirements
    • Risk
    • Legal
    • Support
    • Security
    • Technical
    • Commercial
    • Operational
    • Vendor Management Governance
    Templates, Tools, Governance
    • RFP Template
    • Your Contracts
    • RFP Procedures
    • Pricing Template
    • Evaluation Guide
    • Evaluation Matrix
    Vendor Management
    • Scorecards
    • Classification
    • Business Review Meetings
    • Key Performance Indicators
    • Contract Management
    • Satisfaction Survey

    Analyst Perspective

    Consequences of a bad RFP

    Photo of Steven Jeffery, Principal Research Director, Vendor Management, Co-Author: The Art of Creating a Quality RFP, Info-Tech Research Group

    “A bad request for proposal (RFP) is the gift that keeps on taking – your time, your resources, your energy, and your ability to accomplish your goal. A bad RFP is ineffective and incomplete, it creates more questions than it answers, and, perhaps most importantly, it does not meet your organization’s expectations.”

    Steven Jeffery
    Principal Research Director, Vendor Management
    Co-Author: The Art of Creating a Quality RFP
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Most IT organizations are absent of standard RFP templates, tools, and processes.
    • Many RFPs lack sufficient requirements from across the business (Legal, Finance, Security, Risk, Procurement, VMO).
    • Most RFP team members are not adequately trained on RFP best practices.
    • Most IT departments underestimate the amount of time required to perform an effective RFP.
    • An ad hoc sourcing process is a common recipe for vendor performance failure.

    Common Obstacles

    • Lack of time
    • Lack of resources
    • Right team members not engaged
    • Poorly defined requirements
    • Too difficult to change supplier
    • Lack of a process
    • Lack of adequate tools/processes
    • Lack of a vendor communications plan that includes all business stakeholders.
    • Lack of consensus as to what the ideal result should look like.

    Info-Tech’s Approach

    • Establish a repeatable, consistent RFP process that maintains negotiation leverage and includes all key components.
    • Create reusable templates to expedite the RFP evaluation and selection process.
    • Maximize the competition by creating an equal and level playing field that encourages all the vendors to respond to your RFP.
    • Create a process that is clear and understandable for both the business unit and the vendor to follow.
    • Include Vendor Management concepts in the process.

    Info-Tech Insight

    A well planned and executed sourcing strategy that focuses on solid requirements, evaluation criteria, and vendor management will improve vendor performance.

    Executive Summary

    Your Challenge

    Your challenge is to determine the best sourcing tool to obtain vendor information on capabilities, solution(s), pricing and contracting: RFI, RFP, eRFX.

    Depending on your organization’s knowledge of the market, your available funding, and where you are in the sourcing process, there are several approaches to getting the information you need.

    An additional challenge is to answer the question “What is the purpose of our RFX?”

    If you do not have in-depth knowledge of the market, available solutions, and viable vendors, you may want to perform an RFI to provide available market information to guide your RFP strategy.

    If you have defined requirements, approved funding, and enough time, you can issue a detailed, concise RFP.

    If you have “the basics” about the solution to be acquired and are on a tight timeframe, an “enhanced RFI” may fit your needs.

    This blueprint will provide you with the tools and processes and insights to affect the best possible outcome.

    Executive Summary

    Common Obstacles

    • Lack of process/tools
    • Lack of input from stakeholders
    • Stakeholders circumventing the process to vendors
    • Vendors circumventing the process to key stakeholders
    • Lack of clear, concise, and thoroughly articulated requirements
    • Waiting until the vendor is selected to start contract negotiations
    • Waiting until the RFP responses are back to consider vendor management requirements
    • Lack of clear communication strategy to the vendor community that the team adheres to

    Many organizations underestimate the time commitment for an RFP

    70 Days is the average duration of an IT RFP.

    The average number of evaluators is 5-6

    4 Is the average number of vendor submissions, each requiring an average of two to three hours to review. (Source: Bonfire, 2019. Note: The 2019 Bonfire report on the “State of the RFP” is the most recent published.)

    “IT RFPs take the longest from posting to award and have the most evaluators. This may be because IT is regarded as a complex subject requiring complex evaluation. Certainly, of all categories, IT offers the most alternative solutions. The technology is also changing rapidly, as are the requirements of IT users – the half-life of an IT requirement is less than six months (half the requirements specified now will be invalid six months from now). And when the RFP process takes up two of those months, vendors may be unable to meet changed requirements when the time to implement arrives. This is why IT RFPs should specify the problem to be resolved rather than the solution to be provided. If the problem resolution is the goal, vendors are free to implement the latest technologies to meet that need.” (Bonfire, “2019 State of the RFP”)

    Why Vendors Don’t Like RFPs

    Vendors’ win rate

    44%

    Vendors only win an average of 44% of the RFPs they respond to (Loopio, 2022).
    High cost to respond

    3-5%

    Vendors budget 3-5% of the anticipated contract value to respond (LinkedIn, 2017, Note: LinkedIn source is the latest information available).
    Time spent writing response

    23.8 hours

    Vendors spend on average 23.8 hours to write or respond to your RFP (Marketingprofs, 2021).

    Negative effects on your organization from a lack of RFP process

    Visualization titled 'Lack of RFP Process Causes' with the following seven items listed.

    Stress, because roles and responsibilities aren’t clearly defined and communication is haphazard, resulting in strained relationships.

    Confusion, because you don’t know what the expected or desired results are.

    Directionless, because you don’t know where the team is going.

    Uncertainty, with many questions of your own and many more from other team members.

    Frustration, because of all the questions the vendors ask as a result of unclear or incomplete requirements.

    Exhaustion, because reviewing RFP responses of insufficient quality is tedious.

    Disappointment in the results your company realizes.

    (Source: The Art of Creating a Quality RFP)

    Info-Tech’s approach

    Develop an inclusive and thorough approach to the RFP Process

    Steps in an RFP Process, 'Identify Need', 'Define Business Requirements', 'Gain Business Authorization', 'Perform RFI/RFP', 'Negotiate Agreement', 'Purchase Good and Services', and 'Assess and Measure Performance'.

    The Info-Tech difference:

    1. The secret to managing an RFP is to make it as manageable and as thorough as possible. The RFP process should be like any other aspect of business – by developing a standard process. With a process in place, you are better able to handle whatever comes your way, because you know the steps you need to follow to produce a top-notch RFP.
    2. The business then identifies the need for more information about a product/service or determines that a purchase is required.
    3. A team of stakeholders from each area impacted gather all business, technical, legal, and risk requirements. What are the expectations of the vendor relationship post-RFP? How will the vendors be evaluated?
    4. Based on the predetermined requirements, either an RFI or an RFP is issued to vendors with a predetermined due date.

    Insight Summary

    Overarching insight

    Without a well defined, consistent RFP process, with input from all key stakeholders, the organization will not achieve the best possible results from its sourcing efforts.

    Phase 1 insight

    Vendors are choosing to not respond to RFPs due to their length and lack of complete requirements.

    Phase 2 insight

    Be clear and concise in stating your requirements and include, in addition to IT requirements, procurement, security, legal, and risk requirements.

    Phase 3 insight

    Consider adding vendor management requirements to manage the ongoing relationship post contract.

    Tactical insight

    Consider the RFP Evaluation Process as you draft the RFP, including weighting the RFP components. Don’t underestimate the level of effort required to effectively evaluate responses – write the RFP with this in mind.

    Tactical insight

    Provide strict, prescriptive instructions detailing how the vendor should submit their responses. Controlling vendor responses will increase your team’s efficiency in evaluations while providing ease of reference responses across multiple vendors.

    Key deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Key deliverables:

    Info-Tech provides you with the tools you need to go to market in the most efficient manner possible, with guidance on how to achieve your goals.

    Sample of

    Long-Form RFP Template
    For when you have complete requirements and time to develop a thorough RFP.
    Sample of the Long-Form RFP Template deliverable. Short-Form RFP Template
    When the requirements are not as extensive, time is short, and you are familiar with the market.
    Sample of the Short-Form RFP Template deliverable.
    Lean RFP Template
    When you have limited time and some knowledge of the market and wish to include only a few vendors.
    Sample of the Lean RFP Template deliverable. Excel-Form RFP Template
    When there are many requirements, many options, multiple vendors, and a broad evaluation team.
    Sample of the Excel-Form RFP Template deliverable.

    Blueprint benefits

    IT Benefits
    • Side-by-side comparison of vendor capabilities
    • Pricing alternatives
    • No surprises
    • Competitive solutions to deliver the best results
    Mutual IT and Business Benefits
    • Reduced time to implement
    • Improved alignment between IT /Business
    • Improved vendor performance
    • Improved vendor relations
    Business Benefits
    • Budget alignment, reduced cost
    • Best value
    • Risk mitigation
    • Legal and risk protections

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is seven to twelve calls over the course of four to six months.

    What does a typical GI on this topic look like?

    Phase 1

    Phase 2

    Phase 3

    Phase 4

    Phase 5

    Phase 6

    Phase 7

    Call #1: Identify the need Call #3: Gain business authorization Call #5: Negotiate agreement strategy Call #7: Assess and measure performance
    Call #2: Define business requirements Call #4: Review and perform the RFX or RFP Call #6: Purchase goods and services

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com1-888-670-8889

    Day 1 Day 2 Day 3
    Activities
    Answer “What problem do we need to solve?”

    1.1 Overview and level-setting

    1.2 Identify needs and drivers

    1.3 Define and prioritize requirements

    1.4 Gain business authorization and ensure internal alignment

    Define what success looks like?

    2.1 Create and issue RFP

    2.2 Evaluate responses/ proposals and negotiate the agreement.

    2.3 Purchase goods and services

    Configure Templates

    3.1 Assess and measure

    3.2 Review tools

    Deliverables
    1. Map your process with gap identification
    2. RFP Requirements Worksheet
    1. RFP Calendar and Key Date Tool
    2. RFP Evaluation Guidebook
    3. RFP Evaluation Tool
    1. Long-form RFP Template
    2. Short-form RFP Template
    3. Excel-based RFP Tool
    4. Lean RFP Template

    Phase 1

    Identify Need

    Steps

    1.1 Establish the need to either purchase goods/services (RFP) or acquire additional information from the market (RFI).

    Steps in an RFP Process with the first step, 'Identify Need', highlighted.

    This phase involves the following participants:

    • Business stakeholders
    • IT
    • Sourcing/Procurement
    • Finance

    Identify the need based on business requirements, changing technology, increasing vendor costs, expiring contracts, and changing regulatory requirements.

    Outcomes of this phase

    Agreement on the need to go to market to make a purchase (RFP) or to acquire additional information (RFI) along with a high-level agreement on requirements, rough schedule (is there time to do a full blown RFP or are you time constrained, which may result in an eRFP) and the RFP team is identified.

    Identify Need
    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Identify the Need for Your RFP

    • An RFP is issued to the market when you are certain that you intend to purchase a product/service and have identified an adequate vendor base from which to choose as a result of:

      • IT Strategy
      • Changes in technology
      • Marketplace assessment
      • Contract expiration/renewal
      • Changes in regulatory requirements
      • Changes in the business’ requirements
    • An RFI is issued to the market when you are uncertain as to available technologies or supplier capabilities and need budgetary costs for planning purposes.
    • Be sure to choose the right RFx tool for your situation!
    Stock photo of a pen circling the word 'needs' on a printed document.

    Phase 2

    Define Your RFP Requirements

    Steps

    2.1 Define and classify the technical, business, financial, legal, and support and security requirements for your business.

    Steps in an RFP Process with the second step, 'Define Business Requirements', highlighted.

    This phase involves the following participants:

    • IT
    • Legal
    • Finance
    • Risk management
    • Sourcing/Procurement
    • Business stakeholders

    Outcomes of this phase

    A detailed list of required business, technical, legal and procurement requirements classified as to absolute need(s), bargaining and concession need(s), and “nice to haves.”

    Define Business Requirements

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Define RFP Requirements

    Key things to consider when defining requirements

    • Must be inclusive of the needs of all stakeholders: business, technical, financial, and legal
    • Strive for clarity and completeness in each area of consideration.
    • Begin defining your “absolute,” “bargaining,” “concession,” and ‘”dropped/out of scope” requirements to streamline the evaluation process.
    • Keep the requirements identified as “absolute” to a minimum, because vendors that do not meet absolute requirements will be removed from consideration.
    • Do you have a standard contract that can be included or do you want to review the vendor’s contract?
    • Don’t forget Data Security!
    • Begin defining your vendor selection criteria.
    • What do you want the end result to look like?
    • How will you manage the selected vendor after the contract? Include key VM requirements.
    • Defining requirements can’t be rushed or you’ll find yourself answering many questions, which may create confusion.
    • Collect all your current spend and budget considerations regarding the needed product(s) and service(s).

    “Concentrate on the needs of the organization and not the wants of the individuals when creating requirements to avoid scope creep.” (Donna Glidden, ITRG Research Director)

    Leverage the “ABCD” approach found in our Prepare for Negotiations More Effectively blueprint:
    https://tymansgrpup.com/research/ss/prepare-for-negotiations-more-effectively

    2.1 Prioritize your requirements

    1 hr to several days

    Input: List of all requirements from IT and IT Security, Business, Sourcing/Procurement, Risk Management, and Legal

    Output: Prioritized list of RFP requirements approved by the stakeholder team

    Materials: The RFP Requirements Worksheet

    Participants: All stakeholders impacted by the RFP: IT, IT Security, the Business, Sourcing/ Procurement, Risk Management, Legal

    1. Use this tool to assist you and your team in documenting the requirements for your RFP. Leverage it to collect and categorize your requirements in preparation for negotiations. Use the results of this tool to populate the requirements section of your RFP.
    2. As a group, review each of the requirements and determine their priority as they will ultimately relate to the negotiations.
      • Prioritizing your requirements will set up your negotiation strategy and streamline the process.
      • By establishing the priority of each requirement upfront, you will save time and effort in the selection process.
    3. Review RFP requirements with stakeholders for approval.

    Download the RFP Requirements Worksheet

    Phase 3

    Gain Business Authorization

    Steps

    3.1 Obtain business authorization from the business, technology, finance and Sourcing/Procurement

    Steps in an RFP Process with the third step, 'Gain Business Authorization', highlighted.

    This phase involves the following participants:

    • Business stakeholders
    • Technology and finance (depending upon the business)
    • Sourcing/Procurement

    Outcomes of this phase

    Approval by all key stakeholders to proceed with the issuing of the RFP and to make a purchase as a result.

    Gain Business Authorization

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Gain Business Authorization

    Gain authorization for your RFP from all relevant stakeholders
    • Alignment of stakeholders
    • Agreement on final requirements
    • Financial authorization
    • Commitment of resources
    • Agreement on what constitutes vendor qualification
    • Finalization of selection criteria and their prioritization

    Obtaining cross-function alignment will clear the way for contract, SOW, and budget approvals and not waste any of your and your vendor’s resources in performing an RFP that your organization is not ready to implement or invest financial and human resources in.

    Stock photo of the word 'AUTHORIZED' stamped onto a white background with a much smaller stamp laying beside it.

    Phase 4

    Create and Issue

    Steps

    4.1 Build your RFP

    4.2 Decide RFI or not

    4.3 Create your RFP

    4.4 Receive & answer questions

    4.5 Perform Pre-Proposal Conference

    4.6 Evaluate responses

    Steps in an RFP Process with the fourth step, 'Perform RFI/RFP', highlighted.

    This phase involves the following participants:

    • The RFP owner
    • IT
    • Business SMEs/stakeholders

    Outcomes of this phase

    RFP package is issued to vendors and includes the date of the Pre-Proposal Conference, which should be held shortly after RFP release and includes all parties.

    SME’s/stakeholders participate in providing answers to RFP contact for response to vendors.

    Create and Issue Your RFP/RFI

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Six Steps to Perform RFI/RFP

    Step 1

    • Build your RFP with evaluation in mind.

    Step 2

    • RFI or no RFI
    • Consider a Lean RFP

    Step 3

    • Create your RFP
    • Establish your RFP dates
    • Decide on RFP template
      • Short
      • Long
      • Excel
    • Create a template for vendors’ response
    • Create your Pricing Template

    Step 4

    • Receive RFP questions from vendors
    • Review and prepare answers to questions for the Pre-Proposal Conference

    Step 5

    • Conduct a Pre-Proposal Conference

    Step 6

    • Receive vendors’ proposals
    • Review for compliance and completion
    • Team evaluates vendors’ proposals.
    • Prepare TCO
    • Draft executive recommendation report

    Build your RFP with evaluation in mind

    Easing evaluation frustrations

    At the beginning of your RFP creation process consider how your requirements will impact the vendor’s response. Concentrate on the instructions you provide the vendors and how you wish to receive their responses. View the RFP through the lens of the vendors and envision how they are going to respond to the proposal.

    Limiting the number of requirements included in the RFP will increase the evaluation team’s speed when reviewing vendors’ responses. This is accomplished by not asking questions for common features and functionality that all vendors provide. Don’t ask multiple questions within a question. Avoid “lifting” vendor-specific language to copy into the RFP as this will signal to vendors who their competition might be and may deter their participation. Concentrate your requirement questions to those areas that are unique to your solution to reduce the amount of time required to evaluate the vendors’ response.

    Things to Consider When Creating Your RFP:

    • Consistency is the foundation for ease of evaluation.
    • Provide templates, such as an Excel worksheet, for the vendor’s pricing submissions and for its responses to close-ended questions.
    • Give detailed instructions on how the vendor should organize their response.
    • Limit the number of open-ended questions requiring a long narrative response to must-have requirements.
    • Organize your requirements and objectives in a numerical outline and have the vendor respond in the same manner, such as the following:
      • 1
      • 1.1
      • 1.1.1

    Increase your response quality

    Inconsistent formatting of vendor responses prevents an apples-to-apples evaluation between vendor responses. Evaluation teams are frequently challenged and are unable to evaluate vendors’ responses equally against each other for the following reasons:

    Challenges
    • Vendor responses are submitted with different and confusing nomenclature
    • Inconsistent format in response
    • Disparate order of sections in the vendors responses
    • Different style of outlining their responses, e.g. 1.1 vs. I.(i)
    • Pricing proposal included throughout their response
    • Responses are comingled with marketing messages
    • Vendor answers to requirements or objectives are not consolidated in a uniform manner
    • Disparate descriptions for response subsections
    Prevention
    • Provide specific instructions as to how the vendor is to organize their response:
      • How to format and outline the response
      • No marketing material
      • No pricing in the body of the response
    • Provide templates for pricing, technical, operational, and legal aspects.

    Six Steps to Perform RFI/RFP

    Step 1

    • Build your RFP with evaluation in mind.

    Step 2

    • RFI or no RFI
    • Consider a Lean RFP

    Step 3

    • Create your RFP
    • Establish your RFP dates
    • Decide on RFP template
      • Short
      • Long
      • Excel
    • Create a template for vendors’ response
    • Create your Pricing Template

    Step 4

    • Receive RFP questions from vendors
    • Review and prepare answers to questions for the Pre-Proposal Conference

    Step 5

    • Conduct a Pre-Proposal Conference

    Step 6

    • Receive vendors’ proposals
    • Review for compliance and completion
    • Team evaluates vendors’ proposals.
    • Prepare TCO
    • Draft executive recommendation report

    Perform Request for Information

    Don’t underestimate the importance of the RFI

    As the name implies, a request for information (RFI) is a tool for collecting information from vendors about the companies, their products, and their services. We find RFIs useful when faced with a lot of vendors that we don’t know much about, when we want to benchmark the marketplace for products and services, including budgetary information, and when we have identified more potential vendors than we care to commit a full RFP to.

    RFIs are simpler and less time-consuming than RFPs to prepare and evaluate, so it can make a lot of sense to start with an RFI. Eliminating unqualified vendors from further consideration will save your team from weeding through RFP responses that do not meet your objectives. For their part, your vendors will appreciate your efforts to determine up-front which of them are the best bets before asking them to spend resources and money producing a costly proposal.

    While many organizations rarely use RFIs, they can be an effective tool in the vendor manager’s toolbox when used at the right time in the right way. RFIs can be deployed in competitive targeted negotiations.

    A Lean RFP is a two-stage strategy that speeds up the typical RFP process. The first stage is like an RFI on steroids, and the second stage is targeted competitive negotiation.

    Don’t rely solely on the internet to qualify vendors; use an RFI to acquire additional information before finalizing an RFP.

    4.2.1 In a hurry? Consider a Lean RFP instead of an RFP

    Several days
    1. Create an RFI with all of the normal and customary components. Next, add a few additional RFP-like requirements (e.g. operational, technical, and legal requirements). Make sure you include a request for budgetary pricing and provide any significant features and functionality requirements so that the vendors have enough information to propose solutions. In addition, allow the vendors to ask questions through your single point of coordination and share answers with all of the vendors. Finally, notify the vendors that you will not be doing an RFP.
    2. Review the vendors’ proposals and evaluate their proposals against your requirements along with their notional or budgetary pricing.
    3. Have the evaluators utilize the Lean RFP Template to record their scores accordingly.
    4. After collecting the scores from the evaluators, consolidate the scores together to discuss which vendors – we recommend two or three – you want to present demos.
    5. Based on the vendors’ demos, the team selects at least two vendors to negotiate contract and pricing terms with intent of selecting the best-value vendor.
    6. The Lean RFP shortens the typical RFP process, maintains leverage for your organization, and works great with low- to medium-spend items (however your organization defines them). You’ll get clarification on vendors’ competencies and capabilities, obtain a fair market price, and meet your internal clients’ aggressive timelines while still taking steps to protect your organization.

    Download the Lean RFP Template

    Download the RFP Evaluation Tool

    4.2.1 In a hurry? Consider a Lean RFP instead of an RFP continued

    Input

    • List of technical, operational, business, and legal requirements
    • Budgetary pricing ask

    Output

    • A Lean RFP document that includes the primary components of an RFP
    • Lean RFP vendors response evaluation

    Materials

    • Lean RFP Template
    • RFP Evaluation Tool
    • Contracting requirements
    • Pricing

    Participants

    • IT
    • Business
    • Finance
    • Sourcing/Procurement

    Case Study

    A Lean RFP saves time
    INDUSTRY: Pharmaceutical
    SOURCE: Guided Implementation
    Challenge
    • The vendor manager (VM) was experiencing pressure to shorten the expected five-month duration to perform an RFP for software that planned, coordinated, and submitted regulatory documents to the US Food and Drug Administration.
    • The VM team was not completely familiar with the qualified vendors and their solutions.
    • The organization wanted to capitalize on this opportunity to enhance its current processes with the intent of improving efficiencies in documentation submissions.
    Solution
    • Leveraging the Lean RFP process, the team reduced the 200+ RFP questionnaire into a more manageable list of 34 significant questions to evaluate vendor responses.
    • The team issued the Lean RFP and requested the vendors’ responses in three weeks instead of the five weeks planned for the RFP process.
    • The team modified the scoring process to utilize a simple weighted-scoring methodology, using a scale of 1-5.
    Results
    • The Lean RFP scaled back the complexity of a large RFP.
    • The customer received three vendor responses ranging from 19 to 43 pages and 60-80% shorter than expected if the RFP had been used. This allowed the team to reduce the evaluation period by three weeks.
    • The duration of the RFx process was reduced by more than two months – from five months to just under three months.

    Six Steps to Perform RFI/RFP

    Step 1

    • Build your RFP with evaluation in mind.

    Step 2

    • RFI or no RFI
    • Consider a Lean RFP

    Step 3

    • Create your RFP
    • Establish your RFP dates
    • Decide on RFP template
      • Short
      • Long
      • Excel
    • Create a template for vendors’ response
    • Create your Pricing Template

    Step 4

    • Receive RFP questions from vendors
    • Review and prepare answers to questions for the Pre-Proposal Conference

    Step 5

    • Conduct a Pre-Proposal Conference

    Step 6

    • Receive vendors’ proposals
    • Review for compliance and completion
    • Team evaluates vendors’ proposals.
    • Prepare TCO
    • Draft executive recommendation report

    4.3.1 RFP Calendar

    1 hour

    Input: List duration in days of key activities, RFP Calendar and Key Date Tool, For all vendor-inclusive meetings, include the dates on your RFP calendar and reference them in the RFP

    Output: A timeline to complete the RFP that has the support of each stakeholder involved in the process and that allows for a complete and thorough vendor response.

    Materials: RFP Calendar and Key Date Tool

    Participants: IT management, Business stakeholder(s), Legal (as required), Risk management (as required), Sourcing/Procurement, Vendor management

    1. As a group, identify the key activities to be accomplished and the amount of time estimated to complete each task:
      1. Identify who is ultimately accountable for the completion of each task
      2. Determine the length of time required to complete each task
    2. Use the RFP Calendar and Key Date Tool to build the calendar specific to your needs.
    3. Include vendor-related dates in the RFP, i.e., Pre-Proposal Conference, deadline for RFP questions as well as response.

    Download the RFP Calendar and Key Date Tool

    Draft your RFP

    Create and issue your RFP, which should contain at least the following:
    • The ability for the vendors to ask clarifying questions (in writing, sent to the predetermined RFP contact)
    • Pre-Proposal/Pre-Bid Conference schedule where vendors can receive the same answer to all clarifying written questions
    • A calendar of events (block the time on stakeholder calendars – see template).
    • Instructions to potential vendors on how they should construct and return their response to enable effective and timely evaluation of each offer.
    • Requirements; for example: Functional, Operational, Technical, and Legal.
    • Specification drawings as if applicable.
    • Consider adding vendor management requirements – how do you want to manage the relationship after the deal is done?
    • A pricing template for vendors to complete that facilitates comparison across multiple vendors.
    • Contract terms required by your legal team (or your standard contract for vendors to redline as part of their response and rated/ranked accordingly).
    • Create your RFP with the evaluation process and team in mind to ensure efficiency and timeliness in the process. Be clear, concise, and complete in the document.
    • Consistency and completeness is the foundation for ease of evaluation.
    • Give vendors detailed instruction on how to structure and organize their response.
    • Limit the number of open-ended questions requiring a long narrative response.
    • Be sure to leverage Info-Tech’s proven and field-tested Short-Form, Long-Form, and Lean RFP Templates provided in this blueprint.

    Create a template for the vendors’ response

    Dictating to the vendors the format of their response will increase your evaluation efficiency
    Narrative Response:

    Create either a Word or Excel document that provides the vendor with an easy vehicle for their response. This template should include the question identifier that ties the response back to the requirement in the RFP. Instruct vendors to include the question number on any ancillary materials they wish to include.

    Pricing Response:

    Create a separate Excel template that the vendors must use to provide their financial offer. This template should include pricing for hardware, software, training, implementation, and professional services, as well as placeholders for any additional fees.

    Always be flexible in accepting alternative proposals after the vendor has responded with the information you requested in the format you require.

    Stock image of a paper checklist in front of a laptop computer's screen.

    4.3.2 Vendor Pricing Tool

    1 hour

    Input: Identify pricing components for hardware, software, training, consulting/services, support, and additional licenses (if needed)

    Output: Vendor Pricing Tool

    Materials: RFP Requirements Worksheet, Pricing template

    Participants: IT, Finance, Business stakeholders, Sourcing/Procurement, Vendor management

    1. Using a good pricing template will prevent vendors from providing pricing offers that create a strategic advantage designed to prevent you from performing an apples-to-apples comparison.
    2. Provide specific instructions as to how the vendor is to organize their pricing response, which should be submitted separate from the RFP response.
    3. Configure and tailor pricing templates that are specific to the product and/or services.
    4. Upon receipt of all the vendor’s responses, simply cut and paste their total response to your base template for an easy side-by-side pricing comparison.
    5. Do not allow vendors to submit financial proposals outside of your template.

    Download the Vendor Pricing Tool

    Three RFP Templates

    Choose the right template for the right sourcing initiative

    • Short-Form
    • Use the Short-Form RFP Template for simple, non-complex solutions that are medium to low dollar amounts that do not require numerous requirements.

    • Long-Form
    • We recommend the Long-Form RFP Template for highly technical and complex solutions that are high dollar and have long implementation duration.

    • Excel-Form
    • Leverage the Excel-Form RFP Tool for requirements that are more specific in nature to evaluate a vendor’s capability for their solution. This template is designed to be complete and inclusive of the RFP process, e.g., requirements, vendor response, and vendor response evaluation scoring.

    Like tools in a carpenters’ tool box or truck, there is no right or wrong template for any job. Take into account your organization culture, resources available, time frame, policies, and procedures to pick the right tool for the job. (Steve Jeffery, Principal Research Director, Vendor Management, Co-Author: The Art of Creating a Quality RFP, Info-Tech Research Group)

    4.3.3 Short-Form RFP Template

    1-2 hours

    Input: List of technical, legal, business, and data security requirements

    Output: Full set of requirements, prioritized, that all participants agree to

    Materials: Short-Form RFP Template, Vendor Pricing Tool, Supporting exhibits

    Participants: IT management, Business stakeholder(s), Legal (as required), Risk management (as required), Sourcing/Procurement, Vendor management

    • This is a less complex RFP that has relatively basic requirements and perhaps a small window in which the vendors can respond. As with the long-form RFP, exhibits are placed at the end of the RFP, an arrangement that saves both your team and the vendors time. Of course, the short-form RFP contains less-specific instructions, guidelines, and rules for vendors’ proposal submissions.
    • We find that short-form RFPs are a good choice when you need to use something more than a request for quote (RFQ) but less than an RFP running 20 or more pages. It’s ideal, for example, when you want to send an RFP to only one vendor or to acquire items such as office supplies, contingent labor, or commodity items that don’t require significant vendor risk assessment.

    Download the Short-Form RFP Template

    4.3.4 Long-Form RFP Template

    1-3 hours

    Input: List of technical, legal, business, and data security requirements

    Output: Full set of requirements, prioritized, that all stakeholders agree to

    Materials: Long-Form RFP Template, Vendor Pricing Tool, Supporting exhibits

    Participants: IT management, Business stakeholder(s), Legal (as required), Risk management (as required), Sourcing/Procurement, Vendor management

    • A long-form or major RFP is an excellent tool for more complex and complicated requirements. This template is for a baseline RFP.
    • It starts with best-in-class RFP terms and conditions that are essential to maintaining your control throughout the RFP process. The specific requirements for the business, functional, technical, legal, and pricing areas should be included in the exhibits at the end of the template. That makes it easier to tailor the RFP for each deal, since you and your team can quickly identify specific areas that need modification. Grouping the exhibits together also makes it convenient for both your team to review and the vendors to respond.
    • You can use this sample RFP as the basis for your template RFP, taking it all as is or picking and choosing the sections that best meet the mission and objectives of the RFP and your organization.

    Download the Long-Form RFP Template

    4.3.5 Excel-Form RFP Tool

    Several weeks

    Input: List of technical, legal, business, and data security requirements

    Output: Full set of requirements, prioritized, that all stakeholders agree to

    Materials: Excel-Form RFP Template, Vendor Pricing Tool, Supporting exhibits

    Participants: IT management, Business stakeholder(s), Legal (as required), Risk management (as required), Sourcing/Procurement, Vendor management

    • The Excel-Form RFP Tool is used as an alternative to the other RFP toolsets if you have multiple requirements and have multiple vendors to choose from.
    • Requirements are written as a “statement” and the vendor can select from five answers as to their ability to meet the requirements, with the ability to provide additional context and materials to augment their answers, as needed.
    • Requirements are listed separately in each tab, for example, Business, Legal, Technical, Security, Support, Professional Services, etc.

    Download the Excel-Form RFP Template

    Six Steps to Perform RFI/RFP

    Step 1

    • Build your RFP with evaluation in mind.

    Step 2

    • RFI or no RFI
    • Consider a Lean RFP

    Step 3

    • Create your RFP
    • Establish your RFP dates
    • Decide on RFP template
      • Short
      • Long
      • Excel
    • Create a template for vendors’ response
    • Create your Pricing Template

    Step 4

    • Receive RFP questions from vendors
    • Review and prepare answers to questions for the Pre-Proposal Conference

    Step 5

    • Conduct a Pre-Proposal Conference

    Step 6

    • Receive vendors’ proposals
    • Review for compliance and completion
    • Team evaluates vendors’ proposals.
    • Prepare TCO
    • Draft executive recommendation report

    Answer Vendor Questions

    Maintaining your equal and level playing field among vendors

    • Provide an adequate amount of time from the RFP issue date to the deadline for vendor questions. There may be multiple vendor staff/departments that need to read the RFP and then discuss their response approach and gather any clarifying questions, so we generally recommend three to five business days.
    • There should be one point of contact for all Q&A, which should be submitted in writing via email only. Be sure to plan for enough time to get the answers back from the RFP stakeholders.
    • After the deadline, collect all Q&A and begin the process of consolidating into one document.
    Large silver question mark.
    • Be sure to anonymize both vendor questions and your responses, so as not to reveal who asked or answered the question.
    • Send the document to all RFP respondents via your sourcing tool or BCC in an email to the point of contact, with read receipt requested. That way, you can track who has received and opened the correspondence.
    • Provide the answers a few days prior to the Pre-Proposal Conference to allow all respondents time to review the document and prepare any additional questions.
    • Begin the preparation for the Pre-Proposal Conference.

    Six Steps to Perform RFI/RFP

    Step 1

    • Build your RFP with evaluation in mind.

    Step 2

    • RFI or no RFI
    • Consider a Lean RFP

    Step 3

    • Create your RFP
    • Establish your RFP dates
    • Decide on RFP template
      • Short
      • Long
      • Excel
    • Create a template for vendors’ response
    • Create your Pricing Template

    Step 4

    • Receive RFP questions from vendors
    • Review and prepare answers to questions for the Pre-Proposal Conference

    Step 5

    • Conduct a Pre-Proposal Conference

    Step 6

    • Receive vendors’ proposals
    • Review for compliance and completion
    • Team evaluates vendors’ proposals.
    • Prepare TCO
    • Draft executive recommendation report

    Conduct Pre-Proposal Conference

    Maintain an equal and level playing field

    • Consolidate all Q&A to be presented to all vendors during the Pre-Proposal Conference.
    • If the Pre-Proposal Conference is conducted via conference call, be sure to record the session and advise all participants at the beginning of the call.
    • Be sure to have key stakeholders present on the call to answer questions.
    • Read each question and answer, after which ask if there are any follow up questions. Be sure to capture them and then add them to the Q&A document.
    • Remind respondents that no further questions will be entertained during the remainder of the RFP response period.
    • Send the updated and completed document to all vendors (even if circumstances prevented their attending the Pre-Proposal Conference). Use the same process as when you sent out the initial answers: via email, blind copy the respondents and request read/receipt.

    “Using a Pre-Proposal Conference allows you to reinforce that there is a level playing field for all of the vendors…that each vendor has an equal chance to earn your business. This encourages and maximizes competition, and when that happens, the customer wins.” (Phil Bode, Principal Research Director, Co-Author: The Art of Creating a Quality RFP, Info-Tech Research Group)

    Pre-Proposal Conference Agenda

    Modify this agenda for your specific organization’s culture
    1. Opening Remarks & Welcome – RFP Manager
      1. Agenda review
      2. Purpose of the Pre-Proposal Conference
    2. Review Agenda
      1. Introduction of your (customer) attendees
    3. Participating Vendor Introduction (company name)
    4. Executive or Sr. Leadership Comments (limit to five minutes)
      1. Importance of the RFP
      2. High-level business objective or definition of success
    5. Review Key Dates in the RFP

    (Source: The Art of Creating a Quality RFP, Jeffery et al., 2019)
    1. Review of any Technical Drawings or Information
      1. Key technical requirements and constraints
      2. Key infrastructure requirements and constraints
    2. Review of any complex RFP Issues
      1. Project scope/out of scope
    3. Question &Answer
      1. Vendors’ questions in alphabetical order
    4. Review of Any Specific Instructions for the Respondents
    5. Conclusion/Closing
      1. Review how to submit additional questions
      2. Remind vendors of the single point of contact

    Allow your executive or leadership sponsor to leave the Pre-Proposal Conference after they provide their comments to allow them to continue their day while demonstrating to the vendors the importance of the project.

    Six Steps to Perform RFI/RFP

    Step 1

    • Build your RFP with evaluation in mind.

    Step 2

    • RFI or no RFI
    • Consider a Lean RFP

    Step 3

    • Create your RFP
    • Establish your RFP dates
    • Decide on RFP template
      • Short
      • Long
      • Excel
    • Create a template for vendors’ response
    • Create your Pricing Template

    Step 4

    • Receive RFP questions from vendors
    • Review and prepare answers to questions for the Pre-Proposal Conference

    Step 5

    • Conduct a Pre-Proposal Conference

    Step 6

    • Receive vendors’ proposals
    • Review for compliance and completion
    • Team evaluates vendors’ proposals.
    • Prepare TCO
    • Draft executive recommendation report

    Evaluate Responses

    Other important information

    • Consider separating the pricing component from the RFP responses before sending them to reviewers to maintain objectivity until after you have received all ratings on the proposals themselves.
    • Each reviewer should set aside focused time to carefully read each vendor’s response
    • Read the entire vendor proposal – they spent a lot time and money responding to your request, so please read everything.
    • Remind reviewers that they should route any questions to the vendor through the RFP manager.
    • Using the predetermined ranking system for each section, rate each section of the response, capturing any notes, questions, or concerns as you proceed through the document(s).
    Stock photo of a 'Rating' meter with values 'Very Bad to 'Excellent'.

    Use a proven evaluation method

    Two proven methods to reviewing vendors’ proposals are by response and by objective

    The first, by response, is when the evaluator reviews each vendor’s response in its entirety.

    The second, reviewing by objective, is when the evaluator reviews each vendor’s response to a single objective before moving on to the next.

    By Response

    Two-way arrow with '+ Pros' in green on the left and 'Cons -' in red on the right.

    By Objective

    Two-way arrow with '+ Pros' in green on the left and 'Cons -' in red on the right.

    • Each response is thoroughly read all the way through.
    • Response inconsistencies are easily noticed.
    • Evaluators obtain a good feel for the vendor's response.
    • Evaluators will lose interest as they move from one response to another.
    • Evaluation will be biased if the beginning of response is subpar, influencing the rest of the evaluation.
    • Deficiencies of the perceived favorite vendor are overlooked.
    • Evaluators concentrate on how each objective is addressed.
    • Evaluators better understand the responses, resulting in identifying the best response for the objective.
    • Evaluators are less susceptible to supplier bias.
    • Electronic format of the response hampers response review per objective.
    • If a hard copy is necessary, converting electronic responses to hard copy is costly and cumbersome.
    • Discipline is required to score each vendor's response as they go.

    Maintain evaluation objectivity by reducing response evaluation biases

    Evaluation teams can be naturally biased during their review of the vendors’ responses.

    You cannot eliminate bias completely – the best you can do is manage it by identifying these biases with the team and mitigating their influence in the evaluation process.

    Vendor

    The evaluator only trusts a certain vendor and is uncomfortable with any other vendor.
    • Evaluate the responses blind of vendor names, if possible.
    Centerpiece for this table, titled 'BIAS' and surrounding by iconized representations of the four types listed.

    Account Representatives

    Relationships extend beyond business, and an evaluator doesn't want to jeopardize them.
    • Craft RFP objectives that are vendor neutral.

    Technical

    A vendor is the only technical solution the evaluator is looking for, and they will not consider anything else.
    • Conduct fair and open solution demonstrations.

    Price

    As humans, we can justify anything at a good price.
    • Evaluate proposals without awareness of price.

    Additional insights when evaluating RFPs

    When your evaluation team includes a member of the C-suite or senior leadership, ensure you give them extra time to sufficiently review the vendor's responses. When your questions require a definitive “Yes”/“True” or “No”/“False” responses, we recommend giving the maximum score for “Yes”/“True” and the minimum score for “No”/“False”.
    Increase your efficiency and speed of evaluation by evaluating the mandatory requirements first. If a vendor's response doesn't meet the minimum requirements, save time by not reviewing the remainder of the response. Group your RFP questions with a high-level qualifying question, then the supporting detailed requirements. The evaluation team can save time by not evaluating a response that does not meet a high-level qualifying requirement.

    Establish your evaluation scoring scale

    Define your ranking scale to ensure consistency in ratings

    Within each section of your RFP are objectives, each of which should be given its own score. Our recommended approach is to award on a scale of 0 to 5. With such a scale, you need to define every level. Below are the recommended definitions for a 0 to 5 scoring scale.

    Score Criteria for Rating
    5 Outstanding – Complete understanding of current and future needs; solution addresses current and future needs
    4 Competent – Complete understanding and adequate solution
    3 Average – Average understanding and adequate solution
    2 Questionable – Average understanding; proposal questionable
    1 Poor – Minimal understanding
    0 Not acceptable – Lacks understanding
    Stock photo of judges holding up their ratings.

    Weigh the sections of your RFP on how important or critical they are to the RFP

    Obtain Alignment on Weighting the Scores of Each Section
    • There are many ways to score responses, ranging from extremely simple to highly complicated. The most important thing is that everyone responsible for completing scorecards is in total agreement about how the scoring system should work. Otherwise, the scorecards will lose their value, since different weighting and scoring templates were used to arrive at their scores.
    • You can start by weighting the scores by section, with all sections adding up to 100%.
    Example RFP Section Weights
    Pie chart of example RFP section weights, 'Operational, 20%', 'Service-Level Agreements, 20%', 'Financial, 20%', 'Legal/Contractual, 15%', 'Technical, 10%' 'Functional, 15%'.
    (Source: The Art of Creating a Quality RFP, Jeffery et al., 2019)

    Protect your negotiation leverage with these best practices

    Protect your organization's reputation within the vendor community with a fair and balanced process.
    • Unless you regularly have the evaluators on your evaluation team, always assume that the team members are not familiar nor experienced with your process and procedures.
    • Do not underestimate the amount of preparations required to ensure that your evaluation team has everything they need to evaluate vendors’ responses without bias.
    • Be very specific about the expectations and time commitment required for the evaluation team to evaluate the responses.
    • Explain to the team members the importance of evaluating responses without conflicts of interest, including the fact that information contained within the responses and all discussions within the team are considered company owned and confidential.
    • Include examples of the evaluation and scoring processes to help the evaluators understand what they should be doing.
    • Finally – don’t forget to the thank the evaluation team and their managers for their time and commitment in contributing to this essential decision.
    Stock photo of a cork board with 'best practice' spelled out by tacked bits of paper, each with a letter in a different font.

    Evaluation teams must balance commercial vs. technical requirements

    Do not alter the evaluation weights after responses are submitted.
    • Evaluation teams are always challenged by weighing the importance of price, budget, and value against the technical requirements of “must-haves” and super cool “nice-to-haves.”
    • Encouraging the evaluation team not to inadvertently convert the nice-to-haves to must-haves will prevent scope creep and budget pressure. The evaluation team must concentrate on the vendors’ responses that drive the best value when balancing both commercial and technical requirements.
    Two blocks labelled 'Commercial Requirements' and 'Technical Requirements' balancing on either end of a flat sheet, which is balancing on a silver ball.

    4.6.1 Evaluation Guidebook

    1 hour

    Input: RFP responses, Weighted Scoring Matrix, Vendor Response Scorecard

    Output: One or two finalists for which negotiations will proceed

    Materials: RFP Evaluation Guidebook

    Participants: IT, Finance, Business stakeholders, Sourcing/Procurement, Vendor management

    1. Info-Tech provides an excellent resource for your evaluation team to better understand the process of evaluating vendor response. The guidebook is designed to be configured to the specifics of your RFP, with guidance and instructions to the team.
    2. Use this guidebook to provide instruction to the evaluation team as to how best to score and rate the RFP responses.
    3. Specific definitions are provided for applying the numerical scores to the RFP objectives will ensure consistency among the appropriate numerical score.

    Download the RFP Evaluation Guidebook

    4.6.2 RFP Vendor Proposal Scoring Tool

    1-4 hours

    Input: Each vendor’s RFP response, A copy of the RFP (less pricing), A list of the weighted criteria incorporated into a vendor response scorecard

    Output: A consolidated ranked and weighted comparison of the vendor responses with pricing

    Materials: Vendor responses, RFP Evaluation Tool

    Participants: Sourcing/Procurement, Vendor management

    1. Using the RFP outline as a base, develop a scorecard to evaluate and rate each section of the vendor response, based on the criteria predetermined by the team.
    2. Provide each stakeholder with the scorecard when you provide the vendor responses for them to review and provide the team with adequate time to review each response thoroughly and completely.
    3. Do not, at this stage, provide the pricing. Allow stakeholders to review the responses based on the technical, business, operational criteria without prejudice as to pricing.
    4. Evaluators should always be reminded that they are evaluating each vendor’s response against the objectives and requirements of the RFP. The evaluators should not be evaluating each vendor’s response against one another.
    5. While the team is reviewing and scoring responses, review and consolidate the vendor pricing submissions into one document for a side-by-side comparison.

    Download the RFP Evaluation Tool

    4.6.3 Total Cost of Owners (TCO)

    1-2 hours

    Input: Consolidated vendor pricing responses, Consolidated vendor RFP responses, Current spend within your organization for the product/service, if available, Budget

    Output: A completed TCO model summarizing the financial results of the RFP showing the anticipated costs over the term of the agreement, taking into consideration the impact of renewals.

    Materials: Vendor TCO Tool, Vendor pricing responses

    Participants: IT, Finance, Business stakeholders, Sourcing/Procurement

    • Use Info-Tech’s Vendor TCO Tool to normalize each vendor’s pricing proposal and account for the lifetime cost of the product.
    • Fill in pricing information (the total of all annual costs) from each vendor's returned Pricing Proposal.
    • The tool will summarize the net present value of the TCO for each vendor proposal.
    • The tool will also provide the rank of each pricing proposal.

    Download the Vendor TCO Tool

    Conduct an evaluation team results meeting

    Follow the checklist below to ensure an effective evaluation results meeting

    • Schedule the evaluation team’s review meeting well in advance to ensure there are no scheduling conflicts.
    • Collect the evaluation team’s scores in advance.
    • Collate scores and provide an initial ranking.
    • Do not reveal the pricing evaluation results until after initial discussions and review of the scoring results.
    • Examine both high and low scores to understand why the team members scored the response as they did.
    • Allow the team to discuss, debate, and arrive at consensus on the ranking.
    • After consensus, reveal the pricing to examine if or how it changes the ranking.
    • Align the team on the next steps with the applicable vendors.

    4.6.4 Consolidated RFP Response Scoring

    1-2 hours

    Input: Vendor Response Scorecard from each stakeholder, Consolidated RFP responses and pricing, Any follow up questions or items requiring further vendor clarification.

    Output: An RFP Response Evaluation Summary that identifies the finalists based on pre-determined criteria.

    Materials: RFP Evaluation Tool from each stakeholder, Consolidated RFP responses and pricing.

    Participants: IT, Finance, Business stakeholders, Sourcing/Procurement, Vendor management

    1. Collect from the evaluation team all scorecards and any associated questions requiring further clarification from the vendor(s). Consolidate the scorecards into one for presentation to the team and key decision makers.
    2. Present the final scores to the team, with the pricing evaluation, to determine, based on your needs, two or three finalists that will move forward to the next steps of negotiations.
    3. Discuss any scores that are have large gaps, e.g., a requirement with a score of one from one evaluator and the same requirement with a score five from different evaluator.
    4. Arrive at a consensus of your top one or two potential vendors.
    5. Determine any required follow-up actions with the vendors and include them in the Evaluation Summary.

    Download the Consolidated Vender RFP Response Evaluation Summary

    4.6.5 Vendor Recommendation Presentation

    1-3 hours
    1. Use the Vendor Recommendation Presentation to present your finalist and obtain final approval to negotiate and execute any agreements.
    2. The Vendor Recommendation Presentation provides leadership with:
      1. An overview of the RFP, its primary goals, and key requirements
      2. A summary of the vendors invited to participate and why
      3. A summary of each component of the RFP
      4. A side-by-side comparison of key vendor responses to each of the key/primary requirements, with ranking/weighting results
      5. A summary of the vendor’s responses to key legal terms
      6. A consolidated summary of the vendors’ pricing, augmented by the TCO calculations for the finalist(s).
      7. The RFP team’s vendor recommendations based on its findings
      8. A summary of next steps with dates
      9. Request approval to proceed to next steps of negotiations with the primary and secondary vendor

    Download the Vendor Recommendation Presentation

    4.6.5 Vendor Recommendation Presentation

    Input

    • Consolidated RFP responses, with a focus on key RFP goals
    • Consolidated pricing responses
    • TCO Model completed, approved by Finance, stakeholders

    Output

    • Presentation deck summarizing the key findings of the RFP results, cost estimates and TCO and the recommendation for approval to move to contract negotiations with the finalists

    Materials

    • Consolidated RFP responses, including legal requirements
    • Consolidated pricing
    • TCO Model
    • Evaluators scoring results

    Participants

    • IT
    • Finance
    • Business stakeholders
    • Legal
    • Sourcing/Procurement

    Caution: Configure templates and tools to align with RFP objectives

    Templates and tools are invaluable assets to any RFP process

    • Leveraging templates and tools saves time and provides consistency to your vendors.
    • Maintain a common repository of your templates and tools with different versions and variations. Include a few sentences with instructions on how to use the template and tools for team members who might not be familiar with them.

    Templates/Tools

    RFP templates and tools are found in a variety of places, such as previous projects, your favorite search engine, or by asking a colleague.

    Sourcing

    Regardless of the source of these documents, you must take great care and consideration to sanitize any reference to another vendor, company, or name of the deal.

    Review

    Then you must carefully examine the components of the deal before creating your final documents.

    Popular RFP templates include:

    • RFP documents
    • Pricing templates
    • Evaluation and scoring templates
    • RFP requirements
    • Info-Tech research

    Phase 5

    Negotiate Agreement(s)

    Steps

    5.1 Perform negotiation process

    Steps in an RFP Process with the fifth step, 'Negotiate Agreement', highlighted.

    This phase involves the following participants:

    • Procurement
    • Vendor management
    • Legal
    • IT stakeholders
    • Finance

    Outcomes of this phase

    A negotiated agreement or agreements that are a result of competitive negotiations.

    Negotiate Agreement(s)

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Negotiate Agreement

    You should evaluate your RFP responses first to see if they are complete and the vendor followed your instructions.


    Then you should:

    • Plan negotiation(s) with one or more vendors based on your questions and opportunities identified during evaluation.
    • Select finalist(s).
    • Apply selection criteria.
    • Resolve vendors’ exceptions.

    Info-Tech Insight

    Be certain to include any commitments made in the RFP, presentations, and proposals in the agreement – dovetails to underperforming vendor.

    Centerpiece of the table, titled 'Negotiation Process'.

    Leverage Info-Tech's negotiation process research for additional information

    Negotiate before you select your vendor:
    • Negotiating with two or more vendors will maintain your competitive leverage while decreasing the time it takes to negotiate the deal.
    • Perform legal reviews as necessary.
    • Use sound competitive negotiations principles.

    Info-Tech Insight

    Providing contract terms in an RFP can dramatically reduce time for this step by understanding the vendor’s initial contractual position for negotiation.

    Phase 6

    Purchase Goods and Services

    Steps

    6.1 Purchase Goods & Services

    Steps in an RFP Process with the sixth step, 'Purchase Goods and Services', highlighted.

    This phase involves the following participants:

    • Procurement
    • Vendor management
    • IT stakeholders

    Outcomes of this phase

    A purchase order that completes the RFP process.

    The beginning of the vendor management process.

    Purchase Goods and Services

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Purchase Goods and Services

    Prepare to purchase goods and services

    Prepare to purchase goods and services by completing all items on your organization’s onboarding checklist.
    • Have the vendor complete applicable tax forms.
    • Set up the vendor in accounts payable for electronic payment (ACH) set-up.
    Then transact day-to-day business:
    • Provide purchasing forecasts.
    • Complete applicable purchase requisition and purchase orders. Be sure to reference the agreement in the PO.
    Stock image of a computer monitor with a full grocery cart shown on the screen.

    Info-Tech Insight

    As a customer, honoring your contractual obligations and commitments will ensure that your organization is not only well respected but considered a customer of choice.

    Phase 7

    Assess and Measure Performance

    Steps

    7.1 Assess and measure performance against the agreement

    Steps in an RFP Process with the seventh step, 'Assess and Measure Performance', highlighted.

    This phase involves the following participants:

    • Vendor management
    • Business stakeholders
    • Senior leadership (as needed)
    • IT stakeholders
    • Vendor representatives & senior management

    Outcomes of this phase

    A list of what went well during the period – it’s important to recognize successes

    A list of areas needing improvement that includes:

    • A timeline for each item to be completed
    • The team member(s) responsible

    Purchase Goods and Services

    Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6 Phase 7

    Assess and Measure Performance

    Measure to manage: the job doesn’t end when the contract is signed.

    • Classify vendor
    • Assess vendor performance
    • Manage improvement
    • Conduct periodic vendor performance reviews or quarterly business reviews
    • Ensure contract compliance for both the vendor and your organization
    • Build knowledgebase for future
    • Re-evaluate and improve appropriately your RFP processes

    Info-Tech Insight

    To be an objective vendor manager, you should also assess and measure your company’s performance along with the vendor’s performance.

    Summary of Accomplishment

    Problem Solved

    Upon completion of this blueprint, guided implementation, or workshop, your team should have a comprehensive, well-defined end-to-end approach to performing a quality sourcing event. Leverage Info-Tech’s industry-proven tools and templates to provide your organization with an effective approach to maintain your negotiation leverage, improve the ease with which you evaluate vendor proposals, and reduce your risk while obtaining the best market value for your goods and services.

    Additionally, your team will have a foundation to execute your vendor management principles. These principles will assist your organization in ensuring you receive the perceived value from the vendor as a result of your competitive negotiations.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Final Thoughts: RFP Do’s and Don’ts

    DO

    • Leverage your team’s knowledge
    • Document and explain your RFP process to stakeholders and vendors
    • Include contract terms in your RFP
    • Consider vendor management requirements up front
    • Plan to measure and manage performance after contract award leveraging RFP objectives
    • Seek feedback from the RFP team for process improvements

    DON'T

    • Reveal your budget
    • Do an RFP in a vacuum
    • Send an RFP to a vendor your team is not willing to award the business to
    • Hold separate conversations with candidate vendors during your RFP process
    • Skimp on the requirements definition to speed the process
    • Tell the vendor they are selected before negotiating

    Bibliography

    “2022 RFP Response Trends & Benchmarks.” Loopio, 2022. Web.

    Corrigan, Tony. “How Much Does it Cost to Respond to an RFP?” LinkedIn, March 2017. Accessed 10 Dec. 2019

    “Death by RFP:7 Reasons Not to Respond.” Inc. Magazine, 2013. Web.

    Jeffery, Steven, George Bordon, and Phil Bode. The Art of Creating a Quality RFP, 3rd ed. Info-Tech Research Group, 2019.

    “RFP Benchmarks: How Much Time and Staff Firms Devote to Proposals.” MarketingProfs, 2020. Web.

    “State of the RFP 2019.” Bonfire, 2019. Web.

    “What Vendors Want (in RFPs).” Vendorful, 2020. Web.

    Related Info-Tech Research

    Stock photo of two people looking at a tablet. Prepare for Negotiations More Effectively
    • Negotiations are about allocating risk and money – how much risk is a party willing to accept at what price point?
    • Using a cross-functional/cross-insight team structure for negotiation preparation yields better results.
    • Soft skills aren’t enough and theatrical negotiation tactics aren’t effective.
    Stock photo of two people in suits shaking hands. Understand Common IT Contract Provisions to Negotiate More Effectively
    • Focus on the terms and conditions, not just the price. Too often, organizations focus on the price contained within their contracts, neglecting to address core terms and conditions that can end up costing multiples of the initial price.
    • Lawyers can’t ensure you get the best business deal. Lawyers tend to look at general terms and conditions for legal risk and may not understand IT-specific components and business needs.
    Stock photo of three people gathered around a computer. Jump Start Your Vendor Management Initiative
    • Vendor management must be an IT strategy. Solid vendor management is an imperative – IT organizations must develop capabilities to ensure that services are delivered by vendors according to service-level objectives and that risks are mitigated according to the organization's risk tolerance.
    • Visibility into your IT vendor community. Understand how much you spend with each vendor and rank their criticality and risk to focus on the vendors you should be concentrating on for innovative solutions.

    Re-Envision Enterprise Printing

    • Buy Link or Shortcode: {j2store}165|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: $9,000 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: End-User Computing Devices
    • Parent Category Link: /end-user-computing-devices
    • Enterprises may be overspending on printing, but this spend is often unknown and untracked.
    • You are locked into a traditional printer lease and outdated document management practices, hampering digital transformation.

    Our Advice

    Critical Insight

    Don’t just settle for printer consolidation: Seek to eliminate print and enlist your managed print services vendor to help you achieve that goal.

    Impact and Result

    • Identify reduction opportunities via a thorough inventory and requirements-gathering process, and educate others on the financial and non-financial benefits. Enforce reduced printing through policies.
    • Change your printing financial model to print as a service by building an RFP and scoring tool for managed print services that makes the vendor a partner in continuous innovation.
    • Leverage durable print management software to achieve vendor-agnostic governance and visibility.

    Re-Envision Enterprise Printing Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Re-Envision Enterprise Printing – A step-by-step document to help plan and execute a printer reduction project.

    This storyboard will help you plan the project, assess your current state and requirements, build a managed print services RFP and scoring process, and build continuous improvement of business processes into your operations.

    • Re-Envision Enterprise Printing – Phases 1-3

    2. Planning tools

    Use these templates and tools to plan the printer reduction project, document your inventory, assess current printer usage, and gather information on current and future requirements.

    • Enterprise Printing Project Charter
    • Enterprise Printing Roles and Responsibilities RACI Guide
    • Printer Reduction Tool
    • End-User Print Requirements Survey

    3. RFP tools

    Use these templates and tools to create an RFP for managed print services that can easily score and compare vendors.

    • Managed Print Services Vendor Assessment Questions
    • Managed Print Services RFP Vendor Proposal Scoring Tool
    • Managed Print Services RFP Template

    4. Printer policy

    Update the printer policy to express the new focus on reducing unsupported printer use.

    • Printer Policy Template

    Infographic

    Further reading

    Re-Envision Enterprise Printing

    Don't settle for printer consolidation; seek the elimination of print

    Analystperspective

    You're likely not in the printing business.
    Prepare your organization for the future by reducing print.

    Initiatives to reduce printers are often met with end-user resistance. Don't focus on the idea of taking something away from end users. Instead, focus on how print reduction fits into larger goals of business process improvement, and on opportunities to turn the vendor into a partner who drives business process improvement through ongoing innovation and print reduction.

    What are your true print use cases? Except in some legitimate use cases, printing often introduces friction and does not lead to efficiencies. Companies investing in digital transformation and document management initiatives must take a hard look at business processes still reliant on hard copies. Assess your current state to identify what the current print volume and costs are and where there are opportunities to consolidate and reduce.

    Change your financial model. The managed print services industry allows you to use a pay-as-you-go approach and right-size your print spend to the organization's needs. However, in order to do printing-as-a-service right, you will need to develop a good RFP and RFP evaluation process to make sure your needs are covered by the vendor, while also baking in assurances the vendor will partner with you for continuous print reduction.

    This is a picture of Emily Sugerman

    Emily Sugerman
    Research Analyst, Infrastructure & Operations
    Info-Tech Research Group

    Darin Stahl
    Principal Research Advisor, Infrastructure & Operations
    Info-Tech Research Group

    Executive summary

    Your Challenge

    IT directors and business operations managers face several challenges:

    • Too many known unknowns: Enterprises may be overspending on printing, but this spend is often unknown and untracked.
    • Opportunity costs: By locking into conventional printer leases and outdated document management, you are locking yourself out of the opportunity to improve business processes.

    Common Obstacles

    Printer reduction initiatives are stymied by:

    • End-user resistance: Though sometimes the use of paper remains necessary, end users often cling to paper processes out of concern about change.
    • Lack of governance: You lack insight into legitimate print use cases and lack full control over procurement of devices and consumables.
    • Overly generic RFP: Print requirements are not tailored to your organization, and your managed print services RFP does not ask enough of the vendor.

    Info-Tech's Approach

    Follow these steps to excise superfluous, costly printing:

    • Identify reduction opportunities via a thorough inventory and requirements-gathering process, and educate others on the financial and non-financial benefits. Enforce reduced printing through policies.
    • Change your printing financial model to print-as-a-service by building an RFP and scoring tool for managed print services that makes the vendor a partner in continuous innovation.
    • Leverage durable print management software to achieve vendor-agnostic governance and visibility.

    Info-Tech Insight

    Don't settle for printer consolidation: seek to eliminate print and enlist your managed print services vendor to help you achieve that goal.

    Your challenge

    This research is designed to help organizations that aim to reduce printing long term

    • Finally understand aggregate printing costs: Not surprisingly, printing has become a large hidden expense in IT. Enterprises may be overspending on printing, but this spend is often unknown and untracked. Printer consumables are purchased independently by each department, non-networked desktop printers are everywhere, and everyone seems to be printing in color.
    • Walk the walk when it comes to digital transformation: Outdated document management practices that rely on unnecessary printing are not the foundation upon which the organization can improve business processes.
    • Get out of the printing business: Hire a managed print provider and manage that vendor well.

    "There will be neither a V-shaped nor U-shaped recovery in demand for printing paper . . . We are braced for a long L-shaped decline."
    –Toru Nozawa, President, Nippon Paper Industries (qtd. in Nikkei Asia, 2020).

    Weight of paper and paperboard generated in the U.S.*

    This is an image of a graph plotting the total weight of paper and paperboard generated in the US, bu thousands of US tons.

    *Comprises nondurable goods (including office paper), containers, and packaging.

    **2020 data not available.

    Source: EPA, 2020.

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • Cost-saving opportunities are unclear: In most cases, nobody is accountable for controlling printing costs, so there's a lack of incentive to do so.
    • End-user attachment to paper-based processes: For end users who have been relying on paper processes, switching to a new way of working can feel like a big ask, particularly if an optimized alternative has not been provided and socialized.
    • Legitimate print use cases are undefined: Print does still have a role in some business processes (e.g. for regulatory reasons). However, these business processes have not been analyzed to determine which print use cases are still legitimate. The WFH experience during the COVID-19 pandemic demonstrated that many workflows that previously incorporated printing could be digitized. Indeed, the overall attachment to office paper is declining (see chart).
    • Immature RFP and RFP scoring methods: Outsourcing print to a managed service provider necessitates careful attention to RFP building and scoring. If your print requirements are not properly tailored to your organization and your managed print services RFP does not ask enough of the vendor, it will be harder to hold your vendor to account.

    How important is paper in your office?

    87% 77%

    Quocirca, a printer industry market research firm, found that the number of organizations for whom paper is "fairly or very important to their business" has dropped 10 percentage points between 2019 and 2021.

    Source: Quocirca, 2021.

    Info-Tech's approach

    Permanently change your company's print culture

    1. Plan your Project
    • Create your project charter, investigate end user printer behavior and reduction opportunities, gather requirements and calculate printer costs
  • Find the right managed print vendor
    • Protect yourself by building the right requirements into your RFP, evaluating candidates and negotiating from a strong position
  • Implement the new printer strategy
    • Identify printers to consolidate and eliminate, install them, and communicate updated printer policy
  • Operate
    • Track the usage metrics, service requests, and printing trends, support the printers and educate users to print wisely and sparingly
  • The Info-Tech difference:

    1. Use Info-Tech's tracking tools to finally track data on printer inventory and usage.
    2. Get to an RFP for managed print services faster through Info-Tech's requirement selection activity, and use Info-Tech's scoring tool template to more quickly compare candidates and identify frontrunners and knockouts.
    3. Use Info-Tech's guidance on print management software to decouple your need to govern the fleet from any specific vendor.

    Info-Tech's methodology for Re-Envision Enterprise Printing

    1. Strategy & planning 2. Vendor selection, evaluation, acquisition 3. Implementation & operation
    Phase steps
    1. Create project charter and assign roles
    2. Assess current state of enterprise print environments
    3. Gather current and future printer requirements
    1. Understand managed print services model
    2. Create RFP documents and score vendors
    3. Understand continuous innovation & print management software
    1. Modify printer policies
    2. Measure project success
    3. Training & adoption
    4. Plan persuasive communication
    5. Prepare for continuous improvement
    Phase outcomes
    • Documentation of project roles, scope, objectives, success metrics
    • Accurate printer inventory
    • Documentation of requirements based on end-user feedback, existing usage, and future goals
    • Finalized requirements
    • Completed RFP and vendor scoring tool
    • Managed print vendor selected, if necessary
    • Updated printer policies that reinforce print reduction focus
    • Assessment of project success

    Insight summary

    Keep an eye on the long-term goal of eliminating print

    Don't settle for printer consolidation: seek to eliminate print and enlist your managed print services vendor to help you achieve that goal.

    Persuading leaders is key

    Good metrics and visible improvement are important to strengthen executive support for a long-term printer reduction strategy.

    Tie printer reduction into business process improvement

    Achieve long-lasting reductions in print through document management and improved workflow processes.

    Maintain clarity on what types of printer use are and aren't supported by IT

    Modifying and enforcing printing policies can help reduce use of printers.

    Print management software allows for vendor-agnostic continuity

    Print management software should be vendor-agnostic and allow you to manage devices even if you change vendors or print services.

    Secure a better financial model from the provider

    Simply changing your managed print services pay model to "pay-per-click" can result in large cost savings.

    Blueprint deliverables

    Key deliverable:

    Managed Print Services RFP

    This blueprint's key deliverable is a completed RFP for enterprise managed print services, which feeds into a scoring tool that accelerates the requirements selection and vendor evaluation process.

    Managed Print Services Vendor Assessment Questions

    This is a screenshot from the Managed Print Services Vendor Assessment Questions

    Managed Print Services RFP Template

    This is a screenshot from the Managed Print Services RFP Template

    Managed Print Services RFP Vendor Proposal Scoring Tool

    This is a screenshot from the Managed Print Services RFP Vendor Proposal Scoring Tool

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Enterprise Printing Project Charter

    This is a screenshot from the Enterprise Printing Project Charter

    Document the parameters of the print reduction project, your goals, desired business benefits, metrics.

    Enterprise Printing Roles and Responsibilities RACI Guide

    This is a screenshot from the Enterprise Printing Project Charter

    Assign key tasks for the project across strategy & planning, vendor selection, implementation, and operation.

    Printer Policy

    This is a screenshot from the Printer Policy

    Start with a policy template that emphasizes reduction in print usage and adjust as needed for your organization.

    Printer Reduction Tool

    This is a screenshot from the Printer Reduction Tool

    Track the printer inventory and calculate total printing costs.

    End-User Print Requirements Survey

    This is a screenshot from the End-User Print Requirements Survey

    Base your requirements in end user needs and feedback.

    Blueprint benefits

    IT benefits

    • Make the project charter for printer reduction and estimate cost savings
    • Determine your organization's current printing costs, usage, and capabilities
    • Define your organization's printing requirements and select a solution
    • Develop a printer policy and implement the policy

    Business benefits

    • Understand the challenges involved in reducing printers
    • Understand the potential of this initiative to reduce costs
    • Accelerate existing plans for modernization of paper-based business processes by reducing printer usage
    • Contribute to organizational environmental sustainability targets

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #4: Review requirements.
    Weigh the benefits of managed print services.

    Call #6: Measure project success.

    Call #2: Review your printer inventory.
    Understand your current printing costs and usage.

    Call #5: Review completed scoring tool and RFP.

    Call #5: Review vendor responses to RFP.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    Phase 1

    Strategy and Planning

    Strategy & planning

    Vendor selection, evaluation, acquisition

    Implementation & Operation

    1.1 Create project charter and assign roles

    1.2 Assess current state

    1.3 Gather requirements

    2.1 Understand managed print services model

    2.2 Create RFP materials

    2.3 Leverage print management software

    3.1 Modify printer policies

    3.2 Measure project success

    3.3 Training & adoption

    3.4 Plan communication

    3.5 Prepare for continuous improvement

    Re-Envision Enterprise Printing

    • This phase will walk you through the following activities:
    • Create a list of enterprise print roles and responsibilities
    • Create project charter
    • Inventory printer fleet and calculate printing costs
    • Examine current printing behavior and identify candidates for device elimination
    • Gather requirements, including through end user survey

    This phase involves the following participants:

    • IT director/CIO
    • Business operations manager
    • Project manager

    Step 1.1

    Create project charter and assign roles

    Outcomes of this step

    Completed Project Charter with RACI chart

    Phase 1: Strategy and Planning

    • Step 1.1 Create project charter and assign roles
    • Step 1.2 Assess current state
    • Step 1.3 Gather requirements

    This step involves the following participants:

    • IT director/CIO
    • Business operations manager
    • Project manager

    Activities in this step

    • Create a list of enterprise print roles and responsibilities
    • Create project charter

    1.1 Create project charter

    Use the project charter to clearly define the scope and avoid scope creep

    Identify project purpose

    • Why is the organization taking on this project? What are you trying to achieve?
    • What is the important background you need to document? How old is the fleet? What kinds of printer complaints do you get? What percentage of the IT budget does printing occupy?
    • What specific goals should this project achieve? What measurable financial and non-financial benefits do these goals achieve?

    Identify project scope

    • What functional requirements do you have?
    • What outputs are expected?
    • What constraints will affect this project?
    • What is out of scope for this project?

    What are the main roles and responsibilities?

    • Who is doing what for this project?

    How will you measure success?

    • What are the project's success metrics and KPIs?

    Enterprise Printing Project Charter

    This is a screenshot from the Enterprise Printing Project Charter

    Anticipate stakeholder resistance

    Getting management buy-in for printer reduction is often one of the biggest challenges of the project.

    Challenge Resolution
    Printer reduction is not typically high on the priority list of strategic IT initiatives. It is often a project that regularly gets deferred. The lack of an aggregate view of the total cost of printing in the environment could be one root cause, and what can't be measured usually isn't being managed. Educate and communicate the benefits of printer reduction to executives. In particular, spend time getting buy-in from the COO and/or CFO. Use Info-Tech's Printer Reduction Tool to show executives the waste that is currently being generated.
    Printers are a sensitive and therefore unpopular topic of discussion. Executives often see a trade-off: cost savings versus end-user satisfaction. Make a strong financial and non-financial case for the project. Show examples of other organizations that have successfully consolidated their printers.

    Info-Tech Insight

    If printer reduction is not driven and enforced from the top down, employees will find ways to work around your policies and changes. Do not attempt to undertake printer reduction initiatives without alerting executives. Ensure visible executive support to achieve higher cost savings.

    Align the printer reduction project to org goals to achieve buy-in

    A successful IT project demonstrates clear connections to business goals

    Which business and organizational goals and drivers are supported by IT's intention to transform its printing ecosystem? For example,

    Legislation: In 2009, the Washington House of Representatives passed a bill requiring state agencies to implement a plan to reduce paper consumption by 30% (State of Washington, 2009). The University of Washington cites this directive as one of the drivers for their plans to switch fully to electronic records by 2022 (University of Washington, n.d.).

    Health care modernization: Implementing electronic health records; reducing paper charts.

    Supply chain risk reduction: In 2021, an Ontario district school board experienced photocopier toner shortages and were forced to request schools to reduce printing and photocopying: "We have recommended to all locations that the use of printing be minimized as much as possible and priority given to the printing of sensitive and confidential documentation" (CBC, 2021).

    Identify overall organizational goals in the following places:

    • Company mission statements
    • Corporate website
    • Business strategy documents
    • Other IT strategy documents
    • Executives

    Document financial and non-financial benefits

    Financial benefits: Printer reduction can reduce your printing costs and improve printing capabilities.

    • Printer reduction creates a controlled print environment; poorly controlled print environments breed unnecessary costs.
    • Cost savings can be realized through:
      • Elimination of cost-efficient inkjet desktop printers.
      • Elimination of high-cost, inefficient, or underutilized printers.
      • Sharing of workshop printers between an optimal number of end users.
      • Replacing separate printers, scanners, copiers, and fax machines with. multi-function devices.
    • Cost savings can be achieved through a move to managed print services, if you negotiate the contract well and manage the vendor properly. The University of Washington estimated a 20-25% cost reduction under a managed print services model compared to the existing lease (University of Washington, "What is MPS").

    Non-financial benefits: Although the main motivation behind printer reduction is usually cost savings, there are also non-financial benefits to the project.

    • Printer reduction decreases physical space required for printers
    • Printer reduction meets employee and client environmental demands
      • Printer reduction can reduce the electricity and consumables used
      • Reduction in consumables means reduced hazardous waste from consumables and devices
    • Printer reduction can result in better printing capabilities
      • Moving to a managed print services model can provide you with better printing capabilities with higher availability

    Assign responsibility to track print device costs to IT

    Problem:
    Managers in many organizations wrongly assume that since IT manages the printer devices, they also already manage costs.

    However, end users typically order printer devices and supplies through the supplies/facilities department, bypassing any budget approval process, or through IT, which does not have any authority or incentive to restrict requests (when they're not measured against the controlling of printer costs).

    Organization-wide printer usage policies are rarely enforced with any strictness.

    Without systematic policy enforcement, end-user print behavior becomes frivolous and generates massive printing costs.

    Solution:
    Recommend all print device costs be allocated to IT.

    • Aggregate responsibility: Recommend that all printer costs be aggregated under IT's budget and tracked by IT staff.
    • Assign accountability: Although supplies may continually be procured by the organization's supplies/facilities department, IT should track monthly usage and costs by department.
    • Enforce policy: Empower IT with the ability to enforce a strict procurement policy that ensures all devices in the print environment are approved models under IT's control. This eliminates having unknown devices in the printer fleet and allows for economies of scale to be realized from purchasing standardized printing supplies.
    • Track metrics: IT should establish metrics to measure and control each department's printer usage and flat departments that exceed their acceptable usage amounts.

    Assign accountability for the initiative

    Someone needs to have accountability for both the printer reduction tasks and the ongoing operation tasks, or the initiative will quickly lose momentum.

    Customize Info-Tech's Enterprise Printing Roles and Responsibilities RACI Guide RACI chart to designate project roles and responsibilities to participants both inside and outside IT.

    These tasks fall under the categories of:

    • Strategy and planning
    • Vendor selection, evaluation, and acquisition
    • Implementation
    • Operate

    Assign a RACI: Remember the meaning of the different roles

    • Responsible (does the work on a day-to-day basis)
    • Accountable (reviews, signs off on, and is held accountable for outcomes)
    • Consulted (input is sought to feed into decision making)
    • Informed (is given notification of outcomes)

    As a best practice, no more than one person should be responsible or accountable for any given process. The same person can be both responsible and accountable for a given process, or it could be two different people.

    Avoid making someone accountable for a process if they do not have full visibility into the process for appropriate oversight, or do not have time to give the process sufficient attention.

    The Enterprise Printing Roles and Responsibilities RACI Guide can be used to organize and manage these tasks.

    This is a screenshot from the Enterprise Printing Roles and Responsibilities RACI Guide

    Define metrics to measure success

    Track your project success by developing and tracking success metrics

    Ensure your metrics relate both to business value and customer satisfaction. "Reduction of print" is a business metric, not an experience metric.

    Frame metrics around experience level agreements (XLAs) and experience level objectives (XLOs): What are the outcomes the customer wants to achieve and the benefits they want to achieve? Tie the net promoter score into the reporting from the IT service management system, since SLAs are still needed to tactically manage the achievement of the XLOs.

    Use the Metrics Development Workbook from Info-Tech's Develop Meaningful Service Metrics to define:

    • Relevant stakeholders
    • Their goals and pain points
    • The success criteria that must be met to achieve these goals
    • The key indicators that must be measured to achieve these goals from an IT perspective
    • What the appropriate IT metrics are, based on all of the above

    Metrics could include

    • User satisfaction
    • Print services net promoter model
    • Total printing costs
    • Printer availability (uptime)
    • Printer reliability (mean time between failures)
    • Total number of reported incidents
    • Mean time for vendor to respond and repair

    Info-Tech Insight:

    Good metrics and visible improvement are important to strengthen executive support for a long-term printer reduction strategy.

    Step 1.2

    Assess current state

    Outcomes of this step

    • Aggregate view of your printer usage and costs

    Strategy and Planning

    This step involves the following participants:

    • IT director/CIO
    • Business operations manager
    • Project manager

    Activities in this step

    • 1.2. Inventory your printer fleet: Office walk-around
    • 1.2 Inventory your printer fleet: Collect purchase receipts/statements/service records
    • 1.3 Calculate printing costs

    Create an aggregate view of your printer usage and costs

    Problem: Lack of visibility

    • Most organizations are unaware of the savings potential in reducing print due to a lack of data.
    • Additionally, organizations may have inappropriately sized devices for their workloads.
    • Often, nobody is responsible for managing the printers collectively, resulting in a lack of visibility into printing activity. Without this visibility, it is difficult to muster executive commitment and support for printer reduction efforts.
    • The first step to eliminating your printers is to inventory all the printers in the organization and look at an aggregate view of the costs. Without understanding the cost saving potential, management will likely continue to avoid printer changes due to the idea's unpopularity with end users.
    • Valid use cases for printers will likely still remain, but these use cases should be based on a requirements analysis.
    This is a screenshot from the Printer Reduction Tool. It includes the Printer Inventory, and a table with the following column headings: Device Type; Specific Device; Networked; Manufacturer; Model; Serial #; Office Location; Device Owner; # users Supported; Monthly Duty; Page Count to; Device Age; Remaining Useful; # Pages printer/month; % Utilization

    Create visibility through by following these steps:

    1. Office walk-around: Most organizations have no idea how many printers they have until they walk around the office and physically count them. This is especially true in cases where management is allowed to purchase personal printers and keep them at their desks. An office walk-around is often necessary to accurately capture all the printers in your inventory.
    2. Collect purchase receipts/statements/service records: Double-check your printer inventory by referring to purchase receipts, statements, and service records.
    3. Identify other sources of costs: Printer purchases only make up a small fraction of total printing costs. Operating costs typically account for 95% of total printer costs. Make sure to factor in paper, ink/toner, electricity, and maintenance costs.

    1.2.1 Inventory your printer fleet: part 1

    Office walk-around

    1. Methodically walk around the office and determine the following for each printer:
      • Device type
      • Make, model, serial number
      • Location
      • Number of users supported
      • Device owner
      • Type of users supported (department, employee position)
    2. Record printer details in Tab 1 of Info-Tech's Printer Reduction Tool. Collaborate with the accounting or purchasing department to determine the following for each printer recorded:
      • Purchase price/date
      • Monthly duty cycle
      • Estimated remaining useful life
      • Page count to date

    Input

    Output
    • Existing inventory lists
    • Visual observation
    • Inventory of office printers, including their printer details

    Materials

    Participants

    • Notepad
    • Pen
    • Printer Reduction Tool
    • IT director
    • IT staff

    Download the Printer Reduction Tool

    1.2.2 Inventory your printer fleet:
    part 2

    Collect purchase receipts/statements/service records

    1. Ask your purchasing manager for purchase receipts, statements, and service records relating to printing.
    2. For documents found, match the printer with your physical inventory. Add any printers found that were not captured in the physical inventory count. Record the following:
      1. Device type
      2. Make, model, serial number
      3. Location
      4. Number of users supported
      5. Device owner
      6. Type of users supported (department, employee position)
    3. 3. Collaborate with the accounting or purchasing department to determine the following for each printer recorded:
      1. Purchase price/date
      2. Monthly duty cycle
      3. Estimated remaining useful life
      4. Page count to date
    4. Enter the data in Tab 1 of the Printer Reduction Tool

    Input

    Output
    • Purchase receipts
    • Statements
    • Service records
    • Printer inventory cross-checked with paperwork

    Materials

    Participants

    • Printer inventory from previous activity
    • IT director
    • IT staff
    • Purchasing manager

    Download the Printer Reduction Tool

    1.2.3 Calculate your printing costs

    Collect purchase receipts/statements/service records

    • Collect invoices, receipts, and service records to sum up the costs of paper, ink or toner, and maintenance for each machine. Estimate electricity costs.
    • Record your costs in Tab 2 of the Printer Reduction Tool.
    • Review the costs per page and per user to look for particularly expensive printers and understand the main drivers of the cost.
    • Review your average monthly cost and annual cost per user. Do these costs surprise you?

    Input

    Output
    • Invoices, receipts, service records for
    • Cost per page and user
    • Average monthly and annual cost

    Materials

    Participants

    • Printer Reduction Tool
    • IT director
    • IT staff

    Step 1.3

    Gather printing requirements

    Outcomes of this step

    • Understanding of the organization's current printing behavior and habits
    • Identification of how industry context and digitization of business processes have impacted current and future requirements

    This step involves the following participants:

    • IT director
    • IT staff
    • Rest of organization

    Activities in this step

    • Examine current printing behavior and habits
    • Administer end-user survey
    • Identify current requirements
    • Identify future requirements

    Requirements Gathering Overview

    1. Identify opportunities to go paperless
      • Determine where business process automation is occurring
      • Align with environmental and sustainability campaigns
    2. Identify current requirements
      • Review the types of document being printed and the corresponding features needed
      • Administer end-user survey to understand user needs and current printer performance
    3. Identify future requirements
    • Identify future requirements to avoid prematurely refreshing your printer fleet
  • Examine industry-specific/ workflow printing
    • Some industries have specific printing requirements such as barcode printing accuracy. Examine your industry-specific printing requirements
  • Stop: Do not click "Print"

    The most effective way to achieve durable printing cost reduction is simply to print less.

    • Consolidating devices and removing cost-inefficient individual printers is a good first step to yielding savings.
    • However, more sustainable success is achieved by working with the printer vendor(s) and the business on continuous innovation via proposals and initiatives that combine hardware, software, and services.
    • Sustained print reduction depends on separate but related business process automation and digital innovation initiatives.

    Info-Tech Insight:

    Achieve long-lasting reductions in print through document management and improved workflow processes.

    Leverage Info-Tech research to support your business' digital transformation

    This is an image of the title page from Info-Tech's Define your Digital Business Strategy blueprint.

    Define how changes to enterprise printing fit into digital transformation plans

    Identify opportunities to go paperless

    The "paperless office" has been discussed since the 1970s. The IT director alone does not have authority to change business processes. Ensure the print reduction effort is tied to other strategies and initiatives around digital transformation. Working on analog pieces of paper is not digital and may be eroding digital transformation process.

    Leverage Info-Tech's Assert IT's Relevance During Digital Transformations to remind others that modernization of the enterprise print environment belongs to the discussion around increasing digitized support capabilities.

    1. Digital Marketing

    2. Digital Channels

    3. Digitized Support Capabilities

    4. Digitally Enabled Products

    5. Business Model Innovation

    Manage Websites

    E-Channel Operations

    Workforce Management

    Product Design

    Innovation Lab Management

    Brand Management

    Product Inventory Management

    Digital Workplace Management

    Portfolio Product Administration

    Data Sandbox Management

    SEO

    Interactive Help

    Document Management

    Product Performance Measurement

    Innovation Compensation Management

    Campaign Execution

    Party Authentication

    Eliminate business process friction caused by print

    Analyze workflows for where they are still using paper. Ask probing questions about where paper still adds value and where the business process is a candidate for paperless digital transformation

    • Is this piece of paper only being used to transfer information from one application to another?
    • What kind of digitalization efforts have happened in the business as a result of the COVID-19 pandemic? Which workflows have digitized on their own?
    • Where has e-signature been adopted?
    • Is this use of paper non-negotiable (e.g. an ER triage that requires a small printer for forms; the need for bank tellers to provide receipts to customers)?
    • Do we have compliance obligations that require us to retain a paper process?
    • What is getting printed? Who is printing the most? Identify if there are recurring system-generated reports being printed daily/weekly/quarterly that are adding to the volume. Are reports going directly from staff mailboxes to a recycling bin?
    • Does our print financial model incentivize the transformation of business processes, or does it reinforce old habits?
    • What services, software, and solutions for document management and business process analysis does our managed print services vendor offer? Can we involve the vendor in the business transformation conversation by including an innovation clause in the next contract (re)negotiation to push the vendor to offer proposals for projects that reduce print?

    Develop short-term and long-term print reduction strategies

    Short-term strategies

    • Consolidate the number of printers you have.
    • Determine whether to outsource printing to a managed services provider and make the move.
    • Enable print roaming and IT verification.
    • Require user-queued print jobs to be authenticated at a printer to prevent print jobs that are lost or not picked up.
    • Set up user quotas.
    • Provide usage records to business managers so they can understand the true cost of printing.
    • User quotas may create initial pushback, but they lead users to ask themselves whether a particular print job is necessary.
    • Renegotiate print service contracts.
    • Revisit contracts and shop around to ensure pricing is competitive.
    • Leverage size and centralization by consolidating to a single vendor, and use the printing needs of the entire enterprise to decrease pricing and limit future contractual obligations.
    • Train users on self-support.
    • Train users to remedy paper jams and move paper in and out of paper trays.

    Long-term strategies

    • Promote a paperless culture by convincing employees of its benefits (greater cost savings, better security, easier access, centralized repository, greener).
    • Educate users to use print area wisely.
    • Develop campaigns to promote black and white printing or a paperless culture.

    Info-Tech Insight:

    One-time consolidation initiatives leave money on the table. The extra savings results from changes in printing culture and end-user behavior.

    Examine current printing behavior and habits

    It's natural for printer usage and printing costs to vary based on office, department, and type of employee. Certain jobs simply require more printing than others.

    However, the printing culture within your organization likely also varies based on

    • office
    • department
    • type of employee

    Examine the printing behaviors of your employees based on these factors and determine whether their printing behavior aligns with the nature of their job.

    Excessive printing costs attributed to departments or groups of employees that don't require much printing for their jobs could indicate poor printing culture and potentially more employee pushback.

    Examine current printing behavior and habits, and identify candidates for elimination

    1. Go to Tab 3 of your Printer Reduction Tool ("Usage Dashboard Refresh"). Right-click each table and press "Refresh."
    2. Go to Tab 4 of your Printer Reduction Tool ("Usage Dashboard") to understand the following:
      1. Average printer utilization by department
      2. Pages printed per month by department
      3. Cost per user by department
    3. Take note of the outliers and expensive departments.
    4. Review printer inventory and printer use rates on Tab 5.
    5. Decide which printers are candidates for elimination and which require more research.
    6. If already working in a managed print services model, review the vendor's recommendations for printer elimination and consolidation.
    7. Mark printers that could be eliminated or consolidated.

    Input

    Output
    • Discussion
    • Understanding of expensive departments and other outliers

    Materials

    Participants

    • Printer Reduction Tool
    • IT director/ business operations
    • Business managers

    Administer end-user survey

    Understand end-user printing requirements and current printer performance through an end-user survey

    1. Customize Info-Tech's End-User Print Requirements Survey to help you understand your users' needs and the current performance of your printer fleet.
    2. Send the survey to all printer users in the organization.
    3. Collect the surveys and aggregate the requirements of users in each department.
    4. Record the survey results in the "Survey Results" tab.

    Input

    Output
    • End-user feedback
    • Identification of outliers and expensive departments

    Materials

    Participants

    • End-User Print Requirements Survey template
    • IT director
    • IT staff
    • Rest of organization

    Download the End-User Print Requirements Survey

    Info-Tech Insight:

    Use an end-user printer satisfaction survey before and after any reduction efforts or vendor implementation, both as a requirement-gathering user input and to measure/manage the vendor.

    Identify your current requirements

    Collect all the surveys and aggregate user requirements. Input the requirements into your Printer Reduction Tool.

    Discussion activity:

    • Review the requirements for each department and discuss:
    • What is this device being used for (e.g. internal documents, external documents, high-quality graphics/color)?
    • Based on its use case, what kinds of features are needed (e.g. color printing, scanning to email, stapling)?
    • Is this the right type of device for its purpose? Do we need this device, or can it be eliminated?
    • Based on its use case, what kinds of security features are needed (e.g. secure print release)?
    • Are there any compliance requirements that need to be satisfied (e.g. PCI, ITAR, HIPAA)?
    • Based on its use case, what's the criticality of uptime?
    • What is this device's place in the organization's workflow? What are its dependencies?
    • With which systems is the device compatible? Is it compatible with the newer operating system versions? If not, determine whether the device is a refresh candidate.

    Input

    Output
    • Survey results and department requirements
    • List of current requirements

    Materials

    Participants

    • N/A
    • IT director
    • IT staff

    Identify your future requirements

    Prepare your printer fleet for future needs to avoid premature printer refreshes.

    Discussion activity:

    • Review the current requirements for each department's printers and discuss whether the requirements will meet the department's printing needs over the next 10 years.
    • What is this device going to be used for in the next 10 years?
    • Will use of this device be reduced by plans to increase workflow digitization?
    • Based on its use case, what kinds of features are needed?
    • Is this the right type of device for its purpose?
    • Based on its use case, what kinds of security features are needed?
    • Based on its use case, what is the criticality of uptime?
    • Is this device's place in the organization's workflow going to change? What are its dependencies?
    • Reassess your current requirements and make any changes necessary to accommodate for future requirements.

    Input

    Output
    • Discussion
    • List of future requirements

    Materials

    Participants

    • N/A
    • IT director
    • IT staff

    Examine requirements specific to your industry and workflow

    Some common examples of industries with specific printing requirements:

    • Healthcare
      • Ability to comply with HIPAA requirements
      • High availability and reliability with on-demand support and quick response times
      • Built-in accounting software for billing purposes
      • Barcode printing for hospital wristbands
      • Fax requirements
    • Manufacturing
      • Barcoding technology
      • Ability to meet regulations such as FDA requirements for the pharmaceutical industry
      • Ability to integrate with ERP systems
    • Education
      • Password protection for sensitive student information
      • Test grading solutions
      • Paper tests for accessibility needs

    Phase 2

    Vendor Selection, Evaluation, Acquisition

    Strategy & planning

    Vendor selection, evaluation, acquisition

    Implementation & Operation

    1.1 Create project charter and assign roles

    1.2 Assess current state

    1.3 Gather requirements

    2.1 Understand managed print services model

    2.2 Create RFP materials

    2.3 Leverage print management software

    3.1 Modify printer policies

    3.2 Measure project success

    3.3 Training & adoption

    3.4 Plan communication

    3.5 Prepare for continuous improvement

    Re-Envision Enterprise Printing

    • This phase will walk you through the following activities:
    • Define managed print services RFP requirement questions
    • Create managed print services RFP and scoring tool
    • Score the RFP responses

    This phase involves the following participants:

    • IT director/CIO
    • Business operations manager
    • Project manager

    Change your financial model

    The managed print services industry allows you to use a pay-as-you-go approach and right-size your print spend to the organization's needs.

    Avoid being locked into a long lease where the organization pays a fixed monthly fee whether the printer runs or not.

    Instead, treat enterprise printing as a service, like the soda pop machine in the break room, where the vendor is paid when the device is used. If the vending machine is broken, the vendor is not paid until the technician restores it to operability. Printers can work the same way.

    By moving to a per click/page financial model, the vendor installs and supports the devices and is paid whenever a user prints. Though the organization pays more on a per-click/page basis compared to a lease, the vendor is incentivized to right-size the printer footprint to the organization, and the organization saves on monthly recurring lease costs and maintenance costs.

    Right-size commitments: If the organization remains on a lease instead of pay-per-click model, it should right-size the commitment if printing drops below a certain volume. In the agreement, include a business downturn clause that allows the organization to right-size and protect itself in the event of negative growth.

    Understand the managed print services model and its cost savings

    Outsourcing print services can monitor and balance your printers and optimize your fleet for efficiency. Managed print services are most appropriate for:

    • Organizations engaging in high-volume, high-quality print jobs with growing levels of output.
    • Organizations with many customer-facing print jobs.

    There are three main managed printing service models. Sometimes, an easy switch from a level pay model to a pay-per-click model can result in substantial savings:

    Level Pay

    • Flat rate per month based on estimates.
    • Attempts to flatten IT's budgeting so printing costs are consistent every month or every year (for budgeting purposes). At the end of the year, the amount of supplies used is added up and compared with the initial estimates and adjusted accordingly.
    • The customer pays the same predictable fee each month every year, even if you don't meet the maximum print quantity for the pay. Increased upcharge for quantities exceeding maximum print quantity.

    Base Plus Click

    • Fixed base payment (lease or rental) + pay-per-sheet for services.
    • In addition to the monthly recurring base cost, you pay for what you use. This contract may be executed with or without a minimum monthly page commitment. Page count through remote monitoring technologies is typically required.

    Pay Per Click

    • Payment is solely based on printing usage.
    • Printing costs will likely be the lowest with this option, but also the most variable.
    • This option requires a minimum monthly page commitment and/or minimum term.

    Info-Tech Insight:

    Vendors typically do not like the pay-per-click option and will steer businesses away from it. However, this option holds the vendor accountable for the availability and reliability of your printers, and Info-Tech generally recommends this option.

    Compare financials of each managed print services option

    Your printing costs with a pay-per-click model are most reflective of your actual printer usage. Level pay tends to be more expensive, where you need to pay for overages but don't benefit from printing less than the maximum allocated.

    See the below cost comparison example with level pay set at a maximum of 120,000 impressions per month. In the level pay model, the organization was paying for 120,000 sheets in the month it only used 60,000 impressions, whereas it would have been able to pay just for the 60,000 sheets in the pay-per-click model.

    This image contains tables with the column headings: Impressions per month; Total Cost; Average Cost per Impression; for each of the following categories: Level Pay; Base Plus Click; Pay Per Click

    Financial comparison case study

    This organization compared estimated costs over a 36-month period for the base-plus-click and pay-per-page models for Toshiba E Studio 3515 AC Digital Color Systems.

    Base-plus-click model

    Monthly recurring cost

    Avg. impressions per month

    Monthly cost

    Monthly cost

    "Net pay per click"

    Cost over 36-month period

    A fixed lease cost each month, with an additional per click/page charge

    $924.00

    12,000 (B&W)

    $0.02 (B&W)

    $1,164.00 (B&W)

    $0.097 (B&W)

    $41,904 (B&W)

    5,500 (Color)

    $0.09 (Color)

    $495.00 (Color)

    $0.090 (Color)

    $17,820 (Color)

    Base-plus-click model

    Monthly recurring cost

    Avg. impressions per month

    Monthly cost

    Monthly cost

    "Net pay per click"

    Cost over 36-month period

    No monthly lease cost, only per-image charges

    0.00

    12,000 (B&W)

    $0.06 (B&W)

    $720.00 (B&W)

    $0.060 (B&W)

    $25,920 (B&W)

    5,500 (Color)

    $0.12 (Color)

    $660.00 (Color)

    $0.120 (Color)

    $23,760 (Color)

    Results

    Though the per-image cost for each image is lower in the base-plus-click model, the added monthly recurring costs for the lease means the "net pay per click" is higher.

    Overall, the pay-per-page estimate saved $10,044 over a 36-month period for this device.

    Bake continuing innovation into your requirements

    Once you are in the operation phase, you will need to monitor and analyze trends in company printing in order to make recommendations for the future and to identify areas for possible savings and/or asset optimization.

    Avoid a scenario where the vendor drops the printer in your environment and returns only for repairs. Engage the vendor in this continuous innovation work:

    In the managed services agreement, include a proviso for continuous innovation where the vendor has a contractual obligation to continually look at the business process flow and bring yearly proposals to show innovation (e.g. cost reductions; opportunities to reduce print, which allows the vendor to propose document management services and record keeping services). Leverage vendors who are building up capabilities to transform business processes to help with the heavy lifting.

    Establish a vision for the relationship that goes beyond devices and toner. The vendor can make a commitment to continuous management and constant improvement, instead of installing the devices and leaving. Ideally, this produces a mutually beneficial situation: The client asks the vendor to sell them ways to mature and innovate the business processes, while the vendor retains the business and potentially sells new services. In order to retain your business, the vendor must continue to learn and know about your business.

    The metric of success for your organization is the simple reduction in printed copies overall. The vendor success metric would be proposals that may combine hardware, software, and services that provide cost-effective reductions in print through document management and workflow processes. The vendors should be keen to build this into the relationship since the services delivery has a higher margin for them.

    Sample requirement wording:

    "Continuing innovation: The contractor initiates at least one (1) project each year of the contract that shows leadership and innovation in solutions and services for print, document management, and electronic recordkeeping. Bidders must describe a sample project in their response, planning for an annual investment of approximately 50 consulting hours and $10,000 in hardware and/or software."

    Reward the vendor for performance instead of "punishing" them for service failures

    Problem: Printer downtime and poor service is causing friction with your managed service provider (MSP).

    MSPs often offer clients credit requests (service credits) for their service failures, which are applied to the previous month's monthly recurring charge. They are applied to the last month's MRC (monthly reoccurring charges) at the end of term and then the vendor pays out the residual.

    However, while common, service credits are not always perceived to be a strong incentive for the provider to continually focus on improvement of mean time to respond or mean time to repair.

    Solution: Turn your vendor into a true partner by including an "earn back" condition in the contract.

    • Engage the vendor as a true partner within a relationship based upon service credits.
    • Suggest that the vendor include a minor change to the non-performance processes within the final agreement: the vendor implements an "earn back" condition in the agreement.
    • Where a bank of service credits exists because of non-performance, if the provider exceeds the SLA performance metrics for a number of consecutive months (two is common), then a given number of prior credits received by the client are returned to the provider as a reward for improved performance.
    • This can be a useful mechanism to drive improved performance.

    Leverage enterprise print management software

    Printers are commoditized and can come and go, but print management software enables the governance, compliance, savings and visibility necessary for the transformation

    • Printer management solutions range from tools bundled with ink-jet printers that track consumables' status, to software suites that track data for thousands of print devices.
    • Typically, these solutions arrive in enterprises as part of larger managed services printing engagements, bundled with hardware, financing, maintenance, and "services."
    • Bundling print management software means that customers very rarely seek to acquire printing management software alone.
    • Owing to the level of customization (billing, reporting, quotas, accounts, etc.) switching print management software solutions is also rare. The work you put into this software will remain with IT regardless of your hardware.
    • Durability of print management software is also influenced by the hardware- and technology-agnostic nature of the solutions (e.g. swapping one vendor's devices for another does not trigger anything more than a configuration change in print management software.)

    Include enterprise print management requirements in the RFP

    Ask respondents to describe their managed services capabilities and an optional on-premises, financed solution with these high-level capabilities.

    Select the appropriate type of print management software

    Vendor-provided solutions are adequate control for small organizations with simple print environments

    • Suitable for small organizations (<100 users).
    • Software included with print devices can pool print jobs, secure access, and centralize job administration.
    • Dealing with complex sales channels for third-party vendors is likely a waste of resources.

    SMBs with greater print control needs can leverage mid-level solutions to manage behavior

    • Suitable for mid-size organizations (<500 users).
    • Mid-level software can track costs, generate reports, and centralize management.
    • Solutions start at $500 but require additional per-device costs.

    Full control solutions will only attract large organizations with a mature print strategy

    • Full control solutions tend to be suitable for large organizations (>500 users) with complex print environments and advanced needs.
    • Full control software allows for absolute enforcement of printing policies and full control of printing.
    • Expect to spend thousands for a tailored solution that will save time and guide cost savings.

    Enterprise print management software features

    The feature set for these tools is long and comprehensive. The feature list below is not exhaustive, as specific tools may have additional product capabilities.

    Print Management Software Features

    Hardware-neutral support of all major printer types and operating systems (e.g. direct IP to any IPP-enabled printer along with typical endpoint devices) Tracking of all printing activity by user, client account, printer, and document metadata
    Secure print on demand (Secure print controls: User Authenticated Print Release, Pull Printing) Granular print cost/charging, allowing costs to be assigned on a per-printer basis with advanced options to charge different amounts based on document type (e.g. color, grayscale or duplex), page size, user or group
    Managed and secured mobile printing (iOS/Android), BYOD, and guest printing DaaS/VDI print support
    Printer installation discovery/enablement, device inventory/management Auditing/reporting, print audit trail using document attributes to manage costs/savings, enforce security and compliance with regulations and policies
    Monitoring print devices, print queues, provide notification of conditions Watermarking and/or timestamping to ensure integrity and confidentially/classification of printed documents some solutions support micro font adding print date, time, user id and other metadata values discreetly to a page preventing data leakage
    Active Directory integration or synchronization with LDAP user accounts Per-user quotas or group account budgets
    Ability to govern default print settings policies (B&W, double-sided, no color, etc.)

    Get to the managed print services RFP quicker

    Jumpstart your requirements process using these tools and exercises

    Vendor Assessment Questions

    Use Info-Tech's catalog of commonly used questions and requirements in successful acquisition processes for managed print services. Ask the right questions to secure an agreement that meets your needs. If you are already in a contract with managed print services, take the opportunity of contract renewal to improve the contract and service.

    RFP Template and "Schedule 1" Attachment

    Add your finalized assessment questions into this table, which you will attach to your RFP. The vendor answers questions in this "Schedule 1" attachment and returns it to you.

    RFP Scoring Tool

    Aggregate the RFP responses into this scoring tool to identify the frontrunners and candidates for elimination. Since the vendors are asked to respond in a standard format, it is easier to bring together all the responses to create a complete view of your options.

    Define RFP requirement questions

    Include the right requirements for your organization, and avoid leaving out important requirements that might have been overlooked.

    1. Download the Managed Print Services Vendor Assessment Questions tool. Use this document as a "shopping list" to jumpstart an initial draft of the RFP and, more importantly, scoring requirements.
    2. Review the questions in the context of your near- and long-term printer outsourcing needs. Consider your environment, your requirements, and goals. Include other viewpoints from the RACI chart from Phase 1.
    3. Place an 'X' in the first column to retain the question. Edit the wording of the question if required, based on your organizational needs.
    4. Use the second column to indicate which section of the RFP to include the question in.

    Input

    Output
    • Requirements from Phase 1.3
    • Completed list of requirement questions

    Materials

    Participants

    • Managed Print Services Vendor Assessment Questions tool
    • IT director/business operations
    • Other roles from the RACI chart completed in Phase 1

    Download the Managed Print Services Vendor Assessment Questions tool

    Create RFP scoring tool and RFP

    1. Enter the requirements questions into the scoring tool on Tabs 2 and 4.
    2. Tab 2: Create scoring column for each vendor. You will paste in their responses here.
    3. Edit Tabs 3 and 4 so they align with what you want the vendor to see. Copy and paste Tab 3 and Tab 4 into a new document, which will serve as a "Schedule 1" attachment to the RFP package the vendor receives.
    4. Complete the RFP template. Describe your current state and current printer hardware (documented in the earlier current-state assessment). Explain the rules of how to respond and how to fill out the Schedule 1 document. Instruct each vendor to fill in their responses to each question along with any notes, and to reply with a zip file that includes the completed RFP package along with any marketing material needed to support their response.
    5. Send a copy of the RFP and Schedule 1 to each vendor under consideration.

    Input

    Output
    • Completed list of requirement questions from previous activity
    • RFP Scoring tool
    • Completed RFP and schedule 1 attachment

    Materials

    Participants

    • Managed Print Services RFP Vendor Proposal Scoring Tool
    • Managed Print Services RFP
    • IT director/business operations

    Download the Managed Print Services RFP Vendor Proposal Scoring Tool

    Download the Managed Print Services RFP template

    Score RFP responses

    1. When the responses are returned, copy and paste each vendor's results from Schedule 1 into Tab 2 of the main scoring tool.
    2. Evaluate each RFP response against the RFP criteria based on the scoring scale.
    3. Send the completed scoring tool to the CIO.
    4. Set up a meeting to discuss the scores and generate shortlist of vendors.
    5. Conduct further interviews with shortlisted vendors for due diligence, pricing, and negotiation discussions.
    6. Once a vendor is selected, review the SLAs and contract and develop a transition plan.

    Input

    Output
    • Completed Managed Print Services RFP Vendor Proposal Scoring Tool
    • Shortlist or final decision on vendor

    Materials

    Participants

    • N/A
    • IT director/business operations

    Info-Tech Insight:

    The responses from the low-scoring vendors still have value: these providers will likely provide ideas that you can then leverage with your frontrunner, even if their overall proposal did not score highly.

    Phase 3

    Implementation & Operation

    Strategy & planning

    Vendor selection, evaluation, acquisition

    Implementation & Operation

    1.1 Create project charter and assign roles

    1.2 Assess current state

    1.3 Gather requirements

    2.1 Understand managed print services model

    2.2 Create RFP materials

    2.3 Leverage print management software

    3.1 Modify printer policies

    3.2 Measure project success

    3.3 Training & adoption

    3.4 Plan communication

    3.5 Prepare for continuous improvement

    Re-Envision Enterprise Printing

    This phase will walk you through the following activities:

    • Update your enterprise printer policies
    • Readminister end-user survey to measure project success

    This phase involves the following participants:

    • IT director/CIO
    • Business operations manager
    • Project manager

    Modify your printer policies

    Review and modify Info-Tech's Printer Policy Template to support your print reduction goals

    Consider that your goal is to achieve printer reduction. Discuss with your team how strict it needs to be to truly reset behavior with printers. Many organizations struggle with policy enforcement. Firm language in the policy may be required to achieve this goal. For example,

    • IT only supports the printers acquired through the managed print service. Personal desktop printers are not supported by IT. Expense statements will not be accepted for non-supported printers.
    • Create a procurement policy where all device requests need justification and approval by department managers and IT. Have a debate over what the extreme exceptions would be. Legitimate exceptions must go through a review and approval process.
    • Restrict color printing to external or customer-facing use cases.
    • Encourage digital or electronic solutions in lieu of hard copies (e.g. e-signatures and approval workflows; scanning; use of integrated enterprise applications like SharePoint).
    This is a screenshot of the Printer Policy Page Template

    Download the Printer Policy template

    Readminister the end-user survey

    You have already run this survey during the requirements-gathering phase. Run it again to measure success.

    The survey was run once prior to the changes being implemented to establish a baseline of user satisfaction and to gain insights into additional requirements.

    Several months after the initial rollout (90 days is typical to let the dust settle), resurvey the end users and publish or report to the administration success metrics (the current costs vs. the actual costs prior to the change).

    User satisfaction survey can be used to manage the vendor, especially if the users are less happy after the vendor touched their environment. Use this feedback to hold the provider to account for improvement.

    Input

    Output
    • Previous survey results
    • Changes to baseline satisfaction metrics

    Materials

    Participants

    • End-user survey from Phase 1
    • IT director
    • IT staff
    • Rest of organization

    Measure project success

    Revisit the pre-project metrics and goals and compare with your current metrics

    • Identify printers to consolidate or eliminate.
    • Update asset management system (enter software and hardware serial numbers or identification tags into configuration management system).
    • Reallocate/install printers across the organization.
    • Develop ongoing printer usage and cost reports for each department.
    • Review the end-user survey and compare against baseline.
    • Operate, validate, and distribute usage metrics/chargeback to stakeholders.
    • Audit and report on environmental performance and sustainability performance to internal and external bodies, as required.
    • Write and manage knowledgebase articles.
    • Monitor and analyze trends in company printing in order to make recommendations for the future and to identify areas for possible savings and/or asset optimization.

    Metrics could include

    • User satisfaction
    • Print services net promoter model
    • Total printing costs
    • Printer availability (uptime)
    • Printer reliability (mean time between failures)
    • Total number of reported incidents
    • Mean time for vendor to respond and repair

    Support training and adoption

    Train users on self-support

    Prepare troubleshooting guides and step-by-step visual aid posters for the print areas that guide users to print, release, and find their print jobs and fix common incidents on their own. These may include:

    • The name of this printer location and the names of the others on that floor.
    • How to enter a PIN to release a print job.
    • How to fix a paper jam.
    • How to empty the paper tray.
    • How to log a service ticket if all other steps are exhausted.

    Educate users to use print area wisely

    • Inform users what to do if other print jobs appear to be left behind in the printer area.
    • Display guidelines on printer location alternatives in case of a long line.
    • Display suggestions on maximum recommended time to spend on a job in the event other users are waiting.

    Develop campaign to promote paperless culture

    Ensure business leadership and end users remain committed to thinking before they print.

    • Help your users avoid backsliding by soliciting feedback on the new printer areas.
    • Ensure timely escalation of service tickets to the vendor.
    • Support efforts by the business to seek out business process modernization opportunities whenever possible.

    Plan persuasive communication strategies

    Identify cost-saving opportunities and minimize complaints through persuasive communication

    Solicit the input of end users through surveys and review comments.

    Common complaints Response

    Consider the input of end users when making elimination and consolidation decisions and communicate IT's justification for each end user's argument to keep their desktop printers.

    "I don't trust network storage. I want physical copies." Explain the security and benefits of content management systems.
    "I use my desktop a lot. I need it." Explain the cost benefits of printing on cheaper network MFPs, especially if they print in large quantities.
    "I don't use it a lot, so it's not costly." It's a waste of money to maintain and power underused devices.
    "I need security and confidentiality." MFPs have biometric and password-release functions, which add an increased layer of security.
    "I need to be able to print from home." Print drivers and networked home printers can be insecure devices and attack vectors.
    "I don't have time to wait." Print jobs in queue can be released when users are at the device.
    "I don't want to walk that far." Tell the end user how many feet the device will be within (e.g. 50 feet). It is not usually very far.

    Implement a continual improvement plan to achieve long-term enterprise print goals

    Implement a continual improvement plan for enterprise printing:

    • Develop a vendor management plan:
      • In order to govern SLAs and manage the vendor, ensure that you can track printer-related tickets even if the device is now supported by managed print services.
      • Ensure that printer service tickets sent from the device to the vendor are also reconciled in your ITSM tool. Require the MSP to e-bond the ticket created within their own device and ticketing system back to you so you can track it in your own ITSM tool.
      • Every two months, validate service credits that can be returned to the vendor for exceeding SLA performance metrics.
      • Monitor the impact of their digital transformation strategies. Develop a cadence to review the vendor's suggestions for innovation opportunities.
    • Operate, validate, and distribute usage and experience metrics/chargeback to stakeholders.
    • Monitor and analyze trends in company printing.
    This is a graph which demonstrates the process of continual improvement through Standardization. It depicts a graph with Time as the X axis, and Quality Management as the Y axis. A grey circle with the words: ACT; PLAN; CHECK; DO, moving from the lower left part of the graph to the upper right, showing that standardization improves Quality Management.

    Summary of Accomplishment

    Problem Solved

    You have now re-envisioned your enterprise print environment by documenting your current printer inventory and current cost and usage. You also have hard inventory and usage data benchmarks that you can use to measure the success of future initiatives around digitalization, going paperless, and reducing print cost.

    You have also developed a plan to go to market and become a consumer of managed print services, rather than a provider yourself. You have established a reusable RFP and requirements framework to engage a managed print services vendor who will work with you to support your continuous improvement plans.

    Return to the deliverables and advice in this blueprint to reinforce the organization's message to end users on when, where, and how to print. Ideally, this project has helped you go beyond a printer refresh – but rather served as a means to change the printing culture at your organization.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information

    workshops@infotech.com
    1-888-670-8889

    Bibliography

    Fernandes, Louella. "Quocirca Managed Services Print Market, 2021." Quocirca, 25 Mar. 2021. Accessed 12 Oct. 2021.

    McInnes, Angela. "No More Photocopies, No More Ink: Thames Valley Schools Run Out of Toner." CBC, 21 Oct. 2021. Web.

    "Paper and Paperboard: Material-Specific Data." EPA, 15 Dec. 2020. Accessed 15 Oct. 2021.

    State of Washington, House of Representatives. "State Agencies – Paper Conservation and Recycling." 61st Legislature, Substitute House Bill 2287, Passed 20 April 2009.

    Sugihara, Azusa. "Pandemic Shreds Office Paper Demand as Global Telework Unfolds." Nikkei Asia, 18 July 2020. Accessed 29 Sept. 2021.

    "Paper Reduction." University of Washington, n.d. Accessed 28 Oct. 2021.

    "What is MPS?" University of Washington, n.d. Accessed 16 Mar. 2022.

    Research contributors

    Jarrod Brumm
    Senior Digital Transformation Consultant

    Jacques Lirette
    President, Ditech Testing

    3 anonymous contributors

    Info-Tech Research Group Experts

    Allison Kinnaird, Research Director & Research Lead
    Frank Trovato, Research Director

    Cost Optimization

    • Buy Link or Shortcode: {j2store}14|cart{/j2store}
    • Related Products: {j2store}14|crosssells{/j2store}
    • Up-Sell: {j2store}14|upsells{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Financial Management
    • Parent Category Link: /financial-management
    Minimize the damage of IT cost cuts

    Considerations to Optimize Container Management

    • Buy Link or Shortcode: {j2store}499|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Data Center & Facilities Strategy
    • Parent Category Link: /data-center-and-facilities-strategy

    Do you experience challenges with the following:

    • Equipping IT operations processes to manage containers.
    • Choosing the right container technology.
    • Optimizing your infrastructure strategy for containers.

    Our Advice

    Critical Insight

    • Plan ahead to ensure your container strategy aligns with your infrastructure roadmap. Before deciding between bare metal and cloud, understand the different components of a container management solution and plan for current and future infrastructure services.
    • When selecting tools from multiple sources, it is important to understand what each tool should and should not meet. This holistic approach is necessary to avoid gaps and duplication of effort.

    Impact and Result

    Use the reference architecture to plan for the solution you need and want to deploy. Infrastructure planning and strategy optimizes the container image supply chain, uses your current infrastructure, and reduces costs for compute and image scan time.

    Considerations to Optimize Container Management Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Considerations to Optimize Container Management Deck – A document to guide you design your container strategy.

    A document that walks you through the components of a container management solution and helps align your business objectives with your current infrastructure services and plan for your future assets.

    • Considerations to Optimize Container Management Storyboard

    2. Container Reference Architecture – A best-of-breed template to help you build a clear, concise, and compelling strategy document for container management.

    Complete the reference architecture tool to strategize your container management.

    • Container Reference Architecture
    [infographic]

    Further reading

    Considerations to Optimize Container Management

    Design a custom reference architecture that meets your requirements.

    Analyst Perspective

    Containers have become popular as enterprises use DevOps to develop and deploy applications faster. Containers require managed services because the sheer number of containers can become too complex for IT teams to handle. Orchestration platforms like Kubernetes can be complex, requiring management to automatically deploy container-based applications to operating systems and public clouds. IT operations staff need container management skills and training.

    Installing and setting up container orchestration tools can be laborious and error-prone. IT organizations must first implement the right infrastructure setup for containers by having a solid understanding of the scope and scale of containerization projects and developer requirements. IT administrators also need to know how parts of the existing infrastructure connect and communicate to maintain these relationships in a containerized environment. Containers can run on bare metal servers, virtual machines in the cloud, or hybrid configurations, depending on your IT needs

    Nitin Mukesh, Senior Research Analyst, Infrastructure and Operations

    Nitin Mukesh
    Senior Research Analyst, Infrastructure and Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Info-Tech’s Approach

    The container software market is constantly evolving. Organizations must consider many factors to choose the right container management software for their specific needs and fit their future plans.

    It's important to consider your organization's current and future infrastructure strategy and how it fits with your container management strategy. The container management platform you choose should be compatible with the existing network infrastructure and storage capabilities available to your organization.

    IT operations staff have not been thinking the same way as developers who have now been using an agile approach for some time. Container image builds are highly automated and have several dependencies including scheduling, testing, and deployment that the IT staff is not trained for or lack the ability to create anything more than a simple image.

    Use the reference architecture to plan for the solution you need and want to deploy. Infrastructure planning and strategy optimizes the container image supply chain and reduces costs for compute and image scan time.

    Plan ahead to ensure your container strategy aligns with your infrastructure roadmap. Before deciding between bare metal and cloud, understand the different components of a container management solution and plan for current and future infrastructure services.

    Your challenge

    Choosing the right container technology: IT is a rapidly changing and evolving market, with startups and seasoned technology vendors maintaining momentum in everything from container platforms to repositories to orchestration tools. The rapid evolution of container platform components such as orchestration, storage, networking, and system services such as load balancing has made the entire stack a moving target.

    However, waiting for the industry to be standardized can be a recipe for paralysis, and waiting too long to decide on solutions and approaches can put a company's IT operations in catch-up mode.

    Keeping containers secure: Security breaches in containers are almost identical to operating system level breaches in virtual machines in terms of potential application and system vulnerabilities. It is important for any DevOps team working on container and orchestration architecture and management to fully understand the potential vulnerabilities of the platforms they are using.

    Optimize your infrastructure strategy for containers: One of the challenges enterprise IT operations management teams face when it comes to containers is the need to rethink the underlying infrastructure to accommodate the technology. While you may not want to embrace the public cloud for your critical applications just yet, IT operations managers will need an on-premises infrastructure so that applications can scale up and down the same way as they are containerized.

    Common ways organizations use containers

    A Separation of responsibilities
    Containerization provides a clear separation of responsibilities as developers can focus on application logic and dependencies, while IT operations teams can focus on deployment and management instead of application details such as specific software versions and configurations.

    B Workload portability
    Containers can run almost anywhere: physical servers or on-premise data centers on virtual machines or developer machines, as well as public clouds on Linux, Windows, or Mac operating systems, greatly easing development and deployment.

    “Lift and shift” existing applications into a modern cloud architecture. Some organizations even use containers to migrate existing applications to more modern environments. While this approach provides some of the basic benefits of operating system virtualization, it does not provide all the benefits of a modular, container-based application architecture.

    C Application isolation
    Containers virtualize CPU, memory, storage, and network resources at the operating system level, providing developers with a logically isolated view of the operating system from other applications.

    Source: TechTarget, 2021

    What are containers and why should I containerize?

    A container is a partially isolated environment in which an application or parts of an application can run. You can use a single container to run anything from small microservices or software processes to larger applications. Inside the container are all the necessary executable, library, and configuration files. Containers do not contain operating system images. This makes them lighter and more portable with much less overhead. Large application deployments can deploy multiple containers into one or more container clusters (CapitalOne, 2020).

    Containers have the following advantages:

    • Reduce overhead costs: Because containers do not contain operating system images, they require fewer system resources than traditional or hardware virtual machine environments.
    • Enhanced portability: Applications running in containers can be easily deployed on a variety of operating systems and hardware platforms.
    • More consistent operations: DevOps teams know that applications in containers run the same no matter where they are deployed.
    • Efficiency improvement: Containers allow you to deploy, patch, or scale applications faster.
    • Develop better applications: Containers support Agile and DevOps efforts to accelerate development and production cycles.

    Source: CapitalOne, 2020

    Container on the cloud or on-premise?

    On-premises containers Public cloud-based containers

    Advantages:

    • Full control over your container environment.
    • Increased flexibility in networking and storage configurations.
    • Use any version of your chosen tool or container platform.
    • No need to worry about potential compliance issues with data stored in containers.
    • Full control over the host operating system and environment.

    Disadvantages:

    • Lack of easy scalability. This can be especially problematic if you're using containers because you want to be more agile from a DevOps perspective.
    • No turnkey container deployment solution. You must set up and maintain every component of the container stack yourself.

    Advantages:

    • Easy setup and management through platforms such as Amazon Elastic Container Service or Azure Container Service. These products require significant Docker expertise to use but require less installation and configuration than on-premise installations.
    • Integrates with other cloud-based tools for tasks such as monitoring.
    • Running containers in the cloud improves scalability by allowing you to add compute and storage resources as needed.

    Disadvantages:

    • You should almost certainly run containers on virtual machines. That can be a good thing for many people; however, you miss out on some of the potential benefits of running containers on bare metal servers, which can be easily done.
    • You lose control. To build a container stack, you must use the orchestrator provided by your cloud host or underlying operating system.

    Info-Tech Insight
    Start-ups and small businesses that don't typically need to be closely connected to hardware can easily move (or start) to the cloud. Large (e.g. enterprise-class) companies and companies that need to manage and control local hardware resources are more likely to prefer an on-premises infrastructure. For enterprises, on-premises container deployments can serve as a bridge to full public cloud deployments or hybrid private/public deployments. The answer to the question of public cloud versus on premises depends on the specific needs of your business.

    Container management

    From container labeling that identifies workloads and ownership to effective reporting that meets the needs of different stakeholders across the organization, it is important that organizations establish an effective framework for container management.

    Four key considerations for your container management strategy:

    01 Container Image Supply Chain
    How containers are built

    02 Container Infrastructure and Orchestration
    Where and how containers run together

    03 Container Runtime Security and Policy Enforcement
    How to make sure your containers only do what you want them to do

    04 Container Observability
    Runtime metrics and debugging

    To effectively understand container management solutions, it is useful to define the various components that make up a container management strategy.

    1: Container image supply chain

    To run a workload as a container, it must first be packaged into a container image. The image supply chain includes all libraries or components that make up a containerized application. This includes CI/CD tools to test and package code into container images, application security testing tools to check for vulnerabilities and logic errors, registries and mirroring tools for hosting container images, and attribution mechanisms such as image signatures for validating images in registries.

    Important functions of the supply chain include the ability to:

    • Scan container images in registries for security issues and policy compliance.
    • Verify in-use image hashes have been scanned and authorized.
    • Mirror images from public registries to isolate yourself from outages in these services.
    • Attributing images to the team that created them.

    Source: Rancher, 2022

    Info-Tech Insight
    It is important to consider disaster recovery for your image registry. As mentioned above, it is wise to isolate yourself from registry disruptions. However, external registry mirroring is only one part of the equation. You also want to make sure you have a high availability plan for your internal registry as well as proper backup and recovery processes. A highly available, fault-tolerant container management platform is not just a runtime environment.

    2: Container infrastructure and orchestration

    Orchestration tools

    Once you have a container image to run, you need a location to run it. That means both the computer the container runs on and the software that schedules it to run. If you're working with a few containers, you can make manual decisions about where to run container images, what to run with container images, and how best to manage storage and network connectivity. However, at scale, these kinds of decisions should be left to orchestration tools like Kubernetes, Swarm, or Mesos. These platforms can receive workload execution requests, determine where to run based on resource requirements and constraints, and then actually launch that workload on its target. And if a workload fails or resources are low, it can be restarted or moved as needed.

    Source: DevOpsCube, 2022

    Storage

    Storage is another important consideration. This includes both the storage used by the operating system and the storage used by the container itself. First, you need to consider the type of storage you actually need. Can I outsource my storage concerns to a cloud provider using something like Amazon Relational Database Service instead? If not, do you really need block storage (e.g. disk) or can an external object store like AWS S3 meet your needs? If your external object storage service can meet your performance and durability requirements as well as your governance and compliance needs, you're in luck. You may not have to worry about managing the container's persistent storage. Many external storage services can be provisioned on demand, support discrete snapshots, and some even allow dynamic scaling on demand.

    Networking

    Network connectivity inside and outside the containerized environment is also very important. For example, Kubernetes supports a variety of container networking interfaces (CNIs), each providing different functionality. Questions to consider here are whether you can set traffic control policies (and the OSI layer), how to handle encryption between workloads and between workloads and external entities, and how to manage traffic import for containerized workloads. The impact of these decisions also plays a role on performance.

    Backups

    Backups are still an important task in containerized environments, but the backup target is changing slightly. An immutable, read-only container file system can be recreated very easily from the original container image and does not need to be backed up. Backups or snapshots on permanent storage should still be considered. If you are using a cloud provider, you should also consider fault domain and geo-recovery scenarios depending on the provider's capabilities. For example, if you're using AWS, you can use S3 replication to ensure that EBS snapshots can be restored in another region in case of a full region outage.

    3: Container runtime security and policy enforcement

    Ensuring that containers run in a place that meets the resource requirements and constraints set for them is necessary, but not sufficient. It is equally important that your container management solution performs continuous validation and ensures that your workloads comply with all security and other policy requirements of your organization. Runtime security and policy enforcement tools include a function for detecting vulnerabilities in running containers, handling detected vulnerabilities, ensuring that workloads are not running with unnecessary or unintended privileges, and ensuring that only other workloads that need to be allowed can connect.

    One of the great benefits of (well implemented) containerized software is reducing the attackable surface of the application. But it doesn't completely remove it. This means you need to think about how to observe running applications to minimize security risks. Scanning as part of the build pipeline is not enough. This is because an image without vulnerabilities at build time can become a vulnerable container because new flaws are discovered in its code or support libraries. Instead, some modern tools focus on detecting unusual behavior at the system call level. As these types of tools mature, they can make a real difference to your workload’s security because they rely on actual observed behavior rather than up-to-date signature files.

    4: Container observability

    What’s going on in there?

    Finally, if your container images are being run somewhere by orchestration tools and well managed by security and policy enforcement tools, you need to know what your containers are doing and how well they are doing it. Orchestration tools will likely have their own logs and metrics, as will networking layers, and security and compliance checking tools; there is a lot to understand in a containerized environment. Container observability covers logging and metrics collection for both your workloads and the tools that run them.

    One very important element of observability is the importance of externalizing logs and metrics in a containerized environment. Containers come and go, and in many cases the nodes running on them also come and go, so relying on local storage is not recommended.

    The importance of a container management strategy

    A container management platform typically consists of a variety of tools from multiple sources. Some container management software vendors or container management services attempt to address all four key components of effective container management. However, many organizations already have tools that provide at least some of the features they need and don't want to waste existing licenses or make significant changes to their entire infrastructure just to run containers.

    When choosing tools from multiple sources, it's important to understand what needs each tool meets and what it doesn't. This holistic approach is necessary to avoid gaps and duplication of effort.

    For example, scanning an image as part of the build pipeline and then rescanning the image while the container is running is a waste of CPU cycles in the runtime environment. Similarly, using orchestration tools and separate host-based agents to aggregate logs or metrics can waste CPU cycles as well as storage and network resources.

    Planning a container management strategy

    1 DIY, Managed Services, or Packaged Products
    Developer satisfaction is important, but it's also wise to consider the team running the container management software. Migrating from bare metal or virtual machine-based deployment methodologies to containers can involve a significant learning curve, so it's a good idea to choose a tool that will help smooth this curve.
    2 Kubernetes
    In the world of container management, Kubernetes is fast becoming the de facto standard for container orchestration and scheduling. Most of the products that address the other aspects of container management discussed in this post (image supply chain, runtime security and policy enforcement, observability) integrate easily with Kubernetes. Kubernetes is open-source software and using it is possible if your team has the technical skills and the desire to implement it themselves. However, that doesn't mean you should automatically opt to build yourself.
    3 Managed Kubernetes
    Kubernetes is difficult to implement well. As a result, many solution providers offer packaged products or managed services to facilitate Kubernetes adoption. All major cloud providers now offer Kubernetes services that reduce the operational burden on your teams. Organizations that have invested heavily in the ecosystem of a particular cloud provider may find this route suitable. Other organizations may be able to find a fully managed service that provides container images and lets the service provider worry about running the images which, depending on the cost and capacity of the organization, may be the best option.
    4 Third-Party Orchestration Products
    A third approach is packaged products from providers that can be installed on the infrastructure (cloud or otherwise). These products can offer several potential advantages over DIY or cloud provider offerings, such as access to additional configuration options or cluster components, enhanced functionality, implementation assistance and training, post-installation product support, and reduced risk of cloud provider lock-in.

    Source: Kubernetes, 2022; Rancher, 2022

    Infrastructure considerations

    It's important to describe your organization’s current and future infrastructure strategy and how it fits into your container management strategy. It’s all basic for now, but if you plan to move to a virtual machine or cloud provider next year, your container management solution should be able to adapt to your environment now and in the future. Similarly, if you’ve already chosen a public cloud, you may want to make sure that the tool you choose supports some of the cloud options, but full compatibility may not be an important feature.

    Infrastructure considerations extend beyond computing. Choosing a container management platform should be compatible with the existing network infrastructure and storage capacity available to your organization. If you have existing policy enforcement, monitoring, and alerting tools, the ideal solution should be able to take advantage of them. Moving to containers can be a game changer for developers and operations teams, so continuing to use existing tools to reduce complexity where possible can save time and money.

    Leverage the reference architecture to guide your container management strategy

    Questions for support transition

    Using the examples as a guide, complete the tool to strategize your container management

    Download the Reference Architecture

    Bibliography

    Mell, Emily. “What is container management and why is it important?” TechTarget, April 2021.
    https://www.techtarget.com/searchitoperations/definition/container-management-software#:~:text=A%20container%20management%20ecosystem%20automates,operator%20to%20keep%20up%20with

    Conrad, John. “What is Container Orchestration?” CapitalOne, 24 August 2020.
    https://www.capitalone.com/tech/cloud/what-is-container-orchestration/?v=1673357442624

    Kubernetes. “Cluster Networking.” Kubernetes, 2022.
    https://kubernetes.io/docs/concepts/cluster-administration/networking/

    Rancher. “Comparing Kubernetes CNI Providers: Flannel, Calico, Canal, and Weave.” Rancher, 2022.
    https://www.suse.com/c/rancher_blog/comparing-kubernetes-cni-providers-flannel-calico-canal-and-weave/

    Wilson, Bob. “16 Best Container Orchestration Tools and Services.” DevopsCube, 5 January 2022.
    https://devopscube.com/docker-container-clustering-tools/

    Build an Application Department Strategy

    • Buy Link or Shortcode: {j2store}180|cart{/j2store}
    • member rating overall impact (scale of 10): 9.2/10 Overall Impact
    • member rating average dollars saved: $220,866 Average $ Saved
    • member rating average days saved: 34 Average Days Saved
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Application delivery has modernized. There are increasing expectations on departments to deliver on organizational and product objectives with increasing velocity.
    • Application departments produce many diverse, divergent products, applications, and services with expectations of frequent updates and changes based on rapidly changing landscapes

    Our Advice

    Critical Insight

    • There is no such thing as a universal “applications department.” Unlike other domains of IT, there are no widely accepted frameworks that clearly outline universal best practices of application delivery and management.
    • Different software needs and delivery orientations demand a tailored structure and set of processes, especially when managing a mixed portfolio or multiple delivery methods.

    Impact and Result

    Understand what your department’s purpose is through articulating its strategy in three steps:

    • Determining your application department’s values, principles, and orientation.
    • Laying out the goals, objectives, metrics, and priorities of the department.
    • Building a communication plan to communicate your overall department strategy.

    Build an Application Department Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build an application department strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Take stock of who you are

    Consider and record your department’s values, principles, orientation, and capabilities.

    • Build an Application Department Strategy – Phase 1: Take Stock of Who You Are
    • Application Department Strategy Supporting Workbook

    2. Articulate your strategy

    Define your department’s strategy through your understanding of your department combined with everything that you do and are working to do.

    • Build an Application Department Strategy – Phase 2: Articulate Your Strategy
    • Application Department Strategy Template

    3. Communicate your strategy

    Communicate your department’s strategy to your key stakeholders.

    • Build an Application Department Strategy – Phase 3: Communicate Your Strategy

    Infographic

    Workshop: Build an Application Department Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Take Stock of Who You Are

    The Purpose

    Understand what makes up your application department beyond the applications and services provided.

    Key Benefits Achieved

    Articulating your guiding principles, values, capabilities, and orientation provides a foundation for expressing your department strategy.

    Activities

    1.1 Identify your team’s values and guiding principles.

    1.2 Define your department’s orientation.

    Outputs

    A summary of your department’s values and guiding principles

    A clear view of your department’s orientation and supporting capabilities

    2 Articulate Your Strategy

    The Purpose

    Lay out all the details that make up your application department strategy.

    Key Benefits Achieved

    A completed application department strategy canvas containing everything you need to communicate your strategy.

    Activities

    2.1 Write your application department vision statement.

    2.2 Define your application department goals and metrics.

    2.3 Specify your department capabilities and orientation.

    2.4 Prioritize what is most important to your department.

    Outputs

    Your department vision

    Your department’s goals and metrics that contribute to achieving your department’s vision

    Your department’s capabilities and orientation

    A prioritized roadmap for your department

    3 Communicate Your Strategy

    The Purpose

    Lay out your strategy’s communication plan.

    Key Benefits Achieved

    Your application department strategy presentation ready to be presented to your stakeholders.

    Activities

    3.1 Identify your stakeholders.

    3.2 Develop a communication plan.

    3.3 Wrap-up and next steps

    Outputs

    List of prioritized stakeholders you want to communicate with

    A plan for what to communicate to each stakeholder

    Communication is only the first step – what comes next?

    Make IT a Successful Partner in M&A Integration

    • Buy Link or Shortcode: {j2store}79|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy
    • Many organizations forget the essential role IT plays during M&A integration. IT is often unaware of a merger or acquisition until the deal is announced, making it very difficult to adequately interpret business goals and appropriately assess the target organization.
    • IT-related integration activities are amongst the largest cost items in an M&A, yet these costs are often overlooked or underestimated during due diligence.
    • IT is expected to use the M&A team’s IT due diligence report and estimated IT integration budget, which may not have been generated appropriately.
    • IT involvement in integration is critical to providing a better view of risks, improving the ease of integration, and optimizing synergies.

    Our Advice

    Critical Insight

    • Anticipate that you are going to be under pressure. Fulfill short-term, tactical operational imperatives while simultaneously conducting discovery and designing the technology end-state.
    • To migrate risks and guide discovery, select a high-level IT integration posture that aligns with business objectives.

    Impact and Result

    • Once a deal has been announced, use this blueprint to set out immediately to understand business M&A goals and expected synergies.
    • Assemble an IT Integration Program to conduct discovery and begin designing the technology end-state, while simultaneously identifying and delivering operational imperatives and quick-wins as soon as possible.
    • Following discovery, use this blueprint to build initiatives and put together an IT integration budget. The IT Integration Program has an obligation to explain the IT cost implications of the M&A to the business.
    • Once you have a clear understanding of the cost of your IT integration, use this blueprint to build a long-term action plan to achieve the planned technology end-state that best supports the business capabilities of the organization.

    Make IT a Successful Partner in M&A Integration Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should follow Info-Tech’s M&A IT integration methodology and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Launch the project

    Define the business’s M&A goals, assemble an IT Integration Program, and select an IT integration posture that aligns with business M&A strategy.

    • Make IT a Successful Partner in M&A Integration – Phase 1: Launch the Project
    • IT Integration Charter

    2. Conduct discovery and design the technology end-state

    Refine the current state of each IT domain in both organizations, and then design the end-state of each domain.

    • Make IT a Successful Partner in M&A Integration – Phase 2: Conduct Discovery and Design the Technology End-State
    • IT Integration Roadmap Tool

    3. Initiate operational imperatives and quick-wins

    Generate tactical operational imperatives and quick-wins, and then develop an interim action plan to maintain business function and capture synergies.

    • Make IT a Successful Partner in M&A Integration – Phase 3: Initiate Operational Imperatives and Quick-Wins

    4. Develop an integration roadmap

    Generate initiatives and put together a long-term action plan to achieve the planned technology end-state.

    • Make IT a Successful Partner in M&A Integration – Phase 4: Develop an Integration Roadmap
    [infographic]

    Workshop: Make IT a Successful Partner in M&A Integration

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Launch the Project

    The Purpose

    Identification of staffing and skill set needed to manage the IT integration.

    Generation of an integration communication plan to highlight communication schedule during major integration events.

    Identification of business goals and objectives to select an IT Integration Posture that aligns with business strategy.

    Key Benefits Achieved

    Defined IT integration roles & responsibilities.

    Structured communication plan for key IT integration milestones.

    Creation of the IT Integration Program.

    Generation of an IT Integration Posture.

    Activities

    1.1 Define IT Integration Program responsibilities.

    1.2 Build an integration communication plan.

    1.3 Host interviews with senior management.

    1.4 Select a technology end-state and IT integration posture.

    Outputs

    Define IT Integration Program responsibilities and goals

    Structured communication plan

    Customized interview guide for each major stakeholder

    Selected technology end-state and IT integration posture

    2 Conduct Discovery and Design the Technology End-State

    The Purpose

    Identification of information sources to begin conducting discovery.

    Definition of scope of information that must be collected about target organization.

    Definition of scope of information that must be collected about your own organization.

    Refinement of the technology end-state for each IT domain of the new entity. 

    Key Benefits Achieved

    A collection of necessary information to design the technology end-state of each IT domain.

    Adequate information to make accurate cost estimates.

    A designed end-state for each IT domain.

    A collection of necessary, available information to make accurate cost estimates. 

    Activities

    2.1 Define discovery scope.

    2.2 Review the data room and conduct onsite discovery.

    2.3 Design the technology end-state for each IT domain.

    2.4 Select the integration strategy for each IT domain.

    Outputs

    Tone set for discovery

    Key information collected for each IT domain

    Refined end-state for each IT domain

    Refined integration strategy for each IT domain

    3 Initiate Tactical Initiatives and Develop an Integration Roadmap

    The Purpose

    Generation of tactical initiatives that are operationally imperative and will help build business credibility.

    Prioritization and execution of tactical initiatives.

    Confirmation of integration strategy for each IT domain and generation of initiatives to achieve technology end-states.

    Prioritization and execution of integration roadmap.

    Key Benefits Achieved

    Tactical initiatives generated and executed.

    Confirmed integration posture for each IT domain.

    Initiatives generated and executed upon to achieve the technology end-state of each IT domain. 

    Activities

    3.1 Build quick-win and operational imperatives.

    3.2 Build a tactical action plan and execute.

    3.3 Build initiatives to close gaps and redundancies.

    3.4 Finalize your roadmap and kick-start integration.

    Outputs

    Tactical roadmap to fulfill short-term M&A objectives and synergies

    Confirmed IT integration strategies

    Finalized integration roadmap

    Build a Better Manager

    • Buy Link or Shortcode: {j2store}603|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Train & Develop
    • Parent Category Link: /train-and-develop
    • Management skills training is needed, but organizations are struggling to provide training that makes a long-term difference in the skills managers actually use in their day to day.
    • Many training programs are ineffective because they offer the wrong content, deliver it in a way that is not memorable, and are not aligned with the IT department’s business objectives.

    Our Advice

    Critical Insight

    • More of the typical manager training is not enough to solve the problem of underprepared first-time IT managers.
    • You must overcome the key pitfalls of ineffective training to deliver training that is better than the norm.
    • Offer tailored training that focuses on skill building and is aligned with measurable business goals to make your manager training a tangible success.

    Impact and Result

    Use Info-Tech’s tactical, practical training materials to deliver training that is:

    • Specifically tailored to first-time IT managers.
    • Designed around practical application of new skills.
    • Aligned with your department’s business goals.

    Build a Better Manager Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build a Better Manager Capstone Deck – This deck will guide you through identifying the critical skills your managers need to succeed and planning out a training program tailored to your team and organization.

    This deck presents a behind-the-scenes explanation for the training materials, enabling a facilitator to deliver the training.

    • Build a Better Manager – Phases 1-3

    2. Facilitation Guides – These ready-to-deliver presentation decks span 8 modules. Each module covers a key management skill. The modules can be delivered independently or as a series.

    The modules are complete with presentation slides, speaker’s notes, and accompanying participant workbooks and provide everything you need to deliver the training to your team.

    • Accountability Facilitation Guide
    • Coaching and Feedback Facilitation Guide
    • Communicate Effectively Facilitation Guide
    • Manage Conflict Constructively Facilitation Guide
    • Your Role in Decision Making Facilitation Guide
    • Master Time Facilitation Guide
    • Performance Management Facilitation Guide
    • Your Role in the Organization Facilitation Guide

    3. Participant Workbooks and Supporting Materials – Each training module comes with a corresponding participant workbook to help trainees record insights and formulate individual skill development plans.

    Each workbook is tailored to the presentation slides in its corresponding facilitation guide. Some workbooks have additional materials, such as role play scenarios, to aid in practice. Every workbook comes with example entries to help participants make the most of their training.

    • Communicate Effectively Participant Workbook
    • Performance Management Participant Workbook
    • Coaching and Feedback Participant Workbook
    • Effective Feedback Training Role Play Scenarios
    • Your Role in the Organization Participant Workbook
    • Your Role in Decision Making Participant Workbook
    • Decision Making Case Study
    • Manage Conflict Constructively Participant Workbook
    • Conflict Resolution Role Play Scenarios
    • Master Time Participant Workbook
    • Accountability Participant Workbook
    [infographic]

    Workshop: Build a Better Manager

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Build a Better Manager

    The Purpose

    Attend training on the specific topics necessary for each individual management team.

    Each workshop consists of four days, one 3-hour training session per day. One module is delivered per day, selecting from the following pool of topics:

    Master Time

    Accountability

    Your Role in the Organization

    Your Role in Decision Making

    Manage Conflict Constructively

    Effective Communication

    Performance Management

    Coaching & Feedback

    Key Benefits Achieved

    Managers learn about best practices, practice their application, and formulate individual skill development plans.

    Activities

    1.1 Training on one topic per day, for four days (selected from a pool of eight possible topics)

    Outputs

    Completed workbook and action plan

    Further reading

    Build a Better Manager

    Support IT success with a solid management foundation.

    Analyst Perspective

    Training that delivers results.

    Jane Koupstova.

    Ninety-eight percent of managers say they need more training, but 93% of managers already receive some level of manager training. Unfortunately, the training typically provided, although copious, is not working. More of the same will never get you better outcomes.

    How many times have you sat through training that was so long, you had no hope of implementing half of it?

    How many times have you been taught best practices, with zero guidance on how to apply them?

    To truly support our managers, we need to rethink manager training. Move from fulfilling an HR mandate to providing truly trainee-centric instruction. Teach only the right skills – no fluff – and encourage and enable their application in the day to day.

    Jane Kouptsova
    Research Director, People & Leadership
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    IT departments often promote staff based on technical skill, resulting in new managers feeling unprepared for their new responsibilities in leading people.

    The success of your organization hinges on managers’ ability to lead their staff; by failing to equip new managers adequately, you are risking the productivity of your entire department.

    Despite the fact that $14 billion is spent annually on leadership training in the US alone (Freedman, 2016), only one in ten CIOs believe their department is very effective at leadership, culture, and values (Info-Tech, 2019).

    Training programs do not deliver results due to trainee overwhelm, ineffective skill development, and a lack of business alignment.

    Use Info-Tech’s tactical, practical approach to management training to deliver training that:

    • Is specifically tailored to first-time IT managers.
    • Is designed around practical application of new skills.
    • Is aligned with your department’s business goals.
    • Equips your new managers with essential skills and foundational competencies

    Info-Tech Insight

    When it comes to manager training, more is not more. Attending training is not equal to being trained. Even good information is useless when it doesn’t get applied. If your role hasn’t required you to use your training within 48 hours, you were not trained on the most relevant skills.

    Effective managers drive effective departments by engaging their teams

    The image contains a screenshot to demonstrate effective managers.

    Engaged teams are:

    • 52% more willing to innovate*
    • 70% more likely to be at the organization a year from now**
    • 57% more likely to exceed their role’s expectations**

    Engaged teams are driven by managers:

    • 70% of team-level engagement is accounted for by managers***
    *McLean & Company; N=3,395; **McLean & Company; N=5,902; ***Gallup, 2018

    Despite the criticality of their role, IT organizations are failing at supporting new managers

    87% of middle managers wish they had more training when they were first promoted

    98% of managers say they need more training

    Source: Grovo, 2016

    IT must take notice:

    IT as an industry tends to promote staff on the basis of technical skill. As a result, new managers find themselves suddenly out of their comfort zone, tasked with leading teams using management skills they have not been trained in and, more often than not, having to learn on the job. This is further complicated because many new IT managers must go from a position of team member to leader, which can be a very complex transition.

    The truth is, many organizations do try and provide some degree of manager training, it just is not effective

    99% of companies offer management training*

    93% of managers attend it*

    $14 billion spent annually in the US on leadership training**

    Fewer than one in ten CIOs believe their IT department is highly effective at leadership, culture, and values.

    The image contains a screenshot of a pie chart that demonstrates the effectiveness of the IT department at leadership, culture, and values.

    *Grovo, 2016; **Chief Executive, 2016
    Info-Tech’s Management & Governance Diagnostic, N=337 CIOs

    There are three key reasons why manager training fails

    1. Information Overload

    Seventy-five percent of managers report that their training was too long to remember or to apply in their day to day (Grovo, 2016). Trying to cover too much useful information results in overwhelm and does not deliver on key training objectives.

    2. Limited Implementation

    Thirty-three percent of managers find that their training had insufficient follow-up to help them apply it on the job (Grovo, 2016). Learning is only the beginning. The real results are obtained when learning is followed by practice, which turns new knowledge into reliable habits.

    3. Lack of departmental alignment

    Implementing training without a clear link to departmental and organizational objectives leaves you unable to clearly communicate its value, undermines your ability to secure buy-in from attendees and executives, and leaves you unable to verify that the training is actually improving departmental effectiveness.

    Overcome those common training pitfalls with tactical solutions

    MOVE FROM

    TO

    1. Information Overload

    Timely, tailored topics

    The more training managers attend, the less likely they are to apply any particular element of it. Combat trainee overwhelm by offering highly tactical, practical training that presents only the essential skills needed at the managers’ current stage of development.

    2. Limited Implementation

    Skills-focused framework

    Many training programs end when the last manager walks out of the last training session. Ensure managers apply their new knowledge in the months and years after the training by relying on a research-based framework that supports long-term skill building.

    3. Lack of Departmental Alignment

    Outcome-based measurement

    Setting organizational goals and accompanying metrics ahead of time enables you to communicate the value of the training to attendees and stakeholders, track whether the training is delivering a return on your investment, and course correct if necessary.

    This research combats common training challenges by focusing on building habits, not just learning ideas

    Manager training is only useful if the skills it builds are implemented in the day-to-day.

    Research supports three drivers of successful skill building from training:

    Habits

    Organizational Support

    The training modules include committing to implementing new skills on the job and scheduling opportunities for feedback.

    Learning Structure

    Training activities are customizable, flexible, and accompanied by continuous learning self-evaluation.

    Personal Commitment

    Info-Tech’s methodology builds in activities that foster accountability and an attitude of continuous improvement.

    Learning

    Info-Tech Insight

    When it comes to manager training, stop thinking about learning, and start thinking about practice. In difficult situations, we fall back on habits, not theoretical knowledge. If a manager is only as good as their habits, we need to support them in translating knowledge into practice.

    This research focuses on building good management habits to drive enterprise success

    Set up your first-time managers for success by leveraging Info-Tech’s training to focus on three key areas of management:

    • Managing people as a team
    • Managing people as individuals
    • Managing yourself as a developing leader

    Each of these areas:

    • Is immediately important for a first-time manager
    • Includes practical, tactical skills that can be implemented quickly
    • Translates to departmental and organizational benefits

    Info-Tech Insight

    There is no such thing as “effective management training.” Various topics will be effective at different times for different roles. Delivering only the highest-impact learning at strategic points in your leadership development program will ensure the learning is retained and translates to results.

    This blueprint covers foundational training in three key domains of effective management

    Effective Managers

    • Self
      • Conflict & Difficult Conversations
      • Your Role in the Organization
      • Your Role in Decisions
    • Team
      • Communication
      • Feedback & Coaching
      • Performance Management
    • People
      • Master Time
      • Delegate
      • Accountability

    Each topic corresponds to a module, which can be used individually or as a series in any order.

    Choose topics that resonate with your managers and relate directly to their day-to-day tasks. Training on topics that may be useful in the future, while interesting, is less likely to generate lasting skill development.

    Info-Tech Best Practice

    This blueprint is not a replacement for formal leadership or management certification. It is designed as a practical, tactical, and foundational introduction to key management capabilities.

    Info-Tech’s training tools guide participants through successful skill building

    Practical facilitation guides equip you with the information, activities, and speaker’s notes necessary to deliver focused, tactical training to your management team.

    The participant’s workbook guides trainees through applying the three drivers of skill building to solidify their training into habits.

    Measure the effectiveness of your manager training with outcomes-focused metrics

    Linking manager training with measurable outcomes allows you to verify that the program is achieving the intended benefits, course correct as needed, and secure buy-in from stakeholders and participants by articulating and documenting value.

    Use the metrics suggested below to monitor your training program’s effectiveness at three key stages:

    Program Metric

    Calculation

    Program enrolment and attendance

    Attendance at each session / Total number enrolled in session

    First-time manager (FTM) turnover rate

    Turnover rate: Number of FTM departures / Total number of FTMs

    FTM turnover cost

    Number of departing FTMs this year * Cost of replacing an employee

    Manager Effectiveness Metric

    Calculation

    Engagement scores of FTM's direct reports

    Use Info-Tech's Employee Engagement surveys to monitor scores

    Departures as a result of poor management

    Number of times "manager relationships" is selected as a reason for leaving on an exit survey / Total number of departures

    Cost of departures due to poor management

    Number of times "manager relationships" is selected as a reason for leaving on an exit survey * Cost associated with replacing an employee

    Organizational Outcome Metric

    Calculation

    On-target delivery

    % projects completed on-target = (Projects successfully completed on time and on budget / Total number of projects started) * 100

    Business stakeholder satisfaction with IT

    Use Info-Tech’s business satisfaction surveys to monitor scores

    High-performer turnover rate

    Number of permanent, high-performing employee departures / Average number of permanent, high-performing employees

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.” “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.” “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.” “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Review selected modules and discuss training delivery.

    Call #3: Review training delivery, discuss lessons learned. Review long-term skill development plan.

    A Guided Implementation (GI) is a series

    of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 1 to 3 calls over the course of several months, depending on training schedule.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4

    3-Hour Training Session

    3-Hour Training Session

    3-Hour Training Session

    3-Hour Training Session

    Activities

    Training on topic 1 (selected from a pool of 8 possible topics)

    Training on topic 2 (selected from a pool of 8 possible topics)

    Training on topic 3 (selected from a pool of 8 possible topics)

    Training on topic 4 (selected from a pool of 8 possible topics)

    Deliverables

    Completed workbook and action plan

    Completed workbook and action plan

    Completed workbook and action plan

    Completed workbook and action plan

    Pool of topics:

    • Master Time
    • Accountability
    • Your Role in the Organization
    • Your Role in Decision Making
    • Manage Conflict Constructively
    • Effective Communication
    • Performance Management
    • Coaching & Feedback

    Phase 1

    Prepare to facilitate training

    Phase 1 Phase 2 Phase 3
    • Select training topics
    • Customize the training facilitation guide for your organization
    • Deliver training modules
    • Confirm skill development action plan with trainees
    • Secure organizational support from trainees' supervisors

    Outcomes of this phase:

    • Training facilitation deck customized to organizational norms
    • Training workbook distributed to participants
    • Training dates and facilitator finalized

    1.1 Select training modules

    1-3 hours

    1. Review the module descriptions on the following slides.
    2. Identify modules that will address managers’ most pressing development needs.
      To help make this decision, consult the following:
      • Trainees’ development plans
      • Trainees’ supervisors
    Input Output
    • Module descriptions
    • Trainees’ development goals and needs
    • Prioritized list of training modules
    Materials Participants
    • Prioritized list of training modules
    • Training sponsor
    • Trainees’ supervisors

    Effective Communication

    Effective communication is the cornerstone of good management

    Effective communication can make or break your IT team’s effectiveness and engagement and a manager’s reputation in the organization. Effective stakeholder management and communication has a myriad of benefits – yet this is a key area where IT leaders continue to struggle.


    There are multiple ways in which you communicate with your staff. The tactics you will learn in this section will help you to:

    1. Understand communication styles. Every staff member has a predisposition in terms of how they give, receive, and digest information. To drive effective communication new managers need to understand the profiles of each of their team members and adjust their communicate style to suit.
    2. Understand what your team members want communicated to them and how. Communication is highly personal, and a good manager needs to clearly understand what their team wants to be informed about, their desired interactions, and when they need to be involved in decision making. They also must determine the appropriate channels for communication exchanges.
    3. Make meetings matter. Many new managers never receive training on what differentiates a good and bad meeting. Effective meetings have a myriad of benefits, but more often than not meetings are ineffective, wasting both the participants’ and organizer’s time. This training will help you to ensure that every team meeting drives a solid outcome and gets results.

    Benefits:

    • Better buy-in, understanding, and communication.
    • Improved IT reputation with the organization.
    • Improved team engagement.
    • Improved stakeholder satisfaction.
    • Better-quality decision making.
    • Improved transparency, trust, and credibility.
    • Less waste and rework.
    • Greater ability to secure support and execute the agenda.
    • More effective cooperation on activities, better quality information, and greater value from stakeholder input.
    • Better understanding of IT performance and contribution.

    Effective Communication

    Effective manager communication has a direct impact on employee engagement

    35% Of organizations say they have lost an employee due to poor internal communication (project.co, 2021).

    59% Of business leaders lose work time to mistakes caused by poor communication (Grammarly, 2022).

    $1.2 trillion Lost to US organizations as a result of poor communication (Grammarly, 2022).

    Effective Communication

    Effective communication is crucial to all parts of the business

    Operations

    Human Resources

    Finance

    Marketing

    Increases production by boosting revenue.

    Reduces the cost of litigation and increases revenue through productivity improvements.

    Reduces the cost of failing to comply with regulations.

    Increases attraction and retention of key talent.

    Effective Communication

    The Communicate Effectively Facilitation Guide covers the following topics:

    • Understand Communication Styles
    • Tailor Communication Methods to Activities
    • Make Meetings Matter

    Learning outcomes:

    Main goal: Become a better communicator across a variety of personal styles and work contexts.

    Key objectives:

    • Reaffirm why effective communication matters.
    • Work with people with different communication styles.
    • Communicate clearly and effectively within a team.
    • Make meetings more effective.

    Info-Tech Insight

    First-time IT managers face specific communication challenges that come with managing people for the first time: learning to communicate a greater variety of information to different kinds of people, in a variety of venues. Tailored training in these areas helps managers focus and fast-track critical skill development.

    Performance Management

    Meaningful performance measures drive employee engagement, which in turn drives business success

    Meaningful performance measures help employees understand the rationale behind business decisions, help managers guide their staff, and clarify expectations for employees. These factors are all strong predictors of team engagement:

    The image contains a screenshot to demonstrate the relationship and success between performance measures and employee engagement.

    Performance Management

    Clear performance measures benefit employees and the organization

    Talent Management Outcomes

    Organizational Outcomes

    Performance measure are key throughout the talent management process.

    Candidates:

    • Want to know how they will be assessed
    • Rely on measures to become productive as soon as possible

    Employees:

    • Benefit from training centered on measures that are aligned with business outcomes
    • Are rewarded, recognized, and compensated based on measurable guidelines

    Promotions and Evaluations:

    • Are more effective when informed by meaningful performance measures that align with what leadership believes is important

    Performance measures benefit the organization by:

    • Helping employees know the steps to take to improve their performance
    • Ensuring alignment between team objectives and organizational goals
    • Providing a standardized way to support decision making related to compensation, promotions, and succession planning
    • Reducing “gaming” of metrics, when properly structured, thereby reducing risk to the organization
    • Affording legal defensibility by providing an objective basis for decision making

    Performance Management

    The Performance Management Facilitation Guide covers the following topics:

    • Develop Meaningful Goals
    • Set Meaningful Metrics

    Learning outcomes:

    Main goal: Become proficient in setting, tracking, and communicating around performance management goals.

    Key objectives:

    • Understand the role of managers and employees in the performance management process.
    • Learn to set SMART, business-aligned goals for your team.
    • Learn to help employees set useful individual goals.
    • Learn to set meaningful, holistic metrics to track goal progression.
    • Understand the relationship between goals, metrics, and feedback.

    Info-Tech Insight

    Goal and metric development holds special significance for first-time IT managers because it now impacts not only their personal performance, but that of their employees and their team collectively. Training on these topics with a practical team- and employee-development approach is a focused way to build these skills.

    Coaching & Feedback

    Coaching and feedback are effective methods to influence employees and drive business outcomes

    COACHING is a conversation in which a manager asks an employee questions to guide them to solve problems themselves, instead of just telling them the answer.

    Coaching increases employee happiness, and decreases turnover.1

    Coaching promotes innovation.2

    Coaching increases employee engagement, effort and performance.3

    FEEDBACK is information about the past, given in the present, with the goal of influencing behavior or performance for the future. It includes information given for reinforcement and redirection.

    Honest feedback enhances team psychological safety.4

    Feedback increases employee engagement.5

    Feedback boosts feelings of autonomy and drives innovation.6

    1. Administrative Sciences, 2022
    2. International Review of Management and Marketing, 2020
    3. Current Psychology, 2021
    4. Quantum Workplace, 2021
    5. Issues and Perspectives in Business and Social Sciences, 2022
    6. Sustainability, 2021

    Coaching & Feedback

    The Coaching & Feedback Facilitation Guide covers the following topics:

    • The 4 A’s of Coaching
    • Effective Feedback

    Learning outcomes:

    Main goal: Get prepared to coach and offer feedback to your staff as appropriate.

    Key objectives:

    • Understand the difference between coaching and feedback and when to apply each one.
    • Learn the importance of a coaching mindset.
    • Learn effective coaching via the 4 A’s framework.
    • Understand the actions that make up feedback and the factors that make it successful.
    • Learn to deal with resistance to feedback.

    Info-Tech Insight

    First-time managers often shy away from giving coaching and feedback, stalling their team’s performance. A focused and practical approach to building these skills equips new managers with the tools and confidence to tackle these challenges as soon as they arise.

    Your Role in the Organization

    IT managers who understand the business context provide more value to the organization

    Managers who don’t understand the business cannot effect positive change. The greater understanding that IT managers have of business context, the more value they provide to the organization as seen by the positive relationship between IT’s understanding of business needs and the business’ perception of IT value.

    The image contains a screenshot of a scatter plot grid demonstrating business satisfaction with IT Understanding of Needs across Overall IT Value.

    Source: Info-Tech Research Group

    Your Role in the Organization

    Knowing your stakeholders is key to understanding your role in the business and providing value to the organization

    To understand your role in the business, you need to know who your stakeholders are and what value you and your team provide to the organization. Knowing how you help each stakeholder meet their wants needs and goals means that you have the know-how to balance experience and outcome-based behaviors. This is the key to being an attentive leader.


    The tactics you will learn in this section will help you to:

    1. Know your stakeholders. There are five key stakeholders the majority of IT managers have: management, peers, direct reports, internal users, and external users or customers. Managers need to understand the goals, needs, and wants of each of these groups to successfully provide value to the organization.
    2. Understand the value you provide to each stakeholder. Stakeholder relationship management requires IT managers to exhibit drive and support behaviors based on the situation. By knowing how you drive and support each stakeholder, you understand how you provide value to the organization and support its mission, vision, and values.
    3. Communicate the value your team provides to the organization to your team. Employees need to understand the impact of their work. As an IT manager, you are responsible for communicating how your team provides value to the organization. Mission statements on how you provide value to each stakeholder is an easy way to clearly communicate purpose to your team.

    Benefits:

    • Faster and higher growth.
    • Improved team engagement.
    • Improved stakeholder satisfaction.
    • Better quality decision making.
    • More innovation and motivation to complete goals and tasks.
    • Greater ability to secure support and execute on goals and tasks.
    • More effective cooperation on activities, better quality information, and greater value from stakeholder input.
    • Better understanding of IT performance and contribution.

    Your Role in the Organization

    The Your Role in the Organization Facilitation Guide covers the following topics:

    • Know Your Stakeholders
    • Understand the Value You Provide to the Organization
    • Develop Learnings Into Habits

    Learning outcomes:

    Main goal: Understand how your role and the role of your team serves the business.

    Key objectives:

    • Learn who your stakeholders are.
    • Understand how you drive and support different stakeholder relationships.
    • Relate your team’s tasks back to the mission, vision, and values of the organization.
    • Create a mission statement for each stakeholder to bring back to your team.

    Info-Tech Insight

    Before training first-time IT managers, take some time as the facilitator to review how you will serve the wants and needs of those you are training and your stakeholders in the organization.

    Decision Making

    Bad decisions have tangible costs, so managers must be trained in how to make effective decisions

    To understand your role in the decision-making process, you need to know what is expected of you and you must understand what goes into making a good decision. The majority of managers report they have no trouble making decisions and that they are good decision makers, but the statistics say otherwise. This ease at decision making is due to being overly confident in their expertise and an inability to recognize their own ignorance.1


    The tactics you will learn in this section will help you to:

    1. Effectively communicate decisions. Often, first-time managers are either sharing their decision recommendations with their manager or they are communicating a decision down to their team. Managers need to understand how to have these conversations so their recommendations provide value to management and top-down decisions are successfully implemented.
    2. Provide valuable feedback on decisions. Evaluating decisions is just as critical as making decisions. If decisions aren’t reviewed, there is no data or feedback to discover why a decision was a success or failure. Having a plan in place before the decision is made facilitates the decision review process and makes it easier to provide valuable feedback.
    3. Avoid common decision-making mistakes. Heuristics and bias are common decision pitfalls even senior leaders are susceptible to. By learning what the common decision-making mistakes are and being able to recognize them when they appear in their decision-making process, first-time managers can improve their decision-making ability.

    20% Of respondents say their organizations excel at decision making (McKinsey, 2018).

    87% “Diverse teams are 87% better at making decisions” (Upskillist, 2022).

    86% of employees in leadership positions blame the lack of collaboration as the top reason for workplace failures (Upskillist, 2022).

    Decision Making

    A decision-making process is imperative, even though most managers don’t have a formal one

    1. Identify the Problem and Define Objectives
    2. Establish Decision Criteria
    3. Generate and Evaluate Alternatives
    4. Select an Alternative and Implement
    5. Evaluate the Decision

    Managers tend to rely on their own intuition which is often colored by heuristics and biases. By using a formal decision-making process, these pitfalls of intuition can be mitigated or avoided. This leads to better decisions.

    First-time managers are able to apply this framework when making decision recommendations to management to increase their likelihood of success, and having a process will improve their decisions throughout their career and the financial returns correlated with them.

    Decision Making

    Recognizing personal heuristics and bias in the decision-making process improves more than just decision results

    Employees are able to recognize bias in the workplace, even when management can’t. This affects everything from how involved they are in the decision-making process to their level of effort and productivity in implementing decisions. Without employee support, even good decisions are less likely to have positive results. Employees who perceive bias:

    Innovation

    • Hold back ideas and solutions
    • Intentionally fail to follow through on important projects and tasks

    Brand Reputation

    • Speak negatively about the company on social media
    • Do not refer open positions to qualified persons in their network

    Engagement

    • Feel alienated
    • Actively seek new employment
    • Say they are not proud to work for the company

    Decision Making

    The Decision Making Facilitation Guide covers the following topics:

    • Effectively Communicate Decisions
    • Provide Valuable Feedback on Decisions
    • Avoid Common Decision-Making Mistakes

    Learning outcomes:

    Main goal: Understand how to successfully perform your role in the decision process.

    Key objectives:

    • Understand the decision-making process and how to assess decisions.
    • Learn how to communicate with your manager regarding your decision recommendations.
    • Learn how to effectively communicate decisions to your team.
    • Understand how to avoid common decision-making errors.

    Info-Tech Insight

    Before training a decision-making framework, ensure it is in alignment with how decisions are made in your organization. Alternatively, make sure leadership is on board with making a change.

    Manage Conflict Constructively

    Enable leaders to resolve conflicts while minimizing costs

    If you are successful in your talent acquisition, you likely have a variety of personalities and diverse individuals within your IT organization and in the business, which means that conflict is inevitable. However, conflict does not have to be negative – it can take on many forms. The presence of conflict in an organization can actually be a very positive thing: the ability to freely express opinions and openly debate can lead to better, more strategic decisions being made.

    The effect that the conflict is having on individuals and the work environment will determine whether the conflict is positive or counterproductive.

    As a new manager you need to know how to manage potential negative outcomes of conflict by managing difficult conversations and understanding how to respond to conflict in the workplace.


    The tactics you will learn in this section will help you to:

    1. Apply strategies to prepare for and navigate through difficult conversations.
    2. Expand your comfort level when handling conflict, and engage in constructive conflict resolution approaches.

    Benefits:

    • Relieve stress for yourself and your co-workers.
    • Save yourself time and energy.
    • Positively impact relationships with your employees.
    • Improve your team dynamic.
    • Remove roadblocks to your work and get things done.
    • Save the organization money.
    • Improve performance.
    • Prevent negative issues from reoccurring.

    Manage Conflict Constructively

    Addressing difficult conversations is beneficial to you, your people, and the organization

    When you face a difficult conversation you…

    • Relieve stress on you and your co-workers.
    • Save yourself time and energy.
    • Positively impact relationships with your employees.
    • Improve your team dynamic.
    • Remove roadblocks to your work
    • Save the organization money.
    • Improve performance.
    • Prevent negative issues from reoccurring.

    40% Of employees who experience conflict report being less motivated as a result (Acas, 2021).

    30.6% Of employees report coming off as aggressive when trying to resolve a conflict
    (Niagara Institute, 2022).

    Manage Conflict Constructively

    The Manage Conflict Constructively Facilitation Guide covers the following topics:

    • Know Your Ideal Time Mix
    • Calendar Diligence
    • Effective Delegation
    • Limit Interruptions

    Learning outcomes:

    Main goal: Effectively manage your time and know which tasks are your priority and which tasks to delegate.

    Key objectives:

    • Understand common reasons for difficult conversations.
    • Learn Info-Tech’s six-step process to best to prepare for difficult conversations.
    • Follow best practices to approach difficult conversations.
    • Learn the five approaches to conflict management.
    • Practice conflict management skills.

    Info-Tech Insight

    Conflict does not have to be negative. The presence of conflict in an organization can actually be a very positive thing: the ability to freely express opinions and openly debate can lead to better, more strategic decisions being made.

    Master Time

    Effective leaders spend their time in specific ways

    How effective leaders average their time spent across the six key roles:

    Leaders with effective time management skills spend their time across six key manager roles: strategy, projects, management, operations, innovation, and personal. While there is no magic formula, providing more value to the business starts with little practices like:

    • Spending time with the right stakeholders and focusing on the right priorities.
    • Evaluating which meetings are important and productive.
    • Benchmarking yourself against your peers in the industry so you constantly learn from them and improve yourself.


    The keys to providing this value is time management and delegation. The tactics in this section will help first-time managers to:

    1. Discover your ideal time. By analyzing how you currently spend your time, you can see which roles you are under/over using and, using your job description and performance metrics, discover your ideal time mix.
    2. Practice calendar diligence. Time blocking is an effective way to use your time, see your week, and quickly understand what roles you are spending your time in. Scheduling priority tasks first gives insight into which tasks should be delegated.
    3. Effectively delegation. Clear expectations and knowing the strengths of your team are the cornerstone to effective delegation. By understanding the information you need to communicate and identifying the best person on your team to delegate to, tasks and goals will be successfully completed.
    4. Limit interruptions. By learning how to limit interruptions from your team and your manager, you are better able to control your time and make sure your tasks and goals get completed.

    Strategy

    23%

    Projects

    23%

    Management

    19%

    Operations

    19%

    Innovation

    13%

    Personal

    4%

    Source: Info-Tech, N=85

    Master Time

    Signs you struggle with time management

    Too many interruptions in a day to stay focused.

    Too busy to focus on strategic initiatives.

    Spending time on the wrong things.

    The image contains a screenshot of a bar graph that demonstrates struggle with time management.

    Master Time

    The Master Time Facilitation Guide covers the following topics:

    • Understand Communication Styles
    • Tailor Communication Methods to Activities
    • Make Meetings Matter

    Learning outcomes:

    Main goal: Become a better communicator across a variety of personal styles and work contexts.

    Key objectives:

    • Understand how you spend your time.
    • Learn how to use your calendar effectively.
    • Understand the actions to take to successfully delegate.
    • Learn how to successfully limit interruptions.

    Info-Tech Insight

    There is a right and wrong way to manage your calendar as a first-time manager and it has nothing to do with your personal preference.

    Accountability

    Accountability creates organizational and team benefits

    Improves culture and innovation

    Improves individual performance

    Increases employee engagement

    Increases profitability

    Increases trust and productivity

    Enables employees to see how they contribute

    Increases ownership employees feel over their work and outcomes

    Enables employees to focus on activities that drive the business forward

    Source: Forbes, 2019

    Accountability

    Accountability increases employee empowerment

    Employee empowerment is the number one driver of employee engagement. The extent to which you can hold employees accountable for their own actions and decisions is closely related to how empowered they are and how empowered they feel; accountability and empowerment go hand in hand. To feel empowered, employees must understand what is expected of them, have input into decisions that affect their work, and have the tools they need to demonstrate their talents.

    The image contains a screenshot to demonstrate how accountability increases employee empowerment.

    Source: McLean & Company Engagement Database, 2018; N=71,794

    Accountability

    The Accountability Facilitation Guide covers the following topics:

    • Create Clarity and Transparency
    • Articulate Expectations and Evaluation
    • Help Your Team Remove Roadblocks
    • Clearly Introduce Accountability to Your Team

    Learning outcomes:

    Main goal: Create a personal accountability plan and learn how to hold yourself and your team accountable.

    Key objectives:

    • Understand why accountability matters.
    • Learn how to create clarity and transparency.
    • Understand how to successfully hold people accountable through clearly articulating expectations and evaluation.
    • Know how to remove roadblocks to accountability for your team.

    Info-Tech Insight

    Accountability is about focusing on the results of a task, rather than just completing the task. Create team accountability by keeping the team focused on the result and not “doing their jobs.” First-time managers need to clearly communicate expectations and evaluation to successfully develop team accountability.

    Use the Build a Better Manager Participant Workbooks to help participants set accountabilities and track their progress

    A key feature of this blueprint is built-in guidance on transferring your managers’ new knowledge into practical skills and habits they can fall back on when their job requires it.

    The Participant Workbooks, one for each module, are structured around the three key principles of learning transfer to help participants optimally structure their own learning:

    • Track your learning. This section guides participants through conducting self-assessments, setting learning goals, recording key insights, and brainstorming relapse-prevention strategies
    • Establish your personal commitment. This section helps participants record the actions they personally commit to taking to continually practice their new skills
    • Secure organizational support. This section guides participants in recording the steps they will take to seek out support from their supervisor and peers.

    The image contains a screenshot of the Build a Better Manager Participant Workbooks.

    Info-Tech Insight

    Participants should use this workbook throughout their training and continue to review it for at least three months after. Practical skills take an extended amount of time to solidify, and using the workbook for several months will ensure that participants stay on track with regular practice and check-ins.

    Set your trainees up for success by reviewing these training best practices

    Cultural alignment

    It is critical that the department leadership team understand and agree with the best practices being presented. Senior team leads should be comfortable coaching first-time managers in implementing the skills developed through the training. If there is any question about alignment with departmental culture or if senior team leads would benefit from a refresher course, conduct a training session for them as well.

    Structured training

    Ensure the facilitator takes a structured approach to the training. It is important to complete all the activities and record the outputs in the workbook where appropriate. The activities are structured to ensure participants successfully use the knowledge gained during the workshop to build practical skills.

    Attendees

    Who should attend the training? Although this training is designed for first-time IT managers, you may find it helpful to run the training for the entire management team as a refresher and to get everyone on the same page about best practices. It is also helpful for senior leadership to be aware of the training because the attendees may come to their supervisors with requests to discuss the material or coaching around it.

    Info-Tech Insight

    Participants should use this workbook throughout their training and continue to review it for at least three months after. Practical skills take an extended amount of time to solidify, and using the workbook for several months will ensure that participants stay on track with regular practice and check-ins.

    1.2 Customize the facilitation guides

    1-3 hours

    Prior to facilitating your first session, ensure you complete the following steps:

    1. Read through all the module content, including the speaker’s notes, to familiarize yourself with the material and ensure the tactics presented align with your department’s culture and established best practices.
    2. Customize the slides with a pencil icon with information relevant to your organization.
    3. Ensure you are comfortable with all material to be presented and are prepared to answer questions. If you require clarification on any of the material, book a call with your Info-Tech analyst for guidance.
    4. Ensure you do not delete or heavily customize the self-assessment activities and the activities in the Review and Action Plan section of the module. These activities are structured around a skill building framework and designed to aid your trainees in applying their new knowledge in their day to day. If you have any concerns about activities in these sections, book a call with your Info-Tech analyst for guidance.
    Input Output
    • List of selected modules
    • Customized facilitation guides
    Materials Participants
    • Facilitation guides from selected modules
    • Training facilitator

    1.3 Prepare to deliver training

    1-3 hours

    Complete these steps in preparation for delivering the training to your first-time managers:

    1. Select a facilitator.
      • The right person to facilitate the meeting depends on the dynamics within your department. Having a senior IT leader can lend additional weight to the training best practices but may not be feasible in a large department. In these cases, an HR partner or external third party can be asked to facilitate.
    2. Distribute the workbooks to attendees before the first training session.
      • Change the header on the workbook templates to your own organization’s, if desired.
      • Email the workbooks to attendees prior to the first session. There is no pre-work to be completed.
    Input Output
    • List of selected modules
    • Facilitator selected
    • Workbook distributed
    Materials Participants
    • Workbooks from selected modules
    • Training sponsor
    • Training facilitator

    Phase 2

    Deliver training

    Phase 1 Phase 2 Phase 3
    • Select training topics
    • Customize the training facilitation guide for your organization
    • Deliver training modules
    • Confirm skill development action plan with trainees
    • Secure organizational support from trainees' supervisors

    Outcomes of this phase:

    • Training delivered
    • Development goals set by attendees
    • Action plan created by attendees

    2.1 Deliver training

    3 hours

    When you are ready, deliver the training. Ensure you complete all activities and that participants record the outcomes in their workbooks.

    Tips for activity facilitation:

    • Encourage and support participation from everyone. And be sure no one on the team dismisses anyone’s thoughts or opinions – they present the opportunity for further discussion and deeper insight.
    • Debrief after each activity, outlining any lessons learned, action items, and next steps.
    • Encourage participants to record all outcomes, key insights, and action plans in their workbooks.
    Input Output
    • Facilitation guides and workbooks for selected modules
    • Training delivered
    • Workbooks completed
    Materials Participants
    • Facilitation guides and workbooks for selected modules
    • Training facilitator
    • Trainees

    Phase 3

    Enable long-term skill development

    Phase 1Phase 2Phase 3
    • Select training topics
    • Customize the training facilitation guide for your organization
    • Deliver training modules
    • Confirm skill development action plan with trainees
    • Secure organizational support from trainees' supervisors

    Outcomes of this phase:

    • Attendees reminded of action plan and personal commitment
    • Supervisors reminded of the need to support trainees' development

    3.1 Email trainees with action steps

    0.5 hours

    After the training, send an email to attendees thanking them for participating and summarizing key next steps for the group. Use the template below, or write your own:

    “Hi team,

    I want to thank you personally for attending the Communicate Effectively training module. Our group led some great discussion.

    A reminder that the next time you will reconvene as a group will be on [Date] to discuss your progress and challenges to date.

    Additionally, your manager is aware and supportive of the training program, so be sure to follow through on the commitments you’ve made to secure the support you need from them to build your new skills.

    I am always open for questions if you run into any challenges.

    Regards,

    [Your name]”

    InputOutput
    • The date of participants’ next discussion meeting
    • Attendees reminded of next meeting date and encouraged to follow through on action plan
    MaterialsParticipants
    • Training facilitator

    3.2 Secure support from trainees’ supervisors

    0.5 hours

    An important part of the training is securing organizational support, which includes support from your trainees’ supervisors. After the trainees have committed to some action items to seek support from their supervisors, it is important to express your support for this and remind the supervisors of their role in guiding your first-time managers. Use the template below, or write your own, to remind your trainees’ supervisors of this at the end of training (if you are going through all three modules in a short period of time, you may want to wait until the end of the entire training to send this email):

    “Hi team,

    We have just completed Info-Tech’s first-time manager training with our new manager team. The trainees will be seeking your support in developing their new skills. This could be in the form of coaching, feedback on their progress, reviewing their development plan, etc.

    Supervisor support is a crucial component of skill building, so I hope I can count on all of you to support our new managers in their learning. If you are not sure how to handle these requests, or would like a refresher of the material our trainees covered, please let me know.

    I am always open for questions if you run into any challenges.

    Regards,

    [Your name]”

    InputOutput
    • List of trainees’ direct supervisors
    • Supervisors reminded to support trainees’ skill practice
    MaterialsParticipants
    • Training facilitator

    Contributors

    Brad Armstrong

    Brad Armstrong, Senior Engineering Manager, Code42 Software

    I am a pragmatic engineering leader with a deep technical background, now focused on building great teams. I'm energized by difficult, high-impact problems at scale and with the cloud technologies and emerging architectures that we can use to solve them. But it's the power of people and organizations that ultimately lead to our success, and the complex challenge of bringing all that together is the work I find most rewarding.

    We thank the expert contributors who chose to keep their contributions anonymous.

    Bibliography

    360Solutions, LLC. “The High Cost of Poor Communication: How to Improve Productivity and Empower Employees Through Effective Communication.” 360Solutions, 2009. Web.

    Ali, M., B. Raza, W. Ali, and N. Imtaiz. Linking Managerial Coaching with Employees’ Innovative Work Behaviors through Affective Supervisory Commitment: Evidence from Pakistan. International Review of Management and Marketing, vol. 10, no. 4, 2020, pp. 11-16.

    Allen, Frederick E. “The Terrible Management Technique That Cost Microsoft Its Creativity.” Forbes.com, 3 July 2012. Web.

    Allen, Renee. “Generational Differences Chart.” West Midland Family Center, n.d. Web.

    American Management Association. “Leading the Four Generations at Work.” American Management Association, Sept. 2014. Web.

    Aminov, Iskandar, Aaron De Smet, Gregor Jost, and David Mendelsohn. “Decision making in the age of urgency.” McKinsey & Company, 30 April 2019. Web.

    AON Hewitt. “Aon Hewitt Study Reveals Strong Link Between Employee Engagement and Employee Perceptions of Total Rewards. Honest Leader Communication Also Influences Engagement.” PR Newswire, 8 April 2015. Web.

    Armstrong, Brad. “How to Fail as a New Engineering Manager.” Noteworthy - The Journal Blog, 19 Feb. 2018. Web.

    Asmus, Mary Jo. “Coaching vs. Feedback.” Aspire-CS, 9 Dec. 2009. Web.

    Baldwin, Timothy T., et al. “The State of Transfer of Training Research: Moving Toward More Consumer-Centric Inquiry.” Human Resource Development Quarterly, vol. 28, no. 1, March 2017, pp. 17-28. Crossref, doi:10.1002/hrdq.21278.

    Batista, Ed. “Building a Feedback-Rich Culture from the Middle.” Ed Batista, April 2015. Web.

    Bilalic, Merim, Peter McLeod, and Fernand Gobet. Specialization Effect and Its Influence on Memory and Problem Solving in Expert Chess Players. Wiley Online Journal, 23 July 2009, doi: https://doi.org/10.1111/j.1551-6709.2009.01030.x

    Blume, Brian D., et al. “Transfer of Training: A Meta-Analytic Review.” Journal of Management, vol. 36, no. 4, July 2010, pp. 1065-105. Crossref, doi:10.1177/0149206309352880.

    BOH Training Guide. Wild Wing, Jan. 2017. Web.

    Bosler, Shana. “9 Strategies to Create Psychological Safety at Work.” Quantum Workplace, 3 June 2021. Web.

    Building Communication Skills. ACQUIRE Project/EngenderHealth, n.d. Web.

    Bucaro, Frank C. “The real issue in conflict is never about things…” Frank Bucaro blog, 7 March 2014. Web.

    Burke, Lisa A., and Holly M. Hutchins. “Training Transfer: An Integrative Literature Review.” Human Resource Development Review, vol. 6, no. 3, Sept. 2007, pp. 263-96. Crossref, doi:10.1177/1534484307303035.

    Caprino, Kathy. “Separating Performance Management from Compensation: New Trend for Thriving Organizations.” Forbes, 13 Dec. 2016. Web.

    Caprino, Kathy. “Why the Annual Review Process Damages Employee Engagement.” Forbes, 1 March 2016. Web.

    Carpineanu, Silvana. “7 Mistakes You Might Be Making When Writing A Meeting Agenda.” Time Doctor, 12 January 2021. Web.

    Cecchi-Dimeglio, Paola. “How Gender Bias Corrupts Performance Reviews, and What to Do About It.” Harvard Business Review, 12 April 2017. Web.

    Chartered Institute of Personnel and Development (CIPD). “PESTLE Analysis.” Chartered Institute of Personnel and Development, 2010. Web.

    Chiaburu, Dan S., et al. “Social Support in the Workplace and Training Transfer: A Longitudinal Analysis: Social Support and Training Transfer.” International Journal of Selection and Assessment, vol. 18, no. 2, June 2010, pp. 187-200. Crossref, doi:10.1111/j.1468-2389.2010.00500.x.

    Christensen, Ulrik Juul. “How to Teach Employees Skills They Don’t Know They Lack.” Harvard Business Review, 29 Sept. 2017. Web.

    CIPD. “Rapid evidence assessment of the research literature on the effect of goal setting on workplace performance.” Charted Institute of Personnel and Development, Dec. 2016. Web.

    CIPD. Annual Survey Report: Learning & Development 2015. Charted Institute of Personnel and Development, 2015. Web.

    Communication and Organizational Skills: NPHW Training Manual. Population Health Research Institute (PHRI), 17 Sept. 2015. Web.

    Cookson, Phil. “It’s time to see performance management as a benefit, not a burden.” CIPD. 17 March 2017. Web.

    Communication Statistics 2021. Project.co, 2021. Web.

    Connors, Roger. “Why Accountability?” The Oz Principle, Partners In Leadership, 2014.

    Coutifaris, Constantinos G. V., and Adam M. Grant “Taking Your Team Behind the Curtain: The Effects of Leader Feedback-Sharing and Feedback-Seeking on Team Psychological Safety.” Organization Science, vol. 33,
    no. 4, 2021, pp. 1574-1598. https://doi.org/10.1287/orsc.2021.1498

    Coy, Charles. “Peer Feedback: 6 Tips for Successful Crowdsourcing.” Rework, 25 June 2014. Web.

    “CQ Learn What Really Matters.” CQ Evidence-Based Management Learning Platform, n.d. Web.

    Darwant, Sarah. Coaching Training Course Book. Elite Training, 2012. Web.

    De Smet, Aaron, et al. How Companies Manage the Front Line Today: McKinsey Survey Results. McKinsey, Feb. 2010. Web.

    DeNault, Charles. “Employee Coaching Survey Results: Important and Engaging.” Saba, 22 April 2015. Web.

    Dermol, Valerij, and Tomaž Čater. “The Influence of Training and Training Transfer Factors on Organisational Learning and Performance.” Personnel Review, vol. 42, no. 3, April 2013, pp. 324–48. Crossref, doi:10.1108/00483481311320435.

    dgdotto. “Fail to Plan, Plan to Fail.” visual.ly, 30 April 2013. Web.

    Duggan, Kris. “Why the Annual Performance Review is Going Extinct.” Fast Company, 20 Oct. 2015. Web.

    Duhigg, Charles. “What Google Learned From Its Quest to Build the Perfect Team.” The New York Times, 25 Feb. 2016. Web.

    Earley, P. Christopher, and Randall S. Peterson. “The Elusive Cultural Chameleon: Cultural Intelligence as a New Approach to Intercultural Training for the Global Manager.” Academy of Management Learning & Education, vol. 3, no. 1, March 2004, pp. 100-15. Crossref, doi:10.5465/amle.2004.12436826.

    Edmondson, Amy. “Psychological Safety and Learning Behavior in Work Teams.” Administrative Science Quarterly, vol. 44, no. 2, June 1999, pp. 350-383. Web.

    “Effective Employee Communications Fosters Corporate Reputation.” The Harris Poll, 10 June 2015. Web.

    Eichenwald, Kurt. “How Microsoft Lost its Mojo: Steve Ballmer and Corporate American’s Most Spectacular Decline.” Vanity Fair, 24 July 2012. Web.

    Essential Supervisory Skills. University of Washington, 2016. Web.

    “Estimating the Costs of Workplace Conflict.” Acas, 11 May 2021. Web.

    Falcone, Paul. “Viewpoint: How to Redesign Your Performance Appraisal Template.” Society for Human Resource Management, 7 June 2017. Web.

    Fermin, Jeff. “Statistics On The Importance Of Employee Feedback.” Officevibe, 7 Oct. 2014. Web.

    Filipkowski, Jenna, et al. Building a Coaching Culture with Millennial Leaders. Human Capital Institute, 18 Sept. 2017. Web.

    First Time Manager Training to Help New Managers Develop Essential Skills. The Ken Blanchard Companies, n.d. Web.

    Fisher, Dan. Feedback vs. Coaching, What’s the Difference? Menemsha Group, 28 June 2018. Web.

    Freedman, Erica. “How to Build an Internal Leadership Development Program.” Chief Executive, 2016. Web.

    "Futureproof Your Organization with These 8 Manager Effectiveness Metrics.” Visier Inc., 8 Aug. 2017. Web.

    Gallo, Amy. “How to Manage Your Former Peers.” Harvard Business Review, Dec. 2012. Web.

    Gandhi, Vipula. “Want to Improve Productivity? Hire Better Managers.” Gallup, 3 Aug. 2018. Web.

    Gallup. State of the Global Workplace. 1st edition, Gallup Press, 2017. Web.

    Global Workplace Analytics. “Latest Telecommuting Statistics.” Global Workplace Analytics. Sept. 2013. Web.

    Goldsmith, Marshall. “Try Feedforward Instead of Feedback.” Leader to Leader Institute, 5 April 2011. Web.

    Goldsmith, Marshall. "11 Guidelines for Influencing Top Decision Makers." Marshall Goldsmith, n.d. Web.

    Goldsmith, Marshall. "I Know Less Than You Do – and It’s Okay!" Marshall Goldsmith, n.d. Web.

    Goldsmith, Marshall. "Is It Worth It to Add Value? Not Always." Marshall Goldsmith, n.d. Web.

    Goler, L., J. Gale, and A. Grant. “Let’s Not Kill Performance Evaluations Yet.” Harvard Business Review, Nov. 2016. Web.

    Good Manager, Bad Manager. Grovo, 2016. Web.

    Google People Operations. “Guide: Understand Team Effectiveness.” Google, n.d. Web.

    Google’s New Manager Student Workbook. re:Work with Google, n.d. Web.

    Google’s New Manager Training Facilitator Guide. re:Work with Google, n.d. Web.

    Gossen, Paul. A Coaching Culture Transformation ~ Case Study. Athena Training and Consulting, 1 April 2011. Web.

    Goudreau, Jenna. “How to Communicate in the New Multi-Generational Office.” Forbes Magazine, Feb. 2013. Web.

    Govaerts, Natalie, and Filip Dochy. “Disentangling the Role of the Supervisor in Transfer of Training.” Educational Research Review, vol. 12, June 2014, pp. 77-93. Crossref, doi:10.1016/j.edurev.2014.05.002.

    Grenchus, Gabrielle. “Keep employees engaged with clear priorities and crowdsourced recognition.” IBM thinkLeaders. 8 June 2015. Web.

    Grossman, Rebecca, and Eduardo Salas. “The Transfer of Training: What Really Matters: The Transfer of Training.” International Journal of Training and Development, vol. 15, no. 2, June 2011, pp. 103-20. Crossref, doi:10.1111/j.1468-2419.2011.00373.x.

    Grote, Dick. “3 Popular Goal-Setting Techniques Managers Should Avoid.” Harvard Business Review. 2 Jan. 2017. Web.

    Hall, John. “Why Accountability Is Vital To Your Company.” Forbes, 6 Oct. 2019. Web.

    Hancock, Bryan, et al. “The Fairness Factor in Performance Management.” McKinsey, 5 April 2018. Web.

    Harkins, Phil. “10 Leadership Techniques for Building High-Performing Teams.” Linkage Inc., 2014. Web.

    HCI. Building a Coaching Culture with Managers and Leaders. Human Capital Institute, 2016. Web.

    Heathfield, Susan M. “Tips to Create Successful Performance Appraisal Goals.” The Balance, Aug. 2016. Web.

    Hills, Jan. Brain-Savvy Business: 8 Principles From Neuroscience and How to Apply Them. Head Heart + Brain, 2016. Print.

    Hoffman, Mitchell, and Steven Tadelis. People Management Skills, Employee Attrition, and Manager Rewards: An Empirical Analysis. p. 96.

    “How to Create an Effective Feedback Culture.” eXplorance Inc. Feb. 2013. Web.

    “Importance of Performance Management Process & Best Practices To Optimize Monitoring Performance Work Reviews/Feedback and Goal Management.” SAP Success Factors, n.d. Web.

    Jacobson, Darcy. “How Bad Performance Management Killed Microsoft’s Edge.” Globoforce Blog, 5 July 2012. Web.

    Jaidev, Uma Pricilda, and Susan Chirayath. Pre-Training, During-Training and Post-Training Activities as Predictors of Transfer of Training. no. 4, 2012, p. 18.

    Jensen, Michael C. “Paying People to Lie: The Truth about the Budgeting Process.” European Financial Management, vol. 9, no. 3, 2003, pp. 379-406. Print.

    Kahneman, Daniel, and Ram Charan. HBR's 10 Must Reads on Making Smart Decisions. Harvard Business Review, 26 March 2013. Ebook.

    Kirkpatrick, J., and W. Kirkpatrick. “The Kirkpatrick Four Levels: A Fresh Look After 50 Years 1959-2009.” Kirkpatrickpartners.com, 2009. Web.

    Kirwan, Cyril. Improving Learning Transfer. Routledge, 2016.

    Kline, Theresa J.B., and Lorne M. Sulsky. “Measurement and Assessment Issues in Performance Appraisal.” Canadian Psychology, vol. 50, no. 3, 2009, pp. 161-171. Proquest. Web.

    Kowalski, Kyle. “Create a Daily Routine with Calendar Time Blocking (+ 7 Pro Tips).” Sloww, 29 May 2018. Web.

    Krentz, Susanna E., et al. ”Staying on Course with Strategic Metrics.” Healthcare Financial Management, vol. 60, no. 5, 2006, pp. 86-94. Proquest. Web.

    Kuligowski, Kiely. Tips for First-Time Managers. 15 Feb. 2019. Web.

    Laker, Dennis R., and Jimmy L. Powell. “The Differences between Hard and Soft Skills and Their Relative Impact on Training Transfer.” Human Resource Development Quarterly, vol. 22, no. 1, March 2011, pp. 111-22. Crossref, doi:10.1002/hrdq.20063.

    Lawrence, Paul. “Managerial coaching – A literature review.” International Journal of Evidence Based Coaching and Mentoring, vol. 15, no. 2, 2017, pp. 43-66. Web.

    Ledford, Gerald E. Jr., George Benson, and Edward E. Lawler III. “Cutting-Edge Performance Management.” WorldatWork Research, Aug. 2016. Web.

    Lee, W.R.; Choi, S.B.; Kang, S.-W. How Leaders’ Positive Feedback Influences Employees’ Innovative Behavior: The Mediating Role of Voice Behavior and Job Autonomy. Sustainability, vol. 13, no. 4, 2021, pp. 1901. https://doi.org/10.3390/su13041901

    Leopold, Till Alexander, Vesselina Ratcheva, and Saadia Zahidi. The Future of Jobs. World Economic Forum, 2016. Web.

    Levy, Dan. “How to Build a Culture That Embraces Feedback.” Inc. Magazine, March 2014. Web.

    Lighthouse Research & Advisory. “Insights from the CHRO Panel at Workhuman 2017.” Lighthouse Research & Advisory, June 2017. Web.

    Lipman, Victor. “For New Managers, Boundaries Matter (A Lot).” Forbes, 19 March 2018. Web.

    Lipman, Victor. “The Hardest Thing For New Managers.” Forbes, 1 June 2016. Web.

    Lipman, Victor. “The Move To New Manager May Be The Hardest Transition In Business.” Forbes, 2 Jan. 2018. Web.

    Lyons, Rich. “Feedback: You Need To Lead It.” Forbes, 10 July 2017. Web.

    “Managing Email Effectively.” MindTools, n.d. Web.

    Managing Performance Workbook. Trainer Bubble, 16 Feb. 2013. Web.

    Mayfield, Clifton, et al. “Psychological Collectivism and Team Effectiveness: Moderating Effects of Trust and Psychological Safety.” Journal of Organizational Culture, Communications and Conflict, vol. 20, no. 1, Jan. 2016, pp. 78-94. Web.

    McAlpin, Kevin and Hans Vaagenes. “Critical Decision Making.” Performance Coaching International. 17 Nov. 2017. Web.

    McCoy, Jim. “How to Align Employee Performance with Business Strategy.” Workforce Management, vol. 86, no. 12, 2007, pp. S5. Proquest. Web.

    “Measuring Time-To-Full Productivity.” FeverBee, n.d. Web.

    Meister, Jeanne. The 2020 Workplace: How Innovative Companies Attract, Develop, and Keep Tomorrow's Employees Today. HarperBusiness, 2010. Print.

    Meyer, Erin. “The Four Keys To Success With Virtual Teams.” Forbes Magazine, 19 Aug. 2010. Web.

    Morris, Donna. “Death to the Performance Review: How Adobe Reinvented Performance Management and Transformed Its Business.” WorldatWork, 2016, p. 10. Web.

    Myers-Briggs Company. “New Research: Time Spent on Workplace Conflict Has Doubled Since 2008.” Yahoo! Finance, 18 Oct. 2022. Web.

    Murdoch, Elisabeth. “Elisabeth Murdoch's MacTaggart lecture: full text.” The Guardian, 23 Aug. 2012. Web.

    NASA Governance and Strategic Management Handbook (NPD 1000.0B). NASA, June 2014. Web.

    NASA Space Flight Program and Project Management Handbook (NASA/SP-2014-3705). NASA, Sept. 2014. Web.

    New Manager Training: Management & Leadership Skills. Schulich School of Business, n.d. Web.

    O’Hanlon, Margaret. “It’s a Scandal! Manager Training Exposed! [Implementation Part 4].” Compensation Cafe, 16 Feb. 2012. Web.

    Ordonez, Lisa D., et al. “Goals Gone Wild: The Systematic Side Effects of Over-Prescribing Goal Setting.” Social Science Research Network. Harvard Business School, 11 Feb. 2009. Web.

    Paczka, Nina. “Meeting in the Workplace | 2023 Statistics.” LiveCareer, 25 July 2022. Web.

    Pavlou, Christina. “How to Calculate Employee Turnover Rate | Workable.” Recruiting Resources: How to Recruit and Hire Better, 13 July 2016. Web.

    Performance Management 101 Workbook. Halogen Software, 2015. Web.

    Personal Development and Review. Oxford Learning Institute, n.d. Web.

    Personal Development Plan. MindTools, 2014. Web.

    Porath, Christine, et al. “The Effects of Civility on Advice, Leadership, and Performance.” Journal of Applied Psychology, vol. 44, no. 5, Sept. 2015, pp. 1527-1541. Web.

    Project Management Institute. “PMI’s Pulse of The Profession: In-Depth Report.” PMI, May 2013. Web. June 2015.

    Quay, C. C., and A. Yusof. “The influence of employee participation, rewards and recognition, job security, and performance feedback on employee engagement.” Issues and Perspectives in Business and Social Sciences, vol. 2, no. 1, 2022, pp. 20. https://doi.org/10.33093/ipbss.2022.2.1.3

    Quinn, R. E., and J. Rohrbaugh. “A spatial model of effectiveness criteria: Towards a competing values approach to organizational analysis.” Management Science, vol. 29, 1983, pp. 363–377.

    Re:Work Guide: Develop and Support Managers. re:Work with Google, n.d. Web.

    Reardon, Kathleen Kelley. “7 Things to Say When a Conversation Turns Negative.” Harvard Business Review, 11 May 2016. Web.

    Reh, F. John. “Here Is a List of Mistakes New Managers Make and How to Avoid Them.” The Balance Careers, 30 Dec. 2018. Web.

    Richards, Leigh. “Why Is Employee Empowerment a Common Cornerstone of Organizational Development & Change Programs?” Houston Chronicle, Hearts Newspapers, LLC. 5 July 2013. Web.

    Robson, Fiona. Southwood School – A Case Study: Performance Management Systems. Society for Human Resource Management, 2009. Crossref, doi:10.4135/9781473959552.

    Rock, David, and Beth Jones. “Why More and More Companies are Ditching Performance Ratings.” Harvard Business Review, 8 Sept. 2015. Web.

    Rock, David. “SCARF: A Brain-Based Model for Collaborating With and Influencing Others.” NeuroLeadership Journal, 2008. Web..

    Romão, Soraia, Neuza Ribeiro, Daniel Roque Gomes, and Sharda Singh. “The Impact of Leaders’ Coaching Skills on Employees’ Happiness and Turnover Intention.” Administrative Sciences, vol. 12, no. 84, 2022. https://doi.org/10.3390/ admsci12030084

    Romero, Joseluis. “Yes - you can build a feedback culture.” Skills 2 Lead, Aug. 2014. Web.

    Runde, Craig E., and Tim A. Flanagan. “Conflict Competent Leadership.” Leader to Leader, Executive Forum, Winter 2008. PDF.

    Saks, Alan M., and Lisa A. Burke-Smalley. “Is Transfer of Training Related to Firm Performance?: Transfer and Firm Performance.” International Journal of Training and Development, vol. 18, no. 2, June 2014, pp. 104–15. Crossref, doi:10.1111/ijtd.12029.

    Saks, Alan M., et al. “The Transfer of Training: The Transfer of Training.” International Journal of Training and Development, vol. 18, no. 2, June 2014, pp. 81–83. Crossref, doi:10.1111/ijtd.12032.

    Salomonsen, Summer. Grovo’s First-Time Manager Microlearning® Program Will Help Your New Managers Thrive in 2018. Grovo, 2018. Web.

    Schwartz, Dan. “3 Topics Every New Manager Training Should Include.” Training Industry, 12 April 2017. Web.

    Scott, Dow, Tom McMullen, and Mark Royal. “Retention of Key Talent and the Role of Rewards.” WorldatWork, June 2012. Web.

    “Seeking Agility in Performance Management.” Human Resource Executive, 2016. Web.

    “Should You Always Involve Your Team in Decision Making?” Upskillist, 25 April 2022. Web.

    “SHRM Workplace Forecast.” The Top Workplace Trends According to HR Professionals, May 2013. Web.

    Singhal, Nikhyl. “Eight Tips for First Time Managers.” Medium, 20 Aug. 2017. Web.

    Singhania, Prakriti, et al. “2020 Global Marketing Trends.” Deloitte, 2019. Web.

    SMART Goals: A How to Guide. University of California, n.d. Web.

    Smith, Benson, and Tony Rutigliano. “Scrap Your Performance Appraisal System.” Gallup, 2002. Article.

    “State of the Modern Meeting 2015.” BlueJeans, Aug. 2015. Web.

    Sternberg, Larry, and Kim Turnage. “Why Make Managers A Strategic Priority?” Great Leadership, 12 Oct. 2017. Web.

    Sullivan, Dr. John. “Facebook’s Difference: A Unique Approach For Managing Employees.”TLNT, Sept. 2013. Web.

    Tal, David. “A 'Culture of Coaching' Is Your Company's Most Important Ingredient for Success.” Entrepreneur, 27 Sept. 2017. Web.

    Tenut, Jeff. “How Management Development Training Reduces Turnover.” DiscoverLink, 3 July 2018. Web.

    “The 5 Biggest Biases That Affect Decision-Making.” NeuroLeadership Institute, 2 August 2022. Web.

    “The Different Impact of Good and Bad Leadership.” Barna Group, 2015. Web.

    “The Engaged Workplace.” Gallup, 2017. Web.

    “The Individual Development Plan Guide.” Wildland Fire Leadership Development Program, April 2010, p. 15.

    The State of Business Communication. Grammarly, 2022. Web.

    Thomas, Kenneth. “Conflict and Conflict Management.” The Handbook of Industrial and Organizational Psychology, Rand McNally, 1976. In “The Five Conflict-Handling Modes.” The Myers Briggs Company, n.d. PDF.

    Thompson, Rachel. “What Is Stakeholder Management?” MindTools, n.d. Web.

    Tollet, Francoise. “Distracted? Learn how to (re)focus.” Business Digest, 12 July 2021. Podcast.

    Tonhauser, Cornelia, and Laura Buker. Determinants of Transfer of Training: A Comprehensive Literature Review, p. 40.

    Towers Watson. “Clear Direction in a Complex World: How Top Companies Create Clarity, Confidence and Community to Build Sustainable Performance.” Change and Communication ROI Study Report, 2011-2012. Web.

    Trudel, Natalie. “Improve Your Coaching Skills by Understanding the Psychology of Feedback.” TLNT, 12 July 2017. Web.

    “Understanding When to Give Feedback.” Harvard Business Review, Dec. 2014. Web.

    Vacassin, Daniel. “There are no 'good' performance management systems – there are just good line managers.” LinkedIn, 4 Oct. 2016. Web.

    van der Locht, Martijn, et al. “Getting the Most of Management Training: The Role of Identical Elements for Training Transfer.” Personnel Review, vol. 42, no. 4, May 2013, pp. 422–39. Crossref, doi:10.1108/PR-05-2011-0072.

    Vaughan, Liam. “Banks Find New Ways to Measure Staff.” Financial News, 10 Jan. 2011. Web.

    Watkins, Michael, et al. “Hit the Ground Running:Transitioning to New Leadership Roles.” IMD Business School, May 2014. Web.

    Whitney, Kelley. “Kimberly-Clark Corp.: Redesigning Performance Management.” Talent Management Magazine, vol. 2, no. 1, 2006. Web.

    “Whole Foods 2015 Report.” The Predictive Index, n.d. Web.

    “Whole Foods Market Reports Fourth Quarter and Fiscal Year 2016 Results.” Whole Foods, 2 Feb. 2016. Web.

    Wisniewski, Dan. “Here's why everybody hates meetings.” HR Morning, 14 Dec. 2012. Web.

    Woolum, Janet, and Brent Stockwell. Aligning Performance Measurement to Mission, Goals, and Strategy Workbook. Arizona State University, Jan. 2016. Web.

    Worall, Les, et al. The Quality of Working Life. Chartered Management Institute, 2016. Web.

    “Workplace Conflict Statistics: How We Approach Conflict at Work.” Niagara Institute, 11 Aug. 2022. Web.

    “You Waste a Lot of Time at Work Infographic.” Atlassian, 23 August 2012. Web.

    Zenger, Jack, and Joe Folkman. “Feedback: The Leadership Conundrum.” Talent Quarterly: The Feedback Issue, 2015. Web.

    Zuberbühler, P., et al. “Development and validation of the coaching-based leadership scale and its relationship with psychological capital, work engagement, and performance.” Current Psychology, vol. 42, no. 10, 2021, pp. 1-22.

    Establish an Analytics Operating Model

    • Buy Link or Shortcode: {j2store}339|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $8,449 Average $ Saved
    • member rating average days saved: 6 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Organizations are struggling to understand what's involved in the analytics developer lifecycle to generate reusable insights faster.
    • Discover what it takes to become a citizen analytics developer. Identify the proper way to enable self-serve analytics.
    • Self-serve business intelligence/analytics is misunderstood and confusing to the business, especially with regards to the roles and responsibilities of IT and the business.
    • End users are dissatisfied due to a lack of access to the data and the absence of a single source of truth.

    Our Advice

    Critical Insight

    Organizations that take data seriously should:

    • Decouple processes in which data is separated from business processes and elevate the visibility of the organization's data assets.
    • Leverage a secure platform where data can be easily exchanged for insights generation.
    • Create density for analytics where resources are mobilized around analytics ideas to generate value.

    Analytics is a journey, not a destination. This journey can eventually result in some level of sophisticated AI/machine learning in your organization. Every organization needs to mobilize its resources and enhance its analytics capabilities to quickly and incrementally add value to data products and services. However, most organizations fail to mobilize their resources in this way.

    Impact and Result

    • Firms become more agile when they realize efficiencies in their analytics operating models and can quickly implement reusable analytics.
    • IT becomes more flexible and efficient in understanding the business' data needs and eliminates redundant processes.
    • Trust in data-driven decision making goes up with collaboration, engagement, and transparency.
    • There is a clear path to continuous improvement in analytics.

    Establish an Analytics Operating Model Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief that outlines Info-Tech’s methodology for assessing the business' analytics needs and aligning your data governance, capabilities, and organizational structure to deliver analytics faster.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define your analytics needs

    This phase helps you understand your organization's data landscape and current analytics environment so you gain a deeper understanding of your future analytics needs.

    • Establish an Analytics Operating Model – Phase 1: Define Your Analytics Needs

    2. Establish an analytics operating model

    This phase introduces you to data operating model frameworks and provides a step-by-step guide on how to capture the right analytics operating model for your organization.

    • Establish an Analytics Operating Model – Phase 2: Establish an Analytics Operating Model
    • Analytics Operating Model Building Tool

    3. Implement your operating model

    This phase helps you implement your chosen analytics operating model, as well as establish an engagement model and communications plan.

    • Establish an Analytics Operating Model – Phase 3: Implement Your Analytics Operating Model
    [infographic]

    Workshop: Establish an Analytics Operating Model

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your Analytics Needs

    The Purpose

    Achieve a clear understanding and case for data analytics.

    Key Benefits Achieved

    A successful analytics operating model starts with a good understanding of your analytical needs.

    Activities

    1.1 Review the business context.

    1.2 Understand your analytics needs.

    1.3 Draft analytics ideas and use cases.

    1.4 Capture minimum viable analytics.

    Outputs

    Documentation of analytics products and services

    2 Perform an Analytics Capability Assessment

    The Purpose

    Achieve a clear understanding of your organization's analytics capability and mapping across organizational functions.

    Key Benefits Achieved

    Understand your organization's data landscape and current analytics environment to gain a deeper understanding of your future analytics needs.

    Activities

    2.1 Capture your analytics capabilities.

    2.2 Map capabilities to a hub-and-spoke model.

    2.3 Document operating model results.

    Outputs

    Capability assessment results

    3 Establish an Analytics Operating Model

    The Purpose

    Capture the right analytics operating model for your organization.

    Key Benefits Achieved

    Explore data operating model frameworks.

    Capture the right analytics operating model for your organization using a step-by-step guide.

    Activities

    3.1 Discuss your operating model results.

    3.2 Review your organizational structure’s pros and cons.

    3.3 Map resources to target structure.

    3.4 Brainstorm initiatives to develop your analytics capabilities.

    Outputs

    Target operating model

    4 Implement Your Analytics Operating Model

    The Purpose

    Formalize your analytics organizational structure and prepare to implement your chosen analytics operating model.

    Key Benefits Achieved

    Implement your chosen analytics operating model.

    Establish an engagement model and communications plan.

    Activities

    4.1 Document your target organizational structure and RACI.

    4.2 Establish an analytics engagement model.

    4.3 Develop an analytics communications plan.

    Outputs

    Reporting and analytics responsibility matrix (RACI)

    Analytics engagement model

    Analytics communications plan

    Analytics organizational chart

    Implement Infrastructure Shared Services

    • Buy Link or Shortcode: {j2store}456|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Operations Management
    • Parent Category Link: /i-and-o-process-management
    • Organizations have service duplications for unique needs. These duplications increase business expenditure.
    • Lack of collaboration between business units to share their services increases business cost and reduces business units’ faith to implement shared services.
    • Transitioning infrastructure to shared services is challenging for many organizations. It requires an accurate planning and efficient communication between participating business units.

    Our Advice

    Critical Insight

    • Identify your current process, tool, and people capabilities before implementing shared services. Understand the financial compensations prior to implementation and assess if your organization is ready for transitioning to shared services model.
    • Do not implement shared services when the nature of the services differs greatly between business units.

    Impact and Result

    • Understand benefits of shared services for the business and determine whether transitioning to shared services would benefit the organization.
    • Identify the best implementation plan based on goals, needs, and services.
    • Build a shared-services process to manage the plan and ensure its success.

    Implement Infrastructure Shared Services Research & Tools

    Start here – Read the Executive Brief

    Read our concise Executive Brief to find out why you should implement shared services, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Conduct gap analysis

    Identify benefits of shared services to your organization and define implementation challenges.

    • Implement Infrastructure Shared Services – Phase 1: Conduct Gap Analysis
    • Shared Services Implementation Executive Presentation
    • Shared Services Implementation Business Case Template
    • Shared Services Implementation Assessment Tool

    2. Choose the right path

    Identify your process and staff capabilities and discover which services will be transitioned to shared services plan. It will also help you to figure out the best model to choose.

    • Implement Infrastructure Shared Services – Phase 2: Choose the Right Path
    • Sample Enterprise Services

    3. Plan the transition

    Discuss an actionable plan to implement shared services to track the project. Walk through a communication plan to document the goals, progress, and expectations with customer stakeholders.

    • Implement Infrastructure Shared Services – Phase 3: Plan the Transition
    • Shared Services Implementation Roadmap Tool
    • Shared Services Implementation Customer Communication Plan
    [infographic]

    Workshop: Implement Infrastructure Shared Services

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify Challenges

    The Purpose

    Establish the need for change.

    Key Benefits Achieved

    Set a clear understanding about benefits of shared services to your organization.

    Activities

    1.1 Identify your organization’s main drivers for using a shared services model.

    1.2 Define if it is beneficial to implement shared services.

    Outputs

    Shared services mission

    Shared services goals

    2 Assess Your Capabilities

    The Purpose

    Become aware of challenges to implement shared services and your capabilities for such transition.

    Key Benefits Achieved

    Discover the primary challenges for transitioning to shared services, eliminate resistance factors, and identify your business potentials for implementation.

    Activities

    2.1 Identify your organization’s resistance to implement shared services.

    2.2 Assess process and people capabilities.

    Outputs

    Shared Services Business Case

    Shared Services Assessment

    3 Define the Model

    The Purpose

    Determine the shared services model.

    Key Benefits Achieved

    Identify the core services to be shared and the best model that fits your organization.

    Activities

    3.1 Define core services that will be moved to shared services.

    3.2 Assess different models of shared services and pick the one that satisfies your goals and needs.

    Outputs

    List of services to be transferred to shared services

    Shared services model

    4 Implement and Communicate

    The Purpose

    Define and communicate the tasks to be delivered.

    Key Benefits Achieved

    Confidently approach key stakeholders to make the project a reality.

    Activities

    4.1 Define the roadmap for implementing shared services.

    4.2 Make a plan to communicate changes.

    Outputs

    List of initiatives to reach the target state, strategy risks, and their timelines

    Draft of a communication plan

    Review Your Application Strategy

    • Buy Link or Shortcode: {j2store}82|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $12,599 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Over 80% of CXOs experience frustration with IT’s failure to deliver business value.
    • Sixty percent of CEOs believe that improvement is required around IT’s understanding of business goals.
    • Sixty percent of IT professionals know there is an opportunity to run applications more efficiently, eliminating wasteful or low-value activities.

    Our Advice

    Critical Insight

    • Organizations need to better align their application strategy with their business strategy as they proceed through tactical initiatives.
    • Application strategies provide guidance on how they will help the organization survive and thrive.

    Impact and Result

    Aligning your business with applications through your strategy will not only increase business satisfaction but also help to ensure you’re delivering applications that enable the organization’s goals.

    Review Your Application Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should have an application strategy and why you should use Info-Tech’s approach to review it. Learn how we can support you in completing this strategy and review.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Review your strategy

    This review guide provides organizations with a detailed assessment of their application strategy, ensuring that the applications enable the business strategy so that the organization can be more effective.The assessment provides criteria and exercises to provide actionable outcomes.

    • Application Strategy Assessment Tool
    • Application Strategy Action Plan Report Template
    • Application Strategy Sample Action Plan Report
    [infographic]

    Data Architecture

    • Buy Link or Shortcode: {j2store}17|cart{/j2store}
    • Related Products: {j2store}17|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.5/10
    • member rating average dollars saved: $30,159
    • member rating average days saved: 5
    • Parent Category Name: Data and Business Intelligence
    • Parent Category Link: /data-and-business-intelligence
    Enable the business to achieve operational excellence, client intimacy, and product leadership with an innovative, agile, and fit-for-purpose data architecture practice

    Build Your Data Practice and Platform

    • Buy Link or Shortcode: {j2store}347|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management

    The complex nature of data investment leads to de-scoping and delivery of data services that do not meet business needs or give value to the business. Subject matter experts are hired to resolve the problem, but their success is impacted by absent architecture, technology, and organizational alignment.

    Our Advice

    Critical Insight

    Walking through a book of architecture building plans with a personal guide is cheaper and faster than employing an architect to build and design your home.

    Impact and Result

    Info-Tech's approach provides a proven methodology that includes the following:

    • Business-aligned data initiatives and capabilities that address data challenges and realize business strategic objectives.
    • Comprehensive data practice designed based on the required business and data capabilities.
    • Data platform design based on Info-Tech data architecture reference patterns and prioritized data initiatives and capabilities.

    Build Your Data Practice and Platform Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build Your Data Practice and Platform Storyboard – A step-by-step document that leverages road-tested patterns and frameworks to properly build your data practice and pattern in continuous alignment with the business landscape.

    Info-Tech's approach provides a proven methodology that includes following:   

  • Business-aligned data initiatives and capabilities that address data challenges and realize business strategic objectives.
  • Comprehensive data practices designed based on the required business and data capabilities.
    • Build Your Data Practice and Platform Storyboard

    2. Data Practice and Platform Models – Leveraging best-of-breed frameworks to help you build a clear, concise, and compelling data practice and platform.

    Data practice & platform pre-build pattern templates based on Info-Tech data reference patterns and data platform design best practices.

    • Data Practice and Platform Models

    Infographic

    Workshop: Build Your Data Practice and Platform

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish Business Context and Value

    The Purpose

    Establish business context and value.

    Key Benefits Achieved

    Business context and strategic driver.

    Activities

    1.1 Understand/confirm the organization's strategic goals

    1.2 Classify the strategic goals and map to business drivers

    1.3 Identify the business capabilities that the strategy focuses on

    1.4 Identify the business processes realizing the strategy

    Outputs

    Business context and strategic drivers

    Prioritized business capabilities and processes

    Data culture survey results analysis

    2 Identify Your Top Initiatives

    The Purpose

    Identify your top initiatives.

    Key Benefits Achieved

    High-value business-aligned data initiative.

    Activities

    2.1 Highlight data-related outcomes/goals to realize to fulfill the business goal

    2.2 Map business data initiatives to the business strategic goals

    2.3 Prioritize data initiatives

    Outputs

    High-value, business-aligned data initiatives

    3 Analyze Data Challenges

    The Purpose

    Analyze data challenges.

    Key Benefits Achieved

    Clear understanding of the data challenges.

    Activities

    3.1 Map data challenges to Info-Tech data challenges

    3.2 Review Info-Tech data capabilities based on prioritized initiatives

    3.3 Discuss data platform and practice next steps

    Outputs

    List of data challenges preventing data maturation with the organization

    4 Map Data Capability

    The Purpose

    Map data capability.

    Key Benefits Achieved

    Prioritized data capability.

    Activities

    4.1 Map data challenges to Info-Tech data challenges

    4.2 Review Info-Tech data capabilities based on prioritized initiatives

    4.3 Discuss data platform and practice next steps

    Outputs

    Required data capabilities

    Data platform and practice – plan

    Initialized data management RACI 

    Further reading

    Build Your Data Practice and Platform

    Construct a scalable data foundation

    Analyst Perspective

    Build a data practice and platform that delivers value to your organization.

    The build or optimization of your data practice and data platform must be predicated on a thorough understanding of the organization’s goals, objectives, and priorities and the business capabilities and process they are meant to support and enable.

    Formalizing your practice or constructing your platform just for the sake of doing so often results in an initiative that is lengthy, costly, fizzles out, does not deliver business value, and ends up being considered a failure.

    Leverage Info-Tech’s approach and incorporate our pre-built models and patterns to effectively navigate that crucial and often difficult phase upfront of comprehensively defining business data needs so you can ultimately realize faster time-to-delivery of your overall data practice and platform.

    Photo of Rajesh Parab, Director, Research & Advisory, Data & Analytics Practice, Info-Tech Research Group.

    Rajesh Parab
    Director, Research & Advisory, Data & Analytics Practice
    Info-Tech Research Group

    Photo of Crystal Singh, Director, Research & Advisory, Data & Analytics Practice, Info-Tech Research Group.

    Crystal Singh
    Director, Research & Advisory, Data & Analytics Practice
    Info-Tech Research Group

    Attempting to Solve Data Problems?

    Situation
    • Lack of data centric leadership results in downstream issues such as integration, quality, and accessibility.
    • The complex nature of the data and lack of understanding leads to de-scoping delivery of data services that does not meet business needs or add value.
    • Poorly designed practice and siloed platforms result in an initiative that is lengthy, costly, fizzles out, does not deliver business value, and ends up being considered a failure.
    Complication
    • Data problem: When the data problem is diagnosed, the organization adopts a tactical approach.
    • Confirmation bias: Subject matter experts (SME) are hired to resolve the poorly defined problem, but the success of the SME is impacted by lack of architecture, technology, and organizational alignment.
    • Still no value: The selected tactical approach does not provide a solid foundation or solve your data problem.
    • Strategy for sake of strategy: Implementing a strategic approach for the sake of being strategic but this becomes overwhelming.
    • Fall back to tactical and operational: The data services are now potentially exposed and vulnerable, which strains business continuity and increases data debt.
    • Increased complexity and risk: Data silos, poor understanding, and high complexity results in an unmanageable data environment.
    Resolution
    • Requirements: Define and align your data requirement to business.
    • Capabilities: Discover data, identify data capabilities, and map your requirements.
    • Practices: Design and select fit-for-purpose data practices.
    • Platform: Optimize your data platform investments though sound architecture.

    Info-Tech Insight

    The true value of data comes from defining intentional relationships between the business and the data through a well thought out data platform and practice.

    Situation – Perpetual Data Problem

    Diagram of a head with gears around it and speech bubbles with notes titled 'Data Problem'. The surrounding gears, clockwise from bottom left, say 'Accessibility', 'Trust', 'Data Breach', 'Ambiguity', 'Ownership', 'Duplication', 'System Failure', and 'Manual Manipulation'. The speech bubbles notes, clockwise from bottom left, say 'Value-Add: How do I translate business needs to data capabilities?', 'Practice Organization: How do I organize resources and roles assignment challenges?', 'Platform: How do I organize data flows with no conceptual view of the environment?', and 'Break Down Silos: How do I break down silos?'
    I can’t access the data.
    I don’t trust the data in the report.
    It takes too long to get to the data for decision making
    • Lack of data-centric leadership results in downstream issues: integration, quality, accessibility
    • The organization’s data is too complex to manage without a cohesive plan.
    • The complex nature of the data and a lack of understanding leads to de-scoping delivery of data services that does not meet business needs or add value.
    • Poorly designed practice and siloed platforms result in an initiative that is lengthy, costly, fizzles out, does not deliver business value, and ends up being considered a failure.

    Complication – Data Initiative Fizzles Out

    • Data problem: When the data problem is diagnosed the organization adopts a tactical approach.
    • Confirmation bias: Subject matter experts (SME) are hired to resolve the poorly defined problem, but the success of the SME is impacted by lack of architecture, technology, and organizational alignment.
    • Still no value: the selected tactical approach does not provide a solid foundation or solve your data problem.
    • Strategy for sake of strategy: Implementing a strategic approach for sake of being strategic but this becomes overwhelming.
    • Fall back to tactical and operational: The data services are now potentially exposed and vulnerable, which strains business continuity and increases data debt.
    • Increased complexity and risk: Data silos, poor understanding, and high complexity result in an unmanageable data environment.
    Flowchart beginning with 'Data Symptom Exhibited' and 'Data Problem Diagnosed', then splitting into two paths 'Solve Data Problem as a point solution' or 'Attempt Strategic approach without culture, capacity, and business leadership'. Each approach ends with 'Data too complex, and initiative fizzles out...' and cycles back to the beginning.
    Use the road-tested patterns and frameworks in our blueprint to break the perpetual data solution cycle. Focus on the value that a data and analytics platform will bring rather than focusing on the data problems alone.

    Build Your Data Practice and Platform

    Bring Your Data Strategy to Life

    Logo for Info-Tech.
    Logo for #iTRG.
    CONVENTIONAL WISDOM

    Attempting to Solve Your Data Problems

    DATA SYMPTOM EXHIBITED

    Mismatch report, data quality issue, or similar symptom of a data problem.

    DATA PROBLEM DIAGNOSED

    Data expert identifies it as a data problem.

    COMPLEX STRATEGIC APPROACH ATTEMPTED

    Recognized need to attempt it strategically, but don't have capacity or culture to execute.

    Cycle diagram titled 'Data Problems' with numbers connected to surrounding steps, and a break after Step 3 where one can 'BREAK THE CYCLE'. In the middle are a list of data problems: 'Accessibility’, ‘Data Breach', 'Manual Manipulation', 'System Failure', 'Ambiguity', 'Duplication', 'Ownership', and 'Trust'.
    SOLUTION FAILS

    The tactical solution fails to solve the root cause of the data problem, and the data symptoms persist.

    TACTICAL SOLUTION FALLBACK

    A quick and dirty solution is attempted in order to fix the data problem.

    THE COMPLEX APPROACH FIZZLES OUT

    Attempted strategic approach takes too long, fizzles out.

    BREAK THE CYCLE

    Solving Your Data Problems

    1. DEFINE YOUR DATA REQUIREMENTS Incorporate a Business to Data Approach by utilizing Info-Tech's business capability templates for identifying data needs. BUSINESS-ALIGNED DATA REQUIREMENTS
    2. CONDUCT YOUR DATA DISCOVERY Understand the data behind your business problem. Identify the required data capabilities and domains as required by your business processes. RECOMMENDED DATA CAPABILITIES
    3. DESIGN YOUR DATA PRACTICES Build your custom data practices based on the predefined reusable models. CUSTOMIZED DATA PRACTICE
    4. ARCHITECT YOUR DATA PLATFORM Build your custom data platform based on the redefined reusable architecture patterns. CUSTOMIZED DATA PLATFORM
    CONTINUOUS PHASE: ROADMAP, SPONSORSHIP FEEDBACK AND DELIVERY

    Develop a roadmap to establish the practice and implement the architecture as designed. Ensure continuous alignment of the practice and architecture with the business landscape.

    Phase-by-Phase Approach to Build Your Data Practice and Platform

    Flowchart detailing the path to take through the four phases of this blueprint beginning with the 'Inputs' and 'People' involved and incorporating 'Deliverables' along the way. Phase-by-Phase Approach
    • Phase 1: Step 1 – Define Your Data Requirement
    • Phase 1: Step 2 – Conduct Your Data Discovery
    • Phase 2 – Design Your Data Practice
    • Phase 3 – Architect Your Data Platform

    Measure value when building your data practice and platform

    Sample Data Management Metrics

    Lists of data management metrics in different categories.

    • Refine the metrics for the overall Data Management practice and every initiative therein.
    • Refine the metrics at each platform and practice component to show business value against implementation effort.

    Understand and Build Data Culture

    See your Info-Tech Account Representative for more details on our Data Culture Diagnostic

    Only 14.29% of Transportation and Logistics respondents agree BI and Analytics Process and Technology are sufficient What is a diagnostic?

    Our diagnostics are the simplest way to collect the data you need, turn it into actionable insights, and communicate with stakeholders across the organization.

    52.54% of respondents from the healthcare industry are unaware of their organization’s data security policy
    Ask the Right Questions

    Use our low-effort surveys to get the data you need from stakeholders across the organization.

    Use Our Diagnostic Engine

    Our diagnostic engine does all the heavy lifting and analysis, turning your data into usable information.

    Communicate & Take Action

    Wow your executives with the incredible insights you've uncovered. Then, get to action: make IT better.

    On average only 40% agree that they have the reporting when needed


    (Source: Info-Tech’s Data Culture Diagnostic, 53 Organizations, 3138 Responses)

    35% of respondents feel that a governance body is in place looking at strategic data

    Build a Data-Driven Strategy Using Info-Tech Diagnostic Programs

    Make informed IT decisions by starting your diagnostic program today. Your account manager is waiting to help you.
    Sample of Info-Tech's 'Data Culture Scorecard'.

    Use Our Predefined Data and Analytics Patterns to Build Your DnA Landscape

    Walking through a book of architecture building plans with a personal guide is cheaper and faster than employing an architect to build and design your home

    Two books titled 'The Everything Homebuilding Book' and 'Architecture 101'. An open book with a finger pointing to a diagram.

    The first step is to align business strategy with data strategy and then start building your data practice and data platform

    Flowchart starting with business strategy focuses, then to data strategy focuses, and eventually to 'Data Metrics'.

    Insights

    The true value of data comes from defining intentional relationships between the business and the data through a well-thought-out data platform and practice.

    • Phase 1
      • Some organizations are low maturity so using the traditional Capability Maturity Model Integration (CMMI) would not make sense. A great alternative is to leverage existing models and methodologies to get going off the bat.
      • The Data Strategy is an input into the platform and practice. This is considered the Why; Data Practice and Platform is the How.
    • Phase 2
      • Info-Tech’s approach is business-goal driven and it leverages patterns, which enable the implementation of critical and foundational components and subsequently facilitates the evolution and development of the practice over time.
      • Systems should not be designed in isolation. Cross-functional collaboration throughout the design is critical to ensure all types of issues are revealed early. Otherwise, crucial tests are omitted, deployments fail, and end-users are dissatisfied.
    • Phase 3
      • Build your conceptual data architecture based on well-thought-out formulated patterns that align with your organization’s needs and environment.
      • Functional needs often take precedence over quality architecture. Quality must be baked into design, execution, and decision-making practices to ensure the right trade-offs are made.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Info-Tech’s Methodology for Building Your Data Practice and Platform

    Phase 1 –
    Define Your Data Requirements and Conduct Your Data Discovery
    Phase 2 –
    Design Your Data Practices
    Phase 3 –
    Architect Your Data Platform
    Phase Steps
    1. Identify your top initiatives
    2. Map your data initiatives to data capabilities
    1. Understand the practices value statement
    2. Review the Info-Tech practice pattern
    3. Initiate your practice design and setup
    1. Identify your data component
    2. Refine your data platform architecture
    3. Design your data platform
    4. Identify your new components and capabilities
    5. Initiative platform build and rollout
    Phase Outcomes Business-aligned data initiatives and capabilities that address data challenges and realize business strategic objectives Comprehensive data practice design based on the required business and data capabilities Data platform design based on Info-Tech data architecture reference pattern and prioritized data initiatives and capabilities

    Data Platform and Practice Implementation Plan

    Example timeline for data platform and practice implementation plan with 'Fiscal Years' across the top, and below they're broken down into quarters. Along the left side 'Phase 1: Step 1...', 'Phase 1: Step 2...', 'Phase 2...' and 'Phase 3'. Tasks are mapped onto the timeline in each phase with a short explanation.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889
    Info-Tech’s Workshop support for Build Your Data Practice and Platform. 'Build Your Data Practice and Platform' slide from earlier.
    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Workshop 1

    Data Needs and Discovery

    Workshop 2

    Data Practice Design

    Workshop 3

    Data Platform Design

    Workshop 1:
    Data Needs and Discovery

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889
    Day 1 Day 2 Day 3 Day 4
    Establish Business Context and Value
    Identify Your Top Initiatives
    Analyze Data Challenges
    Map Data Capability
    Activities

    1.1 Understand/confirm your organization’s strategic goals

    1.2 Classify the strategic goals and map to business drivers

    1.3 Identify the business capabilities that the strategy focus is on

    1.4 Identify the business processes realizing the strategy

    2.1 Highlight data-related outcomes /goals to realize to fulfill the business goal

    2.2 Map business data initiatives to the business strategic goals

    2.3 Prioritize Data initiatives

    3.1 Understand data management capabilities and framework

    3.2 Classify business data requirements using Info-Tech’s classification approach

    3.3 Highlight data challenges in your current environment

    4.1 Map data challenges to Info-Tech data challenges

    4.2 Review Info-Tech data capabilities based on prioritized initiative

    4.3 Discuss Data Platform and Practice Next Steps

    Deliverables
    • Business context and strategic drivers
    • Prioritized business capabilities and processes
    • Data Culture Survey results analysis
    • High-value business-aligned data initiative
    • List of data challenges preventing data maturation with the organization
    • Required data capabilities
    • Data platform and practice – plan
    • Initialized data management RACI
    Participants Business stakeholder, Business leader Business Subject Matter Expert, Data IT sponsor (CIO), Head of Data, Data Architect Business stakeholder, Business leader Business Subject Matter Expert, Data IT sponsor (CIO), Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect

    Workshop 2:
    Data Practice Design

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889
    Day 1 Day 2 Day 3 Day 4
    Plan Your Data Practices
    Design Your Data Practices 1
    Design Your Data Practices 2
    Design Your Data Practices 3
    Activities

    Prerequisite: Business context, business data requirement, and data capabilities

    1.1 Understand data practice framework

    1.2 Define your practice implementation approach

    1.3 Review and update data management RACI

    2.1 Understand Info-Tech data practice patterns for each prioritized practice

    2.2 Define your practice setup for each prioritized practice

    2.3 Highlight critical processes for each practice

    3.1 Understand Info-Tech data practice patterns for each prioritized practice

    3.2 Define your practice setup for each prioritized practice

    3.3 Highlight critical processes for each practice

    4.1 Understand Info-Tech data practice patterns for each prioritized practice

    4.2 Define your practice setup for each prioritized practice

    4.3 Highlight critical processes for each practice

    4.4 Discuss data platform and practice next steps

    Deliverables
    • Data practice implementation approach
    • Data management RACI
    • Data practice setup pattern for your organization
    • Data practice process pattern for your organization
    • Data practice setup pattern for your organization
    • Data practice process pattern for your organization
    • Data practice setup pattern for your organization
    • Data practice process pattern for your organization
    • Data platform and practice – plan
    Participants Data experts, Business Subject Matter Expert, Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect

    Workshop 3:
    Data Platform Design

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889
    Day 1Day 2Day 3Day 4
    Data Platform Overview
    Update Data Platform Reference Architecture
    Design Your Data Platform
    Design Your Data Practices 4
    Activities

    Prerequisite: Business context, business data requirement, and data capabilities

    1.1 Understand data platform framework and data capabilities

    1.2 Understand key data architecture principles and best practices

    1.3 Shortlist data platform patterns

    2.1 Map and identify data capabilities to data platform components

    2.2 Build data platform architecture using Info-Tech data platform reference architecture

    2.3 Highlight critical processes for each practice

    3.1 Design your target data platform using Info-Tech’s data platform template

    3.2 Identify new capabilities and components in your platform design

    4.1 Identify new capabilities and component in your platform design

    4.2 Discuss data platform initiatives

    Deliverables
    • Shortlisted data platform patterns
    • Data platform reference architecture for your organization
    • Data platform design for your organization
    • Data platform plan
    ParticipantsData experts, Business Subject Matter Expert, Head of Data, Data ArchitectData experts, Business Subject Matter Expert, Head of Data, Data ArchitectData experts, Business Subject Matter Expert, Head of Data, Data ArchitectData experts, Business Subject Matter Expert, Head of Data, Data Architect

    Build Your Data Practice and Platform

    Phase 1

    Phase 1: Step 1 – Define Your Data Requirements
    Phase 1: Step 2 – Conduct Your Data Discovery

    Phase 1

    1.1 Define Your Data Requirements
    1.2 Conduct Your Data Discovery

    Phase 2 Phase 3

    Phase 1: Step 1 – Define Your Data Requirements will walk you through the following activities:

    • Confirm the organizational strategic goals, business drivers, business capabilities, and processes driving the Data Practice and Platform effort.
    • Identify the data related outcomes, goals, and ideal environment needed to fulfill the business goals.

    This phase involves the following participants:

    A blend of business leaders and business SMEs together with the Data Strategy team.

    Phase 1: Step 2 – Conduct Your Data Discovery will walk you through the following activities:

    • Identify and highlight the data challenges faced in achieving the desired outcome.
    • Map the data challenges to the data capabilities required to realize the desired data outcome.

    This phase involves the following participants:

    Key personnel from IT/Data team: (Data Architect, Data Engineers, Head of Head of Reporting and Analytics)

    Establish Data Governance

    • Buy Link or Shortcode: {j2store}123|cart{/j2store}
    • member rating overall impact (scale of 10): 9.3/10 Overall Impact
    • member rating average dollars saved: $48,494 Average $ Saved
    • member rating average days saved: 31 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Organizations are faced with challenges associated with changing data landscapes, evolving business models, industry disruptions, regulatory and compliance obligations, as well as changing and maturing user landscapes and demands for data.
    • Although the need for a data governance program is often evident, organizations often miss the mark.
    • Your data governance efforts should be directly aligned to delivering measurable business value by supporting key strategic initiatives, value streams, and underlying business capabilities.

    Our Advice

    Critical Insight

    • Your organization’s value streams and their associated business capabilities require effectively governed data. Without this, you may experience elevated operational costs, missed opportunities, eroded stakeholder satisfaction, and exposure to increased business risk.
    • Ensure your data governance program delivers measurable business value by aligning the associated data governance initiatives with the business architecture.
    • Data governance must continuously align with the organization’s enterprise governance function. It should not be perceived as a pet project of IT, but rather as an enterprise-wide, business-driven initiative.

    Impact and Result

    Info-Tech’s approach to establishing and sustaining effective data governance is anchored in the strong alignment of organizational value streams and their business capabilities with key data governance dimensions and initiatives. Info-Tech's approach will help you:

    • Align your data governance with enterprise governance, business strategy, and the organizational value streams to ensure the program delivers measurable business value.
    • Understand your current data governance capabilities and build out a future state that is right-sized and relevant.
    • Define data governance leadership, accountability, and responsibility.
    • Ensure data governance is supported by an operating model that effectively manages change and communication and fosters a culture of data excellence.

    Establish Data Governance Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Data Governance Research – A step-by-step document to ensure that the people handling the data are involved in the decisions surrounding data usage, data quality, business processes, and change implementation.

    Data governance is a strategic program that will help your organization control data by managing the people, processes, and information technology needed to ensure that accurate and consistent data policies exist across varying lines of the business, enabling data-driven insight. This research will provide an overview of data governance and its importance to your organization, assist in making the case and securing buy-in for data governance, identify data governance best practices and the challenges associated with them, and provide guidance on how to implement data governance best practices for a successful launch.

    • Establish Data Governance – Phases 1-3

    2. Data Governance Planning and Roadmapping Workbook – A structured tool to assist with establishing effective data governance practices.

    This workbook will help your organization understand the business and user context by leveraging your business capability map and value streams, develop data use cases using Info-Tech's framework for building data use cases, and gauge the current state of your organization's data culture.

    • Data Governance Planning and Roadmapping Workbook

    3. Data Use Case Framework Template – An exemplar template to highlight and create relevant use cases around the organization’s data-related problems and opportunities.

    This business needs gathering activity will highlight and create relevant use cases around data-related problems or opportunities that are clear and contained and, if addressed, will deliver value to the organization. This template provides a framework for data requirements and a mapping methodology for creating use cases.

    • Data Use Case Framework Template

    4. Data Governance Initiative Planning and Roadmap Tool – A visual roadmapping tool to assist with establishing effective data governance practices.

    This tool will help your organization plan the sequence of activities, capture start dates and expected completion dates, and create a roadmap that can be effectively communicated to the organization.

    • Data Governance Initiative Planning and Roadmap Tool

    5. Business Data Catalog – A comprehensive template to help you to document the key data assets that are to be governed based on in-depth business unit interviews, data risk/value assessments, and a data flow diagram for the organization.

    Use this template to document information about key data assets such as data definition, source system, possible values, data sensitivity, data steward, and usage of the data.

    • Business Data Catalog

    6. Data Governance Program Charter Template – A program charter template to sell the importance of data governance to senior executives.

    This template will help get the backing required to get a data governance project rolling. The program charter will help communicate the project purpose, define the scope, and identify the project team, roles, and responsibilities.

    • Data Governance Program Charter Template

    7. Data Governance Policy

    This policy establishes uniform data governance standards and identifies the shared responsibilities for assuring the integrity of the data and that it efficiently and effectively serves the needs of your organization.

    • Data Governance Policy

    8. Data Governance Exemplar – An exemplar showing how you can plan and document your data governance outputs.

    Use this exemplar to understand how to establish data governance in your organization. Follow along with the sections of the blueprint Establish Data Governance and complete the document as you progress.

    • Data Governance Exemplar
    [infographic]

    Workshop: Establish Data Governance

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish Business Context and Value

    The Purpose

    Identify key business data assets that need to be governed.

    Create a unifying vision for the data governance program.

    Key Benefits Achieved

    Understand the value of data governance and how it can help the organization better leverage its data.

    Gain knowledge of how data governance can benefit both IT and the business.

    Activities

    1.1 Establish business context, value, and scope of data governance at the organization

    1.2 Introduction to Info-Tech’s data governance framework

    1.3 Discuss vision and mission for data governance

    1.4 Understand your business architecture, including your business capability map and value streams

    1.5 Build use cases aligned to core business capabilities

    Outputs

    Sample use cases (tied to the business capability map) and a repeatable use case framework

    Vision and mission for data governance

    2 Understand Current Data Governance Capabilities and Plot Target-State Levels

    The Purpose

    Assess which data contains value and/or risk and determine metrics that will determine how valuable the data is to the organization.

    Assess where the organization currently stands in data governance initiatives.

    Determine gaps between the current and future states of the data governance program.

    Key Benefits Achieved

    Gain a holistic understanding of organizational data and how it flows through business units and systems.

    Identify which data should fall under the governance umbrella.

    Determine a practical starting point for the program.

    Activities

    2.1 Understand your current data governance capabilities and maturity

    2.2 Set target-state data governance capabilities

    Outputs

    Current state of data governance maturity

    Definition of target state

    3 Build Data Domain to Data Governance Role Mapping

    The Purpose

    Determine strategic initiatives and create a roadmap outlining key steps required to get the organization to start enabling data-driven insights.

    Determine timing of the initiatives.

    Key Benefits Achieved

    Establish clear direction for the data governance program.

    Step-by-step outline of how to create effective data governance, with true business-IT collaboration.

    Activities

    3.1 Evaluate and prioritize performance gaps

    3.2 Develop and consolidate data governance target-state initiatives

    3.3 Define the role of data governance: data domain to data governance role mapping

    Outputs

    Target-state data governance initiatives

    Data domain to data governance role mapping

    4 Formulate a Plan to Get to Your Target State

    The Purpose

    Consolidate the roadmap and other strategies to determine the plan of action from Day One.

    Create the required policies, procedures, and positions for data governance to be sustainable and effective.

    Key Benefits Achieved

    Prioritized initiatives with dependencies mapped out.

    A clearly communicated plan for data governance that will have full business backing.

    Activities

    4.1 Identify and prioritize next steps

    4.2 Define roles and responsibilities and complete a high-level RACI

    4.3 Wrap-up and discuss next steps and post-workshop support

    Outputs

    Initialized roadmap

    Initialized RACI

    Further reading

    Establish Data Governance

    Deliver measurable business value.

    Executive Brief

    Analyst Perspective

    Establish a data governance program that brings value to your organization.

    Picture of analyst

    Data governance does not sit as an island on its own in the organization – it must align with and be driven by your enterprise governance. As you build out data governance in your organization, it’s important to keep in mind that this program is meant to be an enabling framework of oversight and accountabilities for managing, handling, and protecting your company’s data assets. It should never be perceived as bureaucratic or inhibiting to your data users. It should deliver agreed-upon models that are conducive to your organization’s operating culture, offering clarity on who can do what with the data and via what means. Data governance is the key enabler for bringing high-quality, trusted, secure, and discoverable data to the right users across your organization. Promote and drive the responsible and ethical use of data while helping to build and foster an organizational culture of data excellence.

    Crystal Singh

    Director, Research & Advisory, Data & Analytics Practice

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    The amount of data within organizations is growing at an exponential rate, creating a need to adopt a formal approach to governing data. However, many organizations remain uninformed on how to effectively govern their data. Comprehensive data governance should define leadership, accountability, and responsibility related to data use and handling and be supported by a well-oiled operating model and relevant policies and procedures. This will help ensure the right data gets to the right people at the right time, using the right mechanisms.

    Common Obstacles

    Organizations are faced with challenges associated with changing data landscapes, evolving business models, industry disruptions, regulatory and compliance obligations, and changing and maturing user landscape and demand for data. Although the need for a data governance program is often evident, organizations miss the mark when their data governance efforts are not directly aligned to delivering measurable business value. Initiatives should support key strategic initiatives, as well as value streams and their underlying business capabilities.

    Info-Tech’s Approach

    Info-Tech’s approach to establishing and sustaining effective data governance is anchored in the strong alignment of organizational value streams and their business capabilities with key data governance dimensions and initiatives. Organizations should:

    • Align their data governance with enterprise governance, business strategy and value streams to ensure the program delivers measurable business value.
    • Understand their current data governance capabilities so as to build out a future state that is right-sized and relevant.
    • Define data leadership, accountability, and responsibility. Support these with an operating model that effectively manages change and communication and fosters a culture of data excellence.

    Info-Tech Insight

    Your organization’s value streams and the associated business capabilities require effectively governed data. Without this, you face elevated operating costs, missed opportunities, eroded stakeholder satisfaction, and increased business risk.

    Your challenge

    This research is designed to help organizations build and sustain an effective data governance program.

    • Your organization has recognized the need to treat data as a corporate asset for generating business value and/or managing and mitigating risk.
    • This has brought data governance to the forefront and highlighted the need to build a performance-driven enterprise program for delivering quality, trusted, and readily consumable data to users.
    • An effective data governance program is one that defines leadership, accountability, and responsibility related to data use and handling. It’s supported by a well-oiled operating model and relevant policies and procedures, all of which help build and foster a culture of data excellence where the right users get access to the right data at the right time via the right mechanisms.

    As you embark on establishing data governance in your organization, it’s vital to ensure from the get-go that you define the drivers and business context for the program. Data governance should never be attempted without direction on how the program will yield measurable business value.

    “Data processing and cleanup can consume more than half of an analytics team’s time, including that of highly paid data scientists, which limits scalability and frustrates employees.” – Petzold, et al., 2020

    Image is a circle graph and 30% of it is coloured with the number 30% in the middle of the graph

    “The productivity of employees across the organization can suffer.” – Petzold, et al., 2020

    Respondents to McKinsey’s 2019 Global Data Transformation Survey reported that an average of 30% of their total enterprise time was spent on non-value-added tasks because of poor data quality and availability. – Petzold, et al., 2020

    Common obstacles

    Some of the barriers that make data governance difficult to address for many organizations include:

    • Gaps in communicating the strategic value of data and data governance to the organization. This is vital for securing senior leadership buy-in and support, which, in turn, is crucial for sustained success of the data governance program.
    • Misinterpretation or a lack of understanding about data governance, including what it means for the organization and the individual data user.
    • A perception that data governance is inhibiting or an added layer of bureaucracy or complication rather than an enabling and empowering framework for stakeholders in their use and handling of data.
    • Embarking on data governance without firmly substantiating and understanding the organizational drivers for doing so. How is data governance going to support the organization’s value streams and their various business capabilities?
    • Neglecting to define and measure success and performance. Just as in any other enterprise initiative, you have to be able to demonstrate an ROI for time, resources and funding. These metrics must demonstrate the measurable business value that data governance brings to the organization.
    • Failure to align data governance with enterprise governance.
    Image is a circle graph and 78% of it is coloured with the number 78% in the middle of the graph

    78% of companies (and 92% of top-tier companies) have a corporate initiative to become more data-driven. – Alation, 2020

    Image is a circle graph and 58% of it is coloured with the number 58% in the middle of the graph

    But despite these ambitions, there appears to be a “data culture disconnect” – 58% of leaders overestimate the current data culture of their enterprises, giving a grade higher than the one produced by the study. – Fregoni, 2020

    The strategic value of data

    Power intelligent and transformative organizational performance through leveraging data.

    Respond to industry disruptors

    Optimize the way you serve your stakeholders and customers

    Develop products and services to meet ever-evolving needs

    Manage operations and mitigate risk

    Harness the value of your data

    The journey to being data-driven

    The journey to declaring that you are a data-driven organization requires a pit stop at data enablement.

    The Data Economy

    Data Disengaged

    You have a low appetite for data and rarely use data for decision making.

    Data Enabled

    Technology, data architecture, and people and processes are optimized and supported by data governance.

    Data Driven

    You are differentiating and competing on data and analytics; described as a “data first” organization. You’re collaborating through data. Data is an asset.

    Data governance is essential for any organization that makes decisions about how it uses its data.

    Data governance is an enabling framework of decision rights, responsibilities, and accountabilities for data assets across the enterprise.

    Data governance is:

    • Executed according to agreed-upon models that describe who can take what actions with what information, when, and using what methods (Olavsrud, 2021).
    • True business-IT collaboration that will lead to increased consistency and confidence in data to support decision making. This, in turn, helps fuel innovation and growth.

    If done correctly, data governance is not:

    • An annoying, finger-waving roadblock in the way of getting things done.
    • Meant to solve all data-related business or IT problems in an organization.
    • An inhibitor or impediment to using and sharing data.

    Info-Tech’s Data Governance Framework

    An image of Info-Tech's Data Governance Framework

    Create impactful data governance by embedding it within enterprise governance

    A model is depicted to show the relationship between enterprise governance and data governance.

    Organizational drivers for data governance

    Data governance personas:

    Conformance: Establishing data governance to meet regulations and compliance requirements.

    Performance: Establishing data governance to fuel data-driven decision making for driving business value and managing and mitigating business risk.

    Two images are depicted that show the difference between conformance and performance.

    Data Governance is not a one-person show

    • Data governance needs a leader and a home. Define who is going to be leading, driving, and steering data governance in your organization.
    • Senior executive leaders play a crucial role in championing and bringing visibility to the value of data and data governance. This is vital for building and fostering a culture of data excellence.
    • Effective data governance comes with business and IT alignment, collaboration, and formally defined roles around data leadership, ownership, and stewardship.
    Four circles are depicted. There is one person in the circle on the left and is labelled: Data Governance Leadership. The circle beside it has two people in it and labelled: Organizational Champions. The circle beside it has three people in it and labelled: Data Owners, Stewards & Custodians. The last circle has four people in it and labelled: The Organization & Data Storytellers.

    Traditional data governance organizational structure

    A traditional structure includes committees and roles that span across strategic, tactical, and operational duties. There is no one-size-fits-all data governance structure. However, most organizations follow a similar pattern when establishing committees, councils, and cross-functional groups. Most organizations strive to identify roles and responsibilities at a strategic and operational level. Several factors will influence the structure of the program, such as the focus of the data governance project and the maturity and size of the organization.

    A triangular model is depicted and is split into three tiers to show the traditional data governance organizational structure.

    A healthy data culture is key to amplifying the power of your data.

    “Albert Einstein is said to have remarked, ‘The world cannot be changed without changing our thinking.’ What is clear is that the greatest barrier to data success today is business culture, not lagging technology. “– Randy Bean, 2020

    What does it look like?

    • Everybody knows the data.
    • Everybody trusts the data.
    • Everybody talks about the data.

    “It is not enough for companies to embrace modern data architectures, agile methodologies, and integrated business-data teams, or to establish centers of excellence to accelerate data initiatives, when only about 1 in 4 executives reported that their organization has successfully forged a data culture.”– Randy Bean, 2020

    Data literacy is an essential part of a data-driven culture

    • In a data-driven culture, decisions are made based on data evidence, not on gut instinct.
    • Data often has untapped potential. A data-driven culture builds tools and skills, builds users’ trust in the condition and sources of data, and raises the data skills and understanding among their people on the front lines.
    • Building a data culture takes an ongoing investment of time, effort, and money. This investment will not achieve the transformation you want without data literacy at the grassroots level.

    Data-driven culture = “data matters to our company”

    Despite investments in data initiative, organizations are carrying high levels of data debt

    Data debt is “the accumulated cost that is associated with the sub-optimal governance of data assets in an enterprise, like technical debt.”

    Data debt is a problem for 78% of organizations.

    40% of organizations say individuals within the business do not trust data insights.

    66% of organizations say a backlog of data debt is impacting new data management initiatives.

    33% of organizations are not able to get value from a new system or technology investment.

    30% of organizations are unable to become data-driven.

    Source: Experian, 2020

    Absent or sub-optimal data governance leads to data debt

    Only 3% of companies’ data meets basic quality standards. (Source: Nagle, et al., 2017)

    Organizations suspect 28% of their customer and prospect data is inaccurate in some way. (Source: Experian, 2020)

    Only 51% of organizations consider the current state of their CRM or ERP data to be clean, allowing them to fully leverage it. (Source: Experian, 2020)

    35% of organizations say they’re not able to see a ROI for data management initiatives. (Source: Experian, 2020)

    Embrace the technology

    Make the available data governance tools and technology work for you:

    • Data catalog
    • Business data glossary
    • Data lineage
    • Metadata management

    While data governance tools and technologies are no panacea, leverage their automated and AI-enabled capabilities to augment your data governance program.

    Logos of data governance tools and technology.

    Measure success to demonstrate tangible business value

    Put data governance into the context of the business:

    • Tie the value of data governance and its initiatives back to the business capabilities that are enabled.
    • Leverage the KPIs of those business capabilities to demonstrate tangible and measurable value. Use terms and language that will resonate with senior leadership.

    Don’t let measurement be an afterthought:

    Start substantiating early on how you are going to measure success as your data governance program evolves.

    Build a right-sized roadmap

    Formulate an actionable roadmap that is right-sized to deliver value in your organization.

    Key considerations:

    • When building your data governance roadmap, ensure you do so through an enterprise lens. Be cognizant of other initiatives that might be coming down the pipeline that may require you to align your data governance milestones accordingly.
    • Apart from doing your planning with consideration for other big projects or launches that might be in-flight and require the time and attention of your data governance partners, also be mindful of the more routine yet still demanding initiatives.
    • When doing your roadmapping, consider factors like the organization’s fiscal cycle, typical or potential year-end demands, and monthly/quarterly reporting periods and audits. Initiatives such as these are likely to monopolize the time and focus of personnel key to delivering on your data governance milestones.

    Sample milestones:

    Data Governance Leadership & Org Structure Definition

    Define the home for data governance and other key roles around ownership and stewardship, as approved by senior leadership.

    Data Governance Charter and Policies

    Create a charter for your program and build/refresh associated policies.

    Data Culture Diagnostic

    Understand the organization’s current data culture, perception of data, value of data, and knowledge gaps.

    Use Case Build and Prioritization

    Build a use case that is tied to business capabilities. Prioritize accordingly.

    Business Data Glossary

    Build and/or refresh the business’ glossary for addressing data definitions and standardization issues.

    Tools & Technology

    Explore the tools and technology offering in the data governance space that would serve as an enabler to the program. (e.g. RFI, RFP).

    Key takeaways for effective business-driven data governance

    Data governance leadership and sponsorship is key.

    Ensure strategic business alignment.

    Build and foster a culture of data excellence.

    Evolve along the data journey.

    Make data governance an enabler, not a hindrance.

    Insight summary

    Overarching insight

    Your organization’s value streams and the associated business capabilities require effectively governed data. Without this, you face the impact of elevated operational costs, missed opportunities, eroded stakeholder satisfaction, and exposure to increased business risk.

    Insight 1

    Data governance should not sit as an island in your organization. It must continuously align with the organization’s enterprise governance function. It shouldn’t be perceived as a pet project of IT, but rather as an enterprise-wide, business-driven initiative.

    Insight 2

    Ensure your data governance program delivers measurable business value by aligning the associated data governance initiatives with the business architecture. Leverage the measures of success or KPIs of the underlying business capabilities to demonstrate the value data governance has yielded for the organization.

    Insight 3

    Data governance remains the foundation of all forms of reporting and analytics. Advanced capabilities such as AI and machine learning require effectively governed data to fuel their success.

    Tactical insight

    Tailor your data literacy program to meet your organization’s needs, filling your range of knowledge gaps and catering to your different levels of stakeholders. When it comes to rolling out a data literacy program, there is no one-size-fits-all solution. Your data literacy program is intended to fill the knowledge gaps about data, as they exist in your organization. It should be targeted across the board – from your executive leadership and management through to the subject matter experts across different lines of the business in your organization.

    Info-Tech’s methodology for establishing data governance

    1. Build Business and User Context 2. Understand Your Current Data Governance Capabilities 3. Build a Target State Roadmap and Plan
    Phase Steps
    1. Substantiate Business Drivers
    2. Build High-Value Use Cases for Data Governance
    1. Understand the Key Components of Data Governance
    2. Gauge Your Organization’s Current Data Culture
    1. Formulate an Actionable Roadmap and Right-Sized Plan
    Phase Outcomes
    • Your organization’s business capabilities and value streams
    • A business capability map for your organization
    • Categorization of your organization’s key capabilities
    • A strategy map tied to data governance
    • High-value use cases for data governance
    • An understanding of the core components of an effective data governance program
    • An understanding your organization’s current data culture
    • A data governance roadmap and target-state plan comprising of prioritized initiatives

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Screenshot of Info-Tech's Data Governance Planning and Roadmapping Workbook data-verified=

    Data Governance Planning and Roadmapping Workbook

    Use the Data Governance Planning and Roadmapping Workbook as you plan, build, roll-out, and scale data governance in your organization.

    Screenshot of Info-Tech's Data Use Case Framework Template

    Data Use Case Framework Template

    This template takes you through a business needs gathering activity to highlight and create relevant use cases around the organization’s data-related problems and opportunities.

    Screenshot of Info-Tech's Business Data Glossary data-verified=

    Business Data Glossary

    Use this template to document the key data assets that are to be governed and create a data flow diagram for your organization.

    Screenshot of Info-Tech's Data Culture Diagnostic and Scorecard data-verified=

    Data Culture Diagnostic and Scorecard

    Leverage Info-Tech’s Data Culture Diagnostic to understand how your organization scores across 10 areas relating to data culture.

    Key deliverable:

    Data Governance Planning and Roadmapping Workbook

    Measure the value of this blueprint

    Leverage this blueprint’s approach to ensure your data governance initiatives align and support your key value streams and their business capabilities.

    • Aligning your data governance program and its initiatives to your organization’s business capabilities is vital for tracing and demonstrating measurable business value for the program.
    • This alignment of data governance with value streams and business capabilities enables you to use business-defined KPIs and demonstrate tangible value.
    Screenshot from this blueprint on the Measurable Business Value

    In phases 1 and 2 of this blueprint, we will help you establish the business context, define your business drivers and KPIs, and understand your current data governance capabilities and strengths.

    In phase 3, we will help you develop a plan and a roadmap for addressing any gaps and improving the relevant data governance capabilities so that data is well positioned to deliver on those defined business metrics.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team, has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keeps us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Establish Data Governance project overview

    Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

    1. Build Business and User context2. Understand Your Current Data Governance Capabilities3. Build a Target State Roadmap and Plan
    Best-Practice Toolkit
    1. Substantiate Business Drivers
    2. Build High-Value Use Cases for Data Governance
    1. Understand the Key Components of Data Governance
    2. Gauge Your Organization’s Current Data Culture
    1. Formulate an Actionable Roadmap and Right-Sized Plan
    Guided Implementation
    • Call 1
    • Call 2
    • Call 3
    • Call 4
    • Call 5
    • Call 6
    • Call 7
    • Call 8
    • Call 9
    Phase Outcomes
    • Your organization’s business capabilities and value streams
    • A business capability map for your organization
    • Categorization of your organization’s key capabilities
    • A strategy map tied to data governance
    • High-value use cases for data governance
    • An understanding of the core components of an effective data governance program
    • An understanding your organization’s current data culture
    • A data governance roadmap and target-state plan comprising of prioritized initiatives

    Guided Implementation

    What does a typical GI on this topic look like?

    An outline of what guided implementation looks like.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Workshop overview

    Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4
    Establish Business Context and Value Understand Current Data Governance Capabilities and Plot Target-State Levels Build Data Domain to Data Governance Role Mapping Formulate a Plan to Get to Your Target State
    Activities
    • Establish business context, value, and scope of data governance at the organization
    • Introduction to Info-Tech’s data governance framework
    • Discuss vision and mission for data governance
    • Understand your business architecture, including your business capability map and value streams
    • Build use cases aligned to core business capabilities
    • Understand your current data governance capabilities and maturity
    • Set target state data governance capabilities
    • Evaluate and prioritize performance gaps
    • Develop and consolidate data governance target-state initiatives
    • Define the role of data governance: data domain to data governance role mapping
    • Identify and prioritize next steps
    • Define roles and responsibilities and complete a high-level RACI
    • Wrap-up and discuss next steps and post-workshop support
    Deliverables
    1. Sample use cases (tied to the business capability map) and a repeatable use case framework
    2. Vision and mission for data governance
    1. Current state of data governance maturity
    2. Definition of target state
    1. Target-state data governance initiatives
    2. Data domain to data governance role mapping
    1. Initialized roadmap
    2. Initialized RACI

    Phase 1

    Build Business and User Context

    Three circles are in the image that list the three phases and the main steps. Phase 1 is highlighted.

    “When business users are invited to participate in the conversation around data with data users and IT, it adds a fundamental dimension — business context. Without a real understanding of how data ties back to the business, the value of analysis and insights can get lost.” – Jason Lim, Alation

    This phase will guide you through the following activities:

    • Identify Your Business Capabilities
    • Define your Organization’s Key Business Capabilities
    • Develop a Strategy Map that Aligns Business Capabilities to Your Strategic Focus

    This phase involves the following participants:

    • Data Governance Leader/Data Leader (CDO)
    • Senior Business Leaders
    • Business SMEs
    • Data Leadership, Data Owners, Data Stewards and Custodians

    Step 1.1

    Substantiate Business Drivers

    Activities

    1.1.1 Identify Your Business Capabilities

    1.1.2 Categorize Your Organization’s Key Business Capabilities

    1.1.3 Develop a Strategy Map Tied to Data Governance

    This step will guide you through the following activities:

    • Leverage your organization’s existing business capability map or initiate the formulation of a business capability map, guided by info-Tech’s approach
    • Determine which business capabilities are considered high priority by your organization
    • Map your organization’s strategic objectives to value streams and capabilities to communicate how objectives are realized with the support of data

    Outcomes of this step

    • A foundation for data governance initiative planning that’s aligned with the organization’s business architecture: value streams, business capability map, and strategy map

    Info-Tech Insight

    Gaining a sound understanding of your business architecture (value streams and business capabilities) is a critical foundation for establishing and sustaining a data governance program that delivers measurable business value.

    1.1.1 Identify Your Business Capabilities

    Confirm your organization's existing business capability map or initiate the formulation of a business capability map:

    • If you have an existing business capability map, meet with the relevant business owners/stakeholders to confirm that the content is accurate and up to date. Confirm the value streams (how your organization creates and captures value) and their business capabilities are reflective of the organization’s current business environment.
    • If you do not have an existing business capability map, follow this activity to initiate the formulation of a map (value streams and related business capabilities):
      1. Define the organization’s value streams. Meet with senior leadership and other key business stakeholders to define how your organization creates and captures value.
      2. Define the relevant business capabilities. Meet with senior leadership and other key business stakeholders to define the business capabilities.

    Note: A business capability defines what a business does to enable value creation. Business capabilities are business terms defined using descriptive nouns such as “Marketing” or “Research and Development.” They represent stable business functions, are unique and independent of each other, and typically will have a defined business outcome.

    Input

    • List of confirmed value streams and their related business capabilities

    Output

    • Business capability map with value streams for your organization

    Materials

    • Your existing business capability map or the template provided in the Data Governance Planning and Roadmapping Workbook accompanying this blueprint

    Participants

    • Key business stakeholders
    • Data stewards
    • Data custodians
    • Data Governance Working Group

    For more information, refer to Info-Tech’s Document Your Business Architecture.

    Define or validate the organization’s value streams

    Value streams connect business goals to the organization’s value realization activities. These value realization activities, in turn, depend on data.

    If the organization does not have a business architecture function to conduct and guide Activity 1.1.1, you can leverage the following approach:

    • Meet with key stakeholders regarding this topic, then discuss and document your findings.
    • When trying to identify the right stakeholders, consider: Who are the decision makers and key influencers? Who will impact this piece of business architecture related work? Who has the relevant skills, competencies, experience, and knowledge about the organization?
    • Engage with these stakeholders to define and validate how the organization creates value.
    • Consider:
      • Who are your main stakeholders? This will depend on the industry in which you operate. For example, customers, residents, citizens, constituents, students, patients.
      • What are your stakeholders looking to accomplish?
      • How does your organization’s products and/or services help them accomplish that?
      • What are the benefits your organization delivers to them and how does your organization deliver those benefits?
      • How do your stakeholders receive those benefits?

    Align data governance to the organization's value realization activities.

    Value streams enable the organization to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    Info-Tech Insight

    Your organization’s value streams and the associated business capabilities require effectively governed data. Without this, you face the possibilities of elevated operational costs, missed opportunities, eroded stakeholder satisfaction, negative impact to reputation and brand, and/or increased exposure to business risk.

    Example of value streams – Retail Banking

    Value streams connect business goals to the organization’s value realization activities.

    Example value stream descriptions for: Retail Banking

    Value streams enable the organization to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    Model example of value streams for retail banking.

    For this value stream, download Info-Tech’s Info-Tech’s Industry Reference Architecture for Retail Banking.

    Example of value streams – Higher Education

    Value streams connect business goals to the organization’s value realization activities.

    Example value stream descriptions for: Higher Education

    Value streams enable the organization to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    Model example of value streams for higher education

    For this value stream, download Info-Tech’s Industry Reference Architecture for Higher Education.

    Example of value streams – Local Government

    Value streams connect business goals to the organization’s value realization activities.

    Example value stream descriptions for: Local Government

    Value streams enable the organization to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    Model example of value streams for local government

    For this value stream, download Info-Tech’s Industry Reference Architecture for Local Government.

    Example of value streams – Manufacturing

    Value streams connect business goals to the organization’s value realization activities.

    Example value stream descriptions for: Manufacturing

    Value streams enable the organization to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    Model example of value streams for manufacturing

    For this value stream, download Info-Tech’s Industry Reference Architecture for Manufacturing.

    Example of value streams – Retail

    Value streams connect business goals to the organization’s value realization activities.

    Example value stream descriptions for: Retail

    Model example of value streams for retail

    Value streams enable the organization to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    For this value stream, download Info-Tech’s Industry Reference Architecture for Retail.

    Define the organization’s business capabilities in a business capability map

    A business capability defines what a business does to enable value creation. Business capabilities represent stable business functions and typically will have a defined business outcome.

    Business capabilities can be thought of as business terms defined using descriptive nouns such as “Marketing” or “Research and Development.”

    If your organization doesn’t already have a business capability map, you can leverage the following approach to build one. This initiative requires a good understanding of the business. By working with the right stakeholders, you can develop a business capability map that speaks a common language and accurately depicts your business.

    Working with the stakeholders as described above:

    • Analyze the value streams to identify and describe the organization’s capabilities that support them.
    • Consider: What is the objective of your value stream? (This can highlight which capabilities support which value stream.)
    • As you initiate your engagement with your stakeholders, don’t start a blank page. Leverage the examples on the next slides as a starting point for your business capability map.
    • When using these examples, consider: What are the activities that make up your particular business? Keep the ones that apply to your organization, remove the ones that don’t, and add any needed.

    Align data governance to the organization's value realization activities.

    Info-Tech Insight

    A business capability map can be thought of as a visual representation of your organization’s business capabilities and hence represents a view of what your data governance program must support.

    For more information, refer to Info-Tech’s Document Your Business Architecture.

    Example business capability map – Retail Banking

    A business capability map can be thought of as a visual representation of your organization’s business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip:

    Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realization capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Retail Banking

    Model example business capability map for retail banking

    For this business capability map, download Info-Tech’s Industry Reference Architecture for Retail Banking.

    Example business capability map – Higher Education

    A business capability map can be thought of as a visual representation of your organization’s business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip:

    Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realization capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Higher Education

    Model example business capability map for higher education

    For this business capability map, download Info-Tech’s Industry Reference Architecture for Higher Education.

    Example business capability map – Local Government

    A business capability map can be thought of as a visual representation of your organization’s business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip:

    Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realization capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Local Government

    Model example business capability map for local government

    For this business capability map, download Info-Tech’s Industry Reference Architecture for Local Government.

    Example business capability map – Manufacturing

    A business capability map can be thought of as a visual representation of your organization’s business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip:

    Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realization capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Manufacturing

    Model example business capability map for manufacturing

    For this business capability map, download Info-Tech’s Industry Reference Architecture for Manufacturing.

    Example business capability map - Retail

    A business capability map can be thought of as a visual representation of your organization’s business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip:

    Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realization capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Retail

    Model example business capability map for retail

    For this business capability map, download Info-Tech’s Industry Reference Architecture for Retail.

    1.1.2 Categorize Your Organization’s Key Capabilities

    Determine which capabilities are considered high priority in your organization.

    1. Categorize or heatmap the organization’s key capabilities. Consult with senior and other key business stakeholders to categorize and prioritize the business’ capabilities. This will aid in ensuring your data governance future state planning is aligned with the mandate of the business. One approach to prioritizing capabilities with business stakeholders is to examine them through the lens of cost advantage creators, competitive advantage differentiators, and/or by high value/high risk.
    2. Identify cost advantage creators. Focus on capabilities that drive a cost advantage for your organization. Highlight these capabilities and prioritize programs that support them.
    3. Identify competitive advantage differentiators. Focus on capabilities that give your organization an edge over rivals or other players in your industry.

    This categorization/prioritization exercise helps highlight prime areas of opportunity for building use cases, determining prioritization, and the overall optimization of data and data governance.

    Input

    • Strategic insight from senior business stakeholders on the business capabilities that drive value for the organization

    Output

    • Business capabilities categorized and prioritized (e.g. cost advantage creators, competitive advantage differentiators, high value/high risk)

    Materials

    • Your existing business capability map or the business capability map derived in the previous activity

    Participants

    • Key business stakeholders
    • Data stewards
    • Data custodians
    • Data Governance Working Group

    For more information, refer to Info-Tech’s Document Your Business Architecture.

    Example of business capabilities categorization or heatmapping – Retail

    This exercise is useful in ensuring the data governance program is focused and aligned to support the priorities and direction of the business.

    • Depending on the mandate from the business, priority may be on developing cost advantage. Hence the capabilities that deliver efficiency gains are the ones considered to be cost advantage creators.
    • The business’ priority may be on maintaining or gaining a competitive advantage over its industry counterparts. Differentiation might be achieved in delivering unique or enhanced products, services, and/or experiences, and the focus will tend to be on the capabilities that are more end-stakeholder-facing (e.g. customer-, student-, patient,- and/or constituent-facing). These are the organization’s competitive advantage creators.

    Example: Retail

    Example of business capabilities categorization or heatmapping – Retail

    For this business capability map, download Info-Tech’s Industry Reference Architecture for Retail.

    1.1.3 Develop a Strategy Map Tied to Data Governance

    Identify the strategic objectives for the business. Knowing the key strategic objectives will drive business-data governance alignment. It’s important to make sure the right strategic objectives of the organization have been identified and are well understood.

    1. Meet with senior business leaders and other relevant stakeholders to help identify and document the key strategic objectives for the business.
    2. Leverage their knowledge of the organization’s business strategy and strategic priorities to visually represent how these map to value streams, business capabilities, and, ultimately, to data and data governance needs and initiatives. Tip: Your map is one way to visually communicate and link the business strategy to other levels of the organization.
    3. Confirm the strategy mapping with other relevant stakeholders.

    Guide to creating your map: Starting with strategic objectives, map the value streams that will ultimately drive them. Next, link the key capabilities that enable each value stream. Then map the data and data governance to initiatives that support those capabilities. This is one approach to help you prioritize the data initiatives that deliver the most value to the organization.

    Input

    • Strategic objectives as outlined by the organization’s business strategy and confirmed by senior leaders

    Output

    • A strategy map that maps your organizational strategic objectives to value streams, business capabilities, and, ultimately, to data program

    Materials

    Participants

    • Key business stakeholders
    • Data stewards
    • Data custodians
    • Data Governance Working Group

    Download Info-Tech’s Data Governance Planning and Roadmapping Workbook

    Example of a strategy map tied to data governance

    • Strategic objectives are the outcomes that the organization is looking to achieve.
    • Value streams enable an organization to create and capture value in the market through interconnected activities that support strategic objectives.
    • Business capabilities define what a business does to enable value creation in value streams.
    • Data capabilities and initiatives are descriptions of action items on the data and data governance roadmap and which will enable one or multiple business capabilities in its desired target state.

    Info-Tech Tip:

    Start with the strategic objectives, then map the value streams that will ultimately drive them. Next, link the key capabilities that enable each value stream. Then map the data and data governance initiatives that support those capabilities. This process will help you prioritize the data initiatives that deliver the most value to the organization.

    Example: Retail

    Example of a strategy map tied to data governance for retail

    For this strategy map, download Info-Tech’s Industry Reference Architecture for Retail.

    Step 1.2

    Build High-Value Use Cases for Data Governance

    Activities

    1.2.1 Build High-Value Use Cases

    This step will guide you through the following activities:

    • Leveraging your categorized business capability map to conduct deep-dive sessions with key business stakeholders for creating high-value uses cases
    • Discussing current challenges, risks, and opportunities associated with the use of data across the lines of business
    • Exploring which other business capabilities, stakeholder groups, and business units will be impacted

    Outcomes of this step

    • Relevant use cases that articulate the data-related challenges, needs, or opportunities that are clear and contained and, if addressed ,will deliver value to the organization

    Info-Tech Tip

    One of the most important aspects when building use cases is to ensure you include KPIs or measures of success. You have to be able to demonstrate how the use case ties back to the organizational priorities or delivers measurable business value. Leverage the KPIs and success factors of the business capabilities tied to each particular use case.

    1.2.1 Build High-Value Use Cases

    This business needs-gathering activity will highlight and create relevant use cases around data-related problems or opportunities that are clear and contained and, if addressed, will deliver value to the organization.

    1. Bring together key business stakeholders (data owner, stewards, SMEs) from a particular line of business as well as the relevant data custodian(s) to build cases for their units. Leverage the business capability map you created for facilitating this act.
    2. Leverage Info-Tech’s framework for data requirements and methodology for creating use cases, as outlined in the Data Use Case Framework Template and seen on the next slide.
    3. Have the stakeholders move through each breakout session outlined in the Use Case Worksheet. Use flip charts or a whiteboard to brainstorm and document their thoughts.
    4. Debrief and document results in the Data Use Case Framework Template
    5. Repeat this exercise with as many lines of the business as possible, leveraging your business capability map to guide your progress and align with business value.

    Tip: Don’t conclude these use case discussions without substantiating what measures of success will be used to demonstrate the business value of the effort to produce the desired future state, as relevant to each particular use case.

    Input

    • Value streams and business capabilities as defined by business leaders
    • Business stakeholders’ subject area expertise
    • Data custodian systems, integration, and data knowledge

    Output

    • Use cases that articulate data-related challenges, needs or opportunities that are tied to defined business capabilities and hence if addressed will deliver measurable value to the organization.

    Materials

    • Your business capability map from activity 1.1.1
    • Info-Tech’s Data Use Case Framework Template
    • Whiteboard or flip charts (or shared screen if working remotely)
    • Markers/pens

    Participants

    • Key business stakeholders
    • Data stewards and business SMEs
    • Data custodians
    • Data Governance Working Group

    Download Info-Tech’s Data Use Case Framework Template

    Info-Tech’s Framework for Building Use Cases

    Objective: This business needs-gathering activity will highlight and create relevant use cases around data-related problems or opportunities that are clear and contained and, if addressed, will deliver value to the organization.

    Leveraging your business capability map, build use cases that align with the organization’s key business capabilities.

    Consider:

    • Is the business capability a cost advantage creator or an industry differentiator?
    • Is the business capability currently underserved by data?
    • Does this need to be addressed? If so, is this risk- or value-driven?

    Info-Tech’s Data Requirements and Mapping Methodology for Creating Use Cases

    1. What business capability (or capabilities) is this use case tied to for your business area(s)?
    2. What are your data-related challenges in performing this today?
    3. What are the steps in this process/activity today?
    4. What are the applications/systems used at each step today?
    5. What data domains are involved, created, used, and/or transformed at each step today?
    6. What does an ideal or improved state look like?
    7. What other business units, business capabilities, activities, and/or processes will be impacted or improved if this issue was solved?
    8. Who are the stakeholders impacted by these changes? Who needs to be consulted?
    9. What are the risks to the organization (business capability, revenue, reputation, customer loyalty, etc.) if this is not addressed?
    10. What compliance, regulatory, and/or policy concerns do we need to consider in any solution?
    11. What measures of success or change should we use to prove the value of the effort (such as KPIs, ROI)? What is the measurable business value of doing this?

    The resulting use cases are to be prioritized and leveraged for informing the business case and the data governance capabilities optimization plan.

    Taken from Info-Tech’s Data Use Case Framework Template

    Phase 2

    Understand Your Current Data Governance Capabilities

    Three circles are in the image that list the three phases and the main steps. Phase 2 is highlighted.

    This phase will guide you through the following activities:

    • Understand the Key Components of Data Governance
    • Gauge Your Organization’s Current Data Culture

    This phase involves the following participants:

    • Data Leadership
    • Data Ownership & Stewardship
    • Policies & Procedures
    • Data Literacy & Culture
    • Operating Model
    • Data Management
    • Data Privacy & Security
    • Enterprise Projects & Services

    Step 2.1

    Understand the Key Components of Data Governance

    This step will guide you through the following activities:

    • Understanding the core components of an effective data governance program and determining your organization’s current capabilities in these areas:
      • Data Leadership
      • Data Ownership & Stewardship
      • Policies & Procedures
      • Data Literacy & Culture
      • Operating Model
      • Data Management
      • Data Privacy & Security
      • Enterprise Projects & Services

    Outcomes of this step

    • An understanding the core components of an effective data governance program
    • An understanding your organization’s current data governance capabilities

    Review: Info-Tech’s Data Governance Framework

    An image of Info-Tech's Data Governance Framework

    Key components of data governance

    A well-defined data governance program will deliver:

    • Defined accountability and responsibility for data.
    • Improved knowledge and common understanding of the organization’s data assets.
    • Elevated trust and confidence in traceable data.
    • Improved data ROI and reduced data debt.
    • An enabling framework for supporting the ethical use and handling of data.
    • A foundation for building and fostering a data-driven and data-literate organizational culture.

    The key components of establishing sustainable enterprise data governance, taken from Info-Tech’s Data Governance Framework:

    • Data Leadership
    • Data Ownership & Stewardship
    • Operating Model
    • Policies & Procedures
    • Data Literacy & Culture
    • Data Management
    • Data Privacy & Security
    • Enterprise Projects & Services

    Data Leadership

    • Data governance needs a dedicated head or leader to steer the organization’s data governance program.
    • For organizations that do have a chief data officer (CDO), their office is the ideal and effective home for data governance.
    • Heads of data governance also have titles such as director of data governance, director of data quality, and director of analytics.
    • The head of your data governance program works with all stakeholders and partners to ensure there is continuous enterprise governance alignment and oversight and to drive the program’s direction.
    • While key stakeholders from the business and IT will play vital data governance roles, the head of data governance steers the various components, stakeholders, and initiatives, and provides oversight of the overall program.
    • Vital data governance roles include: data owners, data stewards, data custodians, data governance steering committee (or your organization’s equivalent), and any data governance working group(s).

    The role of the CDO: the voice of data

    The office of the chief data officer (CDO):

    • Has a cross-organizational vision and strategy for data.
    • Owns and drives the data strategy; ensures it supports the overall organizational strategic direction and business goals.
    • Leads the organizational data initiatives, including data governance
    • Is accountable for the policy, strategy, data standards, and data literacy necessary for the organization to operate effectively.
    • Educates users and leaders about what it means to be “data-driven.”
    • Builds and fosters a culture of data excellence.

    “Compared to most of their C-suite colleagues, the CDO is faced with a unique set of problems. The role is still being defined. The chief data officer is bringing a new dimension and focus to the organization: ‘data.’ ”

    – Carruthers and Jackson, 2020

    Who does the CDO report to?

    Example reporting structure.
    • The CDO should be a true C- level executive.
    • Where the organization places the CDO role in the structure sends an important signal to the business about how much it values data.

    “The title matters. In my opinion, you can’t have a CDO without executive authority. Otherwise no one will listen.”

    – Anonymous European CDO

    “The reporting structure depends on who’s the ‘glue’ that ties together all these uniquely skilled individuals.”

    – John Kemp, Senior Director, Executive Services, Info-Tech Research Group

    Data Ownership & Stewardship

    Who are best suited to be data owners?

    • Wherever they may sit in your organization, data owners will typically have the highest stake in that data.
    • Data owners need to be suitably senior and have the necessary decision-making power.
    • They have the highest interest in the related business data domain, whether they are the head of a business unit or the head of a line of business that produces data or consumes data (or both).
    • If they are neither of these, it’s unlikely they will have the interest in the data (in terms of its quality, protection, ethical use, and handling, for instance) necessary to undertake and adopt the role effectively.

    Data owners are typically senior business leaders with the following characteristics:

    • Positioned to accept accountability for their data domain.
    • Hold authority and influence to affect change, including across business processes and systems, needed to improve data quality, use, handling, integration, etc.
    • Have access to a budget and resources for data initiatives such as resolving data quality issues, data cleansing initiatives, business data catalog build, related tools and technology, policy management, etc.
    • Hold the influence needed to drive change in behavior and culture.
    • Act as ambassadors of data and its value as an organizational strategic asset.

    Right-size your data governance organizational structure

    • Most organizations strive to identify roles and responsibilities at a strategic and operational level. Several factors will influence the structure of the program such as the focus of the data governance project as well as the maturity and size of the organization.
    • Your data governance structure has to work for your organization, and it has to evolve as the organization evolves.
    • Formulate your blend of data governance roles, committees, councils, and cross-functional groups, that make sense for your organization.
    • Your data governance organizational structure should not add complexity or bureaucracy to your organization’s data landscape; it should support and enable your principle of treating data as an asset.

    There is no one-size-fits-all data governance organizational structure.

    Example of a Data Governance Organizational Structure

    Critical roles and responsibilities for data governance

    Data Governance Working Groups

    Data governance working groups:

    • Are cross-functional teams
    • Deliver on data governance projects, initiatives, and ad hoc review committees.

    Data Stewards

    Traditionally, data stewards:

    • Serve on an operational level addressing issues related to adherence to standards/procedures, monitoring data quality, raising issues identified, etc.
    • Are responsible for managing access, quality, escalating issues, etc.

    Data Custodians

    • Traditionally, data custodians:
    • Serve on an operational level addressing issues related to data and database administration.
    • Support the management of access, data quality, escalating issues, etc.
    • Are SMEs from IT and database administration.

    Example: Business capabilities to data owner and data stewards mapping for a selected data domain

    Info-Tech Insight

    Your organization’s value streams and the associated business capabilities require effectively governed data. Without this, you face elevated operational costs, missed opportunities, eroded stakeholder satisfaction, and exposure to increased business risk.

    Enabling business capabilities with data governance role definitions

    Example: Business capabilities to data owner and data stewards mapping for a selected data domain

    Operating Model

    Your operating model is the key to designing and operationalizing a form of data governance that delivers measurable business value to your organization.

    “Generate excitement for data: When people are excited and committed to the vision of data enablement, they’re more likely to help ensure that data is high quality and safe.” – Petzold, et al., 2020

    Operating Model

    Defining your data governance operating model will help create a well-oiled program that sustainably delivers value to the organization and manages risks while building and fostering a culture of data excellence along the way. Some organizations are able to establish a formal data governance office, whether independent or attached to the office of the chief data officer. Regardless of how you are organized, data governance requires a home, a leader, and an operating model to ensure its sustainability and evolution.

    Examples of focus areas for your operating model:

    • Delivery: While there are core tenets to every data governance program, there is a level of variability in the implementation of data governance programs across organizations, sectors, and industries. Every organization has its own particular drivers and mandates, so the level and rigor applied will also vary.
    • The key is to determine what style will work best in your organization, taking into consideration your organizational culture, executive leadership support (present and ongoing), catalysts such as other enterprise-wide transformative and modernization initiatives, and/or regulatory and compliances drivers.

    • Communication: Communication is vital across all levels and stakeholder groups. For instance, there needs to be communication from the data governance office up to senior leadership, as well as communication within the data governance organization, which is typically made up of the data governance steering committee, data governance council, executive sponsor/champion, data stewards, and data custodians and working groups.
    • Furthermore, communication with the wider organization of data producers, users, and consumers is one of the core elements of the overall data governance communications plan.

    Communication is vital for ensuring acceptance of new processes, rules, guidelines, and technologies by all data producers and users as well as for sharing success stories of the program.

    Operating Model

    Tie the value of data governance and its initiatives back to the business capabilities that are enabled.

    “Leading organizations invest in change management to build data supporters and convert the skeptics. This can be the most difficult part of the program, as it requires motivating employees to use data and encouraging producers to share it (and ideally improve its quality at the source)[.]” – Petzold, et al., 2020

    Operating Model

    Examples of focus areas for your operating model (continued):

    • Change management and issue resolution: Data governance initiatives will very likely bring about a level of organizational disruption, with governance recommendations and future state requiring potentially significant business change. This may include a redesign of a substantial number of data processes affecting various business units, which will require tweaking the organization’s culture, thought processes, and procedures surrounding its data.
    • Preparing people for change well in advance will allow them to take the steps necessary to adapt and reduce potential confrontation. By planning for and efficiently communicating any changes that a data governance initiative may bring, many initial issues can be resolved from the outset.

      Attempting to implement change without an effective communications plan can result in disagreements over data control and stalemates between stakeholder units. The recommendations of the governance group must reflect the needs of all stakeholders or there will be pushback.

    • Performance measuring, monitoring and reporting: Measuring and reporting on performance, successes, and realization of tangible business value are a must for sustaining, growing, and scaling your data governance program.
    • Aligning your data governance to the organization's value realization activities enables you to leverage the KPIs of those business capabilities to demonstrate tangible and measurable value. Use terms and language that will resonate with your senior business leadership.

    Info-Tech Tip:

    Launching a data governance program will bring with it a level of disruption to the culture of the organization. That disruption doesn’t have to be detrimental if you are prepared to manage the change proactively and effectively.

    Policies, Procedures & Standards

    “Data standards are the rules by which data are described and recorded. In order to share, exchange, and understand data, we must standardize the format as well as the meaning.” – U.S. Geological Survey

    Policies, Procedures & Standards

    • When defining, updating, or refreshing your data policies, procedures, and standards, ensure they are relevant, serve a purpose, and/or support the use of data in the organization.
    • Avoid the common pitfall of building out a host of policies, procedures, and standards that are never used or followed by users and therefore don’t bring value or serve to mitigate risk for the organization.
    • Data policies can be thought of as formal statements and are typically created, approved, and updated by the organization’s data decision-making body (such as a data governance steering committee).
    • Data standards and procedures function as actions, or rules, that support the policies and their statements.
    • Standards and procedures are designed to standardize the processes during the overall data lifecycle. Procedures are instructions to achieve the objectives of the policies. The procedures are iterative and will be updated with approval from your data governance committee as needed.
    • Your organization’s data policies, standards, and procedures should not bog down or inhibit users; rather, they should enable confident data use and handling across the overall data lifecycle. They should support more effective and seamless data capture, integration, aggregation, sharing, and retention of data in the organization.

    Examples of data policies:

    • Data Classification Policy
    • Data Retention Policy
    • Data Entry Policy
    • Data Backup Policy
    • Data Provenance Policy
    • Data Management Policy

    Data Domain Documentation

    Select the correct granularity for your business need

    Diagram of data domain documentation
    Sources: Dataversity; Atlan; Analytics8

    Data Domain Documentation Examples

    Data Domain Documentation Examples

    Data Culture

    “Organizational culture can accelerate the application of analytics, amplify its power, and steer companies away from risky outcomes.” – Petzold, et al., 2020

    A healthy data culture is key to amplifying the power of your data and to building and sustaining an effective data governance program.

    What does a healthy data culture look like?

    • Everybody knows the data.
    • Everybody trusts the data.
    • Everybody talks about the data.

    Building a culture of data excellence.

    Leverage Info-Tech’s Data Culture Diagnostic to understand your organization’s culture around data.

    Screenshot of Data Culture Scorecard

    Contact your Info-Tech Account Representative for more information on the Data Culture Diagnostic

    Cultivating a data-driven culture is not easy

    “People are at the heart of every culture, and one of the biggest challenges to creating a data culture is bringing everyone into the fold.” – Lim, Alation

    It cannot be purchased or manufactured,

    It must be nurtured and developed,

    And it must evolve as the business, user, and data landscapes evolve.

    “Companies that have succeeded in their data-driven efforts understand that forging a data culture is a relentless pursuit, and magic bullets and bromides do not deliver results.” – Randy Bean, 2020

    Hallmarks of a data-driven culture

    There is a trusted, single source of data the whole company can draw from.

    There’s a business glossary and data catalog and users know what the data fields mean.

    Users have access to data and analytics tools. Employees can leverage data immediately to resolve a situation, perform an activity, or make a decision – including frontline workers.

    Data literacy, the ability to collect, manage, evaluate, and apply data in a critical manner, is high.

    Data is used for decision making. The company encourages decisions based on objective data and the intelligent application of it.

    A data-driven culture requires a number of elements:

    • High-quality data
    • Broad access and data literacy
    • Data-driven decision-making processes
    • Effective communication

    Data Literacy

    Data literacy is an essential part of a data-driven culture.

    • Building a data-driven culture takes an ongoing investment of time, effort, and money.
    • This investment will not realize its full return without building up the organization’s data literacy.
    • Data literacy is about filling data knowledge gaps across all levels of the organization.
    • It’s about ensuring all users – senior leadership right through to core users – are equipped with appropriate levels of training, skills, understanding, and awareness around the organization’s data and the use of associated tools and technologies. Data literacy ensures users have the data they need and they know how to interpret and leverage it.
    • Data literacy drives the appetite, demand, and consumption for data.
    • A data-literate culture is one where the users feel confident and skilled in their use of data, leveraging it for making informed or evidence-based decisions and generating insights for the organization.

    Data Management

    • Data governance serves as an enabler to all of the core components that make up data management:
      • Data quality management
      • Data architecture management
      • Data platform
      • Data integration
      • Data operations management
      • Data risk management
      • Reference and master data management (MDM)
      • Document and content management
      • Metadata management
      • Business intelligence (BI), reporting, analytics and advanced analytics, artificial intelligence (AI), machine learning (ML)
    • Key tools such as the business data glossary and data catalog are vital for operationalizing data governance and in supporting data management disciplines such as data quality management, metadata management, and MDM as well as BI, reporting, and analytics.

    Enterprise Projects & Services

    • Data governance serves as an enabler to enterprise projects and services that require, use, share, sell, and/or rely on data for their viability and, ultimately, their success.
    • Folding or embedding data governance into the organization’s project management function or project management office (PMO) serves to ensure that, for any initiative, suitable consideration is given to how data is treated.
    • This may include defining parameters, following standards and procedures around bringing in new sources of data, integrating that data into the organization’s data ecosystem, using and sharing that data, and retaining that data post-project completion.
    • The data governance function helps to identify and manage any ethical issues, whether at the start of the project and/or throughout.
    • It provides a foundation for asking relevant questions as it relates to the use or incorporation of data in delivering the specific project or service. Do we know where the data obtained from? Do we have rights to use that data? Are there legislations, policies, or regulations that guide or dictate how that data can be used? What are the positive effects, negative impacts, and/or risks associated with our intended use of that data? Are we positioned to mitigate those risks?
    • Mature data governance creates organizations where the above considerations around data management and the ethical use and handling of data is routinely implemented across the business and in the rollout and delivery of projects and services.

    Data Privacy & Security

    • Data governance supports the organization’s data privacy and security functions.
    • Key tools include the data classification policy and standards and defined roles around data ownership and data stewardship. These are vital for operationalizing data governance and supporting data privacy, security, and the ethical use and handling of data.
    • While some organizations may have a dedicated data security and privacy group, data governance provides an added level of oversight in this regard.
    • Some of the typical checks and balances include ensuring:
      • There are policies and procedures in place to restrict and monitor staff’s access to data (one common way this is done is according to job descriptions and responsibilities) and that these comply with relevant laws and regulations.
      • There’s a data classification scheme in place where data has been classified on a hierarchy of sensitivity (e.g. top secret, confidential, internal, limited, public).
      • The organization has a comprehensive data security framework, including administrative, physical, and technical procedures for addressing data security issues (e.g. password management and regular training).
      • Risk assessments are conducted, including an evaluation of risks and vulnerabilities related to intentional and unintentional misuse of data.
      • Policies and procedures are in place to mitigate the risks associated with incidents such as data breaches.
      • The organization regularly audits and monitors its data security.

    Ethical Use & Handling of Data

    Data governance will support your organization’s ethical use and handling of data by facilitating definition around important factors, such as:

    • What are the various data assets in the organization and what purpose(s) can they be used for? Are there any limitations?
    • Who is the related data owner? Who holds accountability for that data? Who will be answerable?
    • Where was the data obtained from? What is the intended use of that data? Do you have rights to use that data? Are there legislations, policies, or regulations that guide or dictate how that data can be used?
    • What are the positive effects, negative impacts, and/or risks associated with the use of that data?

    Ethical Use & Handling of Data

    • Data governance serves as an enabler to the ethical use and handling of an organization’s data.
    • The Open Data Institute (ODI) defines data ethics as: “A branch of ethics that evaluates data practices with the potential to adversely impact on people and society – in data collection, sharing and use.”
    • Data ethics relates to good practice around how data is collected, used and shared. It’s especially relevant when data activities have the potential to impact people and society, whether directly or indirectly (Open Data Institute, 2019).
    • A failure to handle and use data ethically can negatively impact an organization’s direct stakeholders and/or the public at large, lead to a loss of trust and confidence in the organization's products and services, lead to financial loss, and impact the organization’s brand, reputation, and legal standing.
    • Data governance plays a vital role in building and managing your data assets, knowing what data you have, and knowing the limitations of that data. Data ownership, data stewardship, and your data governance decision-making body are key tenets and foundational components of your data governance. They enable an organization to define, categorize, and confidently make decisions about its data.

    Step 2.2

    Gauge Your Organization’s Current Data Culture

    Activities

    2.2.1 Gauge Your Organization’s Current Data Culture

    This step will guide you through the following activities:

    • Conduct a data culture survey or leverage Info-Tech’s Data Culture Diagnostic to increase your understanding of your organization’s data culture

    Outcomes of this step

    • An understanding of your organizational data culture

    2.2.1 Gauge Your Organization’s Current Data Culture

    Conduct a Data Culture Survey or Diagnostic

    The objectives of conducting a data culture survey are to increase the understanding of the organization's data culture, your users’ appetite for data, and their appreciation for data in terms of governance, quality, accessibility, ownership, and stewardship. To perform a data culture survey:

    1. Identify members of the data user base, data consumers, and other key stakeholders for surveying.
    2. Conduct an information session to introduce Info-Tech’s Data Culture Diagnostic survey. Explain the objective and importance of the survey and its role in helping to understand the organization’s current data culture and inform the improvement of that culture.
    3. Roll out the Info-Tech Data Culture Diagnostic survey to the identified users and stakeholders.
    4. Debrief and document the results and scorecard in the Data Strategy Stakeholder Interview Guide and Findings document.

    Input

    • Email addresses of participants in your organization who should receive the survey

    Output

    • Your organization’s Data Culture Scorecard for understanding current data culture as it relates to the use and consumption of data
    • An understanding of whether data is currently perceived to be an asset to the organization

    Materials

    Screenshot of Data Culture Scorecard

    Participants

    • Participants include those at the senior leadership level through to middle management, as well as other business stakeholders at varying levels across the organization
    • Data owners, stewards, and custodians
    • Core data users and consumers

    Contact your Info-Tech Account Representative for details on launching a Data Culture Diagnostic.

    Phase 3

    Build a Target State Roadmap and Plan

    Three circles are in the image that list the three phases and the main steps. Phase 3 is highlighted.

    “Achieving data success is a journey, not a sprint.” Companies that set a clear course, with reasonable expectations and phased results over a period of time, get to the destination faster.” – Randy Bean, 2020

    This phase will guide you through the following activities:

    • Build your Data Governance Roadmap
    • Develop a target state plan comprising of prioritized initiatives

    This phase involves the following participants:

    • Data Governance Leadership
    • Data Owners/Data Stewards
    • Data Custodians
    • Data Governance Working Group(s)

    Step 3.1

    Formulate an Actionable Roadmap and Right-Sized Plan

    This step will guide you through the following activities:

    • Build your data governance roadmap
    • Develop a target state plan comprising of prioritized initiatives

    Outcomes of this step

    • A foundation for data governance initiative planning that’s aligned with the organization’s business architecture: value streams, business capability map, and strategy map

    Build a right-sized roadmap

    Formulate an actionable roadmap that is right sized to deliver value in your organization.

    Key considerations:

    • When building your data governance roadmap, ensure you do so through an enterprise lens. Be cognizant of other initiatives that might be coming down the pipeline that may require you to align your data governance milestones accordingly.
    • Apart from doing your planning with consideration for other big projects or launches that might be in-flight and require the time and attention of your data governance partners, also be mindful of the more routine yet still demanding initiatives.
    • When doing your roadmapping, consider factors like the organization’s fiscal cycle, typical or potential year-end demands, and monthly/quarterly reporting periods and audits. Initiatives such as these are likely to monopolize the time and focus of personnel key to delivering on your data governance milestones.

    Sample milestones:

    Data Governance Leadership & Org Structure Definition

    Define the home for data governance and other key roles around ownership and stewardship, as approved by senior leadership.

    Data Governance Charter and Policies

    Create a charter for your program and build/refresh associated policies.

    Data Culture Diagnostic

    Understand the organization’s current data culture, perception of data, value of data, and knowledge gaps.

    Use Case Build and Prioritization

    Build a use case that is tied to business capabilities. Prioritize accordingly.

    Business Data Glossary/Catalog

    Build and/or refresh the business’ glossary for addressing data definitions and standardization issues.

    Tools & Technology

    Explore the tools and technology offering in the data governance space that would serve as an enabler to the program. (e.g. RFI, RFP).

    Recall: Info-Tech’s Data Governance Framework

    An image of Info-Tech's Data Governance Framework

    Build an actionable roadmap

    Data Governance Leadership & Org Structure Division

    Define key roles for getting started.

    Use Case Build & Prioritization

    Start small and then scale – deliver early wins.

    Literacy Program

    Start understanding data knowledge gaps, building the program, and delivering.

    Tools & Technology

    Make the available data governance tools and technology work for you.

    Key components of your data governance roadmap

    By now, you have assessed current data governance environment and capabilities. Use this assessment, coupled with the driving needs of your business, to plot your data Governance roadmap accordingly.

    Sample data governance roadmap milestones:

    • Define data governance leadership.
    • Define and formalize data ownership and stewardship (as well as the role IT/data management will play as data custodians).
    • Build/confirm your business capability map and data domains.
    • Build business data use cases specific to business capabilities.
    • Define business measures/KPIs for the data governance program (i.e. metrics by use case that are relevant to business capabilities).
    • Data management:
      • Build your data glossary or catalog starting with identified and prioritized terms.
      • Define data domains.
    • Design and define the data governance operating model (oversight model definition, communication plan, internal marketing such as townhalls, formulate change management plan, RFP of data governance tool and technology options for supporting data governance and its administration).
    • Data policies and procedures:
      • Formulate, update, refresh, consolidate, rationalize, and/or retire data policies and procedures.
      • Define policy management and administration framework (i.e. roll-out, maintenance, updates, adherence, system to be used).
    • Conduct Info-Tech’s Data Culture Diagnostic or survey (across all levels of the organization).
    • Define and formalize the data literacy program (build modules, incorporate into LMS, plan lunch and learn sessions).
    • Data privacy and security: build data classification policy, define classification standards.
    • Enterprise projects and services: embed data governance in the organization’s PMO, conduct “Data Governance 101” for the PMO.

    Defining data governance roles and organizational structure at Organization

    The approach employed for defining the data governance roles and supporting organizational structure for .

    Key Considerations:

    • The data owner and data steward roles are formally defined and documented within the organization. Their involvement is clear, well-defined, and repeatable.
    • There are data owners and data stewards for each data domain within the organization. The data steward role is given to someone with a high degree of subject matter expertise.
    • Data owners and data stewards are effective in their roles by ensuring that their data domain is clean and free of errors and that they protect the organization against data loss.
    • Data owners and data stewards have the authority to make final decisions on data definitions, formats, and standard processes that apply to their respective data sets. Data owners and data stewards have authority regarding who has access to certain data.
    • Data owners and data stewards are not from the IT side of the organization. They understand the lifecycle of the data (how it is created, curated, retrieved, used, archived, and destroyed) and they are well-versed in any compliance requirements as it relates to their data.
    • The data custodian role is formally defined and is given to the relevant IT expert. This is an individual with technical administrative and/or operational responsibility over data (e.g. a DBA).
    • A data governance steering committee exists and is comprised of well-defined roles, responsibilities, executive sponsors, business representatives, and IT experts.
    • The data governance steering committee works to provide oversight and enforce policies, procedures, and standards for governing data.
    • The data governance working group has cross-functional representation. This comprises business and IT representation, as well as project management and change management where applicable: data stewards, data custodians, business subject matter experts, PM, etc.).
    • Data governance meetings are coordinated and communicated about. The meeting agenda is always clear and concise, and meetings review pressing data-related issues. Meeting minutes are consistently documented and communicated.

    Sample: Business capabilities to data owner and data stewards mapping for a selected data domain

    Info-Tech Insight

    Your organization’s value streams and the associated business capabilities require effectively governed data. Without this, you face elevated operational costs, missed opportunities, eroded stakeholder satisfaction, and exposure to increased business risk.

    Enable business capabilities with data governance role definitions.

    Sample: Business capabilities to data owner and data stewards mapping for a selected data domain

    Consider your technology options:

    Make the available data governance tools and technology work for you:

    • Data catalog
    • Business data glossary
    • Data lineage
    • Metadata management

    Logos of data governance tools and technology.

    These are some of the data governance tools and technology players. Check out SoftwareReviews for help making better software decisions.

    Make the data steward the catalyst for organizational change and driving data culture

    The data steward must be empowered and backed politically with decision-making authority, or the role becomes stale and powerless.

    Ensuring compliance can be difficult. Data stewards may experience pushback from stakeholders who must deliver on the policies, procedures, and processes that the data steward enforces.

    Because the data steward must enforce data processes and liaise with so many different people and departments within the organization, the data steward role should be their primary full-time job function – where possible.

    However, in circumstances where budget doesn’t allow a full-time data steward role, develop these skills within the organization by adding data steward responsibilities to individuals who are already managing data sets for their department or line of business.

    Info-Tech Tip

    A stewardship role is generally more about managing the cultural change that data governance brings. This requires the steward to have exceptional interpersonal skills that will assist in building relationships across departmental boundaries and ensuring that all stakeholders within the organization believe in the initiative, understand the anticipated outcomes, and take some level of responsibility for its success.

    Changes to organizational data processes are inevitable; have a communication plan in place to manage change

    Create awareness of your data governance program. Use knowledge transfer to get as many people on board as possible.

    Data governance initiatives must contain a strong organizational disruption component. A clear and concise communication strategy that conveys milestones and success stories will address the various concerns that business unit stakeholders may have.

    By planning for and efficiently communicating any changes that a data governance initiative may bring, many initial issues can be resolved from the outset.

    Governance recommendations will require significant business change. The redesign of a substantial number of data processes affecting various business units will require an overhaul of the organization’s culture, thought processes, and procedures surrounding its data. Preparing people for change well in advance will allow them to take the necessary steps to adapt and reduce potential confrontation.

    Because a data governance initiative will involve data-driven business units across the organization, the governance team must present a compelling case for data governance to ensure acceptance of new processes, rules, guidelines, and technologies by all data producers and users.

    Attempting to implement change without an effective communication plan can result in disagreements over data control and stalemates between stakeholder units. The recommendations of the governance group must reflect the needs of all stakeholders or there will be pushback.

    Info-Tech Insight

    Launching a data governance initiative is guaranteed to disrupt the culture of the organization. That disruption doesn’t have to be detrimental if you are prepared to manage the change proactively and effectively.

    Create a common data governance vision that is consistently communicated to the organization

    A data governance program should be an enterprise-wide initiative.

    To create a strong vision for data governance, there must be participation from the business and IT. A common vision will articulate the state the organization wishes to achieve and how it will reach that state. Visioning helps to develop long-term goals and direction.

    Once the vision is established, it must be effectively communicated to everyone, especially those who are involved in creating, managing, disposing, or archiving data.

    The data governance program should be periodically refined. This will ensure the organization continues to incorporate best methods and practices as the organization grows and data needs evolve.

    Info-Tech Tips

    • Use information from the stakeholder interviews to derive business goals and objectives.
    • Work to integrate different opinions and perspectives into the overall vision for data governance.
    • Brainstorm guiding principles for data and understand the overall value to the organization.

    Develop a compelling data governance communications plan to get all departmental lines of business on board

    A data governance program will impact all data-driven business units within the organization.

    A successful data governance communications plan involves making the initiative visible and promoting staff awareness. Educate the team on how data is collected, distributed, and used, what internal processes use data, and how that data is used across departmental boundaries.

    By demonstrating how data governance will affect staff directly, you create a deeper level of understanding across lines of business, and ultimately, a higher level of acceptance for new processes, rules, and guidelines.

    A clear and concise communications strategy will raise the profile of data governance within the organization, and staff will understand how the program will benefit them and how they can share in the success of the initiative. This will end up providing support for the initiative across the board.

    A proactive communications plan will:

    • Assist in overcoming issues with data control, stalemates between stakeholder units, and staff resistance.
    • Provide a formalized process for implementing new policies, rules, guidelines, and technologies, and managing organizational data.
    • Detail data ownership and accountability for decision making, and identify and resolve data issues throughout the organization.
    • Encourage acceptance and support of the initiative.

    Info-Tech Tip

    Focus on literacy and communication: include training in the communication plan. Providing training for data users on the correct procedures for updating and verifying the accuracy of data, data quality, and standardized data policies will help validate how data governance will benefit them and the organization.

    Leverage the data governance program to communicate and promote the value of data within the organization

    The data governance program is responsible for continuously promoting the value of data to the organization. The data governance program should seek a variety of ways to educate the organization and data stakeholders on the benefit of data management.

    Even if data policies and procedures are created, they will be highly ineffective if they are not properly communicated to the data producers and users alike.

    There needs to be a communication plan that highlights how the data producer and user will be affected, what their new responsibilities are, and the value of that change.

    To learn how to manage organizational change, refer to Info-Tech’s Master Organizational Change Management Practices.

    Understand what makes for an effective policy for data governance

    It can be difficult to understand what a policy is, and what it is not. Start by identifying the differences between a policy and standards, guidelines, and procedures.

    Diagram of an effective policy for data governance

    The following are key elements of a good policy:

    Heading Descriptions
    Purpose Describes the factors or circumstances that mandate the existence of the policy. Also states the policy’s basic objectives and what the policy is meant to achieve.
    Scope Defines to whom and to what systems this policy applies. Lists the employees required to comply or simply indicates “all” if all must comply. Also indicates any exclusions or exceptions, i.e. those people, elements, or situations that are not covered by this policy or where special consideration may be made.
    Definitions Define any key terms, acronyms, or concepts that will be used in the policy. A standard glossary approach is sufficient.
    Policy Statements Describe the rules that comprise the policy. This typically takes the form of a series of short prescriptive and proscriptive statements. Sub-dividing this section into sub-sections may be required depending on the length or complexity of the policy.
    Non-Compliance Clearly describe consequences (legal and/or disciplinary) for employee non-compliance with the policy. It may be pertinent to describe the escalation process for repeated non-compliance.
    Agreement Confirms understanding of the policy and provides a designated space to attest to the document.

    Leverage myPolicies, Info-Tech’s web-based application for managing your policies and procedures

    Most organizations have problems with policy management. These include:

    1. Policies are absent or out of date
    2. Employees largely unaware of policies in effect
    3. Policies are unmonitored and unenforced
    4. Policies are in multiple locations
    5. Multiple versions of the same policy exist
    6. Policies managed inconsistently across different silos
    7. Policies are written poorly by untrained authors
    8. Inadequate policy training program
    9. Draft policies stall and lose momentum
    10. Weak policy support from senior management

    Technology should be used as a means to solve these problems and effectively monitor, enforce, and communicate policies.

    Product Overview

    myPolicies is a web-based solution to create, distribute, and manage corporate policies, procedures, and forms. Our solution provides policy managers with the tools they need to mitigate the risk of sanctions and reduce the administrative burden of policy management. It also enables employees to find the documents relevant to them and build a culture of compliance.

    Some key success factors for policy management include:

    • Store policies in a central location that is well known and easy to find and access. A key way that technology can help communicate policies is by having them published on a centralized website.
    • Link this repository to other policies’ taxonomies of your organization. E.g. HR policies to provide a single interface for employees to access guidance across the organization.
    • Reassess policies annually at a minimum. myPolicies can remind you to update the organization’s policies at the appropriate time.
    • Make the repository searchable and easily navigable.
    • myPolicies helps you do all this and more.
    myPolicies logo myPolicies

    Enforce data policies to promote consistency of business processes

    Data policies are short statements that seek to manage the creation, acquisition, integrity, security, compliance, and quality of data. These policies vary amongst organizations, depending on your specific data needs.

    • Policies describe what to do, while standards and procedures describe how to do something.
    • There should be few data policies, and they should be brief and direct. Policies are living documents and should be continuously updated to respond to the organization’s data needs.
    • The data policies should highlight who is responsible for the data under various scenarios and rules around how to manage it effectively.

    Examples of Data Policies

    Trust

    • Data Cleansing and Quality Policy
    • Data Entry Policy

    Availability

    • Acceptable Use Policy
    • Data Backup Policy

    Security

    • Data Security Policy
    • Password Policy Template
    • User Authorization, Identification, and Authentication Policy Template
    • Data Protection Policy

    Compliance

    • Archiving Policy
    • Data Classification Policy
    • Data Retention Policy

    Leverage data management-related policies to standardize your data management practices

    Info-Tech’s Data Management Policy:

    This policy establishes uniform data management standards and identifies the shared responsibilities for assuring the integrity of the data and that it efficiently and effectively serves the needs of the organization. This policy applies to all critical data and to all staff who may be creators and/or users of such data.

    Info-Tech’s Data Entry Policy:

    The integrity and quality of data and evidence used to inform decision making is central to both the short-term and long-term health of an organization. It is essential that required data be sourced appropriately and entered into databases and applications in an accurate and complete manner to ensure the reliability and validity of the data and decisions made based on the data.

    Info-Tech’s Data Provenance Policy:

    Create policies to keep your data's value, such as:

    • Only allow entry of data from reliable sources.
    • Employees entering and accessing data must observe requirements for capturing/maintaining provenance metadata.
    • Provenance metadata will be used to track the lifecycle of data from creation through to disposal.

    Info-Tech’s Data Integration and Virtualization Policy:

    This policy aims to assure the organization, staff, and other interested parties that data integration, replication, and virtualization risks are taken seriously. Staff must use the policy (and supporting guidelines) when deciding whether to integrate, replicate, or virtualize data sets.

    Select the right mix of metrics to successfully supervise data policies and processes

    Policies are only as good as your level of compliance. Ensure supervision controls exist to oversee adherence to policies and procedures.

    Although they can be highly subjective, metrics are extremely important to data governance success.

    • Establishing metrics that measure the performance of a specific process or data set will:
      • Create a greater degree of ownership from data stewards and data owners.
      • Help identify underperforming individuals.
      • Allow the steering committee to easily communicate tailored objectives to individual data stewards and owners.
    • Be cautious when establishing metrics. The wrong metrics can have negative repercussions.
      • They will likely draw attention to an aspect of the process that doesn’t align with the initial strategy.
      • Employees will work hard and grow frustrated as their successes aren’t accurately captured.

    Policies are great to have from a legal perspective, but unless they are followed, they will not benefit the organization.

    • One of the most useful metrics for policies is currency. This tracks how up to date the policy is and how often employees are informed about the policy. Often, a policy will be introduced and then ignored. Policies must be continuously reviewed by management and employees.
    • Some other metrics include adherence (including performance in tests for adherence) and impacts from non-adherence.

    Review metrics on an ongoing basis with those data owners/stewards who are accountable, the data governance steering committee, and the executive sponsors.

    Establish data standards and procedures for use across all organizational lines of business

    A data governance program will impact all data-driven business units within the organization.

    • Data management procedures are the methods, techniques, and steps to accomplish a specific data objective. Creating standard data definitions should be one of the first tasks for a data governance steering committee.
    • Data moves across all departmental boundaries and lines of business within the organization. These definitions must be developed as a common set of standards that can be accepted and used enterprise wide.
    • Consistent data standards and definitions will improve data flow across departmental boundaries and between lines of business.
    • Ensure these standards and definitions are used uniformly throughout the organization to maintain reliable and useful data.

    Data standards and procedural guidelines will vary from company to company.

    Examples include:

    • Data modeling and architecture standards.
    • Metadata integration and usage procedures.
    • Data security standards and procedures.
    • Business intelligence standards and procedures.

    Info-Tech Tip

    Have a fundamental data definition model for the entire business to adhere to. Those in the positions that generate and produce data must follow the common set of standards developed by the steering committee and be accountable for the creation of valid, clean data.

    Changes to organizational data processes are inevitable; have a communications plan in place to manage change

    Create awareness of your data governance program, using knowledge transfer to get as many people on board as possible.

    By planning for and efficiently communicating any changes that a data governance initiative may bring, many initial issues can be resolved from the outset.

    Governance recommendations will require significant business change. The redesign of a substantial number of data processes affecting various business units will require an overhaul of the organization’s culture, thought processes, and procedures surrounding its data. Preparing people for change well in advance will allow them to take the necessary steps to adapt and reduce potential confrontation.

    Because a data governance initiative will involve data-driven business units across the organization, the governance team must present a compelling case for data governance to ensure acceptance of new processes, rules, guidelines, and technologies by all data producers and users.

    Attempting to implement change without an effective communications plan can result in disagreements over data control and stalemates between stakeholder units. The recommendations of the governance group must reflect the needs of all stakeholders or there will be pushback.

    Data governance initiatives will very likely bring about a level of organizational disruption. A clear and concise communications strategy that conveys milestones and success stories will address the various concerns that business unit stakeholders may have.

    Info-Tech Tip

    Launching a data governance program will bring with it a level of disruption to the culture of the organization. That disruption doesn’t have to be detrimental if you are prepared to manage the change proactively and effectively.

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Picture of analyst

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team. Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Screenshot of example data governance strategy map.

    Build Your Business and User Context

    Work with your core team of stakeholders to build out your data governance strategy map, aligning data governance initiatives with business capabilities, value streams, and, ultimately, your strategic priorities.

    Screenshot of Data governance roadmap

    Formulate a Plan to Get to Your Target State

    Develop a data governance future state roadmap and plan based on an understanding of your current data governance capabilities, your operating environment, and the driving needs of your business.

    Related Info-Tech Research

    Build a Robust and Comprehensive Data Strategy

    Key to building and fostering a data-driven culture.

    Create a Data Management Roadmap

    Streamline your data management program with our simplified framework.

    The First 100 Days as CDO

    Be the voice of data in a time of transformation.

    Research Contributors

    Name Position Company
    David N. Weber Executive Director - Planning, Research and Effectiveness Palm Beach State College
    Izabela Edmunds Information Architect Mott MacDonald
    Andy Neill Practice Lead, Data & Analytics Info-Tech Research Group
    Dirk Coetsee Research Director, Data & Analytics Info-Tech Research Group
    Graham Price Executive Advisor, Advisory Executive Services Info-Tech Research Group
    Igor Ikonnikov Research Director, Data & Analytics Info-Tech Research Group
    Jean Bujold Senior Workshop Delivery Director Info-Tech Research Group
    Rajesh Parab Research Director, Data & Analytics Info-Tech Research Group
    Reddy Doddipalli Senior Workshop Director Info-Tech Research Group
    Valence Howden Principal Research Director, CIO Info-Tech Research Group

    Bibliography

    Alation. “The Alation State of Data Culture Report – Q3 2020.” Alation, 2020. Accessed 25 June 2021.

    Allott, Joseph, et al. “Data: The next wave in forestry productivity.” McKinsey & Company, 27 Oct. 2020. Accessed 25 June 2021.

    Bean, Randy. “Why Culture Is the Greatest Barrier to Data Success.” MIT Sloan Management Review, 30 Sept. 2020. Accessed 25 June 2021.

    Brence, Thomas. “Overcoming the Operationalization Challenge with Data Governance at New York Life.” Informatica, 18 March 2020. Accessed 25 June 2021.

    Bullmore, Simon, and Stuart Coleman. “ODI Inside Business – a checklist for leaders.” Open Data Institute, 19 Oct. 2020. Accessed 25 June 2021.

    Canadian Institute for Health Information. “Developing and implementing accurate national standards for Canadian health care information.” Canadian Institute for Health Information. Accessed 25 June 2021.

    Carruthers, Caroline, and Peter Jackson. “The Secret Ingredients of the Successful CDO.” IRM UK Connects, 23 Feb. 2017.

    Dashboards. “Useful KPIs for Healthy Hospital Quality Management.” Dashboards. Accessed 25 June 2021.

    Dashboards. “Why (and How) You Should Improve Data Literacy in Your Organization Today.” Dashboards. Accessed 25 June 2021.

    Datapine. “Healthcare Key Performance Indicators and Metrics.” Datapine. Accessed 25 June 2021.

    Datapine. “KPI Examples & Templates: Measure what matters the most and really impacts your success.” Datapine. Accessed 25 June 2021.

    Diaz, Alejandro, et al. “Why data culture matters.” McKinsey Quarterly, Sept. 2018. Accessed 25 June 2021.

    Everett, Dan. “Chief Data Officer (CDO): One Job, Four Roles.” Informatica, 9 Sept. 2020. Accessed 25 June 2021.

    Experian. “10 signs you are sitting on a pile of data debt.” Experian. Accessed 25 June 2021.

    Fregoni, Silvia. “New Research Reveals Why Some Business Leaders Still Ignore the Data.” Silicon Angle, 1 Oct. 2020.

    Informatica. Holistic Data Governance: A Framework for Competitive Advantage. Informatica, 2017. Accessed 25 June 2021.

    Knight, Michelle. “What Is a Data Catalog?” Dataversity, 28 Dec. 2017. Web.

    Lim, Jason. “Alation 2020.3: Getting Business Users in the Game.” Alation, 2020. Accessed 25 June 2021.

    McDonagh, Mariann. “Automating Data Governance.” Erwin, 29 Oct. 2020. Accessed 25 June 2021.

    NewVantage Partners. Data-Driven Business Transformation: Connecting Data/AI Investment to Business Outcomes. NewVantage Partners, 2020. Accessed 25 June 2021.

    Olavsrud, Thor. “What is data governance? A best practices framework for managing data assets.” CIO.com, 18 March 2021. Accessed 25 June 2021.

    Open Data Institute. “Introduction to data ethics and the data ethics canvas.” Open Data Institute, 2020. Accessed 25 June 2021.

    Open Data Institute. “The UK National Data Strategy 2020: doing data ethically.” Open Data Institute, 17 Nov. 2020. Accessed 25 June 2021.

    Open Data Institute. “What is the Data Ethics Canvas?” Open Data Institute, 3 July 2019. Accessed 25 June 2021.

    Pathak, Rahul. “Becoming a Data-Driven Enterprise: Meeting the Challenges, Changing the Culture.” MIT Sloan Management Review, 28 Sept. 2020. Accessed 25 June 2021.

    Redman, Thomas, et al. “Only 3% of Companies’ Data Meets Basic Quality Standards.” Harvard Business Review. 11 Sept 2017.

    Petzold, Bryan, et al. “Designing data governance that delivers value.” McKinsey & Company, 26 June 2020. Accessed 25 June 2021.

    Smaje, Kate. “How six companies are using technology and data to transform themselves.” McKinsey & Company, 12 Aug. 2020. Accessed 25 June 2021.

    Talend. “The Definitive Guide to Data Governance.” Talend. Accessed 25 June 2021.

    “The Powerfully Simple Modern Data Catalog.” Atlan, 2021. Web.

    U.S. Geological Survey. “Data Management: Data Standards.” U.S. Geological Survey. Accessed 25 June 2021.

    Waller, David. “10 Steps to Creating a Data-Driven Culture.” Harvard Business Review, 6 Feb. 2020. Accessed 25 June 2021.

    “What is the Difference Between A Business Glossary, A Data Dictionary, and A Data Catalog, and How Do They Play A Role In Modern Data Management?” Analytics8, 23 June 2021. Web.

    Wikipedia. “RFM (market research).” Wikipedia. Accessed 25 June 2021.

    Windheuser, Christoph, and Nina Wainwright. “Data in a Modern Digital Business.” Thoughtworks, 12 May 2020. Accessed 25 June 2021.

    Wright, Tom. “Digital Marketing KPIs - The 12 Key Metrics You Should Be Tracking.” Cascade, 3 March 2021. Accessed 25 June 2021.

    Mergers & Acquisitions: The Sell Blueprint

    • Buy Link or Shortcode: {j2store}324|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy

    There are four key scenarios or entry points for IT as the selling/divesting organization in M&As:

    • IT can suggest a divestiture to meet the business objectives of the organization.
    • IT is brought in to strategy plan the sale/divestiture from both the business’ and IT’s perspectives.
    • IT participates in due diligence activities and complies with the purchasing organization’s asks.
    • IT needs to reactively prepare its environment to enable the separation.

    Consider the ideal scenario for your IT organization.

    Our Advice

    Critical Insight

    Divestitures are inevitable in modern business, and IT’s involvement in the process should be too. This progression is inspired by:

    • The growing trend for organizations to increase, decrease, or evolve through these types of transactions.
    • A maturing business perspective of IT, preventing the difficulty that IT is faced with when invited into the transaction process late.
    • Transactions that are driven by digital motivations, requiring IT’s expertise.
    • There never being such a thing as a true merger, making the majority of M&A activity either acquisitions or divestitures.

    Impact and Result

    Prepare for a sale/divestiture transaction by:

    • Recognizing the trend for organizations to engage in M&A activity and the increased likelihood that, as an IT leader, you will be involved in a transaction in your career.
    • Creating a standard strategy that will enable strong program management.
    • Properly considering all the critical components of the transaction and integration by prioritizing tasks that will reduce risk, deliver value, and meet stakeholder expectations.

    Mergers & Acquisitions: The Sell Blueprint Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how your organization can excel its reduction strategy by engaging in M&A transactions. Review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Proactive Phase

    Be an innovative IT leader by suggesting how and why the business should engage in an acquisition or divestiture.

    • One-Pager: M&A Proactive
    • Case Study: M&A Proactive
    • Information Asset Audit Tool
    • Data Valuation Tool
    • Enterprise Integration Process Mapping Tool
    • Risk Register Tool
    • Security M&A Due Diligence Tool
    • Service Catalog Internal Service Level Agreement Template

    2. Discovery & Strategy

    Create a standardized approach for how your IT organization should address divestitures or sales.

    • One-Pager: M&A Discovery & Strategy – Sell
    • Case Study: M&A Discovery & Strategy – Sell

    3. Due Diligence & Preparation

    Comply with due diligence, prepare the IT environment for carve-out possibilities, and establish the separation project plan.

    • One-Pager: M&A Due Diligence & Preparation – Sell
    • Case Study: M&A Due Diligence & Preparation – Sell
    • IT Due Diligence Charter
    • IT Culture Diagnostic
    • M&A Separation Project Management Tool (SharePoint)
    • SharePoint Template: Step-by-Step Deployment Guide
    • M&A Separation Project Management Tool (Excel)

    4. Execution & Value Realization

    Deliver on the separation project plan successfully and communicate IT’s transaction value to the business.

    • One-Pager: M&A Execution & Value Realization – Sell
    • Case Study: M&A Execution & Value Realization – Sell

    Infographic

    Workshop: Mergers & Acquisitions: The Sell Blueprint

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Pre-Transaction Discovery & Strategy

    The Purpose

    Establish the transaction foundation.

    Discover the motivation for divesting or selling.

    Formalize the program plan.

    Create the valuation framework.

    Strategize the transaction and finalize the M&A strategy and approach.

    Key Benefits Achieved

    All major stakeholders are on the same page.

    Set up crucial elements to facilitate the success of the transaction.

    Have a repeatable transaction strategy that can be reused for multiple organizations.

    Activities

    1.1 Conduct the CIO Business Vision and CEO-CIO Alignment diagnostics.

    1.2 Identify key stakeholders and outline their relationship to the M&A process.

    1.3 Understand the rationale for the company's decision to pursue a divestiture or sale.

    1.4 Assess the IT/digital strategy.

    1.5 Identify pain points and opportunities tied to the divestiture/sale.

    1.6 Create the IT vision statement and mission statement and identify IT guiding principles and the transition team.

    1.7 Document the M&A governance.

    1.8 Establish program metrics.

    1.9 Create the valuation framework.

    1.10 Establish the separation strategy.

    1.11 Conduct a RACI.

    1.12 Create the communication plan.

    1.13 Prepare to assess target organizations.

    Outputs

    Business perspectives of IT

    Stakeholder network map for M&A transactions

    Business context implications for IT

    IT’s divestiture/sale strategic direction

    Governance structure

    M&A program metrics

    IT valuation framework

    Separation strategy

    RACI

    Communication plan

    Prepared to assess target organization(s)

    2 Mid-Transaction Due Diligence & Preparation

    The Purpose

    Establish the foundation.

    Discover the motivation for separation.

    Identify expectations and create the carve-out roadmap.

    Prepare and manage employees.

    Plan the separation roadmap.

    Key Benefits Achieved

    All major stakeholders are on the same page.

    Methodology identified to enable compliance during due diligence.

    Employees are set up for a smooth and successful transition.

    Separation activities are planned and assigned.

    Activities

    2.1 Gather and evaluate the stakeholders involved, M&A strategy, future-state operating model, and governance.

    2.2 Review the business rationale for the divestiture/sale.

    2.3 Establish the separation strategy.

    2.4 Create the due diligence charter.

    2.5 Create a list of IT artifacts to be reviewed in the data room.

    2.6 Create a carve-out roadmap.

    2.7 Create a service/technical transaction agreement.

    2.8 Measure staff engagement.

    2.9 Assess the current culture and identify the goal culture.

    2.10 Create employee transition and functional workplans.

    2.11 Establish the separation roadmap.

    2.12 Establish and align project metrics with identified tasks.

    2.13 Estimate integration costs.

    Outputs

    Stakeholder map

    IT strategy assessed

    IT operating model and IT governance structure defined

    Business context implications for IT

    Separation strategy

    Due diligence charter

    Data room artifacts

    Carve-out roadmap

    Service/technical transaction agreement

    Engagement assessment

    Culture assessment

    Employee transition and functional workplans

    Integration roadmap and associated resourcing

    3 Post-Transaction Execution & Value Realization

    The Purpose

    Establish the transaction foundation.

    Discover the motivation for separation.

    Plan the separation roadmap.

    Prepare employees for the transition.

    Engage in separation.

    Assess the transaction outcomes.

    Key Benefits Achieved

    All major stakeholders are on the same page.

    Separation activities are planned and assigned.

    Employees are set up for a smooth and successful transition.

    Separation strategy and roadmap are executed to benefit the organization.

    Review what went well and identify improvements to be made in future transactions.

    Activities

    3.1 Identify key stakeholders and outline their relationship to the M&A process.

    3.2 Gather and evaluate the M&A strategy, future-state operating model, and governance.

    3.3 Review the business rationale for the divestiture/sale.

    3.4 Establish the separation strategy.

    3.5 Prioritize separation tasks.

    3.6 Establish the separation roadmap.

    3.7 Establish and align project metrics with identified tasks.

    3.8 Estimate separation costs.

    3.9 Measure staff engagement.

    3.10 Assess the current culture and identify the goal culture.

    3.11 Create employee transition and functional workplans.

    3.12 Complete the separation by regularly updating the project plan.

    3.13 Assess the service/technical transaction agreement.

    3.14 Confirm separation costs.

    3.15 Review IT’s transaction value.

    3.16 Conduct a transaction and separation SWOT.

    3.17 Review the playbook and prepare for future transactions.

    Outputs

    M&A transaction team

    Stakeholder map

    IT strategy assessed

    IT operating model and IT governance structure defined

    Business context implications for IT

    Separation strategy

    Separation roadmap and associated resourcing

    Engagement assessment

    Culture assessment

    Employee transition and functional workplans

    Updated separation project plan

    Evaluated service/technical transaction agreement

    SWOT of transaction

    M&A Sell Playbook refined for future transactions

    Further reading

    Mergers & Acquisitions: The Sell Blueprint

    For IT leaders who want to have a role in the transaction process when their business is engaging in an M&A sale or divestiture.

    EXECUTIVE BRIEF

    Analyst Perspective

    Don’t wait to be invited to the M&A table, make it.

    Photo of Brittany Lutes, Research Analyst, CIO Practice, Info-Tech Research Group.
    Brittany Lutes
    Research Analyst,
    CIO Practice
    Info-Tech Research Group
    Photo of Ibrahim Abdel-Kader, Research Analyst, CIO Practice, Info-Tech Research Group.
    Ibrahim Abdel-Kader
    Research Analyst,
    CIO Practice
    Info-Tech Research Group

    IT has always been an afterthought in the M&A process, often brought in last minute once the deal is nearly, if not completely, solidified. This is a mistake. When IT is brought into the process late, the business misses opportunities to generate value related to the transaction and has less awareness of critical risks or inaccuracies.

    To prevent this mistake, IT leadership needs to develop strong business relationships and gain respect for their innovative suggestions. In fact, when it comes to modern M&A activity, IT should be the ones suggesting potential transactions to meet business needs, specifically when it comes to modernizing the business or adopting digital capabilities.

    IT needs to stop waiting to be invited to the acquisition or divestiture table. IT needs to suggest that the table be constructed and actively work toward achieving the strategic objectives of the business.

    Executive Summary

    Your Challenge

    There are four key scenarios or entry points for IT as the selling/divesting organization in M&As:

    • IT can suggest a divestiture to meet the business objectives of the organization.
    • IT is brought in to strategy plan the sale/divestiture from both the business’ and IT’s perspectives.
    • IT participates in due diligence activities and complies with the purchasing organization’s asks.
    • IT needs to reactively prepare its environment to enable the separation.

    Consider the ideal scenario for your IT organization.

    Common Obstacles

    Some of the obstacles IT faces include:

    • IT is often told about the transaction once the deal has already been solidified and is now forced to meet unrealistic business demands.
    • The business does not trust IT and therefore does not approach IT to define value or reduce risks to the transaction process.
    • The people and culture element is forgotten or not given adequate priority.

    These obstacles often arise when IT waits to be invited into the transaction process and misses critical opportunities.

    Info-Tech's Approach

    Prepare for a sale/divestiture transaction by:

    • Recognizing the trend for organizations to engage in M&A activity and the increased likelihood that, as an IT leader, you will be involved in a transaction in your career.
    • Creating a standard strategy that will enable strong program management.
    • Properly considering all the critical components of the transaction and integration by prioritizing tasks that will reduce risk, deliver value, and meet stakeholder expectations.

    Info-Tech Insight

    As the number of merger, acquisition, and divestiture transactions continues to increase, so too does IT’s opportunity to leverage the growing digital nature of these transactions and get involved at the onset.

    The changing M&A landscape

    Businesses will embrace more digital M&A transactions in the post-pandemic world

    • When the pandemic occurred, businesses reacted by either pausing (61%) or completely cancelling (46%) deals that were in the mid-transaction state (Deloitte, 2020). The uncertainty made many organizations consider whether the risks would be worth the potential benefits.
    • However, many organizations quickly realized the pandemic is not a hindrance to M&A transactions but an opportunity. Over 16,000 American companies were involved in M&A transactions in the first six months of 2021 (The Economist). For reference, this had been averaging around 10,000 per six months from 2016 to 2020.
    • In addition to this transaction growth, organizations have increasingly been embracing digital. These trends increase the likelihood that, as an IT leader, you will engage in an M&A transaction. However, it is up to you when you get involved in the transactions.

    The total value of transactions in the year after the pandemic started was $1.3 billion – a 93% increase in value compared to before the pandemic. (Nasdaq)

    71% of technology companies anticipate that divestitures will take place as a result of the COVID-19 pandemic. (EY, 2020)

    Your challenge

    IT is often not involved in the M&A transaction process. When it is, it’s often too late.

    • The most important driver of an acquisition is the ability to access new technology (DLA Piper), and yet 50% of the time, IT isn’t involved in the M&A transaction at all (IMAA Institute, 2017).
    • Additionally, IT’s lack of involvement in the process negatively impacts the business:
      • Most organizations (60%) do not have a standardized approach to integration (Steeves and Associates), let alone separation.
      • Two-thirds of the time, the divesting organization and acquiring organization will either fail together or succeed together (McKinsey, 2015).
      • Less than half (47%) of organizations actually experience the positive results sought by the M&A transaction (Steeves and Associates).
    • Organizations pursuing M&A and not involving IT are setting themselves up for failure.

    Only half of M&A deals involve IT (Source: IMAA Institute, 2017)

    Common Obstacles

    These barriers make this challenge difficult to address for many organizations:

    • IT is rarely afforded the opportunity to participate in the transaction deal. When IT is invited, this often happens later in the process where separation will be critical to business continuity.
    • IT has not had the opportunity to demonstrate that it is a valuable business partner in other business initiatives.
    • One of the most critical elements that IT often doesn’t take the time or doesn’t have the time to focus on is the people and leadership component.
    • IT waits to be invited to the process rather then actively involving themselves and suggesting how value can be added to the process.

    In hindsight, it’s clear to see: Involving IT is just good business.

    47% of senior leaders wish they would have spent more time on IT due diligence to prevent value erosion. (Source: IMAA Institute, 2017)

    “Solutions exist that can save well above 50 percent on divestiture costs, while ensuring on-time delivery.” (Source: SNP)

    Info-Tech's approach

    Acquisitions & Divestitures Framework

    Acquisitions and divestitures are inevitable in modern business, and IT’s involvement in the process should be too. This progression is inspired by:

    1. The growing trend for organizations to increase, decrease, or evolve through these types of transactions.
    2. Transactions that are driven by digital motivations, requiring IT’s expertise.
    3. A maturing business perspective of IT, preventing the difficulty that IT is faced with when invited into the transaction process late.
    4. There never being such a thing as a true merger, making the majority of M&A activity either acquisitions or divestitures.
    A diagram highlighting the 'IT Executives' Role in Acquisitions and Divestitures' when they are integrated at different points in the 'Core Business Timeline'. There are four main entry points 'Proactive', 'Discovery and Strategy', 'Due Diligence and Preparation', and 'Execution and Value Realized'. It is highlighted that IT can and should start at 'Proactive', but most organizations start at 'Execution and Value Realized'. 'Proactive': suggest opportunities to evolve the organization; prove IT's value and engage in growth opportunities early. Innovators start here. Steps of the business timeline in 'Proactive' are 'Organization strategies are defined' and 'M and A is considered to enable strategy'. After a buy or sell transaction is initiated is 'Discovery and Strategy': pre-transaction state. If it is a Buy transaction, 'Establish IT's involvement and approach'. If it is a Sell transaction, 'Prepare to engage in negotiations'. Business Partners start here. Steps of the business timeline in 'Discovery and Strategy' are 'Searching criteria is set', 'Potential candidates are considered', and 'LOI is sent/received'. 'Due Diligence and Preparation': mid-transaction state. If it is a Buy transaction, 'Identify potential transaction benefits and risks'. If it is a Sell transaction, 'Comply, communicate, and collaborate in transaction'. Trusted Operators start here. Steps of the business timeline in 'Due Diligence and Preparation' are 'Due diligence engagement occurs', 'Final agreement is reached', and 'Preparation for transaction execution occurs'. 'Execution and Value Realization': post-transaction state. If it is a Buy transaction, 'Integrate the IT environments and achieve business value'. If it is a Sell transaction, 'Separate the IT environment and deliver on transaction terms'. Firefighters start here. Steps of the business timeline in 'Execution and Value Realization' are 'Staff and operations are addressed appropriately', 'Day 1 of implementation and integration activities occurs', '1st 100 days of new entity state occur' and 'Ongoing risk mitigating and value creating activities occur'.

    The business’ view of IT will impact how soon IT can get involved

    There are four key entry points for IT

    A colorful visualization of the four key entry points for IT and a fifth not-so-key entry point. Starting from the top: 'Innovator', Information and Technology as a Competitive Advantage, 90% Satisfaction; 'Business Partner', Effective Delivery of Strategic Business Projects, 80% Satisfaction; 'Trusted Operator', Enablement of Business Through Application and Work Orders, 70% Satisfaction; 'Firefighter', Reliable Infrastructure and IT Service Desk, 60% Satisfaction; and then 'Unstable', Inability to Consistently Deliver Basic Services, <60% Satisfaction.
    1. Innovator: IT suggests a sale or divestiture to meet the business objectives of the organization.
    2. Business Partner: IT is brought in to strategy plan the sale/divestiture from both the business’ and IT’s perspective.
    3. Trusted Operator: IT participates in due diligence activities and complies with the purchasing organization’s asks.
    4. Firefighter: IT needs to reactively prepare its environment in order to enable the separation.

    Merger, acquisition, and divestiture defined

    Merger

    A merger looks at the equal combination of two entities or organizations. Mergers are rare in the M&A space, as the organizations will combine assets and services in a completely equal 50/50 split. Two organizations may also choose to divest business entities and merge as a new company.

    Acquisition

    The most common transaction in the M&A space, where an organization will acquire or purchase another organization or entities of another organization. This type of transaction has a clear owner who will be able to make legal decisions regarding the acquired organization.

    Divestiture

    An organization may decide to sell partial elements of a business to an acquiring organization. They will separate this business entity from the rest of the organization and continue to operate the other components of the business.

    Info-Tech Insight

    A true merger does not exist, as there is always someone initiating the discussion. As a result, most M&A activity falls into acquisition or divestiture categories.

    Selling vs. buying

    The M&A process approach differs depending on whether you are the selling or buying organization

    This blueprint is only focused on the sell side:

    • Examples of sell-related scenarios include:
      • Your organization is selling to another organization with the intent of keeping its regular staff, operations, and location. This could mean minimal separation is required.
      • Your organization is selling to another organization with the intent of separating to be a part of the purchasing organization.
      • Your organization is engaging in a divestiture with the intent of:
        • Separating components to be part of the purchasing organization permanently.
        • Separating components to be part of a spinoff and establish a unit as a standalone new company.
    • As the selling organization, you could proactively seek out suitors to purchase all or components of your organization, or you could be approached by an organization.

    The buy side is focused on:

    • More than two organizations could be involved in a transaction.
    • Examples of buy-related scenarios include:
      • Your organization is buying another organization with the intent of having the purchased organization keep its regular staff, operations, and location. This could mean minimal integration is required.
      • Your organization is buying another organization in its entirety with the intent of integrating it into your original company.
      • Your organization is buying components of another organization with the intent of integrating them into your original company.
    • As the purchasing organization, you will probably be initiating the purchase and thus will be valuating the selling organization during due diligence and leading the execution plan.

    For more information on acquisitions or purchases, check out Info-Tech’s Mergers & Acquisitions: The Buy Blueprint.

    Core business timeline

    For IT to be valuable in M&As, you need to align your deliverables and your support to the key activities the business and investors are working on.

    Info-Tech’s methodology for Selling Organizations in Mergers, Acquisitions, or Divestitures

    1. Proactive

    2. Discovery & Strategy

    3. Due Diligence & Preparation

    4. Execution & Value Realization

    Phase Steps

    1. Identify Stakeholders and Their Perspective of IT
    2. Assess IT’s Current Value and Future State
    3. Drive Innovation and Suggest Growth Opportunities
    1. Establish the M&A Program Plan
    2. Prepare IT to Engage in the Separation or Sale
    1. Engage in Due Diligence and Prepare Staff
    2. Prepare to Separate
    1. Execute the Transaction
    2. Reflection and Value Realization

    Phase Outcomes

    Be an innovative IT leader by suggesting how and why the business should engage in an acquisition or divestiture.

    Create a standardized approach for how your IT organization should address divestitures or sales.

    Comply with due diligence, prepare the IT environment for carve-out possibilities, and establish the separation project plan.

    Deliver on the separation project plan successfully and communicate IT’s transaction value to the business.

    Metrics for each phase

    1. Proactive

    2. Discovery & Strategy

    3. Valuation & Due Diligence

    4. Execution & Value Realization

    • % Share of business innovation spend from overall IT budget
    • % Critical processes with approved performance goals and metrics
    • % IT initiatives that meet or exceed value expectation defined in business case
    • % IT initiatives aligned with organizational strategic direction
    • % Satisfaction with IT's strategic decision-making abilities
    • $ Estimated business value added through IT-enabled innovation
    • % Overall stakeholder satisfaction with IT
    • % Percent of business leaders that view IT as an Innovator
    • % IT budget as a percent of revenue
    • % Assets that are not allocated
    • % Unallocated software licenses
    • # Obsolete assets
    • % IT spend that can be attributed to the business (chargeback or showback)
    • % Share of CapEx of overall IT budget
    • % Prospective organizations that meet the search criteria
    • $ Total IT cost of ownership (before and after M&A, before and after rationalization)
    • % Business leaders that view IT as a Business Partner
    • % Defects discovered in production
    • $ Cost per user for enterprise applications
    • % In-house-built applications vs. enterprise applications
    • % Owners identified for all data domains
    • # IT staff asked to participate in due diligence
    • Change to due diligence
    • IT budget variance
    • Synergy target
    • % Satisfaction with the effectiveness of IT capabilities
    • % Overall end-customer satisfaction
    • $ Impact of vendor SLA breaches
    • $ Savings through cost-optimization efforts
    • $ Savings through application rationalization and technology standardization
    • # Key positions empty
    • % Frequency of staff turnover
    • % Emergency changes
    • # Hours of unplanned downtime
    • % Releases that cause downtime
    • % Incidents with identified problem record
    • % Problems with identified root cause
    • # Days from problem identification to root cause fix
    • % Projects that consider IT risk
    • % Incidents due to issues not addressed in the security plan
    • # Average vulnerability remediation time
    • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
    • # Time (days) to value realization
    • % Projects that realized planned benefits
    • $ IT operational savings and cost reductions that are related to synergies/divestitures
    • % IT staff–related expenses/redundancies
    • # Days spent on IT separation
    • $ Accurate IT budget estimates
    • % Revenue growth directly tied to IT delivery
    • % Profit margin growth

    IT's role in the selling transaction

    And IT leaders have a greater likelihood than ever of needing to support a merger, acquisition, or divestiture.

    1. Reduced Risk

      IT can identify risks that may go unnoticed when IT is not involved.
    2. Increased Accuracy

      The business can make accurate predictions around the costs, timelines, and needs of IT.
    3. Faster Integration

      Faster integration means faster value realization for the business.
    4. Informed Decision Making

      IT leaders hold critical information that can support the business in moving the transaction forward.
    5. Innovation

      IT can suggest new opportunities to generate revenue, optimize processes, or reduce inefficiencies.

    The IT executive’s critical role is demonstrated by:

    • Reduced Risk

      47% of senior leaders wish they would have spent more time on IT due diligence to prevent value erosion (IMAA Institute, 2017).
    • Increased Accuracy

      Sellers often only provide 15 to 30 days for the acquiring organization to decide (Forbes, 2018), increasing the necessity of accurate pricing.
    • Faster Integration

      36% of CIOs have visibility into only business unit data, making the divestment a challenge (EY, 2021).
    • Informed Decision Making

      Only 38% of corporate and 22% of private equity firms include IT as a significant aspect in their transaction approach (IMAA Institute, 2017).
    • Innovation

      Successful CIOs involved in M&As can spend 70% of their time on aspects outside of IT and 30% of their time on technology and delivery (CIO).

    Playbook benefits

    IT Benefits

    • IT will be seen as an innovative partner to the business, and its suggestions and involvement in the organization will lead to benefits, not hindrances.
    • Develop a streamlined method to prepare the IT environment for potential carve-out and separations, ensuring risk management concerns are brought to the business’ attention immediately.
    • Create a comprehensive list of items that IT needs to do during the separation that can be prioritized and actioned.

    Business Benefits

    • The business will get accurate and relevant information about its IT environment in order to sell or divest the company to the highest bidder for a true price.
    • Fewer business interruptions will happen, because IT can accurately plan for and execute the high-priority separation tasks.
    • The business can obtain a high-value offer for the components of IT being sold and can measure the ongoing value the sale will bring.

    Insight summary

    Overarching Insight

    IT controls if and when it gets invited to support the business through a purchasing growth transaction. Take control of the process, demonstrate the value of IT, and ensure that separation of IT environments does not lead to unnecessary and costly decisions.

    Proactive Insight

    CIOs on the forefront of digital transformation need to actively look for and suggest opportunities to acquire or partner on new digital capabilities to respond to rapidly changing business needs.

    Discovery & Strategy Insight

    IT organizations that have an effective M&A program plan are more prepared for the transaction, enabling a successful outcome. A structured strategy is particularly necessary for organizations expected to deliver M&As rapidly and frequently.

    Due Diligence & Preparation Insight

    IT often faces unnecessary separation challenges because of a lack of preparation. Secure the IT environment and establish how IT will retain employees early in the transaction process.

    Execution & Value Realization Insight

    IT needs to demonstrate value and cost savings within 100 days of the transaction. The most successful transactions are when IT continuously realizes synergies a year after the transaction and beyond.

    Blueprint deliverables

    Key Deliverable: M&A Sell Playbook

    The M&A Sell Playbook should be a reusable document that enables your IT organization to successfully deliver on any divestiture transaction.

    Screenshots of the 'M and A Sell Playbook' deliverable.

    M&A Sell One-Pager

    See a one-page overview of each phase of the transaction.

    Screenshots of the 'M and A Sell One-Pagers' deliverable.

    M&A Sell Case Studies

    Read a one-page case study for each phase of the transaction.

    Screenshots of the 'M and A Sell Case Studies' deliverable.

    M&A Separation Project Management Tool (SharePoint)

    Manage the separation process of the divestiture/sale using this SharePoint template.

    Screenshots of the 'M and A Separation Project Management Tool (SharePoint)' deliverable.

    M&A Separation Project Management Tool (Excel)

    Manage the separation process of the divestiture/sale using this Excel tool if you can’t or don’t want to use SharePoint.

    Screenshots of the 'M and A Separation Project Management Tool (Excel)' deliverable.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 6 to 10 calls over the course of 2 to 4 months.

      Proactive Phase

    • Call #1: Scope requirements, objectives, and your specific challenges.
    • Discovery & Strategy Phase

    • Call #2: Determine stakeholders and business perspectives on IT.
    • Call #3: Identify how M&A could support business strategy and how to communicate.
    • Due Diligence & Preparation Phase

    • Call #4: Establish a transaction team and divestiture/sale strategic direction.
    • Call #5: Create program metrics and identify a standard separation strategy.
    • Call #6: Prepare to carve out the IT environment.
    • Call #7: Identify the separation program plan.
    • Execution & Value Realization Phase

    • Call #8: Establish employee transitions to retain key staff.
    • Call #9: Assess IT’s ability to deliver on the divestiture/sale transaction.

    The Sell Blueprint

    Phase 1

    Proactive

    Phase 1

    Phase 2 Phase 3 Phase 4
    • 1.1 Identify Stakeholders and Their Perspective of IT
    • 1.2 Assess IT’s Current Value and Future State
    • 1.3 Drive Innovation and Suggest Reduction Opportunities
    • 2.1 Establish the M&A Program Plan
    • 2.2 Prepare IT to Engage in the Separation or Sale
    • 3.1 Engage in Due Diligence and Prepare Staff
    • 3.2 Prepare to Separate
    • 4.1 Execute the Transaction
    • 4.2 Reflection and Value Realization

    This phase will walk you through the following activities:

    • Conduct the CEO-CIO Alignment diagnostic
    • Conduct the CIO Business Vision diagnostic
    • Visualize relationships among stakeholders to identify key influencers
    • Group stakeholders into categories
    • Prioritize your stakeholders
    • Plan to communicate
    • Valuate IT
    • Assess the IT/digital strategy
    • Determine pain points and opportunities
    • Align goals to opportunities
    • Recommend reduction opportunities

    This phase involves the following participants:

    • IT and business leadership

    What is the Proactive phase?

    Embracing the digital drivers

    As the number of merger, acquisition, or divestiture transactions driven by digital means continues to increase, IT has an opportunity to not just be involved in a transaction but actively seek out potential deals.

    In the Proactive phase, the business is not currently considering a transaction. However, the business could consider one to reach its strategic goals. IT organizations that have developed respected relationships with the business leaders can suggest these potential transactions.

    Understand the business’ perspective of IT, determine who the critical M&A stakeholders are, valuate the IT environment, and examine how it supports the business goals in order to suggest an M&A transaction.

    In doing so, IT isn’t waiting to be invited to the transaction table – it’s creating it.

    Goal: To support the organization in reaching its strategic goals by suggesting M&A activities that will enable the organization to reach its objectives faster and with greater-value outcomes.

    Proactive Prerequisite Checklist

    Before coming into the Proactive phase, you should have addressed the following:

    • Understand what mergers, acquisitions, and divestitures are.
    • Understand what mergers, acquisitions, and divestitures mean for the business.
    • Understand what mergers, acquisitions, and divestitures mean for IT.

    Review the Executive Brief for more information on mergers, acquisitions, and divestitures for selling organizations.

    Proactive

    Step 1.1

    Identify M&A Stakeholders and Their Perspective of IT

    Activities

    • 1.1.1 Conduct the CEO-CIO Alignment diagnostic
    • 1.1.2 Conduct the CIO Business Vision diagnostic
    • 1.1.3 Visualize relationships among stakeholders to identify key influencers
    • 1.1.4 Group stakeholders into categories
    • 1.1.5 Prioritize your stakeholders
    • 1.16 Plan to communicate

    This step involves the following participants:

    • IT executive leader
    • IT leadership
    • Critical M&A stakeholders

    Outcomes of Step

    Understand how the business perceives IT and establish strong relationships with critical M&A stakeholders.

    Business executives' perspectives of IT

    Leverage diagnostics and gain alignment on IT’s role in the organization

    • To suggest or get involved with a merger, acquisition, or divestiture, the IT executive leader needs to be well respected by other members of the executive leadership team and the business.
    • Specifically, the Proactive phase relies on the IT organization being viewed as an Innovator within the business.
    • Identify how the CEO/business executive currently views IT and where they would like IT to move within the Maturity Ladder.
    • Additionally, understand how other critical department leaders view IT and how they view the partnership with IT.
    A colorful visualization titled 'Maturity Ladder' detailing levels of IT function that a business may choose from based on the business executives' perspectives of IT. Starting from the bottom: 'Struggle', Does not embarrass, Does not crash; 'Support', Keeps business happy, Keeps costs low; 'Optimize', Increases efficiency, Decreases costs; 'Expand', Extends into new business, Generates revenue; 'Transform', Creates new industry.

    Misalignment in target state requires further communication between the CIO and CEO to ensure IT is striving toward an agreed-upon direction.

    Info-Tech’s CIO Business Vision (CIO BV) diagnostic measures a variety of high-value metrics to provide a well-rounded understanding of stakeholder satisfaction with IT.

    Sample of Info-Tech's CIO Business Vision diagnostic measuring percentages of high-value metrics like 'IT Satisfaction' and 'IT Value' regarding business leader satisfaction. A note for these two reads 'Evaluate business leader satisfaction with IT this year and last year'. A section titled 'Relationship' has metrics such as 'Understands Needs' and 'Trains Effectively'. A note for this section reads 'Examine relationship indicators between IT and the business'. A section titled 'Security Friction' has metrics such as 'Regulatory Compliance-Driven' and 'Office/Desktop Security'.

    Business Satisfaction and Importance for Core Services

    The core services of IT are important when determining what IT should focus on. The most important services with the lowest satisfaction offer the largest area of improvement for IT to drive business value.

    Sample of Info-Tech's CIO Business Vision diagnostic specifically comparing the business satisfaction of 12 core services with their importance. Services listed include 'Service Desk', 'IT Security', 'Requirements Gathering', 'Business Apps', 'Data Quality', and more. There is a short description of the services, a percentage for the business satisfaction with the service, a percentage comparing it to last year, and a numbered ranking of importance for each service. A note reads 'Assess satisfaction and importance across 12 core IT capabilities'.

    1.1.1 Conduct the CEO-CIO Alignment diagnostic

    2 weeks

    Input: IT organization expertise and the CEO-CIO Alignment diagnostic

    Output: An understanding of an executive business stakeholder’s perception of IT

    Materials: M&A Sell Playbook, CEO-CIO Alignment diagnostic

    Participants: IT executive/CIO, Business executive/CEO

    1. The CEO-CIO Alignment diagnostic can be a powerful input. Speak with your Info-Tech account representative to conduct the diagnostic. Use the results to inform current IT capabilities.
    2. You may choose to debrief the results of your diagnostic with an Info-Tech analyst. We recommend this to help your team understand how to interpret and draw conclusions from the results.
    3. Examine the results of the survey and note where there might be specific capabilities that could be improved.
    4. Determine whether there are any areas of significant disagreement between the you and the CEO. Mark down those areas for further conversations. Additionally, take note of areas that could be leveraged to support transactions or support your rationale in recommending transactions.

    Download the sample report.

    Record the results in the M&A Sell Playbook.

    1.1.2 Conduct the CIO Business Vision diagnostic

    2 weeks

    Input: IT organization expertise, CIO BV diagnostic

    Output: An understanding of business stakeholder perception of certain IT capabilities and services

    Materials: M&A Buy Playbook, CIO Business Vision diagnostic

    Participants: IT executive/CIO, Senior business leaders

    1. The CIO Business Vision (CIO BV) diagnostic can be a powerful tool for identifying IT capability focus areas. Speak with your account representative to conduct the CIO BV diagnostic. Use the results to inform current IT capabilities.
    2. You may choose to debrief the results of your diagnostic with an Info-Tech analyst. We recommend this to help your team understand how to interpret the results and draw conclusions from the diagnostic.
    3. Examine the results of the survey and take note of any IT services that have low scores.
    4. Read through the diagnostic comments and note any common themes. Especially note which stakeholders identified they have a favorable relationship with IT and which stakeholders identified they have an unfavorable relationship. For those who have an unfavorable relationship, identify if they will have a critical role in a growth transaction.

    Download the sample report.

    Record the results in the M&A Sell Playbook.

    Create a stakeholder network map for M&A transactions

    Follow the trail of breadcrumbs from your direct stakeholders to their influencers to uncover hidden stakeholders.

    Example:

    Diagram of stakeholders and their relationships with other stakeholders, such as 'Board Members', 'CFO/Finance', 'Compliance', etc. with 'CIO/IT Leader' highlighted in the middle. There are unidirectional black arrows and bi-directional green arrows indicating each connection.

      Legend
    • Black arrows indicate the direction of professional influence
    • Dashed green arrows indicate bidirectional, informal influence relationships

    Info-Tech Insight

    Your stakeholder map defines the influence landscape that the M&A transaction will occur within. This will identify who holds various levels of accountability and decision-making authority when a transaction does take place.

    Use connectors to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have informal yet substantial relationships with your stakeholders.

    1.1.3 Visualize relationships among stakeholders to identify key influencers

    1-3 hours

    Input: List of M&A stakeholders

    Output: Relationships among M&A stakeholders and influencers

    Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

    Participants: IT executive leadership

    1. The purpose of this activity is to list all the stakeholders within your organization that will have a direct or indirect impact on the M&A transaction.
    2. Determine the critical stakeholders, and then determine the stakeholders of your stakeholders and consider adding each of them to the stakeholder list.
    3. Assess who has either formal or informal influence over your stakeholders; add these influencers to your stakeholder list.
    4. Construct a diagram linking stakeholders and their influencers together.
      • Use black arrows to indicate the direction of professional influence.
      • Use dashed green arrows to indicate bidirectional, informal influence relationships.

    Record the results in the M&A Sell Playbook.

    Categorize your stakeholders with a prioritization map

    A stakeholder prioritization map helps IT leaders categorize their stakeholders by their level of influence and ownership in the merger, acquisition, or divestiture process.

    A prioritization map of stakeholder categories split into four quadrants. The vertical axis is 'Influence', from low on the bottom to high on top. The horizontal axis is 'Ownership/Interest', from low on the left to high on the right. 'Spectators' are low influence, low ownership/interest. 'Mediators' are high influence, low ownership/interest. 'Noisemakers' are low influence, high ownership/interest. 'Players' are high influence, high ownership/interest.

    There are four areas in the map, and the stakeholders within each area should be treated differently.

    Players – players have a high interest in the initiative and the influence to effect change over the initiative. Their support is critical, and a lack of support can cause significant impediment to the objectives.

    Mediators – mediators have a low interest but significant influence over the initiative. They can help to provide balance and objective opinions to issues that arise.

    Noisemakers – noisemakers have low influence but high interest. They tend to be very vocal and engaged, either positively or negatively, but have little ability to enact their wishes.

    Spectators – generally, spectators are apathetic and have little influence over or interest in the initiative.

    1.1.4 Group stakeholders into categories

    30 minutes

    Input: Stakeholder map, Stakeholder list

    Output: Categorization of stakeholders and influencers

    Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

    Participants: IT executive leadership, Stakeholders

    1. Identify your stakeholders’ interest in and influence on the M&A process as high, medium, or low by rating the attributes below.
    2. Map your results to the model to the right to determine each stakeholder’s category.

    Same prioritization map of stakeholder categories as before. This one has specific stakeholders mapped onto it. 'CFO' is mapped as low interest and middling influence, between 'Mediator' and 'Spectator'. 'CIO' is mapped as higher than average interest and high influence, a 'Player'. 'Board Member' is mapped as high interest and high influence, a 'Player'.

    Level of Influence
    • Power: Ability of a stakeholder to effect change.
    • Urgency: Degree of immediacy demanded.
    • Legitimacy: Perceived validity of stakeholder’s claim.
    • Volume: How loud their “voice” is or could become.
    • Contribution: What they have that is of value to you.
    Level of Interest

    How much are the stakeholder’s individual performance and goals directly tied to the success or failure of the product?

    Record the results in the M&A Sell Playbook.

    Prioritize your stakeholders

    There may be too many stakeholders to be able to manage them all. Focus your attention on the stakeholders that matter most.

    Level of Support

    Supporter

    Evangelist

    Neutral

    Blocker

    Stakeholder Category Player Critical High High Critical
    Mediator Medium Low Low Medium
    Noisemaker High Medium Medium High
    Spectator Low Irrelevant Irrelevant Low

    Consider the three dimensions for stakeholder prioritization: influence, interest, and support. Support can be determined by answering the following question: How significant is that stakeholder to the M&A or divestiture process?

    These parameters are used to prioritize which stakeholders are most important and should receive your focused attention.

    1.1.5 Prioritize your stakeholders

    30 minutes

    Input: Stakeholder matrix

    Output: Stakeholder and influencer prioritization

    Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

    Participants: IT executive leadership, M&A/divestiture stakeholders

    1. Identify the level of support of each stakeholder by answering the following question: How significant is that stakeholder to the M&A transaction process?
    2. Prioritize your stakeholders using the prioritization scheme on the previous slide.

    Stakeholder

    Category

    Level of Support

    Prioritization

    CMO Spectator Neutral Irrelevant
    CIO Player Supporter Critical

    Record the results in the M&A Sell Playbook.

    Define strategies for engaging stakeholders by type

    A revisit to the map of stakeholder categories, but with strategies listed for each one, and arrows on the side instead of an axis. The vertical arrow is 'Authority', which increases upward, and the horizontal axis is Ownership/Interest which increases as it moves to the right. The strategy for 'Players' is 'Engage', for 'Mediators' is 'Satisfy', for 'Noisemakers' is 'Inform', and for 'Spectators' is 'Monitor'.

    Type

    Quadrant

    Actions

    Players High influence, high interest – actively engage Keep them updated on the progress of the project. Continuously involve Players in the process and maintain their engagement and interest by demonstrating their value to its success.
    Mediators High influence, low interest – keep satisfied They can be the game changers in groups of stakeholders. Turn them into supporters by gaining their confidence and trust and including them in important decision-making steps. In turn, they can help you influence other stakeholders.
    Noisemakers Low influence, high interest – keep informed Try to increase their influence (or decrease it if they are detractors) by providing them with key information, supporting them in meetings, and using Mediators to help them.
    Spectators Low influence, low interest – monitor They are followers. Keep them in the loop by providing clarity on objectives and status updates.

    Info-Tech Insight

    Each group of stakeholders draws attention and resources away from critical tasks. By properly identifying stakeholder groups, the IT executive leader can develop corresponding actions to manage stakeholders in each group. This can dramatically reduce wasted effort trying to satisfy Spectators and Noisemakers while ensuring the needs of Mediators and Players are met.

    1.1.6 Plan to communicate

    30 minutes

    Input: Stakeholder priority, Stakeholder categorization, Stakeholder influence

    Output: Stakeholder communication plan

    Materials: Flip charts, Markers, Sticky notes, M&A Sell Playbook

    Participants: IT executive leadership, M&A/divestiture stakeholders

    The purpose of this activity is to make a communication plan for each of the stakeholders identified in the previous activities, especially those who will have a critical role in the M&A transaction process.

    1. In the M&A Sell Playbook, input the type of influence each stakeholder has on IT, how they would be categorized in the M&A process, and their level of priority. Use this information to create a communication plan.
    2. Determine the methods and frequency of communication to keep the necessary stakeholder satisfied and maintain or enhance IT’s profile within the organization.

    Record the results in the M&A Sell Playbook.

    Proactive

    Step 1.2

    Assess IT’s Current Value and Method to Achieve a Future State

    Activities

    • 1.2.1 Valuate IT
    • 1.2.2 Assess the IT/digital strategy

    This step involves the following participants:

    • IT executive leader
    • IT leadership
    • Critical stakeholders to M&A

    Outcomes of Step

    Identify critical opportunities to optimize IT and meet strategic business goals through a merger, acquisition, or divestiture.

    How to valuate your IT environment

    And why it matters so much

    • Valuating your current organization’s IT environment is a critical step that all IT organizations should take, whether involved in an M&A or not, to fully understand what it might be worth.
    • The business investments in IT can be directly translated into a value amount. For every $1 invested in IT, the business might be gaining $100 in value back or possibly even loosing $100.
    • Determining, documenting, and communicating this information ensures that the business takes IT’s suggestions seriously and recognizes why investing in IT is so critical.
    • There are three ways a business or asset can be valuated:
      • Cost Approach: Look at the costs associated with building, purchasing, replacing, and maintaining a given aspect of the business.
      • Market Approach: Look at the relative value of a particular aspect of the business. Relative value can fluctuate and depends on what the markets and consequently society believe that particular element is worth.
      • Discounted Cash Flow Approach: Focus on what the potential value of the business could be or the intrinsic value anticipated due to future profitability.
    • (Source: “Valuation Methods,” Corporate Finance Institute)

    Four ways to create value through digital

    1. Reduced costs
    2. Improved customer experience
    3. New revenue sources
    4. Better decision making
    5. (Source: McKinsey & Company)

    1.2.1 Valuate IT

    1 day

    Input: Valuation of data, Valuation of applications, Valuation of infrastructure and operations, Valuation of security and risk

    Output: Valuation of IT

    Materials: Relevant templates/tools listed on the following slides, Capital budget, Operating budget, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership

    The purpose of this activity is to demonstrate that IT is not simply an operational functional area that diminishes business resources. Rather, IT contributes significant value to the business.

    1. Review each of the following slides to valuate IT’s data, applications, infrastructure and operations, and security and risk. These valuations consider several tangible and intangible factors and result in a final dollar amount.
    2. Input the financial amounts identified for each critical area into a summary slide. Use this information to determine where IT is delivering value to the organization.

    Info-Tech Insight

    Consistency is key when valuating your IT organization as well as other IT organizations throughout the transaction process.

    Record the results in the M&A Sell Playbook.

    Data valuation

    Data valuation identifies how you monetize the information that your organization owns.

    Create a data value chain for your organization

    When valuating the information and data that exists in an organization, there are many things to consider.

    Info-Tech has two tools that can support this process:

    1. Information Asset Audit Tool: Use this tool first to take inventory of the different information assets that exist in your organization.
    2. Data Valuation Tool: Once information assets have been accounted for, valuate the data that exists within those information assets.

    Data Collection

    Insight Creation

    Value Creation

    Data Valuation

    01 Data Source
    02 Data Collection Method
    03 Data
    04 Data Analysis
    05 Insight
    06 Insight Delivery
    07 Consumer
    08 Value in Data
    09 Value Dimension
    10 Value Metrics Group
    11 Value Metrics
    Screenshots of Tab 2 of Info-Tech's Data Valuation Tool.

    Instructions

    1. Using the Data Valuation Tool, start gathering information based on the eight steps above to understand your organization’s journey from data to value.
    2. Identify the data value spectrum. (For example: customer sales service, citizen licensing service, etc.)
    3. Fill out the columns for data sources, data collection, and data first.
    4. Capture data analysis and related information.
    5. Then capture the value in data.
    6. Add value dimensions such as usage, quality, and economic dimensions.
      • Remember that economic value is not the only dimension, and usage/quality has a significant impact on economic value.
    7. Collect evidence to justify your data valuation calculator (market research, internal metrics, etc.).
    8. Finally, calculate the value that has a direct correlation with underlying value metrics.

    Application valuation

    Calculate the value of your IT applications

    When valuating the applications and their users in an organization, consider using a business process map. This shows how business is transacted in the company by identifying which IT applications support these processes and which business groups have access to them. Info-Tech has a business process mapping tool that can support this process:

    • Enterprise Integration Process Mapping Tool: Complete this tool first to map the different business processes to the supporting applications in your organization.

    Instructions

    1. Start by calculating user costs. This is the multiplication of: (# of users) × (% of time spent using IT) × (fully burdened salary).
    2. Identify the revenue per employee and divide that by the average cost per employee to calculate the derived productivity ratio (DPR).
    3. Once you have calculated the user costs and DPR, multiply those total values together to get the application value.
    4. User Costs

      Total User Costs

      Derived Productivity Ratio (DPR)

      Total DPR

      Application Value

      # of users % time spent using IT Fully burdened salary Multiply values from the 3 user costs columns Revenue per employee Average cost per employee (Revenue P.E) ÷ (Average cost P.E) (User costs) X (DPR)

    5. Once the total application value is established, calculate the combined IT and business costs of delivering that value. IT and business costs include inflexibility (application maintenance), unavailability (downtime costs, including disaster exposure), IT costs (common costs statistically allocated to applications), and fully loaded cost of active (full-time equivalent [FTE]) users.
    6. Calculate the net value of applications by subtracting the total IT and business costs from the total application value calculated in step 3.
    7. IT and Business Costs

      Total IT and Business Costs

      Net Value of Applications

      Application maintenance Downtime costs (include disaster exposure) Common costs allocated to applications Fully loaded costs of active (FTE) users Sum of values from the four IT and business costs columns (Application value) – (IT and business costs)

    (Source: CSO)

    Infrastructure valuation

    Assess the foundational elements of the business’ information technology

    The purpose of this exercise is to provide a high-level infrastructure valuation that will contribute to valuating your IT environment.

    Calculating the value of the infrastructure will require different methods depending on the environment. For example, a fully cloud-hosted organization will have different costs than a fully on-premises IT environment.

    Instructions:

    1. Start by listing all of the infrastructure-related items that are relevant to your organization.
    2. Once you have finalized your items column, identify the total costs/value of each item.
      • For example, total software costs would include servers and storage.
    3. Calculate the total cost/value of your IT infrastructure by adding all of values in the right column.

    Item

    Costs/Value

    Hardware Assets Total Value +$3.2 million
    Hardware Leased/Service Agreement -$
    Software Purchased +$
    Software Leased/Service Agreement -$
    Operational Tools
    Network
    Disaster Recovery
    Antivirus
    Data Centers
    Service Desk
    Other Licenses
    Total:

    For additional support, download the M&A Runbook for Infrastructure and Operations.

    Risk and security

    Assess risk responses and calculate residual risk

    The purpose of this exercise is to provide a high-level risk assessment that will contribute to valuating your IT environment. For a more in-depth risk assessment, please refer to the Info-Tech tools below:

    1. Risk Register Tool
    2. Security M&A Due Diligence Tool

    Instructions

    1. Review the probability and impact scales below and ensure you have the appropriate criteria that align to your organization before you conduct a risk assessment.
    2. Identify the probability of occurrence and estimated financial impact for each risk category detail and fill out the table on the right. Customize the table as needed so it aligns to your organization.
    3. Probability of Risk Occurrence

      Occurrence Criteria
      (Classification; Probability of Risk Event Within One Year)

      Negligible Very Unlikely; ‹20%
      Very Low Unlikely; 20 to 40%
      Low Possible; 40 to 60%
      Moderately Low Likely; 60 to 80%
      Moderate Almost Certain; ›80%

    Note: If needed, you can customize this scale with the severity designations that you prefer. However, make sure you are always consistent with it when conducting a risk assessment.

    Financial & Reputational Impact

    Budgetary and Reputational Implications
    (Financial Impact; Reputational Impact)

    Negligible (‹$10,000; Internal IT stakeholders aware of risk event occurrence)
    Very Low ($10,000 to $25,000; Business customers aware of risk event occurrence)
    Low ($25,000 to $50,000; Board of directors aware of risk event occurrence)
    Moderately Low ($50,000 to $100,000; External customers aware of risk event occurrence)
    Moderate (›$100,000; Media coverage or regulatory body aware of risk event occurrence)

    Risk Category Details

    Probability of Occurrence

    Estimated Financial Impact

    Estimated Severity (Probability X Impact)

    Capacity Planning
    Enterprise Architecture
    Externally Originated Attack
    Hardware Configuration Errors
    Hardware Performance
    Internally Originated Attack
    IT Staffing
    Project Scoping
    Software Implementation Errors
    Technology Evaluation and Selection
    Physical Threats
    Resource Threats
    Personnel Threats
    Technical Threats
    Total:

    1.2.2 Assess the IT/digital strategy

    4 hours

    Input: IT strategy, Digital strategy, Business strategy

    Output: An understanding of an executive business stakeholder’s perception of IT, Alignment of IT/digital strategy and overall organization strategy

    Materials: Computer, Whiteboard and markers, M&A Sell Playbook

    Participants: IT executive/CIO, Business executive/CEO

    The purpose of this activity is to review the business and IT strategies that exist to determine if there are critical capabilities that are not being supported.

    Ideally, the IT and digital strategies would have been created following development of the business strategy. However, sometimes the business strategy does not directly call out the capabilities it requires IT to support.

    1. On the left half of the corresponding slide in the M&A Sell Playbook, document the business goals, initiatives, and capabilities. Input this information from the business or digital strategies. (If more space for goals, initiatives, or capabilities is needed, duplicate the slide).
    2. On the other half of the slide, document the IT goals, initiatives, and capabilities. Input this information from the IT strategy and digital strategy.

    For additional support, see Build a Business-Aligned IT Strategy.

    Record the results in the M&A Sell Playbook.

    Proactive

    Step 1.3

    Drive Innovation and Suggest Growth Opportunities

    Activities

    • 1.3.1 Determine pain points and opportunities
    • 1.3.2 Align goals with opportunities
    • 1.3.3 Recommend reduction opportunities

    This step involves the following participants:

    • IT executive leader
    • IT leadership
    • Critical M&A stakeholders

    Outcomes of Step

    Establish strong relationships with critical M&A stakeholders and position IT as an innovative business partner that can suggest reduction opportunities.

    1.3.1 Determine pain points and opportunities

    1-2 hours

    Input: CEO-CIO Alignment diagnostic, CIO Business Vision diagnostic, Valuation of IT environment, IT-business goals cascade

    Output: List of pain points or opportunities that IT can address

    Materials: Computer, Whiteboard and markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Business stakeholders

    The purpose of this activity is to determine the pain points and opportunities that exist for the organization. These can be external or internal to the organization.

    1. Identify what opportunities exist for your organization. Opportunities are the potential positives that the organization would want to leverage.
    2. Next, identify pain points, which are the potential negatives that the organization would want to alleviate.
    3. Spend time considering all the options that might exist, and keep in mind what has been identified previously.

    Opportunities and pain points can be trends, other departments’ initiatives, business perspectives of IT, etc.

    Record the results in the M&A Sell Playbook.

    1.3.2 Align goals with opportunities

    1-2 hours

    Input: CEO-CIO Alignment diagnostic, CIO Business Vision diagnostic, Valuation of IT environment, IT-business goals cascade, List of pain points and opportunities

    Output: An understanding of an executive business stakeholder’s perception of IT, Foundations for reduction strategy

    Materials: Computer, Whiteboard and markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Business stakeholders

    The purpose of this activity is to determine whether a growth or separation strategy might be a good suggestion to the business in order to meet its business objectives.

    1. For the top three to five business goals, consider:
      1. Underlying drivers
      2. Digital opportunities
      3. Whether a growth or reduction strategy is the solution
    2. Just because a growth or reduction strategy is a solution for a business goal does not necessarily indicate M&A is the way to go. However, it is important to consider before you pursue suggesting M&A.

    Record the results in the M&A Sell Playbook.

    1.3.3 Recommend reduction opportunities

    1-2 hours

    Input: Growth or separation strategy opportunities to support business goals, Stakeholder communication plan, Rationale for the suggestion

    Output: M&A transaction opportunities suggested

    Materials: M&A Sell Playbook

    Participants: IT executive/CIO, Business executive/CEO

    The purpose of this activity is to recommend a merger, acquisition, or divestiture to the business.

    1. Identify which of the business goals the transaction would help solve and why IT is the one to suggest such a goal.
    2. Leverage the stakeholder communication plan identified previously to give insight into stakeholders who would have a significant level of interest, influence, or support in the process.

    Info-Tech Insight

    With technology and digital driving many transactions, leverage your organizations’ IT environment as an asset and reason why the divestiture or sale should happen, suggesting the opportunity yourself.

    Record the results in the M&A Sell Playbook.

    By the end of this Proactive phase, you should:

    Be prepared to suggest M&A opportunities to support your company’s goals through sale or divestiture transactions

    Key outcome from the Proactive phase

    Develop progressive relationships and strong communication with key stakeholders to suggest or be aware of transformational opportunities that can be achieved through sale or divestiture strategies.

    Key deliverables from the Proactive phase
    • Business perspective of IT examined
    • Key stakeholders identified and relationship to the M&A process outlined
    • Ability to valuate the IT environment and communicate IT’s value to the business
    • Assessment of the business, digital, and IT strategies and how M&As could support those strategies
    • Pain points and opportunities that could be alleviated or supported through an M&A transaction
    • Sale or divestiture recommendations

    The Sell Blueprint

    Phase 2

    Discovery & Strategy

    Phase 1

    Phase 2

    Phase 3Phase 4
    • 1.1 Identify Stakeholders and Their Perspective of IT
    • 1.2 Assess IT’s Current Value and Future State
    • 1.3 Drive Innovation and Suggest Reduction Opportunities
    • 2.1 Establish the M&A Program Plan
    • 2.2 Prepare IT to Engage in the Separation or Sale
    • 3.1 Engage in Due Diligence and Prepare Staff
    • 3.2 Prepare to Separate
    • 4.1 Execute the Transaction
    • 4.2 Reflection and Value Realization

    This phase will walk you through the following activities:

    • Create the mission and vision
    • Identify the guiding principles
    • Create the future-state operating model
    • Determine the transition team
    • Document the M&A governance
    • Create program metrics
    • Establish the separation strategy
    • Conduct a RACI
    • Create the communication plan
    • Assess the potential organization(s)

    This phase involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Pre-Work

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Establish the Transaction FoundationDiscover the Motivation for Divesting or SellingFormalize the Program PlanCreate the Valuation FrameworkStrategize the TransactionNext Steps and Wrap-Up (offsite)

    Activities

    • 0.1 Conduct the CIO Business Vision and CEO-CIO Alignment diagnostics
    • 0.2 Identify key stakeholders and outline their relationship to the M&A process
    • 0.3 Identify the rationale for the company's decision to pursue a divestiture or sale
    • 1.1 Review the business rationale for the divestiture/sale
    • 1.2 Assess the IT/digital strategy
    • 1.3 Identify pain points and opportunities tied to the divestiture/sale
    • 1.4 Create the IT vision statement, create the IT mission statement, and identify IT guiding principles
    • 2.1 Create the future-state operating model
    • 2.2 Determine the transition team
    • 2.3 Document the M&A governance
    • 2.4 Establish program metrics
    • 3.1 Valuate your data
    • 3.2 Valuate your applications
    • 3.3 Valuate your infrastructure
    • 3.4 Valuate your risk and security
    • 3.5 Combine individual valuations to make a single framework
    • 4.1 Establish the separation strategy
    • 4.2 Conduct a RACI
    • 4.3 Review best practices for assessing target organizations
    • 4.4 Create the communication plan
    • 5.1 Complete in-progress deliverables from previous four days
    • 5.2 Set up review time for workshop deliverables and to discuss next steps

    Deliverables

    1. Business perspectives of IT
    2. Stakeholder network map for M&A transactions
    1. Business context implications for IT
    2. IT’s divestiture/sale strategic direction
    1. Operating model for future state
    2. Transition team
    3. Governance structure
    4. M&A program metrics
    1. IT valuation framework
    1. Separation strategy
    2. RACI
    3. Communication plan
    1. Completed M&A program plan and strategy
    2. Prepared to assess target organization(s)

    What is the Discovery & Strategy phase?

    Pre-transaction state

    The Discovery & Strategy phase during a sale or divestiture is a unique opportunity for many IT organizations. IT organizations that can participate in the transaction at this stage are likely considered a strategic partner of the business.

    For one-off sales/divestitures, IT being invited during this stage of the process is rare. However, for organizations that are preparing to engage in many divestitures over the coming years, this type of strategy will greatly benefit from IT involvement. Again, the likelihood of participating in an M&A transaction is increasing, making it a smart IT leadership decision to, at the very least, loosely prepare a program plan that can act as a strategic pillar throughout the transaction.

    During this phase of the pre-transaction state, IT may be asked to participate in ensuring that the IT environment is able to quickly and easily carve out components/business lines and deliver on service-level agreements (SLAs).

    Goal: To identify a repeatable program plan that IT can leverage when selling or divesting all or parts of the current IT environment, ensuring customer satisfaction and business continuity

    Discovery & Strategy Prerequisite Checklist

    Before coming into the Discovery & Strategy phase, you should have addressed the following:

    • Understand the business perspective of IT.
    • Know the key stakeholders and have outlined their relationship to the M&A process.
    • Be able to valuate the IT environment and communicate IT's value to the business.
    • Understand the rationale for the company's decision to pursue a sale or divestiture and the opportunities or pain points the sale should address.

    Discovery & Strategy

    Step 2.1

    Establish the M&A Program Plan

    Activities

    • 2.1.1 Create the mission and vision
    • 2.1.2 Identify the guiding principles
    • 2.1.3 Create the future-state operating model
    • 2.1.4 Determine the transition team
    • 2.1.5 Document the M&A governance
    • 2.1.6 Create program metrics

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team

    Outcomes of Step

    Establish an M&A program plan that can be repeated across sales/divestitures.

    The vision and mission statements clearly articulate IT’s aspirations and purpose

    The IT vision statement communicates a desired future state of the IT organization, whereas the IT mission statement portrays the organization’s reason for being. While each serves its own purpose, they should both be derived from the business context implications for IT.

    Vision Statements

    Mission Statements

    Characteristics

    • Describe a desired future
    • Focus on ends, not means
    • Concise
    • Aspirational
    • Memorable
    • Articulate a reason for existence
    • Focus on how to achieve the vision
    • Concise
    • Easy to grasp
    • Sharply focused
    • Inspirational

    Samples

    To be a trusted advisor and partner in enabling business innovation and growth through an engaged IT workforce. (Source: Business News Daily) IT is a cohesive, proactive, and disciplined team that delivers innovative technology solutions while demonstrating a strong customer-oriented mindset. (Source: Forbes, 2013)

    2.1.1 Create the mission and vision statements

    2 hours

    Input: Business objectives, IT capabilities, Rationale for the transaction

    Output: IT’s mission and vision statements for reduction strategies tied to mergers, acquisitions, and divestitures

    Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create mission and vision statements that reflect IT’s intent and method to support the organization as it pursues a reduction strategy.

    1. Review the definitions and characteristics of mission and vision statements.
    2. Brainstorm different versions of the mission and vision statements.
    3. Edit the statements until you get to a single version of each that accurately reflects IT’s role in the reduction process.

    Record the results in the M&A Sell Playbook.

    Guiding principles provide a sense of direction

    IT guiding principles are shared, long-lasting beliefs that guide the use of IT in constructing, transforming, and operating the enterprise by informing and restricting IT investment portfolio management, solution development, and procurement decisions.

    A diagram illustrating the place of 'IT guiding principles' in the process of making 'Decisions on the use of IT'. There are four main items, connecting lines naming the type of process in getting from one step to the next, and a line underneath clarifying the questions asked at each step. On the far left, over the question 'What decisions should be made?', is 'Business context and IT implications'. This flows forward to 'IT guiding principles', and they are connected by 'Influence'. Next, over the question 'How should decisions be made?', is the main highlighted section. 'IT guiding principles' flows forward to 'Decisions on the use of IT', and they are connected by 'Guide and inform'. On the far right, over the question 'Who has the accountability and authority to make decisions?', is 'IT policies'. This flows back to 'Decisions on the use of IT', and they are connected by 'Direct and control'.

    IT principles must be carefully constructed to make sure they are adhered to and relevant

    Info-Tech has identified a set of characteristics that IT principles should possess. These characteristics ensure the IT principles are relevant and followed in the organization.

    Approach focused. IT principles should be focused on the approach – how the organization is built, transformed, and operated – as opposed to what needs to be built, which is defined by both functional and non-functional requirements.

    Business relevant. Create IT principles that are specific to the organization. Tie IT principles to the organization’s priorities and strategic aspirations.

    Long lasting. Build IT principles that will withstand the test of time.

    Prescriptive. Inform and direct decision making with actionable IT principles. Avoid truisms, general statements, and observations.

    Verifiable. If compliance can’t be verified, people are less likely to follow the principle.

    Easily Digestible. IT principles must be clearly understood by everyone in IT and by business stakeholders. IT principles aren’t a secret manuscript of the IT team. IT principles should be succinct; wordy principles are hard to understand and remember.

    Followed. Successful IT principles represent a collection of beliefs shared among enterprise stakeholders. IT principles must be continuously communicated to all stakeholders to achieve and maintain buy-in.

    In organizations where formal policy enforcement works well, IT principles should be enforced through appropriate governance processes.

    Consider the example principles below

    IT Principle Name

    IT Principle Statement

    1. Risk Management We will ensure that the organization’s IT Risk Management Register is properly updated to reflect all potential risks and that a plan of action against those risks has been identified.
    2. Transparent Communication We will ensure employees are spoken to with respect and transparency throughout the transaction process.
    3. Separation for Success We will create a carve-out strategy that enables the organization and clearly communicates the resources required to succeed.
    4. Managed Data We will handle data creation, modification, separation, and use across the enterprise in compliance with our data governance policy.
    5.Deliver Better Customer Service We will reduce the number of products offered by IT, enabling a stronger focus on specific products or elements to increase customer service delivery.
    6. Compliance With Laws and Regulations We will operate in compliance with all applicable laws and regulations for both our organization and the potentially purchasing organization.
    7. Defined Value We will create a plan of action that aligns with the organization’s defined value expectations.
    8. Network Readiness We will ensure that employees and customers have immediate access to the network with minimal or no outages.
    9. Value Generator We will leverage the current IT people, processes, and technology to turn the IT organization into a value generator by developing and selling our services to purchasing organizations.

    2.1.2 Identify the guiding principles

    2 hours

    Input: Business objectives, IT capabilities, Rationale for the transaction, Mission and vision statements

    Output: IT’s guiding principles for reduction strategies tied to mergers, acquisitions, and divestitures

    Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create the guiding principles that will direct the IT organization throughout the reduction strategy process.

    1. Review the role of guiding principles and the examples of guiding principles that organizations have used.
    2. Brainstorm different versions of the guiding principles. Each guiding principle should start with the phrase “We will…”
    3. Edit and consolidate the statements until you have a list of approximately eight to ten statements that accurately reflect IT’s role in the reduction process.
    4. Review the guiding principles every six months to ensure they continue to support the delivery of the business’ reduction strategy goals.

    Record the results in the M&A Sell Playbook.

    Create two IT teams to support the transaction

    IT M&A Transaction Team

    • The IT M&A Transaction Team should consist of the strongest members of the IT team who can be expected to deliver on unusual or additional tasks not asked of them in normal day-to-day operations.
    • The roles selected for this team will have very specific skills sets or deliver on critical separation capabilities, making their involvement in the combination of two or more IT environments paramount.
    • These individuals need to have a history of proving themselves very trustworthy, as they will likely be required to sign an NDA as well.
    • Expect to have to certain duplicate capabilities or roles across the M&A Team and Operational Team.

    IT Operational Team

    • This group is responsible for ensuring the business operations continue.
    • These employees might be those who are newer to the organization but can be counted on to deliver consistent IT services and products.
    • The roles of this team should ensure that end users or external customers remain satisfied.

    Key capabilities to support M&A

    Consider the following capabilities when looking at who should be a part of the IT Transaction Team.

    Employees who have a significant role in ensuring that these capabilities are being delivered will be a top priority.

    Infrastructure & Operations

    • System Separation
    • Data Management
    • Helpdesk/Desktop Support
    • Cloud/Server Management

    Business Focus

    • Service-Level Management
    • Enterprise Architecture
    • Stakeholder Management
    • Project Management

    Risk & Security

    • Privacy Management
    • Security Management
    • Risk & Compliance Management

    Build a lasting and scalable operating model

    An operating model is an abstract visualization, used like an architect’s blueprint, that depicts how structures and resources are aligned and integrated to deliver on the organization’s strategy.

    It ensures consistency of all elements in the organizational structure through a clear and coherent blueprint before embarking on detailed organizational design.

    The visual should highlight which capabilities are critical to attaining strategic goals and clearly show the flow of work so that key stakeholders can understand where inputs flow in and outputs flow out of the IT organization.

    As you assess the current operating model, consider the following:

    • Does the operating model contain all the necessary capabilities your IT organization requires to be successful?
    • What capabilities should be duplicated?
    • Are there individuals with the skill set to support those roles? If not, is there a plan to acquire or develop those skills?
    • A dedicated project team strictly focused on M&A is great. However, is it feasible for your organization? If not, what blockers exist?
    A diagram with 'Initiatives' and 'Solutions' on the left and right of an area chart, 'Customer' at the top, the area between them labelled 'Functional Area n', and six horizontal bars labelled 'IT Capability' stacked on top of each other. The 'IT Capability' bars are slightly skewed to the 'Solutions' side of the chart.

    Info-Tech Insight

    Investing time up-front getting the operating model right is critical. This will give you a framework to rationalize future organizational changes, allowing you to be more iterative and allowing your model to change as the business changes.

    2.1.3 Create the future-state operating model

    4 hours

    Input: Current operating model, IT strategy, IT capabilities, M&A-specific IT capabilities, Business objectives, Rationale for the transaction, Mission and vision statements

    Output: Future-state operating model for divesting organizations

    Materials: Operating model, Capability overlay, Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to establish what the future-state operating model will be if your organization needs to adjust to support a divestiture transaction. If your organization plans to sell in its entirety, you may choose to skip this activity.

    1. Ensuring that all the IT capabilities are identified by the business and IT strategy, document your organization’s current operating model.
    2. Identify what core capabilities would be critical to the divesting transaction process and separation. Highlight and make copies of those capabilities in the M&A Sell Playbook. As a result of divesting, there may also be capabilities that will become irrelevant in your future state.
    3. Ensure the capabilities that will be decentralized are clearly identified. Decentralized capabilities do not exist within the central IT organization but rather in specific lines of businesses, products, or locations to better understand needs and deliver on the capability.

    An example operating model is included in the M&A Sell Playbook. This process benefits from strong reference architecture and capability mapping ahead of time.

    Record the results in the M&A Sell Playbook.

    2.1.4 Determine the transition team

    3 hours

    Input: IT capabilities, Future-state operating model, M&A-specific IT capabilities, Business objectives, Rationale for the transaction, Mission and vision statements

    Output: Transition team

    Materials: Reference architecture, Organizational structure, Flip charts/whiteboard, Markers

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create a team that will support your IT organization throughout the transaction. Determining which capabilities and therefore which roles will be required ensures that the business will continue to get the operational support it needs.

    1. Based on the outcome of activity 2.1.3, review the capabilities that your organization will require on the transition team. Group capabilities into functional groups containing capabilities that are aligned well with one another because they have similar responsibilities and functionalities.
    2. Replace the capabilities with roles. For example, stakeholder management, requirements gathering, and project management might be one functional group. Project management and stakeholder management might combine to create a project manager role.
    3. Review the examples in the M&A Sell Playbook and identify which roles will be a part of the transition team.

    For more information, see Redesign Your Organizational Structure

    What is governance?

    And why does it matter so much to IT and the M&A process?

    • Governance is the method in which decisions get made, specifically as they impact various resources (time, money, and people).
    • Because M&A is such a highly governed transaction, it is important to document the governance bodies that exist in your organization.
    • This will give insight into what types of governing bodies there are, what decisions they make, and how that will impact IT.
    • For example, funds to support separation need to be discussed, approved, and supplied to IT from a governing body overseeing the acquisition.
    • A highly mature IT organization will have automated governance, while a seemingly non-existent governance process will be considered ad hoc.
    A pyramid with four levels representing the types of governing bodies that are available with differing levels of IT maturity. An arrow beside the pyramid points upward. The bottom of the arrow is labelled 'Traditional (People and document centric)' and the top is labelled 'Adaptive (Data centric)'. Starting at the bottom of the pyramid is level 1 'Ad Hoc Governance', 'Governance that is not well defined or understood within the organization. It occurs out of necessity but often not by the right people'. Level 2 is 'Controlled Governance', 'Governance focused on compliance and decisions driven by hierarchical authority. Levels of authority are defined and often driven by regulatory'. Level 3 is 'Agile Governance', 'Governance that is flexible to support different needs and quick response in the organization. Driven by principles and delegated throughout the company'. At the top of the pyramid is level 4 'Automated Governance', 'Governance that is entrenched and automated into organizational processes and product/service design. Empowered and fully delegated governance to maintain fit and drive organizational success and survival'.

    2.1.5 Document M&A governance

    1-2 hours

    Input: List of governing bodies, Governing body committee profiles, Governance structure

    Output: Documented method on how decisions are made as it relates to the M&A transaction

    Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to determine the method in which decisions are made throughout the M&A transaction as it relates to IT. This will require understanding both governing bodies internal to IT and those external to IT.

    1. First, determine the other governance structures within the organization that will impact the decisions made about M&A. List out these bodies or committees.
    2. Create a profile for each committee that looks at the membership, purpose of the committee, decision areas (authority), and the process of inputs and outputs. Ensure IT committees that will have a role in this process are also documented. Consider the benefits realized, risks, and resources required for each.
    3. Organize the committees into a structure, identifying the committees that have a role in defining the strategy, designing and building, and running.

    Record the results in the M&A Sell Playbook.

    Current-state structure map – definitions of tiers

    Strategy: These groups will focus on decisions that directly connect to the strategic direction of the organization.

    Design & Build: The second tier of groups will oversee prioritization of a certain area of governance as well as design and build decisions that feed into strategic decisions.

    Run: The lowest level of governance will be oversight of more-specific initiatives and capabilities within IT.

    Expect tier overlap. Some committees will operate in areas that cover two or three of these governance tiers.

    Measure the IT program’s success in terms of its ability to support the business’ M&A goals

    Upper management will measure IT’s success based on your ability to support the underlying reasons for the M&A. Using business metrics will help assure business stakeholders that IT understands their needs and is working with the business to achieve them.

    Business-Specific Metrics

    • Revenue Growth: Increase in the top line as seen by market expansion, product expansion, etc. by percentage/time.
    • Synergy Extraction: Reduction in costs as determined by the ability to identify and eliminate redundancies over time.
    • Profit Margin Growth: Increase in the bottom line as a result of increased revenue growth and/or decreased costs over time.

    IT-Specific Metrics

    • IT operational savings and cost reductions due to synergies: Operating expenses, capital expenditures, licenses, contracts, applications, infrastructure over time.
    • Reduction in IT staff expense and headcount: Decreased budget allocated to IT staff, and ability to identify and remove redundancies in staff.
    • Meeting or improving on IT budget estimates: Delivering successful IT separation on a budget that is the same or lower than the budget estimated during due diligence.
    • Meeting or improving on IT time-to-separation estimates: Delivering successful IT carve-out on a timeline that is the same or shorter than the timeline estimated during due diligence.
    • Business capability support: Delivering the end state of IT that supports the expected business capabilities and growth.

    Establish your own metrics to gauge the success of IT

    Establish SMART M&A Success Metrics

    S pecific Make sure the objective is clear and detailed.
    M easurable Objectives are measurable if there are specific metrics assigned to measure success. Metrics should be objective.
    A ctionable Objectives become actionable when specific initiatives designed to achieve the objective are identified.
    R ealistic Objectives must be achievable given your current resources or known available resources.
    T ime-Bound An objective without a timeline can be put off indefinitely. Furthermore, measuring success is challenging without a timeline.
    • What should IT consider when looking to identify potential additions, deletions, or modifications that will either add value to the organization or reduce costs/risks?
    • Provide a definition of synergies.
    • IT operational savings and cost reductions due to synergies: Operating expenses, capital expenditures, licenses, contracts, applications, infrastructure.
    • Reduction in IT staff expense and headcount: Decreased budget allocated to IT staff, and ability to identify and remove redundancies in staff.
    • Meeting or improving on IT budget estimates: Delivering successful IT separation on a budget that is the same or lower than the budget estimated during due diligence.
    • Meeting or improving on IT time-to-separation estimates: Delivering successful IT carve-out on a timeline that is the same or shorter than the timeline estimated during due diligence.
    • Revenue growth: Increase in the top line as a result, as seen by market expansion, product expansion, etc., as a result of divesting lines of the business and selling service-level agreements to the purchasing organization.
    • Synergy extraction: Reduction in costs, as determined by the ability to identify and eliminate redundancies.
    • Profit margin growth: Increase in the bottom line as a result of increased revenue growth and/or decreased costs.

    Metrics for each phase

    1. Proactive

    2. Discovery & Strategy

    3. Valuation & Due Diligence

    4. Execution & Value Realization

    • % Share of business innovation spend from overall IT budget
    • % Critical processes with approved performance goals and metrics
    • % IT initiatives that meet or exceed value expectation defined in business case
    • % IT initiatives aligned with organizational strategic direction
    • % Satisfaction with IT's strategic decision-making abilities
    • $ Estimated business value added through IT-enabled innovation
    • % Overall stakeholder satisfaction with IT
    • % Percent of business leaders that view IT as an Innovator
    • % IT budget as a percent of revenue
    • % Assets that are not allocated
    • % Unallocated software licenses
    • # Obsolete assets
    • % IT spend that can be attributed to the business (chargeback or showback)
    • % Share of CapEx of overall IT budget
    • % Prospective organizations that meet the search criteria
    • $ Total IT cost of ownership (before and after M&A, before and after rationalization)
    • % Business leaders that view IT as a Business Partner
    • % Defects discovered in production
    • $ Cost per user for enterprise applications
    • % In-house-built applications vs. enterprise applications
    • % Owners identified for all data domains
    • # IT staff asked to participate in due diligence
    • Change to due diligence
    • IT budget variance
    • Synergy target
    • % Satisfaction with the effectiveness of IT capabilities
    • % Overall end-customer satisfaction
    • $ Impact of vendor SLA breaches
    • $ Savings through cost-optimization efforts
    • $ Savings through application rationalization and technology standardization
    • # Key positions empty
    • % Frequency of staff turnover
    • % Emergency changes
    • # Hours of unplanned downtime
    • % Releases that cause downtime
    • % Incidents with identified problem record
    • % Problems with identified root cause
    • # Days from problem identification to root cause fix
    • % Projects that consider IT risk
    • % Incidents due to issues not addressed in the security plan
    • # Average vulnerability remediation time
    • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
    • # Time (days) to value realization
    • % Projects that realized planned benefits
    • $ IT operational savings and cost reductions that are related to synergies/divestitures
    • % IT staff–related expenses/redundancies
    • # Days spent on IT separation
    • $ Accurate IT budget estimates
    • % Revenue growth directly tied to IT delivery
    • % Profit margin growth

    2.1.6 Create program metrics

    1-2 hours

    Input: IT capabilities, Mission, vision, and guiding principles, Rationale for the acquisition

    Output: Program metrics to support IT throughout the M&A process

    Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to determine how IT’s success throughout a growth transaction will be measured and determined.

    1. Document a list of appropriate metrics on the whiteboard. Remember to include metrics that demonstrate the business impact. You can use the sample metrics listed on the previous slide as a starting point.
    2. Set a target and deadline for each metric. This will help the group determine when it is time to evaluate progression.
    3. Establish a baseline for each metric based on information collected within your organization.
    4. Assign an owner for tracking each metric as well as someone to be accountable for performance.

    Record the results in the M&A Sell Playbook.

    Discovery & Strategy

    Step 2.2

    Prepare IT to Engage in the Separation or Sale

    Activities

    • 2.2.1 Establish the separation strategy
    • 2.2.2 Conduct a RACI
    • 2.2.3 Create the communication plan
    • 2.2.4 Assess the potential organization(s)

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team

    Outcomes of Step

    Identify IT’s plan of action when it comes to the separation/sale and align IT’s separation/sale strategy with the business’ M&A strategy.

    Separation strategies

    There are several IT separation strategies that will let you achieve your target technology environment.

    IT Separation Strategies
    • Divest. Carve out elements of the IT organization and sell them to a purchasing organization with or without a service-level agreement.
    • Sell. Sell the entire IT environment to a purchasing organization. The purchasing organization takes full responsibility in delivering and running the IT environment.
    • Spin-Off Joint Venture. Carve out elements of the IT organization and combine them with elements of a new or purchasing organization to create a new entity.

    The approach IT takes will depend on the business objectives for the M&A.

    • Generally speaking, the separation strategy is well understood and influenced by the frequency of and rationale for selling.
    • Based on the initiatives generated by each business process owner, you need to determine the IT separation strategy that will best support the desired target technology environment, especially if you are still operating or servicing elements of that IT environment.

    Key considerations when choosing an IT separation strategy include:

    • What are the main business objectives of the M&A?
    • What are the key synergies expected from the transaction?
    • What IT separation strategy best helps obtain these benefits?
    • What opportunities exist to position the business for sustainable and long-term growth?

    Separation strategies in detail

    Review highlights and drawbacks of different separation strategies

    Divest
      Highlights
    • Recommended for businesses striving to reduce costs and potentially even generate revenue for the business through the delivery of SLAs.
    • Opportunity to reduce or scale back on lines of business or products that are not driving profits.
      Drawbacks
    • May be forced to give up critical staff that have been known to deliver high value.
    • The IT department is left to deliver services to the purchasing organization with little support or consideration from the business.
    • There can be increased risk and security concerns that need to be addressed.
    Sell
      Highlights
    • Recommended for businesses looking to gain capital to exit the market profitably or to enter a new market with a large sum of capital.
    • The business will no longer exist, and as a result all operational costs, including IT, will become redundant.
      Drawbacks
    • IT is no longer needed as an operating or capital service for the organization.
    • Lost resources, including highly trained and critical staff.
    • May require packaging employees off and using the profit or capital generated to cover any closing costs.
    Spin-Off or Joint Venture
      Highlights
    • Recommended for businesses looking to expand their market presence or acquire new products. Essentially aligning the two organizations in the same market.
    • Each side has a unique offering but complementing capabilities.
      Drawbacks
    • As much as the organization is going through a separation from the original company, it will be going through an integration with the new company.
    • There could be differences in culture.
    • This could require a large amount of investment without a guarantee of profit or success.

    2.2.1 Establish the separation strategy

    1-2 hours

    Input: Business separation strategy, Guiding principles, M&A governance

    Output: IT’s separation strategy

    Materials: Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to determine IT’s approach to separating or selling. This approach might differ slightly from transaction to transaction. However, the businesses approach to transactions should give insight into the general separation strategy IT should adopt.

    1. Make sure you have clearly articulated the business objectives for the M&A, the technology end state for IT, and the magnitude of the overall separation.
    2. Review and discuss the highlights and drawbacks of each type of separation.
    3. Use Info-Tech’s Separation Posture Selection Framework on the next slide to select the separation posture that will appropriately enable the business. Consider these questions during your discussion:
      1. What are the main business objectives of the M&A? What key IT capabilities will need to support business objectives?
      2. What key synergies are expected from the transaction? What opportunities exist to position the business for sustainable growth?
      3. What IT separation best helps obtain these benefits?

    Record the results in the M&A Sell Playbook.

    Separation Posture Selection Framework

    Business M&A Strategy

    Resultant Technology Strategy

    M&A Magnitude (% of Seller Assets, Income, or Market Value)

    IT Separation Posture

    A. Horizontal Adopt One Model ‹100% Divest
    ›99% Sell
    B. Vertical Create Links Between Critical Systems Any Divest
    C. Conglomerate Independent Model Any Joint Venture
    Divest
    D. Hybrid: Horizontal & Conglomerate Create Links Between Critical Systems Any Divest
    Joint Venture

    M&A separation strategy

    Business M&A Strategy Resultant Technology Strategy M&A Magnitude (% of Seller Assets, Income, or Market Value) IT Separation Posture

    You may need a hybrid separation posture to achieve the technology end state.

    M&A objectives may not affect all IT domains and business functions in the same way. Therefore, the separation requirements for each business function may differ. Organizations will often choose to select and implement a hybrid separation posture to realize the technology end state.

    Each business division may have specific IT domain and capability needs that require an alternative separation strategy.

    • Example: Even when conducting a joint venture by forming a new organization, some partners might view themselves as the dominant partner and want to influence the IT environment to a greater degree.
    • Example: Some purchasing organizations will expect service-level agreements to be available for a significant period of time following the divestiture, while others will be immediately independent.

    2.2.2 Conduct a RACI

    1-2 hours

    Input: IT capabilities, Transition team, Separation strategy

    Output: Completed RACI for Transition team

    Materials: Reference architecture, Organizational structure, Flip charts/whiteboard, Markers, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to identify the core accountabilities and responsibilities for the roles identified as critical to your transition team. While there might be slight variation from transaction to transaction, ideally each role should be performing certain tasks.

    1. First, identify a list of critical tasks that need to be completed to support the sale or separation. For example:
      • Communicate with the company M&A team.
      • Identify the key IT solutions that can and cannot be carved out.
      • Gather data room artifacts and provide them to acquiring organization.
    2. Next, identify at the activity level which role is accountable or responsible for each activity. Enter an A for accountable, R for responsible, or A/R for both.

    Record the results in the M&A Sell Playbook.

    Communication and change

    Prepare key stakeholders for the potential changes

    • Anytime you are starting a project or program that will depend on users and stakeholders to give up their old way of doing things, change will force people to become novices again, leading to lost productivity and added stress.
    • Change management can improve outcomes for any project where you need people to adopt new tools and procedures, comply with new policies, learn new skills and behaviors, or understand and support new processes.
    • M&As move very quickly, and it can be very difficult to keep track of which stakeholders you need to be communicating with and what you should be communicating.
    • Not all organizations embrace or resist change in the same ways. Base your change communications on your organization’s cultural appetite for change in general.
      • Organizations with a low appetite for change will require more direct, assertive communications.
      • Organizations with a high appetite for change are more suited to more open, participatory approaches.

    Three key dimensions determine the appetite for cultural change:

    • Power Distance. Refers to the acceptance that power is distributed unequally throughout the organization.
      In organizations with a high power distance, the unequal power distribution is accepted by the less powerful employees.
    • Individualism. Organizations that score high in individualism have employees who are more independent. Those who score low in individualism fall into the collectivism side, where employees are strongly tied to one another or their groups.
    • Uncertainty Avoidance. Describes the level of acceptance that an organization has toward uncertainty. Those who score high in this area find that their employees do not favor uncertain situations, while those that score low in this area find that their employees are comfortable with change and uncertainty.

    2.2.3 Create the communication plan

    1-2 hours

    Input: IT’s M&A mission, vision, and guiding principles, M&A transition team, IT separation strategy, RACI

    Output: IT’s M&A communication plan

    Materials: Flip charts/whiteboard, Markers, RACI, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create a communication plan that IT can leverage throughout the initiative.

    1. Create a structured communication plan that allows for continuous communication with the integration management office, senior management, and the business functional heads.
    2. Outline key topics of communication, with stakeholders, inputs, and outputs for each topic.
    3. Review Info-Tech’s example communication plan in the M&A Sell Playbook and update it with relevant information.
    4. Does this communication plan make sense for your organization? What doesn’t make sense? Adjust the communication guide to suit your organization.

    Record the results in the M&A Sell Playbook.

    Assessing potential organizations

    As soon as you have identified organizations to consider, it’s imperative to assess critical risks. Most IT leaders can attest that they will receive little to no notice when the business is pursuing a sale and IT has to assess the IT organization. As a result, having a standardized template to quickly assess the potential acquiring organization is important.

    Ways to Assess

    1. News: Assess what sort of news has been announced in relation to the organization. Have they had any risk incidents? Has a critical vendor announced working with them?
    2. LinkedIn: Scan through the LinkedIn profiles of employees. This will give you a sense of what platforms they have based on employees. It will also give insight into positive or negative employee experiences that could impact retention.
    3. Trends: Some industries will have specific solutions that are relevant and popular. Assess what the key players are (if you don’t already know) to determine the solution.
    4. Business Architecture: While this assessment won’t perfect, try to understand the business’ value streams and the critical business and IT capabilities that would be needed to support them. Will your organization or employee skills be required to support these long term?

    Info-Tech Insight

    Assessing potential organizations is not just for the purchaser. The seller should also know what the purchasing organization’s history with M&As is and what potential risks could occur if remaining connected through ongoing SLAs.

    2.2.4 Assess the potential organization(s)

    1-2 hours

    Input: Publicized historical risk events, Solutions and vendor contracts likely in the works, Trends

    Output: IT’s valuation of the potential organization(s) for selling or divesting

    Materials: M&A Sell Playbook

    Participants: IT executive/CIO

    The purpose of this activity is to assess the organization(s) that your organization is considering selling or divesting to.

    1. Complete the Historical Valuation Worksheet in the M&A Sell Playbook to understand the type of IT organization that your company may support.
      • The business likely isn’t looking for in-depth details at this time. However, as the IT leader, it is your responsibility to ensure critical risks are identified and communicated to the business.
    2. Use the information identified to help the business narrow down which organizations could be the right organizations to sell or divest to.

    Record the results in the M&A Sell Playbook.

    By the end of this pre-transaction phase you should:

    Have a program plan for M&As and a repeatable M&A strategy for IT when engaging in reduction transactions

    Key outcomes from the Discovery & Strategy phase
    • Prepare the IT environment to support the potential sale or divestiture by identifying critical program plan elements and establishing a separation or carve-out strategy that will enable the business to reach its goals.
    • Create a M&A strategy that accounts for all the necessary elements of a transaction and ensures sufficient governance, capabilities, and metrics exist.
    Key deliverables from the Discovery & Strategy phase
    • Create vision and mission statements
    • Establish guiding principles
    • Create a future-state operating model
    • Identify the key roles for the transaction team
    • Identify and communicate the M&A governance
    • Determine target metrics
    • Identify the M&A operating model
    • Select the separation strategy framework
    • Conduct a RACI for key transaction tasks for the transaction team
    • Document the communication plan

    M&A Sell Blueprint

    Phase 3

    Due Diligence & Preparation

    Phase 1Phase 2

    Phase 3

    Phase 4
    • 1.1 Identify Stakeholders and Their Perspective of IT
    • 1.2 Assess IT’s Current Value and Future State
    • 1.3 Drive Innovation and Suggest Reduction Opportunities
    • 2.1 Establish the M&A Program Plan
    • 2.2 Prepare IT to Engage in the Separation or Sale
    • 3.1 Engage in Due Diligence and Prepare Staff
    • 3.2 Prepare to Separate
    • 4.1 Execute the Transaction
    • 4.2 Reflection and Value Realization

    This phase will walk you through the following activities:

    • Drive value with a due diligence charter
    • Gather data room artifacts
    • Measure staff engagement
    • Assess culture
    • Create a carve-out roadmap
    • Prioritize separation tasks
    • Establish the separation roadmap
    • Identify the buyer’s IT expectations
    • Create a service/transaction agreement
    • Estimate separation costs
    • Create an employee transition plan
    • Create functional workplans for employees
    • Align project metrics with identified tasks

    This phase involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team
    • Business leaders
    • Purchasing organization
    • Transition team

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Pre-Work

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Establish the Transaction FoundationDiscover the Motivation for SeparationIdentify Expectations and Create the Carve-Out RoadmapPrepare and Manage EmployeesPlan the Separation RoadmapNext Steps and Wrap-Up (offsite)

    Activities

    • 0.1 Identify the rationale for the company's decision to pursue a divestiture/sale.
    • 0.2 Identify key stakeholders and determine the IT transaction team.
    • 0.3 Gather and evaluate the M&A strategy, future-state operating model, and governance.
    • 1.1 Review the business rationale for the divestiture/sale.
    • 1.2 Identify pain points and opportunities tied to the divestiture/sale.
    • 1.3 Establish the separation strategy.
    • 1.4 Create the due diligence charter.
    • 2.1 Identify the buyer’s IT expectations.
    • 2.2 Create a list of IT artifacts to be reviewed in the data room.
    • 2.3 Create a carve-out roadmap.
    • 2.4 Create a service/technical transaction agreement.
    • 3.1 Measure staff engagement.
    • 3.2 Assess the current culture and identify the goal culture.
    • 3.3 Create an employee transition plan.
    • 3.4 Create functional workplans for employees.
    • 4.1 Prioritize separation tasks.
    • 4.2 Establish the separation roadmap.
    • 4.3 Establish and align project metrics with identified tasks.
    • 4.4 Estimate separation costs.
    • 5.1 Complete in-progress deliverables from previous four days.
    • 5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables

    1. IT strategy
    2. IT operating model
    3. IT governance structure
    4. M&A transaction team
    1. Business context implications for IT
    2. Separation strategy
    3. Due diligence charter
    1. Data room artifacts identified
    2. Carve-out roadmap
    3. Service/technical transaction agreement
    1. Engagement assessment
    2. Culture assessment
    3. Employee transition plans and workplans
    1. Separation roadmap and associated resourcing
    1. Divestiture separation strategy for IT

    What is the Due Diligence & Preparation phase?

    Mid-transaction state

    The Due Diligence & Preparation phase during a sale or divestiture is a critical time for IT. If IT fails to proactively participate in this phase, IT will have to merely react to separation expectations set by the business.

    If your organization is being sold in its entirety, staff will have major concerns about their future in the new organization. Making this transition as smooth as possible and being transparent could go a long way in ensuring their success in the new organization.

    In a divestiture, this is the time to determine where it’s possible for the organization to divide or separate from itself. A lack of IT involvement in these conversations could lead to an overcommitment by the business and under-delivery by IT.

    Goal: To ensure that, as the selling or divesting organization, you comply with regulations, prepare staff for potential changes, and identify a separation strategy if necessary

    Due Diligence Prerequisite Checklist

    Before coming into the Due Diligence & Preparation phase, you must have addressed the following:

    • Understand the rationale for the company's decision to pursue a sale or divestiture and what opportunities or pain points the sale should alleviate.
    • Identify the key roles for the transaction team.
    • Identify the M&A governance.
    • Determine target metrics.
    • Select a separation strategy framework.
    • Conduct a RACI for key transaction tasks for the transaction team.

    Before coming into the Due Diligence & Preparation phase, we recommend addressing the following:

    • Create vision and mission statements.
    • Establish guiding principles.
    • Create a future-state operating model.
    • Identify the M&A operating model.
    • Document the communication plan.
    • Examine the business perspective of IT.
    • Identify key stakeholders and outline their relationship to the M&A process.
    • Be able to valuate the IT environment and communicate IT’s value to the business.

    The Technology Value Trinity

    Delivery of Business Value & Strategic Needs

    • Digital & Technology Strategy
      The identification of objectives and initiatives necessary to achieve business goals.
    • IT Operating Model
      The model for how IT is organized to deliver on business needs and strategies.
    • Information & Technology Governance
      The governance to ensure the organization and its customers get maximum value from the use of information and technology.

    All three elements of the Technology Value Trinity work in harmony to deliver business value and achieve strategic needs. As one changes, the others need to change as well.

    • Digital and IT Strategy tells you what you need to achieve to be successful.
    • IT Operating Model and Organizational Design is the alignment of resources to deliver on your strategy and priorities.
    • Information & Technology Governance is the confirmation of IT’s goals and strategy, which ensures the alignment of IT and business strategy. It’s the mechanism by which you continuously prioritize work to ensure that what is delivered is in line with the strategy. This oversight evaluates, directs, and monitors the delivery of outcomes to ensure that the use of resources results in the achieving the organization’s goals.

    Too often strategy, operating model and organizational design, and governance are considered separate practices. As a result, “strategic documents” end up being wish lists, and projects continue to be prioritized based on who shouts the loudest – not based on what is in the best interest of the organization.

    Due Diligence & Preparation

    Step 3.1

    Engage in Due Diligence and Prepare Staff

    Activities

    • 3.1.1 Drive value with a due diligence charter
    • 3.1.2 Gather data room artifacts
    • 3.1.3 Measure staff engagement
    • 3.1.4 Assess culture

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Company M&A team
    • Business leaders
    • Prospective IT organization
    • Transition team

    Outcomes of Step

    This step of the process is when IT should prepare and support the business in due diligence and gather the necessary information about staff changes.

    3.1.1 Drive value with a due diligence charter

    1-2 hours

    Input: Key roles for the transaction team, M&A governance, Target metrics, Selected separation strategy framework, RACI of key transaction tasks for the transaction team

    Output: IT Due Diligence Charter

    Materials: M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to create a charter leveraging the items completed in the previous phase, as listed on the Due Diligence Prerequisite Checklist slide, to gain executive sign-off.

    1. In the IT Due Diligence Charter in the M&A Sell Playbook, complete the aspects of the charter that are relevant for you and your organization.
    2. We recommend including these items in the charter:
      • Communication plan
      • Transition team roles
      • Goals and metrics for the transaction
      • Separation strategy
      • Sale/divestiture RACI
    3. Once the charter has been completed, ensure that business executives agree to the charter and sign off on the plan of action.

    Record the results in the M&A Sell Playbook.

    3.1.2 Gather data room artifacts

    4 hours

    Input: Future-state operating model, M&A governance, Target metrics, Selected separation strategy framework, RACI of key transaction tasks for the transaction team

    Output: List of items to acquire and verify can be provided to the purchasing organization while in the data room

    Materials: Critical domain lists on following slides, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team, Legal team, Compliance/privacy officers

    The purpose of this activity is to create a list of the key artifacts that you could be asked for during the due diligence process.

    1. Review the lists on the following pages as a starting point. Identify which domains, stakeholders, artifacts, and information should be requested for the data room.
    2. IT leadership may or may not be asked to enter the data room directly. The short notice for having to find these artifacts for the purchasing organization can leave your IT organization scrambling. Identify the critical items worth obtaining ahead of time.
    3. Once you have identified the artifacts, provide the list to the legal team or compliance/privacy officers and ensure they also agree those items can be provided. If changes to the documents need to be made, take the time to do so.
    4. Store all items in a safe and secure file or provide to the M&A team ahead of due diligence.

    **Note that if your organization is not leading/initiating the data room, then you can ignore this activity.

    Record the results in the M&A Sell Playbook.

    Critical domains

    Understand the key stakeholders and outputs for each domain

    Domain

    Stakeholders

    Key Artifacts

    Key Information to request

    Business
    • Enterprise Architecture
    • Business Relationship Manager
    • Business Process Owners
    • Business capability map
    • Capability map (the M&A team should be taking care of this, but make sure it exists)
    • Business satisfaction with various IT systems and services
    Leadership/IT Executive
    • CIO
    • CTO
    • CISO
    • IT budgets
    • IT capital and operating budgets (from current year and previous year)
    Data & Analytics
    • Chief Data Officer
    • Data Architect
    • Enterprise Architect
    • Master data domains, system of record for each
    • Unstructured data retention requirements
    • Data architecture
    • Master data domains, sources, and storage
    • Data retention requirements
    Applications
    • Applications Manager
    • Application Portfolio Manager
    • Application Architect
    • Applications map
    • Applications inventory
    • Applications architecture
    • Copy of all software license agreements
    • Copy of all software maintenance agreements
    Infrastructure
    • Head of Infrastructure
    • Enterprise Architect
    • Infrastructure Architect
    • Infrastructure Manager
    • Infrastructure map
    • Infrastructure inventory
    • Network architecture (including which data centers host which infrastructure and applications)
    • Inventory (including separation capabilities of vendors, versions, switches, and routers)
    • Copy of all hardware lease or purchase agreements
    • Copy of all hardware maintenance agreements
    • Copy of all outsourcing/external service provider agreements
    • Copy of all service-level agreements for centrally provided, shared services and systems
    Products and Services
    • Product Manager
    • Head of Customer Interactions
    • Product lifecycle
    • Product inventory
    • Customer market strategy

    Critical domains (continued)

    Understand the key stakeholders and outputs for each domain

    Domain

    Stakeholders

    Key Artifacts

    Key Information to request

    Operations
    • Head of Operations
    • Service catalog
    • Service overview
    • Service owners
    • Access policies and procedures
    • Availability and service levels
    • Support policies and procedures
    • Costs and approvals (internal and customer costs)
    IT Processes
    • CIO
    • IT Management
    • VP of IT Governance
    • VP of IT Strategy
    • IT process flow diagram
    • Processes in place and productivity levels (capacity)
    • Critical processes/processes the organization feels they do particularly well
    IT People
    • CIO
    • VP of Human Resources
    • IT organizational chart
    • Competency & capacity assessment
    • IT organizational structure (including resources from external service providers such as contractors) with appropriate job descriptions or roles and responsibilities
    • IT headcount and location
    Security
    • CISO
    • Security Architect
    • Security posture
    • Information security staff
    • Information security service providers
    • Information security tools
    • In-flight information security projects
    Projects
    • Head of Projects
    • Project portfolio
    • List of all future, ongoing, and recently completed projects
    Vendors
    • Head of Vendor Management
    • License inventory
    • Inventory (including what will and will not be transitioning, vendors, versions, number of licenses)

    Retain top talent throughout the transition

    Focus on retention and engagement

    • People are such a critical component of this process, especially in the selling organization.
    • Retaining employees, especially the critical employees who hold specific skills or knowledge, will ensure the success and longevity of the divesting organization, purchasing organization, or the new company.
    • Giving employees a role in the organization and ensuring they do not see their capabilities as redundant will be critical to the process.
    • It is okay if employees need to change what they were doing temporarily or even long-term. However, being transparent about these changes and highlighting their value to the process and organization(s) will help.
    • The first step to moving forward with retention is to look at the baseline engagement and culture of employees and the organization. This will help determine where to focus and allow you to identify changes in engagement that resulted from the transaction.
    • Job engagement drivers are levers that influence the engagement of employees in their day-to-day roles.
    • Organizational engagement drivers are levers that influence an employee’s engagement with the broader organization.
    • Retention drivers are employment needs. They don’t necessarily drive engagement, but they must be met for engagement to be possible.

    3.1.3 Measure staff engagement

    3-4 hours

    Input: Engagement survey

    Output: Baseline engagement scores

    Materials: Build an IT Employee Engagement Program

    Participants: IT executive/CIO, IT senior leadership, IT employees of current organization

    The purpose of this activity is to measure current staff engagement to have a baseline to measure against in the future state. This is a good activity to complete if you will be divesting or selling in entirety.

    The results from the survey should act as a baseline to determine what the organization is doing well in terms of employee engagement and what drivers could be improved upon.

    1. Review Info-Tech’s Build an IT Employee Engagement Program research and select a survey that will best meet your needs.
    2. Conduct the survey and note which drivers employees are currently satisfied with. Likewise, note where there are opportunities.
    3. Document actions that should be taken to mitigate the negative engagement drivers throughout the transaction and enhance or maintain the positive engagement drivers.

    Record the results in the M&A Sell Playbook.

    Assess culture as a part of engagement

    Culture should not be overlooked, especially as it relates to the separation of IT environments

    • There are three types of culture that need to be considered.
    • Most importantly, this transition is an opportunity to change the culture that might exist in your organization’s IT environment.
    • Make a decision on which type of culture you’d like IT to have post transition.

    Target Organization's Culture. The culture that the target organization is currently embracing. Their established and undefined governance practices will lend insight into this.

    Your Organization’s Culture. The culture that your organization is currently embracing. Examine people’s attitudes and behaviors within IT toward their jobs and the organization.

    Ideal Culture. What will the future culture of the IT organization be once separation is complete? Are there aspects that your current organization and the target organization embrace that are worth considering?

    Culture categories

    Map the results of the IT Culture Diagnostic to an existing framework

    Competitive
    • Autonomy
    • Confront conflict directly
    • Decisive
    • Competitive
    • Achievement oriented
    • Results oriented
    • High performance expectations
    • Aggressive
    • High pay for good performance
    • Working long hours
    • Having a good reputation
    • Being distinctive/different
    Innovative
    • Adaptable
    • Innovative
    • Quick to take advantage of opportunities
    • Risk taking
    • Opportunities for professional growth
    • Not constrained by rules
    • Tolerant
    • Informal
    • Enthusiastic
    Traditional
    • Stability
    • Reflective
    • Rule oriented
    • Analytical
    • High attention to detail
    • Organized
    • Clear guiding philosophy
    • Security of employment
    • Emphasis on quality
    • Focus on safety
    Cooperative
    • Team oriented
    • Fair
    • Praise for good performance
    • Supportive
    • Calm
    • Developing friends at work
    • Socially responsible

    Culture Considerations

    • What culture category was dominant for each IT organization?
    • Do you share the same dominant category?
    • Is your current dominant culture category the most ideal to have post-separation?

    3.1.4 Assess Culture

    3-4 hours

    Input: Cultural assessments for current IT organization, Cultural assessment for target IT organization

    Output: Goal for IT culture

    Materials: IT Culture Diagnostic

    Participants: IT executive/CIO, IT senior leadership, IT employees of current organization, IT employees of target organization, Company M&A team

    The purpose of this activity is to assess the different cultures that might exist within the IT environments of the organizations involved. By understanding the culture that exists in the purchasing organization, you can identify the fit and prepare impacted staff for potential changes.

    1. Complete this activity by leveraging the blueprint Fix Your IT Culture, specifically the IT Culture Diagnostic.
    2. Fill out the diagnostic for the IT department in your organization:
      1. Answer the 16 questions in tab 2, Diagnostic.
      2. Find out your dominant culture and review recommendations in tab 3, Results.
    3. Document the results from tab 3, Results, in the M&A Sell Playbook if you are trying to record all artifacts related to the transaction in one place.
    4. Repeat the activity for the purchasing organization.
    5. Leverage the information to determine what the goal for the culture of IT will be post-separation if it will differ from the current culture.

    Record the results in the M&A Sell Playbook.

    Due Diligence & Preparation

    Step 3.2

    Prepare to Separate

    Activities

    • 3.2.1 Create a carve-out roadmap
    • 3.2.2 Prioritize separation tasks
    • 3.2.3 Establish the separation roadmap
    • 3.2.4 Identify the buyer’s IT expectations
    • 3.2.5 Create a service/transaction agreement
    • 3.2.6 Estimate separation costs
    • 3.2.7 Create an employee transition plan
    • 3.2.8 Create functional workplans for employees
    • 3.2.9 Align project metrics with identified tasks

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Transition team
    • Company M&A team
    • Purchasing organization

    Outcomes of Step

    Have an established plan of action toward separation across all domains and a strategy toward resources.

    Don’t underestimate the importance of separation preparation

    Separation involves taking the IT organization and dividing it into two or more separate entities.

    Testing the carve capabilities of the IT organization often takes 3 months. (Source: Cognizant, 2014)

    Daimler-Benz lost nearly $19 billion following its purchase of Chrysler by failing to recognize the cultural differences that existed between the two car companies. (Source: Deal Room)

    Info-Tech Insight

    Separating the IT organization requires more time and effort than business leaders will know. Frequently communicate challenges and lost opportunities when carving the IT environment out.

    Separation needs

    Identify the business objectives of the sale to determine the IT strategy

    Set up a meeting with your IT due diligence team to:

    • Ensure there will be no gaps in the delivery of products and services in the future state.
    • Discuss the people and processes necessary to achieve the target technology environment and support M&A business objectives.

    Use this opportunity to:

    • Identify data and application complexities between the involved organizations.
    • Identify the IT people and process gaps, initiatives, and levels of support expected.
    • Determine your infrastructure needs to ensure effectiveness and delivery of services:
      • Does IT have the infrastructure to support the applications and business capabilities?
      • Identify any gaps between the current infrastructure in both organizations and the infrastructure required.
      • Identify any redundancies/gaps.
      • Determine the appropriate IT separation strategies.
    • Document your gaps, redundancies, initiatives, and assumptions to help you track and justify the initiatives that must be undertaken and help estimate the cost of separation.

    Separation strategies

    There are several IT separation strategies that will let you achieve your target technology environment.

    IT Separation Strategies
    • Divest. Carve out elements of the IT organization and sell them to a purchasing organization with or without a service-level agreement.
    • Sell. Sell the entire IT environment to a purchasing organization. The purchasing organization takes full responsibility in delivering and running the IT environment.
    • Spin-Off Joint Venture. Carve out elements of the IT organization and combine them with elements of a new or purchasing organization to create a new entity.

    The approach IT takes will depend on the business objectives for the M&A.

    • Generally speaking, the separation strategy is well understood and influenced by the frequency of and rationale for selling.
    • Based on the initiatives generated by each business process owner, you need to determine the IT separation strategy that will best support the desired target technology environment, especially if you are still operating or servicing elements of that IT environment.

    Key considerations when choosing an IT separation strategy include:

    • What are the main business objectives of the M&A?
    • What are the key synergies expected from the transaction?
    • What IT separation strategy best helps obtain these benefits?
    • What opportunities exist to position the business for sustainable and long-term growth?

    Separation strategies in detail

    Review highlights and drawbacks of different separation strategies

    Divest
      Highlights
    • Recommended for businesses striving to reduce costs and potentially even generate revenue for the business through the delivery of SLAs.
    • Opportunity to reduce or scale back on lines of business or products that are not driving profits.
      Drawbacks
    • May be forced to give up critical staff that have been known to deliver high value.
    • The IT department is left to deliver services to the purchasing organization with little support or consideration from the business.
    • There can be increased risk and security concerns that need to be addressed.
    Sell
      Highlights
    • Recommended for businesses looking to gain capital to exit the market profitably or to enter a new market with a large sum of capital.
    • The business will no longer exist, and as a result all operational costs, including IT, will become redundant.
      Drawbacks
    • IT is no longer needed as an operating or capital service for the organization.
    • Lost resources, including highly trained and critical staff.
    • May require packaging employees off and using the profit or capital generated to cover any closing costs.
    Spin-Off or Joint Venture
      Highlights
    • Recommended for businesses looking to expand their market presence or acquire new products. Essentially aligning the two organizations in the same market.
    • Each side has a unique offering but complementing capabilities.
      Drawbacks
    • As much as the organization is going through a separation from the original company, it will be going through an integration with the new company.
    • There could be differences in culture.
    • This could require a large amount of investment without a guarantee of profit or success.

    Preparing the carve-out roadmap

    And why it matters so much

    • When carving out the IT environment in preparation for a divestiture, it’s important to understand the infrastructure, application, and data connections that might exist.
    • Much to the business’ surprise, carving out the IT environment is not easy, especially when considering the services and products that might depend on access to certain applications or data sets.
    • Once the business has indicated which elements they anticipate divesting, be prepared for testing the functionality and ability of this carve-out, either through automation or manually. There are benefits and drawbacks to both methods:
      • Automated requires a solution and a developer to code the tests.
      • Manual requires time to find the errors, possibly more time than automated testing.
    • Identify if there are dependencies that will make the carve-out difficult.
      • For example, the business is trying to divest Product X, but that product is integrated with Product Y, which is not being sold.
      • Consider all the processes and products that specific data might support as well.
      • Moreover, the data migration tool will need to enter the ERP system and identify not just the data but all supporting and historical elements that underlie the data.

    Critical components to consider:

    • Selecting manual or automated testing
    • Determining data dependencies
    • Data migration capabilities
    • Auditing approval
    • People and skills that support specific elements being carved out

    3.2.1 Create a carve-out roadmap

    6 hours

    Input: Items included in the carve-out, Dependencies, Whether testing is completed, If the carve-out will pass audit, If the carve-out item is prepared to be separated

    Output: Carve-out roadmap

    Materials: Business’ divestiture plan, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Business leaders, Transition team

    The purpose of this activity is to prepare the IT environment by identifying a carve-out roadmap, specifically looking at data, infrastructure, and applications. Feel free to expand the roadmap to include other categories as your organization sees fit.

    1. In the Carve-Out Roadmap in the M&A Sell Playbook, identify the key elements of the carve-out in the first column.
    2. Note any dependencies the items might have. For example:
      • The business is selling Product X, which is linked to Data X and Data Y. The organization does not want to sell Data Y. Data X would be considered dependent on Data Y.
    3. Once the dependencies have been confirmed, begin automated or manual testing to examine the possibility of separating the data sets (or other dependencies) from one another.
    4. After identifying an acceptable method of separation, inform the auditing individual or body and confirm that there would be no repercussions for the planned process.

    Record the results in the M&A Sell Playbook.

    3.2.2 Prioritize separation tasks

    2 hours

    Input: Separation tasks, Transition team, M&A RACI

    Output: Prioritized separation list

    Materials: Separation task checklist, Separation roadmap

    Participants: IT executive/CIO, IT senior leadership, Company M&A team

    The purpose of this activity is to prioritize the different separation tasks that your organization has identified as necessary to this transaction. Some tasks might not be relevant for this particular transaction, and others might be critical.

    1. Begin by downloading the SharePoint or Excel version of the M&A Separation Project Management Tool.
    2. Identify which separation tasks you want to have as part of your project plan. Alter or remove any tasks that are irrelevant to your organization. Add in tasks you think are missing.
    3. When deciding criticality of the task, consider the effect on stakeholders, those who are impacted or influenced in the process of the task, and dependencies (e.g. data strategy needs to be addressed first before you can tackle its dependencies, like data quality).
    4. Feel free to edit the way you measure criticality. The standard tool leverages a three-point scale. At the end, you should have a list of tasks in priority order based on criticality.

    Record the updates in the M&A Separation Project Management Tool (SharePoint).

    Record the updates in the M&A Separation Project Management Tool (Excel).

    Separation checklists

    Prerequisite Checklist
    • Build the project plan for separation and prioritize activities
      • Plan first day
      • Plan first 30/100 days
      • Plan first year
    • Create an organization-aligned IT strategy
    • Identify critical stakeholders
    • Create a communication strategy
    • Understand the rationale for the sale or divestiture
    • Develop IT's sale/divestiture strategy
      • Determine goal opportunities
      • Create the mission and vision statements
      • Create the guiding principles
      • Create program metrics
    • Consolidate reports from due diligence/data room
    • Conduct culture assessment
    • Create a transaction team
    • Establish a service/technical transaction agreement
    • Plan and communicate culture changes
    • Create an employee transition plan
    • Assess baseline engagement
    Business
    • Design an enterprise architecture
    • Document your business architecture
    • Meet compliance and regulatory standards
    • Identify and assess all of IT's risks
    Applications
    • Prioritize and address critical applications
      • CRM
      • HRIS
      • Financial
      • Sales
      • Risk
      • Security
      • ERP
      • Email
    • Develop method of separating applications
    • Model critical applications that have dependencies on one another
    • Identify the infrastructure capacity required to support critical applications
    • Prioritize and address critical applications
    Leadership/IT Executive
    • Build an IT budget
    • Structure operating budget
    • Structure capital budget
    • Identify the workforce demand vs. capacity
    • Establish and monitor key metrics
    • Communicate value realized/cost savings
    Data
    • Confirm data strategy
    • Confirm data governance
    • Build a data architecture roadmap
    • Analyze data sources and domains
    • Evaluate data storage (on-premises vs. cloud)
    • Develop an enterprise content management strategy and roadmap
    • Ensure cleanliness/usability of data sets
    • Identify data sets that can remain operational if reduced/separated
    • Develop reporting and analytics capabilities
    • Confirm data strategy
    Operations
    • Manage sales access to customer data
    • Determine locations and hours of operation
    • Separate/terminate phone lists and extensions
    • Split email address books
    • Communicate helpdesk/service desk information

    Separation checklists (continued)

    Infrastructure
    • Manage organization domains
    • Consolidate data centers
    • Compile inventory of vendors, versions, switches, and routers
    • Review hardware lease or purchase agreements
    • Review outsourcing/service provider agreements
    • Review service-level agreements
    • Assess connectivity linkages between locations
    • Plan to migrate to a single email system if necessary
    • Determine network access concerns
    Vendors
    • Establish a sustainable vendor management office
    • Review vendor landscape
    • Identify warranty options
    • Identify the licensing grant
    • Rationalize vendor services and solutions
    People
    • Design an IT operating model
    • Design your future IT organizational structure
    • Conduct a RACI for prioritized activities
    • Conduct a culture assessment and identify goal IT culture
    • Build an IT employee engagement program
    • Determine critical roles and systems/process/products they support
    • Define new job descriptions with meaningful roles and responsibilities
    • Create employee transition plans
    • Create functional workplans
    Projects
    • Identify projects to be on hold
    • Communicate project intake process
    • Reprioritize projects
    Products & Services
    • Redefine service catalog
    • Ensure customer interaction requirements are met
    • Select a solution for product lifecycle management
    • Plan service-level agreements
    Security
    • Conduct a security assessment
    • Develop accessibility prioritization and schedule
    • Establish an information security strategy
    • Develop a security awareness and training program
    • Develop and manage security governance, risk, and compliance
    • Identify security budget
    • Build a data privacy and classification program
    IT Processes
    • Evaluate current process models
    • Determine productivity/capacity levels of processes
    • Identify processes to be changed/terminated
    • Establish a communication plan
    • Develop a change management process
    • Establish/review IT policies
    • Evaluate current process models

    3.2.2 Establish the separation roadmap

    2 hours

    Input: Prioritized separation tasks, Carve-out roadmap, Employee transition plan, Separation RACI, Costs for activities, Activity owners

    Output: Separation roadmap

    Materials: M&A Separation Project Plan Tool (SharePoint), M&A Separation Project Plan Tool (Excel), SharePoint Template: Step-by-Step Deployment Guide

    Participants: IT executive/CIO, IT senior leadership, Transition team, Company M&A team

    The purpose of this activity is to create a roadmap to support IT throughout the separation process. Using the information gathered in previous activities, you can create a roadmap that will ensure a smooth separation.

    1. Use our Separation Project Management Tool to help track critical elements in relation to the separation project. There are a few options available:
      1. Follow the instructions on the next slide if you are looking to upload our SharePoint project template. Additional instructions are available in the SharePoint Template Step-by-Step Deployment Guide.
      2. If you cannot or do not want to use SharePoint as your project management solution, download our Excel version of the tool.
        **Remember that this your tool, so customize to your liking.
    2. Identify who will own or be accountable for each of the separation tasks and establish the time frame for when each project should begin and end. This will confirm which tasks should be prioritized.

    Record the updates in the M&A Separation Project Management Tool (SharePoint).

    Record the updates in the M&A Separation Project Management Tool (Excel).

    Separation Project Management Tool (SharePoint Template)

    Follow these instructions to upload our template to your SharePoint environment

    1. Create or use an existing SP site.
    2. Download the M&A Separation Project Management Tool (SharePoint) .wsp file from the Mergers & Acquisitions: The Sell Blueprint landing page.
    3. To import a template into your SharePoint environment, do the following:
      1. Open PowerShell.
      2. Connect-SPO Service (need to install PowerShell module).
      3. Enter in your tenant admin URL.
      4. Enter in your admin credentials.
      5. Set-SPO Site https://YourDomain.sharepoint.com/sites/YourSiteHe... -DenyAddAndCustomizePages 0
      OR
      1. Turn on both custom script features to allow users to run custom
    4. Screenshot of the 'Custom Script' option for importing a template into your SharePoint environment. Feature description reads 'Control whether users can run custom script on personal sites and self-service created sites. Note: changes to this setting might take up to 24 hours to take effect. For more information, see http://go.microsoft.com/fwlink/?LinkIn=397546'. There are options to prevent or allow users from running custom script on personal/self-service created sites.
    5. Enable the SharePoint Server feature.
    6. Upload the .wsp file in Solutions Gallery.
    7. Deploy by creating a subsite and select from custom options.
      • Allow or prevent custom script
      • Security considerations of allowing custom script
      • Save, download, and upload a SharePoint site as a template
    8. Refer to Microsoft documentation to understand security considerations and what is and isn’t supported:

    For more information, check out the SharePoint Template: Step-by-Step Deployment Guide.

    Supporting the transition and establishing service-level agreements

    The purpose of this part of the transition is to ensure both buyer and seller have a full understanding of expectations for after the transaction.

    • Once the organizations have decided to move forward with a deal, all parties need a clear level of agreement.
    • IT, since it is often seen as an operational division of an organization, is often expected to deliver certain services or products once the transaction has officially closed.
    • The purchasing organization or the new company might depend on IT to deliver these services until they are able to provide those services on their own.
    • Having a clear understanding of what the buyer’s expectations are and what your company, as the selling organization, can provide is important.
    • Have a conversation with the buyer and document those expectations in a signed service agreement.

    3.2.4 Identify the buyer's IT expectations

    3-4 hours

    Input: Carve-out roadmap, Separation roadmap, Up-to-date version of the agreement

    Output: Buyer’s IT expectations

    Materials: Questions for meeting

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Purchasing company M&A team, Purchasing company IT leadership

    The purpose of this activity is to determine if the buyer has specific service expectations for your IT organization. By identifying, documenting, and agreeing on what services your IT organization will be responsible for, you can obtain a final agreement to protect you as the selling organization.

    1. Buyers should not assume certain services will be provided. Organize a meeting with IT leaders and the company M&A teams to determine what services will be provided.
    2. The next slide has a series of questions that you can start from. Ensure you get detailed information about each of the services.
    3. Once you fully understand the buyer’s IT expectations, create an SLA in the next activity and obtain sign-off from both organizations.

    Questions to ask the buyer

    1. What services would you like my IT organization to provide?
    2. How long do you anticipate those services will be provided to you?
    3. How do you expect your staff/employees to communicate requests or questions to my staff/employees?
    4. Are there certain days or times that you expect these services to be delivered?
    5. How many staff do you expect should be available to support you?
    6. What should be the acceptable response time on given service requests?
    7. When it comes to the services you require, what level of support should we provide?
    8. If a service requires escalation to Level 2 or Level 3 support, are we still expected to support this service? Or are we only Level 1 support?
    9. What preventative security methods does your organization have to protect our environment during this agreement period?

    3.2.5 Create a service/ transaction agreement

    6 hours

    Input: Buyer's expectations, Separation roadmap

    Output: SLA for the purchasing organization

    Materials: Service Catalog Internal Service Level Agreement Template, M&A Separation Project Plan Tool (SharePoint), M&A Separation Project Plan Tool (Excel)

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Purchasing company M&A team, Purchasing company IT leadership

    The purpose of this activity is to determine if the buyer has specific service expectations for your IT organization post-transaction that your IT organization is agreeing to provide.

    1. Document the expected services and the related details in a service-level agreement.
    2. Provide the SLA to the purchasing organization.
    3. Obtain sign-off from both organizations on the level of service that is expected of IT.
    4. Update the M&A Separation Project Management Tool Excel or SharePoint document to reflect any additional items that the purchasing organization identified.

    *For organizations being purchased in their entirety, this activity may not be relevant.

    Modify the Service Catalog Internal Service Level Agreement with the agreed-upon terms of the SLA.

    Importance of estimating separation costs

    Change is the key driver of separation costs

    Separation costs are dependent on the following:
    • Meeting synergy targets – whether that be cost saving or growth related.
      • Employee-related costs, licensing, and reconfiguration fees play a huge part in meeting synergy targets.
    • Adjustments related to compliance or regulations – especially if there are changes to legal entities, reporting requirements, or risk mitigation standards.
    • Governance or third party–related support required to ensure timelines are met and the separation is a success.
    Separation costs vary by industry type.
    • Certain industries may have separation costs made up of mostly one type, differing from other industries, due to the complexity and demands of the transaction. For example:
      • Healthcare separation costs are mostly driven by regulatory, safety, and quality standards, as well as consolidation of the research and development function.
      • Energy and Utilities tend to have the lowest separation costs due to most transactions occurring within the same sector rather than as cross-sector investments. For example, oil and gas transactions tend to be for oil fields and rigs (strategic fixed assets), which can easily be added to the buyer’s portfolio.

    Separation costs are more related to the degree of change required than the size of the transaction.

    3.2.6 Estimate separation costs

    3-4 hours

    Input: Separation tasks, Transition team, Valuation of current IT environment, Valuation of target IT environment, Outputs from data room, Technical debt, Employees

    Output: List of anticipated costs required to support IT separation

    Materials: Separation task checklist, Separation roadmap, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team

    The purpose of this activity is to estimate the costs that will be associated with the separation. Identify and communicate a realistic figure to the larger M&A team within your company as early in the process as possible. This ensures that the funding required for the transaction is secured and budgeted for in the overarching transaction.

    1. On the associated slide in the M&A Sell Playbook, input:
      • Task
      • Domain
      • Cost type
      • Total cost amount
      • Level of certainty around the cost
    2. Provide a copy of the estimated costs to the company’s M&A team. Also provide any additional information identified earlier to help them understand the importance of those costs.

    Record the results in the M&A Sell Playbook.

    Employee transition planning

    Considering employee impact will be a huge component to ensure successful separation

    • Meet With Leadership
    • Plan Individual and Department Redeployment
    • Plan Individual and Department Layoffs
    • Monitor and Manage Departmental Effectiveness
    • For employees, the transition could mean:
      • Changing from their current role to a new role to meet requirements and expectations throughout the transition.
      • Being laid off because the role they are currently occupying has been made redundant.
    • It is important to plan for what the M&A separation needs will be and what the IT operational needs will be.
    • A lack of foresight into this long-term plan could lead to undue costs and headaches trying to retain critical staff, rehiring positions that were already let go, and keeping redundant employees longer then necessary.

    Info-Tech Insight

    Being transparent throughout the process is critical. Do not hesitate to tell employees the likelihood that their job may be made redundant. This will ensure a high level of trust and credibility for those who remain with the organization after the transaction.

    3.2.7 Create an employee transition plan

    3-4 hours

    Input: IT strategy, IT organizational design

    Output: Employee transition plans

    Materials: M&A Sell Playbook, Whiteboard, Sticky notes, Markers

    Participants: IT executive/CIO, IT senior leadership, Company M&A team, Transition team

    The purpose of this activity is to create a transition plan for employees.

    1. Transition planning can be done at specific individual levels or more broadly to reflect a single role. Consider these four items in the transition plan:
      • Understand the direction of the employee transitions.
      • Identify employees that will be involved in the transition (moved or laid off).
      • Prepare to meet with employees.
      • Meet with employees.
    2. For each employee that will be facing some sort of change in their regular role, permanent or temporary, create a transition plan.
    3. For additional information on transitioning employees, review the blueprint Streamline Your Workforce During a Pandemic.

    **Note that if someone’s future role is a layoff, then there is no need to record anything for skills needed or method for skill development.

    Record the results in the M&A Sell Playbook.

    3.2.8 Create functional workplans for employees

    3-4 hours

    Input: Prioritized separation tasks, Employee transition plan, Separation RACI, Costs for activities, Activity owners

    Output: Employee functional workplans

    Materials: M&A Sell Playbook, Learning and development tools

    Participants: IT executive/CIO, IT senior leadership, IT management team, Company M&A team, Transition team

    The purpose of this activity is to create a functional workplan for the different employees so that they know what their key role and responsibilities are once the transaction occurs.

    1. First complete the transition plan from the previous activity (3.2.7) and the separation roadmap. Have these documents ready to review throughout this process.
    2. Identify the employees who will be transitioning to a new role permanently or temporarily. Creating a functional workplan is especially important for these employees.
    3. Identify the skills these employees need to have to support the separation. Record this in the corresponding slide in the M&A Sell Playbook.
    4. For each employee, identify someone who will be a point of contact for them throughout the transition.

    It is recommended that each employee have a functional workplan. Leverage the IT managers to support this task.

    Record the results in the M&A Sell Playbook.

    Metrics for separation

    Valuation & Due Diligence

    • % Defects discovered in production
    • $ Cost per user for enterprise applications
    • % In-house-built applications vs. enterprise applications
    • % Owners identified for all data domains
    • # IT staff asked to participate in due diligence
    • Change to due diligence
    • IT budget variance
    • Synergy target

    Execution & Value Realization

    • % Satisfaction with the effectiveness of IT capabilities
    • % Overall end-customer satisfaction
    • $ Impact of vendor SLA breaches
    • $ Savings through cost-optimization efforts
    • $ Savings through application rationalization and technology standardization
    • # Key positions empty
    • % Frequency of staff turnover
    • % Emergency changes
    • # Hours of unplanned downtime
    • % Releases that cause downtime
    • % Incidents with identified problem record
    • % Problems with identified root cause
    • # Days from problem identification to root cause fix
    • % Projects that consider IT risk
    • % Incidents due to issues not addressed in the security plan
    • # Average vulnerability remediation time
    • % Application budget spent on new build/buy vs. maintenance (deferred feature implementation, enhancements, bug fixes)
    • # Time (days) to value realization
    • % Projects that realized planned benefits
    • $ IT operational savings and cost reductions that are related to synergies/divestitures
    • % IT staff–related expenses/redundancies
    • # Days spent on IT separation
    • $ Accurate IT budget estimates
    • % Revenue growth directly tied to IT delivery
    • % Profit margin growth

    3.2.9 Align project metrics with identified tasks

    3-4 hours

    Input: Prioritized separation tasks, Employee transition plan, Separation RACI, Costs for activities, Activity owners, M&A goals

    Output: Separation-specific metrics to measure success

    Materials: Separation roadmap, M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Transition team

    The purpose of this activity is to understand how to measure the success of the separation project by aligning metrics to each identified task.

    1. Review the M&A goals identified by the business. Your metrics will need to tie back to those business goals.
    2. Identify metrics that align to identified tasks and measure achievement of those goals. For each metric you consider, ask the following questions:
      • What is the main goal or objective that this metric is trying to solve?
      • What does success look like?
      • Does the metric promote the right behavior?
      • Is the metric actionable? What is the story you are trying to tell with this metric?
      • How often will this get measured?
      • Are there any metrics it supports or is supported by?

    Record the results in the M&A Sell Playbook.

    By the end of this mid-transaction phase you should:

    Have successfully evaluated your IT people, processes, and technology to determine a roadmap forward for separating or selling.

    Key outcomes from the Due Diligence & Preparation phase
    • Participate in due diligence activities to comply with regulatory and auditing standards and prepare employees for the transition.
    • Create a separation roadmap that considers the tasks that will need to be completed and the resources required to support separation.
    Key deliverables from the Due Diligence & Preparation phase
    • Drive value with a due diligence charter
    • Gather data room artifacts
    • Measure staff engagement
    • Assess culture
    • Create a carve-out roadmap
    • Prioritize separation tasks
    • Establish the separation roadmap
    • Identify the buyer’s IT expectations
    • Create a service/transaction agreement
    • Estimate separation costs
    • Create an employee transition plan
    • Create functional workplans for employees
    • Align project metrics with identified tasks

    M&A Sell Blueprint

    Phase 4

    Execution & Value Realization

    Phase 1Phase 2Phase 3

    Phase 4

    • 1.1 Identify Stakeholders and Their Perspective of IT
    • 1.2 Assess IT’s Current Value and Future State
    • 1.3 Drive Innovation and Suggest Reduction Opportunities
    • 2.1 Establish the M&A Program Plan
    • 2.2 Prepare IT to Engage in the Separation or Sale
    • 3.1 Engage in Due Diligence and Prepare Staff
    • 3.2 Prepare to Separate
    • 4.1 Execute the Transaction
    • 4.2 Reflection and Value Realization

    This phase will walk you through the following activities:

    • Monitor service agreements
    • Continually update the project plan
    • Confirm separation costs
    • Review IT’s transaction value
    • Conduct a transaction and separation SWOT
    • Review the playbook and prepare for future transactions

    This phase involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Vendor management team
    • IT transaction team
    • Company M&A team

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Pre-Work

    Day 1

    Day 2

    Day 3

    Engage in Separation

    Day 4

    Establish the Transaction FoundationDiscover the Motivation for IntegrationPlan the Separation RoadmapPrepare Employees for the TransitionEngage in SeparationAssess the Transaction Outcomes (Must be within 30 days of transaction date)

    Activities

    • 0.1 Identify the rationale for the company's decision to pursue a divestiture/sale.
    • 0.2 Identify key stakeholders and determine the IT transaction team.
    • 0.3 Gather and evaluate the M&A strategy, future-state operating model, and governance.
    • 1.1 Review the business rationale for the divestiture/sale.
    • 1.2 Identify pain points and opportunities tied to the divestiture/sale.
    • 1.3 Establish the separation strategy.
    • 1.4 Create the due diligence charter.
    • 2.1 Prioritize separation tasks.
    • 2.2 Establish the separation roadmap.
    • 2.3 Establish and align project metrics with identified tasks.
    • 2.4 Estimate separation costs.
    • 3.1 Measure staff engagement
    • 3.2 Assess the current culture and identify the goal culture.
    • 3.3 Create an employee transition plan.
    • 3.4 Create functional workplans for employees.
    • S.1 Complete the separation by regularly updating the project plan.
    • S.2 Assess the service/technical transaction agreement.
    • 4.1 Confirm separation costs.
    • 4.2 Review IT’s transaction value.
    • 4.3 Conduct a transaction and separation SWOT.
    • 4.4 Review the playbook and prepare for future transactions.

    Deliverables

    1. IT strategy
    2. IT operating model
    3. IT governance structure
    4. M&A transaction team
    1. Business context implications for IT
    2. Separation strategy
    3. Due diligence charter
    1. Separation roadmap and associated resourcing
    1. Engagement assessment
    2. Culture assessment
    3. Employee transition plans and workplans
    1. Evaluate service/technical transaction agreement
    2. Updated separation project plan
    1. SWOT of transaction
    2. M&A Sell Playbook refined for future transactions

    What is the Execution & Value Realization phase?

    Post-transaction state

    Once the transaction comes to a close, it’s time for IT to deliver on the critical separation tasks. As the selling organization in this transaction, you need to ensure you have a roadmap that properly enables the ongoing delivery of your IT environment while simultaneously delivering the necessary services to the purchasing organization.

    Throughout the separation transaction, some of the most common obstacles IT should prepare for include difficulty separating the IT environment, loss of key personnel, disengaged employees, and security/compliance issues.

    Post-transaction, the business needs to understands the value they received by engaging in the transaction and the ongoing revenue they might obtain as a result of the sale. You also need to ensure that the IT environment is functioning and mitigating any high-risk outcomes.

    Goal: To carry out the planned separation activities and deliver the intended value to the business.

    Execution Prerequisite Checklist

    Before coming into the Execution & Value Realization phase, you must have addressed the following:

    • Understand the rationale for the company's decisions to pursue a sale or divestiture and what opportunities or pain points the sale should alleviate.
    • Identify the key roles for the transaction team.
    • Identify the M&A governance.
    • Determine target metrics.
    • Select a separation strategy framework.
    • Conduct a RACI for key transaction tasks for the transaction team.
    • Create a carve-out roadmap.
    • Prioritize separation tasks.
    • Establish the separation roadmap.
    • Create employee transition plans.

    Before coming into the Execution & Value Realization phase, we recommend addressing the following:

    • Create vision and mission statements.
    • Establish guiding principles.
    • Create a future-state operating model.
    • Identify the M&A operating model.
    • Document the communication plan.
    • Examine the business perspective of IT.
    • Identify key stakeholders and outline their relationship to the M&A process.
    • Establish a due diligence charter.
    • Be able to valuate the IT environment and communicate IT’s value to the business.
    • Gather and present due diligence data room artifacts.
    • Measure staff engagement.
    • Assess and plan for culture.
    • Estimate separation costs.
    • Create functional workplans for employees.
    • Identify the buyer’s IT expectations.
    • Create a service/ transaction agreement.

    Separation checklists

    Prerequisite Checklist
    • Build the project plan for separation and prioritize activities
      • Plan first day
      • Plan first 30/100 days
      • Plan first year
    • Create an organization-aligned IT strategy
    • Identify critical stakeholders
    • Create a communication strategy
    • Understand the rationale for the sale or divestiture
    • Develop IT's sale/divestiture strategy
      • Determine goal opportunities
      • Create the mission and vision statements
      • Create the guiding principles
      • Create program metrics
    • Consolidate reports from due diligence/data room
    • Conduct culture assessment
    • Create a transaction team
    • Establish a service/technical transaction agreement
    • Plan and communicate culture changes
    • Create an employee transition plan
    • Assess baseline engagement
    Business
    • Design an enterprise architecture
    • Document your business architecture
    • Meet compliance and regulatory standards
    • Identify and assess all of IT's risks
    Applications
    • Prioritize and address critical applications
      • CRM
      • HRIS
      • Financial
      • Sales
      • Risk
      • Security
      • ERP
      • Email
    • Develop method of separating applications
    • Model critical applications that have dependencies on one another
    • Identify the infrastructure capacity required to support critical applications
    • Prioritize and address critical applications
    Leadership/IT Executive
    • Build an IT budget
    • Structure operating budget
    • Structure capital budget
    • Identify the workforce demand vs. capacity
    • Establish and monitor key metrics
    • Communicate value realized/cost savings
    Data
    • Confirm data strategy
    • Confirm data governance
    • Build a data architecture roadmap
    • Analyze data sources and domains
    • Evaluate data storage (on-premises vs. cloud)
    • Develop an enterprise content management strategy and roadmap
    • Ensure cleanliness/usability of data sets
    • Identify data sets that can remain operational if reduced/separated
    • Develop reporting and analytics capabilities
    • Confirm data strategy
    Operations
    • Manage sales access to customer data
    • Determine locations and hours of operation
    • Separate/terminate phone lists and extensions
    • Split email address books
    • Communicate helpdesk/service desk information

    Separation checklists (continued)

    Infrastructure
    • Manage organization domains
    • Consolidate data centers
    • Compile inventory of vendors, versions, switches, and routers
    • Review hardware lease or purchase agreements
    • Review outsourcing/service provider agreements
    • Review service-level agreements
    • Assess connectivity linkages between locations
    • Plan to migrate to a single email system if necessary
    • Determine network access concerns
    Vendors
    • Establish a sustainable vendor management office
    • Review vendor landscape
    • Identify warranty options
    • Identify the licensing grant
    • Rationalize vendor services and solutions
    People
    • Design an IT operating model
    • Design your future IT organizational structure
    • Conduct a RACI for prioritized activities
    • Conduct a culture assessment and identify goal IT culture
    • Build an IT employee engagement program
    • Determine critical roles and systems/process/products they support
    • Define new job descriptions with meaningful roles and responsibilities
    • Create employee transition plans
    • Create functional workplans
    Projects
    • Identify projects to be on hold
    • Communicate project intake process
    • Reprioritize projects
    Products & Services
    • Redefine service catalog
    • Ensure customer interaction requirements are met
    • Select a solution for product lifecycle management
    • Plan service-level agreements
    Security
    • Conduct a security assessment
    • Develop accessibility prioritization and schedule
    • Establish an information security strategy
    • Develop a security awareness and training program
    • Develop and manage security governance, risk, and compliance
    • Identify security budget
    • Build a data privacy and classification program
    IT Processes
    • Evaluate current process models
    • Determine productivity/capacity levels of processes
    • Identify processes to be changed/terminated
    • Establish a communication plan
    • Develop a change management process
    • Establish/review IT policies
    • Evaluate current process models

    Execution & Value Realization

    Step 4.1

    Execute the Transaction

    Activities

    • 4.1.1 Monitor service agreements
    • 4.1.2 Continually update the project plan

    This step will walk you through the following activities:

    • Monitor service agreements
    • Continually update the project plan

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Vendor management team
    • IT transaction team
    • Company M&A team

    Outcomes of Step

    Successfully execute the separation of the IT environments and update the project plan, strategizing against any roadblocks as they come.

    Key concerns to monitor during separation

    If you are entering the transaction at this point, consider and monitor the following three items above all else.

    Your IT environment, reputation as an IT leader, and impact on key staff will depend on monitoring these aspects.

    • Risk & Security. Make sure that the channels of communication between the purchasing organization and your IT environment are properly determined and protected. This might include updating or removing employees’ access to certain programs.
    • Retaining Employees. Employees who do not see a path forward in the organization or who feel that their skills are being underused will be quick to move on. Make sure they are engaged before, during, and after the transaction to avoid losing employees.
    • IT Environment Dependencies. Testing the IT environment several times and obtaining sign-off from auditors that this has been completed correctly should be completed well before the transaction occurs. Have a strong architecture outlining technical dependencies.

    For more information, review:

    • Reduce and Manage Your Organization’s Insider Threat Risk
    • Map Technical Skills for a Changing Infrastructure Operations Organization
    • Build a Data Architecture Roadmap

    4.1.1 Monitor service agreements

    3-6 months

    Input: Original service agreement, Risk register

    Output: Service agreement confirmed

    Materials: Original service agreement

    Participants: IT executive/CIO, IT senior leadership, External organization IT senior leadership

    The purpose of this activity is to monitor the established service agreements on an ongoing basis. Your organization is most at risk during the initial months following the transaction.

    1. Ensure the right controls exist to prevent the organization from unnecessarily opening itself up to risks.
    2. Meet with the purchasing organization/subsidiary three months after the transaction to ensure that everyone is satisfied with the level of services provided.
    3. This is not a quick and completed activity, but one that requires ongoing monitoring. Repeatedly identify potential risks worth mitigating.

    For additional information and support for this activity, see the blueprint Build an IT Risk Management Program.

    4.1.2 Continually update the project plan

    Reoccurring basis following transition

    Input: Prioritized separation tasks, Separation RACI, Activity owners

    Output: Updated separation project plan

    Materials: M&A Separation Project Plan Tool (SharePoint), M&A Separation Project Plan Tool (Excel)

    Participants: IT executive/CIO, IT senior leadership, IT transaction team, Company M&A team

    The purpose of this activity is to ensure that the project plan is continuously updated as your transaction team continues to execute on the various components outlined in the project plan.

    1. Set a regular cadence for the transaction team to meet, update the project plan, review the status of the various separation task items, and strategize how to overcome any roadblocks.
    2. Employ governance best practices in these meetings to ensure decisions can be made effectively and resources allocated strategically.

    Record the updates in the M&A Separation Project Management Tool (SharePoint).

    Record the updates in the M&A Separation Project Management Tool (Excel).

    Execution & Value Realization

    Step 4.2

    Reflection and Value Realization

    Activities

    • 4.2.1 Confirm separation costs
    • 4.2.2 Review IT’s transaction value
    • 4.2.3 Conduct a transaction and separation SWOT
    • 4.2.4 Review the playbook and prepare for future transactions

    This step involves the following participants:

    • IT executive/CIO
    • IT senior leadership
    • Transition team
    • Company M&A team

    Outcomes of Step

    Review the value that IT was able to generate around the transaction and strategize about how to improve future selling or separating transactions.

    4.2.1 Confirm separation costs

    3-4 hours

    Input: Separation tasks, Carve-out roadmap, Transition team, Previous RACI, Estimated separation costs

    Output: Actual separation costs

    Materials: M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Transaction team, Company M&A team

    The purpose of this activity is to confirm the associated costs around separation. While the separation costs would have been estimated previously, it’s important to confirm the costs that were associated with the separation in order to provide an accurate and up-to-date report to the company’s M&A team.

    1. Taking all the original items identified previously in activity 3.2.6, identify if there were changes in the estimated costs. This can be an increase or a decrease.
    2. Ensure that each cost has a justification for why the cost changed from the original estimation.

    Record the results in the M&A Sell Playbook.

    Track cost savings and revenue generation

    Throughout the transaction, the business would have communicated its goals, rationales, and expectations for the transaction. Sometimes this is done explicitly, and other times the information is implicit. Either way, IT needs to ensure that metrics have been defined and are measuring the intended value that the business expects. Ensure that the benefits realized to the organization are being communicated regularly and frequently.

    1. Define Metrics: Select metrics to track synergies through the separation.
      1. You can track value by looking at percentages of improvement in process-level metrics depending on the savings or revenue being pursued.
      2. For example, if the value being pursued is decreasing costs, metrics could range from capacity to output, highlighting that the output remains high despite smaller IT environments.
    2. Prioritize Value-Driving Initiatives: Estimate the cost and benefit of each initiative's implementation to compare the amount of business value to the cost. The benefits and costs should be illustrated at a high level. Estimating the exact dollar value of fulfilling a synergy can be difficult and misleading.
        Steps
      • Determine the benefits that each initiative is expected to deliver.
      • Determine the high-level costs of implementation (capacity, time, resources, effort).
    3. Track Cost Savings and Revenue Generation: Develop a detailed workplan to resource the roadmap and track where costs are saved and revenue is generated as the initiatives are undertaken.

    4.2.2 Review IT’s transaction value

    3-4 hours

    Input: Prioritized separation tasks, Separation RACI, Activity owners, M&A company goals

    Output: Transaction value

    Materials: M&A Sell Playbook

    Participants: IT executive/CIO, IT senior leadership, Company's M&A team

    The purpose of this activity is to track how your IT organization performed against the originally identified metrics.

    1. If your organization did not have the opportunity to identify metrics, determine from the company M&A what those metrics might be. Review activity 3.2.9 for more information on metrics.
    2. Identify whether the metric (which should support a goal) was at, below, or above the original target metric. This is a very critical task for IT to complete because it allows IT to confirm that they were successful in the transaction and that the business can count on them in future transactions.
    3. Be sure to record accurate and relevant information on why the outcomes (good or bad) are supporting the M&A goals set out by the business.

    Record the results in the M&A Sell Playbook.

    4.2.3 Conduct a transaction and separation SWOT

    2 hours

    Input: Separation costs, Retention rates, Value that IT contributed to the transaction

    Output: Strengths, weaknesses, opportunities, and threats

    Materials: Flip charts, Markers, Sticky notes

    Participants: IT executive/CIO, IT senior leadership, Business transaction team

    The purpose of this activity is to assess the positive and negative elements of the transaction.

    1. Consider the internal and external elements that could have impacted the outcome of the transaction.
      • Strengths. Internal characteristics that are favorable as they relate to your development environment.
      • Weaknesses Internal characteristics that are unfavorable or need improvement.
      • Opportunities External characteristics that you may use to your advantage.
      • Threats External characteristics that may be potential sources of failure or risk.

    Record the results in the M&A Sell Playbook.

    M&A Sell Playbook review

    With an acquisition complete, your IT organization is now more prepared then ever to support the business through future M&As

    • Now that the transaction is more than 80% complete, take the opportunity to review the key elements that worked well and the opportunities for improvement.
    • Critically examine the M&A Sell Playbook your IT organization created and identify what worked well to help the transaction and where your organization could adjust to do better in future transactions.
    • If your organization were to engage in another sale or divestiture under your IT leadership, how would you go about the transaction to make sure the company meets its goals?

    4.2.4 Review the playbook and prepare for future transactions

    4 hours

    Input: Transaction and separation SWOT

    Output: Refined M&A playbook

    Materials: M&A Sell Playbook

    Participants: IT executive/CIO

    The purpose of this activity is to revise the playbook and ensure it is ready to go for future transactions.

    1. Using the outputs from the previous activity, 4.2.3, determine what strengths and opportunities there were that should be leveraged in the next transaction.
    2. Likewise, determine which threats and weaknesses could be avoided in the future transactions.
      Remember, this is your M&A Sell Playbook, and it should reflect the most successful outcome for you in your organization.

    Record the results in the M&A Sell Playbook.

    By the end of this post-transaction phase you should:

    Have completed the separation post-transaction and be fluidly delivering the critical value that the business expected of IT.

    Key outcomes from the Execution & Value Realization phase
    • Ensure the separation tasks are being completed and that any blockers related to the transaction are being removed.
    • Determine where IT was able to realize value for the business and demonstrate IT’s involvement in meeting target goals.
    Key deliverables from the Execution & Value Realization phase
    • Monitor service agreements
    • Continually update the project plan
    • Confirm separation costs
    • Review IT’s transaction value
    • Conduct a transaction and separation SWOT
    • Review the playbook and prepare for future transactions

    Summary of Accomplishment

    Problem Solved

    Congratulations, you have completed the M&A Sell Blueprint!

    Rather than reacting to a transaction, you have been proactive in tackling this initiative. You now have a process to fall back on in which you can be an innovative IT leader by suggesting how and why the business should engage in a separation or sale transaction. You have:

    • Created a standardized approach for how your IT organization should address divestitures or sales.
    • Retained critical staff and complied with any regulations throughout the transaction.
    • Delivered on the separation project plan successfully and communicated IT’s transaction value to the business.

    Now that you have done all of this, reflect on what went well and what can be improved if you were to engage in a similar divestiture or sale again.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information
    workshops@infotech.com 1-888-670-8899

    Research Contributors and Experts

    Ibrahim Abdel-Kader
    Research Analyst | CIO
    Info-Tech Research Group
    Brittany Lutes
    Senior Research Analyst | CIO
    Info-Tech Research Group
    John Annand
    Principal Research Director | Infrastructure
    Info-Tech Research Group
    Scott Bickley
    Principal Research Director | Vendor Management
    Info-Tech Research Group
    Cole Cioran
    Practice Lead | Applications
    Info-Tech Research Group
    Dana Daher
    Research Analyst | Strategy & Innovation
    Info-Tech Research Group
    Eric Dolinar
    Manager | M&A Consulting
    Deloitte Canada
    Christoph Egel
    Director, Solution Design & Deliver
    Cooper Tire & Rubber Company
    Nora Fisher
    Vice President | Executive Services Advisory
    Info-Tech Research Group
    Larry Fretz
    Vice President | Industry
    Info-Tech Research Group

    Research Contributors and Experts

    David Glazer
    Vice President of Analytics
    Kroll
    Jack Hakimian
    Senior Vice President | Workshops and Delivery
    Info-Tech Research Group
    Gord Harrison
    Senior Vice President | Research & Advisory
    Info-Tech Research Group
    Valence Howden
    Principal Research Director | CIO
    Info-Tech Research Group
    Jennifer Jones
    Research Director | Industry
    Info-Tech Research Group
    Nancy McCuaig
    Senior Vice President | Chief Technology and Data Office
    IGM Financial Inc.
    Carlene McCubbin
    Practice Lead | CIO
    Info-Tech Research Group
    Kenneth McGee
    Research Fellow | Strategy & Innovation
    Info-Tech Research Group
    Nayma Naser
    Associate
    Deloitte
    Andy Neill
    Practice Lead | Data & Analytics, Enterprise Architecture
    Info-Tech Research Group

    Research Contributors and Experts

    Rick Pittman
    Vice President | Research
    Info-Tech Research Group
    Rocco Rao
    Research Director | Industry
    Info-Tech Research Group
    Mark Rosa
    Senior Vice President & Chief Information Officer
    Mohegan Gaming and Entertainment
    Tracy-Lynn Reid
    Research Lead | People & Leadership
    Info-Tech Research Group
    Jim Robson
    Senior Vice President | Shared Enterprise Services (retired)
    Great-West Life
    Steven Schmidt
    Senior Managing Partner Advisory | Executive Services
    Info-Tech Research Group
    Nikki Seventikidis
    Senior Manager | Finance Initiative & Continuous Improvement
    CST Consultants Inc.
    Allison Straker
    Research Director | CIO
    Info-Tech Research Group
    Justin Waelz
    Senior Network & Systems Administrator
    Info-Tech Research Group
    Sallie Wright
    Executive Counselor
    Info-Tech Research Group

    Bibliography

    “5 Ways for CIOs to Accelerate Value During Mergers and Acquisitions.” Okta, n.d. Web.

    Altintepe, Hakan. “Mergers and acquisitions speed up digital transformation.” CIO.com, 27 July 2018. Web.

    “America’s elite law firms are booming.” The Economist, 15 July 2021. Web.

    Barbaglia, Pamela, and Joshua Franklin. “Global M&A sets Q1 record as dealmakers shape post-COVID world.” Nasdaq, 1 April 2021. Web.

    Boyce, Paul. “Mergers and Acquisitions Definition: Types, Advantages, and Disadvantages.” BoyceWire, 8 Oct. 2020. Web.

    Bradt, George. “83% Of Mergers Fail -- Leverage A 100-Day Action Plan For Success Instead.” Forbes, 27 Jan. 2015. Web.

    Capgemini. “Mergers and Acquisitions: Get CIOs, IT Leaders Involved Early.” Channel e2e, 19 June 2020. Web.

    Chandra, Sumit, et al. “Make Or Break: The Critical Role Of IT In Post-Merger Integration.” IMAA Institute, 2016. Web.

    Deloitte. “How to Calculate Technical Debt.” The Wall Street Journal, 21 Jan. 2015. Web.

    Ernst & Young. “IT As A Driver Of M&A Success.” IMAA Institute, 2017. Web.

    Fernandes, Nuno. “M&As In 2021: How To Improve The Odds Of A Successful Deal.” Forbes, 23 March 2021. Web.

    “Five steps to a better 'technology fit' in mergers and acquisitions.” BCS, 7 Nov. 2019. Web.

    Fricke, Pierre. “The Biggest Opportunity You’re Missing During an M&Aamp; IT Integration.” Rackspace, 4 Nov. 2020. Web.

    Garrison, David W. “Most Mergers Fail Because People Aren't Boxes.” Forbes, 24 June 2019. Web.

    Harroch, Richard. “What You Need To Know About Mergers & Acquisitions: 12 Key Considerations When Selling Your Company.” Forbes, 27 Aug. 2018. Web.

    Hope, Michele. “M&A Integration: New Ways To Contain The IT Cost Of Mergers, Acquisitions And Migrations.” Iron Mountain, n.d. Web.

    “How Agile Project Management Principles Can Modernize M&A.” Business.com, 13 April 2020. Web.

    Hull, Patrick. “Answer 4 Questions to Get a Great Mission Statement.” Forbes, 10 Jan. 2013. Web.

    Kanter, Rosabeth Moss. “What We Can Learn About Unity from Hostile Takeovers.” Harvard Business Review, 12 Nov. 2020. Web.

    Koller, Tim, et al. “Valuation: Measuring and Managing the Value of Companies, 7th edition.” McKinsey & Company, 2020. Web.

    Labate, John. “M&A Alternatives Take Center Stage: Survey.” The Wall Street Journal, 30 Oct. 2020. Web.

    Lerner, Maya Ber. “How to Calculate ROI on Infrastructure Automation.” DevOps.com, 1 July 2020. Web.

    Loten, Angus. “Companies Without a Tech Plan in M&A Deals Face Higher IT Costs.” The Wall Street Journal, 18 June 2019. Web.

    Low, Jia Jen. “Tackling the tech integration challenge of mergers today” Tech HQ, 6 Jan. 2020. Web.

    Lucas, Suzanne. “5 Reasons Turnover Should Scare You.” Inc. 22 March 2013. Web.

    “M&A Trends Survey: The future of M&A. Deal trends in a changing world.” Deloitte, Oct. 2020. Web.

    Maheshwari, Adi, and Manish Dabas. “Six strategies tech companies are using for successful divesting.” EY, 1 Aug. 2020. Web.

    Majaski, Christina. “Mergers and Acquisitions: What's the Difference?” Investopedia, 30 Apr. 2021.

    “Mergers & Acquisitions: Top 5 Technology Considerations.” Teksetra, 21 Jul. 2020. Web.

    “Mergers Acquisitions M&A Process.” Corporate Finance Institute, n.d. Web.

    “Mergers and acquisitions: A means to gain technology and expertise.” DLA Piper, 2020. Web.

    Nash, Kim S. “CIOs Take Larger Role in Pre-IPO Prep Work.” The Wall Street Journal, 5 March 2015. Web.

    O'Connell, Sean, et al. “Divestitures: How to Invest for Success.” McKinsey, 1 Aug. 2015. Web

    Paszti, Laila. “Canada: Emerging Trends In Information Technology (IT) Mergers And Acquisitions.” Mondaq, 24 Oct. 2019. Web.

    Patel, Kiison. “The 8 Biggest M&A Failures of All Time” Deal Room, 9 Sept. 2021. Web.

    Peek, Sean, and Paula Fernandes. “What Is a Vision Statement?” Business News Daily, 7 May 2020. Web.

    Ravid, Barak. “How divestments can re-energize the technology growth story.” EY, 14 July 2021. Web.

    Ravid, Barak. “Tech execs focus on growth amid increasingly competitive M&A market.” EY, 28 April 2021. Web.

    Resch, Scott. “5 Questions with a Mergers & Acquisitions Expert.” CIO, 25 June 2019. Web.

    Salsberg, Brian. “Four tips for estimating one-time M&A integration costs.” EY, 17 Oct. 2019. Web.

    Samuels, Mark. “Mergers and acquisitions: Five ways tech can smooth the way.” ZDNet, 15 Aug. 2018. Web.

    “SAP Divestiture Projects: Options, Approach and Challenges.” Cognizant, May, 2014. Web.

    Steeves, Dave. “7 Rules for Surviving a Merger & Acquisition Technology Integration.” Steeves and Associates, 5 Feb. 2020. Web.

    Tanaszi, Margaret. “Calculating IT Value in Business Terms.” CSO, 27 May 2004. Web.

    “The CIO Playbook. Nine Steps CIOs Must Take For Successful Divestitures.” SNP, 2016. Web.

    “The Role of IT in Supporting Mergers and Acquisitions.” Cognizant, Feb. 2015. Web.

    Torres, Roberto. “M&A playbook: How to prepare for the cost, staff and tech hurdles.” CIO Dive, 14 Nov. 2019. Web.

    “Valuation Methods.” Corporate Finance Institute, n.d. Web.

    Weller, Joe. “The Ultimate Guide to the M&A Process for Buyers and Sellers.” Smartsheet, 16 May 2019. Web.

    Build an Application Integration Strategy

    • Buy Link or Shortcode: {j2store}198|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Enterprise Integration
    • Parent Category Link: /enterprise-integration
    • Even though organizations are now planning for Application Integration (AI) in their projects, very few have developed a holistic approach to their integration problems resulting in each project deploying different tactical solutions.
    • Point-to-point and ad hoc integration solutions won’t cut it anymore: the cloud, big data, mobile, social, and new regulations require more sophisticated integration tooling.
    • Loosely defined AI strategies result in point solutions, overlaps in technology capabilities, and increased maintenance costs; the correlation between business drivers and technical solutions is lost.

    Our Advice

    Critical Insight

    • Involving the business in strategy development will keep them engaged and align business drivers with technical initiatives.
    • An architectural approach to AI strategy is critical to making appropriate technology decisions and promoting consistency across AI solutions through the use of common patterns.
    • Get control of your AI environment with an appropriate architecture, including policies and procedures, before end users start adding bring-your-own-integration (BYOI) capabilities to the office.

    Impact and Result

    • Engage in a formal AI strategy and involve the business when aligning business goals with AI value; each double the AI success rate.
    • Benefits from a formal AI strategy largely depend on how gaps will be filled.
    • Create an Integration Center of Competency for maintaining architectural standards and guidelines.
    • AI strategies are continuously updated as new business drivers emerge from changing business environments and/or essential technologies.

    Build an Application Integration Strategy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Make the Case for AI Strategy

    Obtain organizational buy-in and build a standardized and formal AI blueprint.

    • Storyboard: Build an Application Integration Strategy

    2. Assess the organization's readiness for AI

    Assess your people, process, and technology for AI readiness and realize areas for improvement.

    • Application Integration Readiness Assessment Tool

    3. Develop a Vision

    Fill the required AI-related roles to meet business requirements

    • Application Integration Architect
    • Application Integration Specialist

    4. Perform a Gap Analysis

    Assess the appropriateness of AI in your organization and identify gaps in people, processes, and technology as it relates to AI.

    • Application Integration Appropriateness Assessment Tool

    5. Build an AI Roadmap

    Compile the important information and artifacts to include in the AI blueprint.

    • Application Integration Strategy Template

    6. Build the Integration Blueprint

    Keep a record of services and interfaces to reduce waste.

    • Integration Service Catalog Template

    Infographic

    Workshop: Build an Application Integration Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Make the Case for AI Strategy

    The Purpose

    Uncover current and future AI business drivers, and assess current capabilities.

    Key Benefits Achieved

    Perform a current state assessment and create a future vision.

    Activities

    1.1 Identify Current and Future Business Drivers

    1.2 AI Readiness Assessment

    1.3 Integration Service Catalog Template

    Outputs

    High-level groupings of AI strategy business drivers.

    Determine the organization’s readiness for AI, and identify areas for improvement.

    Create a record of services and interfaces to reduce waste.

    2 Know Current Environment

    The Purpose

    Identify building blocks, common patterns, and decompose them.

    Key Benefits Achieved

    Develop an AI Architecture.

    Activities

    2.1 Integration Principles

    2.2 High-level Patterns

    2.3 Pattern decomposition and recomposition

    Outputs

    Set general AI architecture principles.

    Categorize future and existing interactions by pattern to establish your integration framework.

    Identification of common functional components across patterns.

    3 Perform a Gap Analysis

    The Purpose

    Analyze the gaps between the current and future environment in people, process, and technology.

    Key Benefits Achieved

    Uncover gaps between current and future capabilities and determine if your ideal environment is feasible.

    Activities

    3.1 Gap Analysis

    Outputs

    Identify gaps between the current environment and future AI vision.

    4 Build a Roadmap for Application Integration

    The Purpose

    Define strategic initiatives, know your resource constraints, and use a timeline for planning AI.

    Key Benefits Achieved

    Create a plan of strategic initiatives required to close gaps.

    Activities

    4.1 Identify and prioritize strategic initiatives

    4.2 Distribute initiatives on a timeline

    Outputs

    Use strategic initiatives to build the AI strategy roadmap.

    Establish when initiatives are going to take place.

    2020 IT Talent Trend Report

    • Buy Link or Shortcode: {j2store}512|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Lead
    • Parent Category Link: /lead
    • IT is an employee’s market.
    • Automation, outsourcing, and emerging technologies are widening the skill gap and increasing the need for skilled staff.
    • IT departments must find new ways to attract and retain top talent.

    Our Advice

    Critical Insight

    • Improving talent management is the way forward, but many IT leaders are approaching it the wrong way.
    • Among the current climate of automating everything in the workplace, we need to bring the human element back into talent management.

    Impact and Result

    • Using talent management strategies that speak to employees as individuals, rather than cogs in a machine, produces more effective IT departments.
    • IT leaders who make use of these strategies see benefits across the talent lifecycle – from hiring, to training, to retention.

    2020 IT Talent Trend Report Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should focus on talent management and get an overview of what successful IT leaders are doing differently heading into 2020 – the six new talent management trends.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. IT takes ownership of talent acquisition

    IT leaders who get personally involved in recruitment see better results. Read this section to learn how leader are getting involved, and how to take the first steps.

    • 2020 IT Talent Trend Report – Trend 1: IT Takes Ownership of Talent Acquisition

    2. Flexible work becomes fluid work

    Heading into 2020, flexible work is table stakes. Read this section to learn what organizations offer and how you can take advantage of opportunities your competitors are missing.

    • 2020 IT Talent Trend Report – Trend 2: Flexible Work Becomes Fluid Work

    3. The age of radical transparency

    Ethics and transparency are emerging as key considerations for employees. How can you build a culture that supports this? Read this section to learn how.

    • 2020 IT Talent Trend Report – Trend 3: The Age of Radical Transparency

    4. People analytics is business analytics

    Your staff is the biggest line item in your budget, but are you using data to make decisions about your people they way you do in other areas of the business? Read this section to learn how analytics can be applied to the workforce no matter what level you are starting at.

    • 2020 IT Talent Trend Report – Trend 4: People Analytics Is Business Analytics

    5. IT departments become their own universities

    With the rapid pace of technological change, it is becoming increasingly harder to hire skilled people for critical roles. Read this section to learn how some IT departments are turning to in-house training to fill the skill gap.

    • 2020 IT Talent Trend Report – Trend 5: IT Departments Become Their Own Universities

    6. Offboarding: The missed opportunity

    What do an employee's last few days with your company look like? For most organizations, they are filled with writing rushed documentation, hosting last-minute training sessions and finishing up odd jobs. Read this section to understand the crucial opportunity most IT departments are missing when it comes to departing staff.

    • 2020 IT Talent Trend Report – Trend 6: Offboarding: The Missed Opportunity
    [infographic]

    Leading Through Uncertainty Workshop Overview

    • Buy Link or Shortcode: {j2store}474|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $123,999 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: Leadership Development Programs
    • Parent Category Link: /leadership-development-programs

    As the world around us changes there is a higher risk that IT productivity and planned priorities will be derailed.

    Our Advice

    Critical Insight

    To meet the challenges of uncertainty head on IT leaders must adapt so their employees are supported and IT departments continue to operate successfully.

    Impact and Result

    • Clearly define and articulate the current and future priorities to provide direction and cultivate hope for the future.
    • Recognize and manage your own reactions to be conscious of how you are showing up and the perceptions others may have.
    • Incorporate the 4Cs of Leading Through Uncertainty into your leadership practice to make sense of the situation and lead others through it.
    • Build tactics to connect with your employees that will ensure employee engagement and productivity.

    Leading Through Uncertainty Workshop Overview Research & Tools

    Start here – read the Workshop Overview

    Read our concise Workshop Overview to find out how this program can support IT leaders when managing teams through uncertain times.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Leading Through Uncertainty (LTU) Workshop Overview
    [infographic]

    Build Your Enterprise Application Implementation Playbook

    • Buy Link or Shortcode: {j2store}605|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Selection & Implementation
    • Parent Category Link: /selection-and-implementation
    • Given the increasing complexity of software implementations, you are continually challenged with staying above water with your current team.
    • In addition, rapid changes in the business make maintaining project sponsors’ engagement challenging.
    • Project sprawl across the organization has created a situation where each project lead tracks progress in their own way. This makes it difficult for leadership to identify what was successful – and what wasn’t.

    Our Advice

    Critical Insight

    An effective enterprise application implementation playbook is not just a list of steps, but a comprehensive view of what is necessary to support your implementation. This starts with a people-first approach. Start by asking about sponsors, stakeholders, and goals. Without asking these questions first, the implementation will be set up for failure, regardless of the technology, processes, and tools available.

    Impact and Result

    Follow these steps to build your enterprise application playbook:

    • Define your sponsor, map out your stakeholders, and lay out the vision, goals and objectives for your project.
    • Detail the scope, metrics, and the team that will make it happen.
    • Outline the steps and processes that will carry you through the implementation.

    Build Your Enterprise Application Implementation Playbook Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build Your Enterprise Application Implementation Playbook Deck - Your implementation doesn’t start with technology, but with an effective plan that the team can align on.

    This blueprint provides the steps necessary to build your own enterprise application implementation playbook that can be deployed and leveraged by your implementation teams.

    • Build Your Enterprise Application Implementation Playbook – Phases 1-3

    2. Your Enterprise Application Implementation Playbook – The key output from leveraging this research is a completed implementation playbook.

    This is the main playbook that you build through the exercises defined in the blueprint.

    • Your Enterprise Application Implementation Playbook

    3. Your Enterprise Application Implementation Playbook - Timeline Tool – Supporting tool that captures the project timeline information, issue log, and follow-up dashboard.

    This tool provides input into the playbook around project timelines and planning.

    • Your Enterprise Application Implementation Playbook - Timeline Tool

    4. Light Project Change Request Form Template – This tool will help you record the requested change, allow assess the impact of the change and proceed the approval process.

    This provides input into the playbook around managing change requests

    • Light Project Change Request Form Template

    Infographic

    Workshop: Build Your Enterprise Application Implementation Playbook

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand the Project

    The Purpose

    Lay out the overall objectives, stakeholders, and governance structure for the project.

    Key Benefits Achieved

    Align everyone on the sponsor, key stakeholders, vision, and goals for your project

    Activities

    1.1 Select the project sponsor.

    1.2 Identify your stakeholders.

    1.3 Align on a project vision.

    1.4 List your guiding principles.

    1.5 Confirm your goals and objectives for the implementation project.

    1.6 Define the project governance structure.

    Outputs

    Project sponsor has been selected.

    Project stakeholders have been identified and mapped with their roles and responsibilities.

    Vision has been defined.

    Guiding principles have been defined.

    Articulated goals and objectives.

    Detailed governance structure.

    2 Set up for Success

    The Purpose

    Define the elements of the playbook that provide scope and boundaries for the implementation.

    Key Benefits Achieved

    Align the implementation team on the scope for the project and how the team should operate during the implementation.

    Activities

    2.1 Gather and review requirements, with an agreed to scope.

    2.2 Define metrics for your project.

    2.3 Define and document the risks that can impact the project.

    2.4 Establish team composition and identify the team.

    2.5 Detail your OCM structure, resources, roles, and responsibilities.

    2.6 Define requirements for training.

    2.7 Create a communications plan for stakeholder groups and delivery teams.

    Outputs

    Requirements for enterprise application implementation with an agreed-to scope.

    Metrics to help measure what success looks like for the implementation.

    Articulated list of possible risks during the implementation.

    The team responsible and accountable for implementation is identified.

    Details of your organization’s change management process.

    Outline of training required.

    An agreed-to plan for communication of project status.

    3 Document Your Plan

    The Purpose

    With the structure and boundaries in place, we can now lay out the details on the implementation plan.

    Key Benefits Achieved

    A high-level plan is in place, including next steps and a process on running retrospectives.

    Activities

    3.1 Define your implementation steps.

    3.2 Create templates to enable follow-up throughout the project.

    3.3 Decide on the tracking tools to help during your implementation.

    3.4 Define the follow-up processes.

    3.5 Define project progress communication.

    3.6 Create a Change request process.

    3.7 Define your retrospective process for continuous improvement.

    3.8 Prepare a closure document for sign-off.

    Outputs

    An agreed to high-level implementation plan.

    Follow-up templates to enable more effective follow-ups.

    Shortlist of tracking tools to leverage during the implementation.

    Defined processes to enable follow-up.

    Defined project progress communication.

    A process for managing change requests.

    A process and template for running retrospectives.

    A technique and template for closure and sign-off.

    Further reading

    Build Your Enterprise Application Implementation Playbook

    Your implementation doesn’t start with technology, but with an effective plan that the team can align on.

    Analyst Perspective

    Your implementation is not just about technology, but about careful planning, collaboration, and control.

    Recardo de Oliveira

    A successful enterprise application implementation requires more than great software; it requires a clear line of sight to the people, processes, metrics, and tools that can help make this happen.

    Additionally, every implementation is unique with its own set of challenges. Working through these challenges requires a tailored approach taking many factors into account. Building out your playbook for your implementation is an important initial step before diving head-first into technology.

    Regardless of whether you use an implementation partner, a playbook ensures that you don’t lose your enterprise application investment before you even get started!

    Ricardo de Oliveira

    Research Director,
    Application Delivery and Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Given the increasing complexity of software implementations, you are continually challenged with staying above water with your current team.
    • Rapid changes in the business make maintaining project sponsors’ engagement challenging.
    • Project sprawl across the organization has created a situation where project leads track progress in their own way. This makes it difficult for leadership to identify what was successful (and what wasn’t).

    Common Obstacles

    • Your best process experts are the same people you need to keep the business running. The business cannot afford to have its best people pulled into the implementation for long periods of time.
    • Enterprise application implementations generate huge organizational changes and the adoption of the new systems and processes resulting from these projects are quite difficult.
    • People are generally resistant to change, especially large, transformational changes that will impact the day-to-day way of doing things.

    Info-Tech's Approach

    • Build your enterprise application implementation playbook. Follow these steps to build your enterprise application playbook:
      • Define your sponsor, map out your stakeholders, and lay out the vision, goals, and objectives for your project.
      • Detail the scope, metrics, and the team that will make it happen.
      • Detail the steps and processes that will carry you through the implementation

    Info-Tech Insight

    An effective enterprise application implementation playbook is not just a list of steps; it is a comprehensive view of what is necessary to support your implementation. This starts with a people-first approach. Start by asking about sponsors, stakeholders, and goals. Without asking these questions first, the implementation will be set up for failure, regardless of the technology, processes, and tools available.

    Enterprise Applications Lifescycle Advisory Services. Strategy, selection, implementation, optimization and operations.

    Insight summary

    Building an effective playbook starts with asking the right questions, not jumping straight into the technical details.

    • This blueprint provides the steps required to lay out an implementation playbook to align the team on what is necessary to support the implementation.
    • Build your Enterprise Application Implementation Playbook by:
      • Aligning and confirming project’s goals, stakeholders, governance and team.
      • Clearly defining what is in and out of scope for the project and the risks involved.
      • Building up a strong change management process.
      • Providing the tools and processes to keep track of the project.
      • Pulling it all together into an actionable playbook.

    Grapsh showing 39%

    Lack of planning is the reason that 39% of projects fail. Poor project planning can be disastrous: The consequences are usually high costs and time overruns.

    Graph showing 20%

    Almost 20% of IT projects can fail so badly that they can become a threat to a company’s existence. Lack of proper planning, poor communication, and poorly defined goals all contribute to the failure of projects.

    Graph showig 2.5%

    A PwC study of over 10,640 projects found that a tiny portion of companies – 2.5% – completed 100% of their projects successfully. These failures extract a heavy cost – failed IT projects alone cost the United States $50-$150B in lost revenue and productivity.

    Source: Forbes, 2020

    Planning and control are key to enterprise project success

    An estimated 70% of large-scale corporate projects fail largely due to a lack of change management infrastructure, proper oversight, and regular performance check-ins to track progress (McKinsey, 2015).

    Table showing that 88% of projects completed on time, 90% completed within budget and 92% meet original goals. 68% of projects have scope creep, 24% deemed failures and 46% experience budget lose when project fails

    “A survey published in HBR found that the average IT project overran its budget by 27%. Moreover, at least one in six IT projects turns into a ‘black swan’ with a cost overrun of 200% and a schedule overrun of 70%. Kmart’s massive $1.2B failed IT modernization project, for instance, was a big contributor to its bankruptcy.”

    Source: Forbes, 2020

    Sponsor commitment directly improves project success.

    Having the right sponsor significantly improves your chances of success across many different dimensions:

    1. On-time delivery
    2. Delivering within budget
    3. Delivered within an agreed-to scope
    4. Delivered with sufficient quality.
    Graph that shows Project success scores versus sponsor involvement in change communication. Shows increase for projects on time, projects on budget, within scope and overall quality.

    Source: Info-Tech, PPM Current State Scorecard Diagnostic

    Executive Brief Case Study

    Chocolate manufacturer implementing a new ERP

    INDUSTRY

    Consumer Products

    SOURCE

    Carlton, 2021

    Challenge

    Not every ERP ends in success. This case study reviews the failure of Hershey, a 147-year-old confectioner, headquartered in Hershey Pennsylvania. The enterprise saw the implementation of an ERP platform as being central to its future growth.

    Solution

    Consequently, rather than approaching its business challenge on the basis of an iterative approach, it decided to execute a holistic plan, involving every operating center in the company. Subsequently, SAP was engaged to implement a $10 million systems upgrade; however, management problems emerged immediately.

    Results

    The impact of this decision was significant, and the company was unable to conduct business because virtually every process, policy, and operating mechanism was in flux simultaneously. The consequence was the loss of $150 million in revenue, a 19% reduction in share price, and the loss of 12% in international market share.

    Remember: Poor management can scupper implementation, even when you have selected the perfect system.

    A successful software implementation provides more than simply immediate business value…

    It can build competitive advantage.

    • When software projects fail, it can jeopardize an organization’s financial standing and reputation, and in some severe cases, it can bring the company down altogether.
    • Rarely do projects fail for a single reason, but by understanding the pitfalls, developing a risk mitigation plan, closely monitoring risks, and self-evaluating during critical milestones, you can increase the probability of delivering on time, on budget, and with the intended benefits.

    Benefits are not limited to just delivering on time. Some others include:

    • Building organizational delivery competence and overall agility.
    • The opportunity to start an inventory of best practices, eventually building them into a center of excellence.
    • Developing a competitive advantage by maximizing software value and continuously transforming the business.
    • An opportunity to develop a competent pool of staff capable of executing on projects and managing organizational change.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Your Enterprise Application Implementation Playbook – Timeline Tool

    Supporting template that captures the project timeline information, issue log, and follow-up dashboard.

    Info-Tech: Project Planning and Monitoring Tool.
    Light Project Change Request Form Template

    This tool will help you record the requested change, and allow you to assess the impact of the change and proceed with the approval process.

    Info-Tech: Light change request form template.

    Key deliverable:

    Your Enterprise Application Implementation Playbook

    Record the results from the exercises to define the steps for a successful implementation.

    Build your enterprise application implementation playbook.

    Info-Tech’s methodology for Your Enterprise Application Implementation Playbook

    Phase Steps

    1. Understand the Project

    1. Identify the project sponsor
    2. Define project stakeholders
    3. Review project vision and guiding principles
    4. Review project objectives
    5. Establish project governance

    2. Set up for success

    1. Review project scope
    2. Define project metrics
    3. Prepare for project risks
    4. Identify the project team
    5. Define your change management process

    3. Document your plan

    1. Develop a master project plan
    2. Define a follow-up plan
    3. Define the follow-up process
    4. Understand what’s next
    Phase Outcomes
    • Project sponsor has been selected
    • Project stakeholders have been identified and mapped with their roles and responsibilities.
    • Vision, guiding principles, goals objectives, and governance have been defined
    • Project scope has been confirmed
    • Project metrics to identify successful implementation has been defined
    • Risks have been assessed and articulated.
    • Identified project team
    • An agreed-to change management process
    • Project plan covering the overall implementation is in place, including next steps and retrospectives

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostic and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    The three phases of guided implementation.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889 Activities and deliverables for each module of the workshop. Module 1: understanding the project, Module 2: Set up for success, Modeule 3: Document your plan, and Post Workshop: Next steps and Wrap-up(offsite).

    Phase 1

    Understand the project

    3 phases, phase 1 is highlighted.

    This phase will walk you through the following activities:

    1.1 Identify the project sponsor

    1.2 Identify project stakeholders

    1.3 Review project vision and guiding principles

    1.4 Review project objectives

    1.5 Establish project governance

    This phase involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Step 1.1

    Identify the project sponsor

    Activities

    1.1.1 Define the project sponsor's responsibilities

    1.1.2 Shortlist potential sponsors

    1.1.3 Select the project sponsor

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Selected sponsor.

    Sponsor commitment directly improves project success.

    Having the right sponsor significantly improves your chances of success across many different dimensions:

    1. On-time delivery
    2. Delivering within budget
    3. Delivered within an agreed-to scope
    4. Delivered with sufficient quality.

    Graph that shows Project success scores versus sponsor involvement in change communication. Shows increase for projects on time, projects on budget, within scope and overall quality.

    Source: Info-Tech, PPM Current State Scorecard Diagnostic

    Typical project sponsor responsibilities

    • Help define the business goals of their projects before they start.
    • Provide guidance and support to the project manager and the project team throughout the project management lifecycle.
    • Ensure that sufficient financial resources are available for their projects.
    • Resolve problems and issues that require authority beyond that of the project manager.
    • Ensure that the business objectives of their projects are achieved and communicated.

    For further discussion on sponsor responsibilities, use Info-Tech’s blueprint, Drive Business Value With a Right-Sized Project Gating Process

    Portrait of head with multiple layers representing the responsibilities of a sponsor. From top down: Define business goals, provide guidance, ensure human ad financial resources, resolve problems and issues.

    1.1.1 Define the project sponsor’s responsibilities

    0.5-1 hour

    1. Discuss the minimum requirements for a sponsor at your organization.
    2. As a group, brainstorm the criteria necessary for an individual to be a project sponsor:
      1. Is there a limit to the number of projects they can sponsor at one time?
      2. Is there a minimum number of hours they must be available to the project team?
      3. Do they have to be at a certain seniority level in the organization?
      4. What is their role at each stage of the project lifecycle?
    3. Document these criteria on a whiteboard.
    4. Record the sponsor’s responsibilities in section 1.1 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Requirements for a sponsor
    • Your responsibilities as a sponsor

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.1.1 Define the project sponsor’s responsibilities (Continued)

    Example

    Project sponsor responsibilities.

    1.1.2 Shortlist potential sponsors

    0.5-1 hour

    1. Based on the responsibilities defined in Exercise 1.1.1, produce a list of the potential sponsors.
    2. Record the sponsor’s shortlist in section 1.2 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Characteristics of a sponsor
    • Your list of candidates

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.1.2 Shortlist potential sponsors (Continued)

    Example

    Shortlist of potential sponsors. 6 names listed with checkmarks on criteria ranking.

    Don’t forget, the project team is there to support the sponsor

    Given the burden of the sponsor role, the project team is committed to doing their best to facilitate a successful outcome.

    Project Success: Follow best practices, escalate issues, stay focused, communicate, adapt to change.

    • Follow the framework set out by the governance group at the organization to drive efficiency on the project.
    • Ensure stakeholders with proper authority are notified of issues that occur during the project.
    • Stay focused on the project tasks to drive quality on the deliverables and avoid rework after the project.
    • Communicate within the project team to drive coordination of tasks, complete deliverables, and avoid resource waste.
    • Changes are more common than not; the team must be prepared to adjust plans and stay agile to adapt to changes for the project.

    Seek the key characteristics of a sponsor

    Man walking up stairs denoting characteristics of a good sponsor. First step: Leader, second step: Strong Communicator, third step: knowledgeable, fourth step: problem solver, fifth step: delegator, final step: dedicated.

    1.1.3 Select the project sponsor

    0.5-1 hour

    1. Review the characteristics and the list of potential candidates.
    2. Assess availability, suitability, and desire of the selected sponsor.
    3. Record the selected sponsor in section 1.3 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • List of candidates
    • Characteristics of a sponsor
    • Your selected sponsor

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.1.3 Select the project sponsor (Continued)

    Example

    Name of example sponsor with their key traits listed.

    Step 1.2

    Identify the project stakeholders

    Activities

    1.2.1 Identify your stakeholders

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Stakeholders’ management plan

    How to find the right stakeholders

    Start with the obvious candidates, but keep an open mind.

    How to find stakeholders

    • Talk to your stakeholders and ask who else you should be talking to, to discover additional stakeholders and ensure you don’t miss anyone.
    • Less obvious stakeholders can be found by conducting various types of trace analysis, i.e. following various paths flowing from your initiative through to the path’s logical conclusion.

    Create a stakeholder network map for your application implementation

    Follow the trail of breadcrumbs from your direct stakeholders to their influencers to uncover hidden stakeholders.

    Stakeholder network map showing direction of professional influence as well as bidirectional, informal influence relationships.

    Info-Tech Insight

    Your stakeholder map defines the influence landscape your enterprise application operates in. It is every bit as important as the teams who enhance, support, and operate your applications directly.

    Use connectors to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have substantial informal relationships with your stakeholders.

    Understand how to navigate the complex web of stakeholders

    Identify which stakeholders to include and what their level of involvement should be during requirements elicitation based on relevant topic expertise.

    Graph showing influence vs. interest, divided into 4 quadrants. Low influence and intersest is labeled: Monitor, low influence and high interest is labeled: Keep informed, High influence and low interest is labeled: Keep satisfied, and high influence and high interest is labeled: Involve closely

    Large-scale projects require the involvement of many stakeholders from all corners and levels of the organization, including project sponsors, IT, end users, and business stakeholders. Consider the influence and interest of stakeholders in contributing to the requirements elicitation process and involve them accordingly.

    Map the organization’s stakeholders

    List of various stakeholder titles. As well as a graph showing the influence vs involvement of each stakeholder title. Influence and interest is divided into 4 quadrants: Monitor, Keep informed, keep satisfied, and involve closely.

    1.2.1 Identify your stakeholders

    1-2 hours

    1. As a group, identify all the project stakeholders. A stakeholder may be an individual such as the CEO or CFO, or it may be a group such as front-line employees.
    2. Map each stakeholder on the quadrant based on their expected influence and involvement in the project
    3. Identify stakeholders and add them to the list.
    4. Record the stakeholders list in section 1.4 of Info-Tech’s Your Enterprise Application Implementation Playbook.
    5. Download Your Enterprise Application Implementation Playbook

      Input

      Output

      • Types of stakeholders
      • Your stakeholders initial list

      Materials

      Participants

      • Whiteboard/flip charts
      • Your Enterprise Application Implementation Playbook
      • Project team
      • Operations
      • SMEs
      • Team lead and facilitators
      • IT leaders

    1.2.1 Identify your stakeholders(Continued)

    Example

    Table with rows of stakeholders: Customer, End Users, IT, Vendor and other listed. Columns provide: description, examples, value and involvement level of each stakeholder.

    Step 1.3

    Review project vision and guiding principles

    Activities

    1.3.1 Align on a project vision

    1.3.2 List your guiding principles

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Project vision and guiding principles

    Vision and guiding principles

    GUIDING PRINCIPLES

    Guiding principles are high-level rules of engagement that help to align stakeholders from the outset. Determine guiding principles to shape the scope and ensure stakeholders have the same vision.

    Creating Guiding Principles

    Guiding principles should be constructed as full sentences. These statements should be able to guide decisions.

    EXAMPLES
    • [Organization] is implementing an ERP system to streamline processes and reduce redundancies, saving time and money.
    • [Organization] is implementing an ERP to integrate disparate systems and rationalize the application portfolio.
    • [Organization] is aiming at taking advantage of industry best practices and strives to minimize the level of customization required in solution.

    Questions to Ask

    1. What is a strong statement that will help guide decision making throughout the life of the ERP project?
    2. What are your overarching requirements for business processes?
    3. What do you ultimately want to achieve?
    4. What is a statement that will ensure all stakeholders are on the same page for the project?

    1.3.1 Align on a project vision

    1-2 hours

    1. As a group, discuss whether you want to create a separate project vision statement or restate your corporate vision and/or goals.
      1. A project vision statement will provide project-guiding principles, encompass the project objectives, and give a rationale for the project.
      2. Using the corporate vision/goals will remind the business and IT that the project is to implement an enterprise application that supports and enhances the organizational objectives.
    2. Record the project vision in section 1.5 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Project vision statement defined during strategy building
    • Your project vision

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.3.1 Align on a project vision (Continued)

    Example

    Project Vision

    We, [Organization], will select and implement an integrated software suite that enhances the growth and profitability of the organization through streamlined global business processes, real-time data-driven decisions, increased employee productivity, and IT investment protection.

    Guiding principles examples

    The guiding principles will help guide your decision-making process. These can be adjusted to align with your internal language.

    • Support business agility: A flexible and adaptable integrated business system providing a seamless user experience.
    • Use best practices: Do not recreate or replicate what we have today; focus on modernization. Exercise customization governance by focusing on those customizations that are strategically differentiating.
    • Automate: Take manual work out where we can, empowering staff and improving productivity through automation and process efficiencies.
    • Stay focused: Focus on scope around core business capabilities. Maintain scope control. Prioritize demand in line with the strategy.
    • Strive for "one source of truth": Unify data model and integrate processes where possible. Assess integration needs carefully.

    1.3.2 List your guiding principles

    1-2 hours

    1. Start with the guiding principles defined during the strategy building.
    2. Review each of the sample guiding principles provided and ask the following questions:
      1. Do we agree with the statement?
      2. Is this statement framed in the language we use internally? Does everyone agree on the meaning of the statement?
      3. Will this statement help guide our decision-making process?
    3. Record the guiding principles in section 1.6 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Guiding principles defined during strategy building
    • Your guiding principles

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.3.2 List your guiding principles (Continued)

    Example

    Guiding principals: Support business agility, use best practices, automate, stay focused, strive for `one source truth`.

    Step 1.4

    Review project objectives

    Activities

    1.4.1 Confirm your goals and objectives for the implementation project

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    The objectives of the implementation project

    Review the elements of the project charter

    Leverage completed deliverables to get project managers started down the path of success.

    Deliverables of project chaters for PMs. Project purpose, scope, logistics and sign-off.

    1.4.1 List your guiding principles

    1-2 hours

    1. Articulate the high-level objectives of the project. (What are the goals of the project?)
    2. Elicit the business benefits the sponsor is committed to achieving. (What are the business benefits of the project?)
    3. Record Project goals and objectives in section 1.7 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Your BizDevOps objectives and metrics
    • Understanding of various collaboration methods, such as Scrum, Kanban, and Scrumban
    • Your chosen collaboration method

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.4.1 Confirm your goals and objectives for the implementation project (Continued)

    Example:

    Project Objectives: End-user visibility, New business development, employee experience. Business Benefits for each objective listed.

    Step 1.5

    Establish project governance

    Activities

    1.5.1 Define the project governance structure

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Approach to build an effective project governance

    1.5.1 List your guiding principles

    0.5-1 hour

    1. Identify the IT governance structure in place today and document the high-level function of each body (councils, steering committees, review boards, centers of excellence, etc.).
    2. Identify and document the existing enterprise applications governance structure, roles, and responsibilities (if any exist).
    3. Identify gaps and document the desired enterprise applications governance structure, roles, and responsibilities.
    4. Record the project governance structure in section 1.8 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • IT governance structure
    • Your project governance structure

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Governance is NOT management

    Three levels of governance: Team Level, Steering Committee Level, and Executive Governance Level.

    Info-Tech Insight

    You won’t get engagement unless there is a sense of accountability. Do not leave this vague. Accountability needs to be assigned to specific individuals in your organization to ensure the system development achieves what was intended by your organization and not what your system integrator (SI) intended.

    Who is accountable?

    Too many assumptions are made that the SI is accountable for all implementation activities and deliverables – this is simply untrue. All activities can be better planned for, and misunderstandings can be avoided, with a clear line of sight on roles and responsibilities and the documentation that will support these assumptions.

    Discuss, define, and document roles and responsibilities:
    • For each role (e.g. executive sponsor, delivery manager, test lead, conversion lead), clearly articulate the responsibilities of the role, who is accountable for fulfillment, and whether it’s a client role, SI role, or both.
    • Articulate the purpose of each deliverable clearly, define which individual or team has responsibility for it, and document who is expected to contribute.
    • Empower the team by granting them the authority to make decisions. Ease their reluctance to think outside the box for fear of stakeholder or user backlash.
    • The implementation cannot and will not be transformative if the wrong people are involved or if the right people have not been given the tools required to succeed in their role.

    1.5.2 List your guiding principles

    0.5-1 hour

    1. Assess the skills necessary for an enterprise implementation. Inventory the competencies required for an enterprise implementation team. Map your internal resources to each competency as applicable.
    2. Select your internal implementation team. Determine who needs to be involved closely with the implementation. Key stakeholders should also be considered as members of your implementation team.
    3. Identify the number of external consultants/support required for implementation. Consider your in-house skills, timeline, integration environment complexity, and cost constraints as you make your resourcing plan.
    4. Record governance team roles and responsibilities in 1.9 section of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Available resources (internal, external, contract)
    • Your governance structure roles and responsibilities

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.5.2 Define governance team roles and responsibilities (Continued)

    Example

    Governance team roles and their responsibilities.

    Phase 2

    Set up for success

    3 phases, phase 2 is highlighted.

    This phase will walk you through the following activities:

    2.1. Review project scope

    2.2. Define project metrics

    2.3. Prepare for project risks

    2.4. Identify the project team

    2.5. Define your change management process

    This phase involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Step 2.1

    Review project scope

    Activities

    2.1.1 Gather and review requirements

    2.1.2 Confirm your scope for implementation

    2.1.3 Formulate a scope statement

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    The project scope

    Requirements are key to defining scope

    Project scope management includes the processes required to ensure that the project includes all and only the work required to complete the project successfully. Therefore, managing project scope is about defining and controlling what is and is not included in the project.

    PMBOK defines requirements as “conditions or capabilities that are to be met by the project or present in the product, service, or result to satisfy an agreement or other formally imposed specification.” Detailed requirements should be gathered and elicited in order to provide the basis for defining the project scope.

    70% of projects fail due to poor requirements, organizations using poor practices spent 62% more, 4th highest correlation to high IT performance is requirements gathering.

    Well-executed requirements gathering results in:

    • Consistent approach from project to project, resulting in more predictable outcomes.
    • Solutions that meet the business need on the surface and under the hood.
    • Reduce risk for fast-tracked projects by establishing a right-sized approach.
    • Requirements team that can drive process improvement and improved execution.
    • Confidence when exploring solution alternatives.

    Poorly executed requirements gathering results in:

    • IT receiving the blame for any project shortcomings or failures.
    • Business needs getting lost in the translation between the initial request and final output.
    • Inadequate solutions or cost overruns and dissatisfaction with IT.
    • IT losing its credibility as stakeholders do not see the value and work around the process.
    • Late projects that tie up IT resources longer than planned, and cost overruns that come out of the IT budget.
    • Inconsistent project execution, leading to inconsistent outcomes.

    Strong stakeholder satisfaction with requirements results in higher satisfaction in other areas

    High stakeholder satisfaction with requirements results in higher satisfaction in other areas.

    Note: “High satisfaction” was classified as a score greater or equal to eight, and “low satisfaction” was every organization that scored below eight on the same questions.

    2.1.1 Gather and review requirements

    1-2 hours

    1. Once existing documentation has been gathered, evaluate the effectiveness of the documentation and decide whether you need additional information to proceed to current-state mapping.
    2. The initiative team should avoid spending too much time on the discovery phase, as the goal of discovery is to obtain enough information to produce a level-one current-state map.
    3. Consider reviewing capabilities, business processes, current applications, integration, and data migration.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Your requirements, capabilities, business processes, current applications, integration, and/or data migration
    • Your requirements, capabilities, business processes, current applications, integration, and/or data migration revisited

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.1.1 Requirements list

    Example

    Requirements with description, category and priority.

    2.1.2 Confirm your scope for implementation

    1-2 hours

    1. Based on the requirements, write down features of the product or services, as well as dependencies with other interfaces.
    2. Write down exclusions to guard against scope creep.
    3. Validate the scope by asking these questions:
      1. Will this scope provide a common understanding for all stakeholders, including those outside of IT, as to what the project will accomplish and what it excludes?
      2. Should any detail be added to prevent scope creep later?
    4. Record the project scope in section 2.1 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • What’s in scope
    • What’s out of scope
    • What needs to integrate
    • Your scope areas

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.1.2 Scope detail

    Example

    Example of scope detail. Table with scope levels: In scope, out of scope and existing scope. Each scope level has details about it listed.

    Distill your requirements into a scope statement

    Requirements are about the what and the how.
    Scope specifies the features of the product or service – what is in and what is out
    Table showing Requirement document vs. Scope statement. It lists the audience, content, inputs and outputs for each.

    The Build Your Enterprise Application Implementation Playbook 2.2 Project Scope Statement includes:

    • Scope description (features, how it interfaces with other solution components, dependencies).
    • Exclusions (what is not part of scope).
    • Deliverables (product outputs, documentation).
    • Acceptance criteria (what metrics must be satisfied for the deliverable to be accepted).
    • Final sign-off (owner).
    • Project exclusions (scope item, details).

    The scope statement should communicate the breadth of the project

    To assist in forming your scope statement, answer the following questions:
    • What are the major coverage points?
    • Who will be using the systems?
    • How will different users interact with the systems?
    • What are the objectives that need to be addressed?
    • Where do we start?
    • Where do we draw the line?

    2.1.3 Formulate a scope statement

    1-2 hours

    1. Lay out the scope description (features, how it interfaces with other solution components, dependencies).
    2. Record the exclusions (what is not part of scope).
    3. Fill out the scope statement.
    4. Record the scope statement in section 2.2 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your scope areas
    • Your scope statement

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Scope statement template
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.1.3 Scope statement

    Example

    Examples of scope statements showing the following: Product or service in scope, project deliverables and acceptance criteria, and project exclusions.

    Step 2.2

    Review project scope

    Activities

    2.2.1 Define metrics for your project

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    The project metrics

    Building leading indicators

    Lagging KPIs are relatively simple to identify, whereas leading KPIs can be more elusive.

    For example, take the lagging KPI “Customer Satisfaction.” How do you turn that into a leading KPI? One method is to look at sources of customer complaints. In a retail sales system, backordered items will negatively impact customer satisfaction. As a leading indicator, track the number of orders with backordered lines and the percentage of the total order that was backordered.

    Performance Metrics

    Use leading and lagging metrics, as well as benchmarks, to track the progress of your system.

    Leading KPIs: Input-oriented measures:

    • Number of active users in the system.
    • Time-to-completion for processes that previously experienced efficiency pain points.

    Lagging KPIs: Output-oriented measures:

    • Faster production times.
    • Increased customer satisfaction scores

    Benchmarks: A standard to measure performance against:

    • Number of days to ramp up new users.

    Info-Tech Insight

    Leading indicators make the news; lagging indicators report on the news. Focusing on leading indicators allows you to address challenges before they become large problems with only expensive solutions.

    2.2.1 Define metrics for your project

    1-2 hours

    1. Examine outputs from any feedback mechanisms you have (satisfaction surveys, emails, existing SLAs, burndown charts, resourcing costs, licensing costs per sprint, etc.).
    2. Look at historical trends and figures when available. However, be careful of frequent anomalies, as these may indicate a root cause that needs to be addressed.
    3. Explore the definition of specific metrics across different functional teams to ensure consistency of measurement and reporting.
    4. Record the Project Metrics in section 2.3 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Outputs of any feedback mechanism
    • Historical trends
    • Your project tracking metrics

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.2.1 Metrics

    In addition to delivery metrics and system performance metrics, equip the business with process-based metrics to continuously prove the value of the enterprise software. Review the examples below as a starting point.

    Table showing metrics and desciption. Metrics listed are: Percent of requirements complete, issues found, issues resolved, and percent of processess complete.

    Step 2.3

    Prepare for project risks

    Activities

    2.3.1 Build a risk event menu

    2.3.2 Determine contextual risks

    2.3.3 Determine process risks

    2.3.4 Determine business risks

    2.3.5 Determine change risks

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to create your product canvas and product vision statement

    All risks are not created equal

    Project Risk consists of: Contextual risk, process risk, change risk and business risk.

    For more information on Info-Tech’s Four-Pillar Risk Framework, please see Right-Size Your Project Risk Investment.

    Info-Tech’s Four-Pillar Risk Framework

    Unusual risks should be detected by finding out how each project is different from the norm. Use this framework to start this process by confronting the risks that are more easily anticipated.

    2.3.1 Build a risk event menu

    0.5-1 hour

    1. Build and maintain an active menu of potential risk events across the four risk categories.
    2. Record the risk event menu in section 2.4 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Risk events
    • Your risk events menu

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.1 Risk event menu

    Example

    Risk event menu example. A table with: Contextual Risk, process risk, business risk, change risk events with examples for each.

    2.3.2 Determine contextual risks

    0.5-1 hour

    1. Contextual risk factors are those that operate within the context of your department, organization, and/or community.
    2. Fill out contextual risks.
    3. Record the contextual risks in section 2.5 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your risk events menu
    • Your list of people involved in risk management
    • Your contextual risks

    Materials

    Participants

    • Project Risk Management Workbook
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.2 Contextual risks

    Example

    two tables for Contextual risks. Table 1: Risk identification with event name, risk cause, impact and risk owner. Table 2: shows probability of risk, impact, rating, recommended action, and any mitigations.

    2.3.3 Determine process risks

    0.5-1 hour

    1. Process risks are those that involve project sponsorship, project management, business and functional requirements, work assignment, communication, and/or visibility.
    2. Fill out process risks.
    3. Record the process risks in section 2.6 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your risk events menu
    • Your list of people involved in risk management
    • Your process risks

    Materials

    Participants

    • Project Risk Management Workbook
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.3 Process risks

    Example

    two tables for Process risks. Table 1: Risk identification with event name, risk cause, impact and risk owner. Table 2: shows probability of risk, impact, rating, recommended action, and any mitigations.

    2.3.4 Determine business risks

    0.5-1 hour

    1. Business risks are those that affect the bottom line of the organization. They usually have implications on revenue, costs, and/or image.
    2. Fill out business risks.
    3. Record the business risks in section 2.7 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your risk events menu
    • Your list of people involved in risk management
    • Your business risks

    Materials

    Participants

    • Project Risk Management Workbook
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.4 Business risks

    Example

    two tables for Business risks. Table 1: Risk identification with event name, risk cause, impact and risk owner. Table 2: shows probability of risk, impact, rating, recommended action, and any mitigations.

    2.3.5 Determine change risks

    0.5-1 hour

    1. Change risks are those that result from imposing changes on the people and customers of the organization and their daily routines.
    2. Fill change risks.
    3. Record the change risks in section 2.7 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your risk events menu
    • Your list of people involved in risk management
    • Your business risks

    Materials

    Participants

    • Project Risk Management Workbook
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.5 Change risks

    Example

    two tables for Change risks. Table 1: Risk identification with event name, risk cause, impact and risk owner. Table 2: shows probability of risk, impact, rating, recommended action, and any mitigations.

    Step 2.4

    Identify the project team

    Activities

    2.4.1 Establish team composition

    2.4.2 Identify the team

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to get your project team ready

    Understand the unique external resource considerations for the implementation

    Organizations rarely have sufficient internal staffing to resource an enterprise software implementation project entirely on their own. Consider the options for closing the gap in internal resource availability.

    The most common project resourcing structures for enterprise projects are:

    1. Management consultant
    2. Vendor consultant
    3. System integrator

    When contemplating a resourcing structure, consider:

    • Availability of in-house implementation competencies and resources.
    • Timeline and cost constraints.
    • Integration environment complexity.

    CONSIDER THE FOLLOWING

    Internal Vs. External Roles and Responsibilities

    Clearly delineate between internal and external team responsibilities and accountabilities and communicate this to your technology partner upfront.

    Internal Vs. External Accountabilities

    Accountability is different than responsibility. Your vendor or SI partner may be responsible for completing certain tasks, but be careful not to outsource accountability for the implementation – ultimately, the internal team will be accountable.

    Partner Implementation Methodologies

    Often vendors and/or SIs will have their own preferred implementation methodology. Consider the use of your partner’s implementation methodology; however, you know what will work for your organization.

    Info-Tech Insight

    Selecting a partner is not just about capabilities, it’s about compatibility! Ensure you select a partner that has a culture compatible with your own.

    2.4.1 Establish team composition

    0.5-1 hour

    1. Assess the skills necessary for an enterprise implementation.
    2. Select your internal implementation team.
    3. Identify the number of external consultants/support required for implementation.
    4. Document the roles and responsibilities, accountabilities, and other expectations as they relate to each step of the implementation.
    5. Record the team composition in section 2.9 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • List of project team skills
    • Your team composition
    • Your business risks

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.4.1 Team composition

    Example

    Team composition: Role of each team member, and their skills.

    2.4.2 Identify the team

    0.5-1 hour

    1. Identify a candidate for each role and determine their responsibility in the project and their expected time commitment.
    2. The project will require a cross-functional team within IT and business units. Make sure the responsibilities are clearly communicated to the selected project sponsor.
    3. Create a RACI matrix for the project.
    4. Record the team list in section 2.10 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your team composition
    • Your team with responsibilities and commitment

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.4.2 Team list

    Example

    Team list: Role of each team member, candidate, responsibilities, and their commitment in hours per week.

    RACI example

    RACI example. Responsibilities and team member roles that are tasked with each responsibility.

    Step 2.5

    Define your change management process

    Activities

    2.5.1 Define OCM structure and resources

    2.5.2 Define OCM team’s roles and responsibilities

    2.5.3 Define requirements for training

    2.5.4 Create a communications plan for stakeholder groups, and delivery teams

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    A structure and procedures for an effective organizational change management

    Define your change management process to improve quality and adoption

    Organizational change management is the practice through which the PMO can improve user adoption rates and maximize project benefits.

    Correlation of change management effectiveness with meeting results.

    “It’s one thing to provide a new technology tool to your end users.

    It’s quite another to get them to use the tool, and still different for them to use the new tool proficiently.

    When your end users fully use a new technology and make it part of their daily work habits, they have ‘adopted’ the new tool.”

    – “End-User Adoption and Change Management Process” (2022)

    Large projects require organizational change management

    Organizational change management (OCM) governs the introduction of new business processes and technologies to ensure stakeholder adoption. The purpose of OCM is to prepare the business to accept the change.

    OCM is a separate body of knowledge. However, as a practice, it is inseparable from project management.

    In IT, project planning tends to fixate on technology, and it underestimates the behavioral and cultural factors that inhibit user adoption. Whether change is project-specific or continuous, it’s more important to instill the desire to change than to apply specific tools and techniques.

    Accountability for instilling this desire should start with the project sponsor. The project manager should support this with effective stakeholder and communication management plans.

    16% of projects with poor change management met or exceeded objectives. 71% of projects with excellent change management finish on or ahead of schedule. 67% of organizations include project change management in their initiatives.

    For further discussion on organizational change, use Info-Tech’s blueprint, Master Organizational Change Management Practices

    Your application implementation will be best served by centralizing OCM

    A centralized approach to OCM is most effective, and the PMO is already a centralized project office and is already accountable for project outcomes.

    What’s more, in organizations where accountabilities for OCM are not explicitly defined, the PMO will likely already be assumed to be the default change leader by the wider organization.

    It makes sense for the PMO to accept this accountability – in the short term at least – and claim the benefits that will come from coordinating and consistently driving successful project outcomes.

    In the long term, OCM leadership will help the PMO become a strategic partner with the executive layer and the business side.

    Short-term gains made by the PMO can be used to spark dialogues with those who authorize project spending and have the implicit fiduciary obligation to drive project benefits.

    Ultimately, it’s their job to explicitly transfer that obligation along with the commensurate resourcing and authority for OCM activities.

    Organizational resistance to change is cited as the #1 challenge to project success that PMOs face. Companies with mature PMOs that effectively manage change meet expectations 90% of the time.

    For further discussion on organizational change, use Info-Tech’s blueprint, Master Organizational Change Management Practices

    2.5.1 Define OCM structure and resources

    0.5-1 hour

    1. Assess the roles and resources that might be needed to help support these OCM efforts.
    2. Record the OCM structure in section 2.11 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project objectives
    • Your OCM structure and resources

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.5.1 OCM structure and resources

    Example

    OCM structure example. Table showing OCM activity and resources available to support.

    2.5.2 Define OCM team’s roles and responsibilities

    0.5-1 hour

    1. Assess the tasks required for the team.
    2. Determine roles and responsibilities.
    3. Record the results in the RACI matrix in section 2.13 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your communications timeline
    • Your OCM structure and resources
    • Your OCM plan and RACI matrix

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    OCM team’s roles and responsibilities

    Example

    Responsibilities for OCM team members.

    2.5.3 Define requirements for training

    0.5-1 hour

    1. Analyze HR requirements to ensure efficient use of HR and project stakeholder time.
    2. Outline appropriate HR and training activities.
    3. Define training content and make key logistical decisions concerning training delivery for staff and users.
    4. Record training requirements in section 2.14 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your OCM Plan and RACI matrix
    • Your HR training needs

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.5.3 Training requirements

    Example

    Training requirements example: Project milestones, milestone time frame, hr/training activities, activity timing, and notes.

    Project communication plans must address creation, flow, deposition, and security of project information

    A good communication management plan is like the oil that keeps moving parts going. Ensuring smooth information flow is a fundamental aspect of project management.

    Project communication management is more than keeping track of stakeholder requirements. A communication management plan must address timely and appropriate creation, flow, and deposition of information about the project – as well as the security of the information.

    Create:

    • In addition to standardized status reporting elements discussed for level 1 projects, level 2 and 3 projects may require additional information to be disseminated among key stakeholders and the PMO.

    Flow:

    • The plan must address the methods of communication. Distributed project teams require more careful planning, as they pose additional communication challenges.

    Deposit:

    • As the volume of information continues to grow exponentially, retrieving information becomes a challenge. The plan for depositing project information must be consistent with your organization’s content management policies.

    Security:

    • Preventing unauthorized access and information leaks is important for projectsthat are intended to provide the organization with a competitive edge or for projects that deal with confidential data.
    45% of organizations had established mature communications and engagement processes.

    2.5.4 Create a communications timeline

    0.5-1 hour

    1. Base your change communications on your organization’s cultural appetite for change in general.
    2. Document communications plan requirements.
    3. Create a high-level communications timeline.
    4. Tailor a communications strategy for each stakeholder group.
    5. Record the communications timeline in section 2.12 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your OCM structure and resources
    • Your project objectives
    • Your project scope
    • Your stakeholders’ management plan
    • Your communications timeline

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Example of communications timeline

    Project sponsors are the most compelling storytellers to communicate the change

    Example of project communications timeline. Planning, requirements, design, development, QA, deployment, warranty, and benefits/closure.

    Info-Tech Insight

    Communication with stakeholders and sponsors is not a single event, but a continual process throughout the lifecycle of the project implementation – and beyond!

    Phase 3

    Document your plan

    3 phases, phase 3 is highlighted.

    This phase will walk you through the following activities:

    3.1 Develop a master project plan

    3.2. Define a follow-up plan

    3.3. Define the follow-up process

    3.4. Understand what’s next

    This phase involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Step 3.1

    Develop a master project plan

    Activities

    3.1.1 Define your implementation steps

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to create your resourcing and master plans

    Resources Vs. Demand

    Organizations rarely have sufficient internal staffing to resource an enterprise software implementation project entirely on their own. Consider the options for closing the gap in internal resource availability.

    Project demand: Data classification, cloud strategy, application rationalization, recovery planning etc. must be weighted against the organizations internal staffing resources.

    Competing priorities

    Example

    Table for competing priorities: List of projects, their timeline, priority notes, and their implications.

    3.1.1 Define your implementation steps

    0.5-1 hour

    1. Write each phase of the project on a separate sticky note and add it to the whiteboard. Determine what steps make up each phase. Write each step of the phase on a separate sticky note and add it to the whiteboard.
    2. Determine what tasks make up each step. Write each task of the step on a separate sticky note and add it to the whiteboard.
    3. Record the tasks in the Your Enterprise Application Implementation Playbook – Timeline tool. This tool has an example of a typical list of tasks, to help you start your master plan. Use the timeline for project planning and progress tracking.
    4. Record your project’s basic data and work schedule.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Project's work breakdown structure
    • Your project master plan

    Materials

    Participants

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Implementation plan – basic data

    Record your project name, project manager, and stakeholders from previous exercises.

    Example project information form: Project name, estimated start date, estimated end date, project manager, stakeholders, and time off of project.

    Implementation plan – work schedule

    Use this template to keep track of all project tasks, dates, owners, dependencies, etc.

    Use this template to keep track of all project tasks, dates, owners, dependencies, etc.

    “Actual Start Date” and “Actual Completion Date” columns must be updated to be reflected in the Gantt chart.

    This information will also be captured as the source for session 3.2.1 dashboards.

    Step 3.2

    Define a follow up plan

    Activities

    3.2.1 Create templates to enable follow-up throughout the project

    3.2.2 Decide on the tracking tools to help during your implementation

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to create the processes and define the tools to track progress

    Leveraging dashboards

    Build a dashboard that reflects the leading metrics you have identified. Call out requirements that represent key milestones in the implementation.

    For further information on monitoring the project, use Info-Tech’s blueprint, Governance and Management of Enterprise Software Implementation

    Build a dashboard that reflects the leading metrics you have identified. Call out requirements that represent key milestones in the implementation.

    3.2.1 Create templates to enable follow-up throughout the project

    0.5-1 hour

    1. Create status report, dashboards/charts, budget control, risk/issues/gaps templates, and change request forms.
    2. Build a dashboard that reflects the leading metrics you have identified.
    3. Call out requirements that represent key milestones in the implementation.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your projects master plan
    • Your project follow-up kit

    Materials

    Participants

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Dashboards

    Based on the inputs in session 3.1.1 Define Your Implementation Steps, once the “Actual Start Date” and “Actual Completion Date” columns have been updated, this dashboard will present the project status and progress

    Based on the inputs in session 3.1.1 Define Your Implementation Steps, once the “Actual Start Date” and “Actual Completion Date” columns have been updated, this dashboard will present the project status and progress.

    This executive overview of the project's progress is meant to be used during the status meeting.

    Select the right tools

    Use SoftwareReviews to explore product features, vendor experience, and capability satisfaction.

    SoftwareReviews, Requirements Management, 2023

    SoftwareReviews, Project Management, 2023

    SoftwareReviews, Business Intelligence & Analytics, 2023

    3.2.2 Decide on the tracking tools to help during your implementation

    0.5-1 hour

    1. Based on the standards within your organization, select the appropriate project tracking tools to help you track the implementation project.
    2. If you do not have any tools or wish to change them, please see leverage Info-Tech’s SoftwareReviews to help you in making your decision.
    3. Consider tooling across a number of different categories:
      1. Requirements Management
      2. Project Management
      3. Reporting and Analytics
    4. Record the project tracking tools in section 3.3 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project follow-up kit
    • Your project follow-up kit tools

    Materials

    Participants

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Example: project tools

    Table listing project tools by type, use, and products available.

    Step 3.3

    Define a follow-up process

    Activities

    3.3.1 Define project progress communication

    3.3.2 Create a change request process

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to create your follow-up process

    Project status updates should occur throughout the implementation

    Project status updates can be both formal and informal. Formal status updates provide a standardized means of disseminating information on project progress. It is the lifeblood of project management: Accurate and up-to-date status reporting enables your project manager to ensure that your project can continue to use the resources needed.

    Informal status updates are done over coffee with key stakeholders to address their concerns and discuss key outcomes they want to see. Informal status updates help to build a more personal relationship.

    Ask for feedback during the status update meetings. Use the meeting as an opportunity to align values, goals, and incentives.

    Codify the following considerations:

    • Minimum requirement for a formal status update:
      • Frequency of reporting, as required by the project portfolio
      • Parties to be consulted and informed
      • Recording, producing, and archiving meeting minutes, both formal and informal
    • Procedure for follow-up on feedback generated from status updates:
      • Filing change requests
      • Keeping the change requester/relevant stakeholders in the loop

    3.3.1 Define project progress communication

    0.5-1 hour

    1. Provide a standardized means of disseminating information on project progress.
    2. Create an accurate and up-to-date status report to help keep team engaged and leadership supporting the project.
    3. Record the project progress communication in section 3.5 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project follow-up process
    • Your project progress communication

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Project progress communication

    Example

    Example table of project progress communication. Audience, purpose, delivery/format, communicator, delivery date, and status/notes.

    Manage project scope changes

    1. Change in project scope is unpredictable and almost inevitable regardless of project size. If changes are not properly managed, the project runs the risk of scope creep and loss of progress. Therefore, changes need to be monitored and controlled.
    2. Scope change can be initiated voluntarily by the project sponsor or other stakeholders, or it could be a mandatory reaction to changing project process.
    3. Scope change may also take place due to internal factors such as a stakeholder requiring more extensive insights or external factors such as changing market conditions.
    4. Scope changes have the potential to affect project outcomes either positively or negatively, depending on how the change is managed and implemented. The project manager should take care to maintain focus on the project’s ultimate objectives; consideration needs to be given as to what to do and what to give up.
    5. If changes arise, project managers should ensure that adequate resources and actions are provided so the project can be completed on time and on budget.
    • The project manager needs to use both hard and soft skills: analytical skills for evaluating and quantifying the impact of potential changes and communication skills for communicating and negotiating with stakeholders.
    • Build trust and credibility by taking an evidence-based approach when presenting changes. This gives you room to respectfully push back on certain changes.
    • Assess changes before crossing them off the list, but don’t be afraid to say no. Greater care must be taken when there is very limited budgetary freedom or when scope changes will interfere with the critical path.
    • All change requests must be received by the project manager first so they can make sure that IT project resources are not approached with multiple ad hoc change requests.

    Document your process to manage project change requests

    1 Initial assessment

    Using the scope statement as the reference point:

    • Why do we need the change?
    • Is the change necessary?
    • What is the business value that the change brings to the project?

    Recommend alternative solutions that are easier to implement while consulting the requester.

    2 Minor change

    If the change has been classified as minor, the project manager and the project team can tackle it directly, since it doesn’t affect project budget or schedule in a significant way. Ensure that the change is documented.

    3 conduct an in-depth assessment

    The project manager should bring major changes to the attention of the project sponsor and carry out a detailed assessment of the change and its impact.

    Additional time and resources are required to do the in-depth assessment because the impact on the project can be complex and affect requirements, resources, budget, and schedule.

    4 Obtain approval from the governing body

    Present the results to the governing body. Since a major change significantly affects the project baseline beyond the authorized contingency, it is the responsibility of the governing body to either approve the change with allocation of additional resources or reject the change and maintain course.

    Flow chart to document your process to manage project change requests.

    For further discussion on change requests, use Info-Tech’s blueprint, Begin Your Projects With the End in Mind

    3.3.2 Create a change request process

    0.5-1 hour

    1. Identify any existing processes that you have for addressing changes for projects.
    2. Discuss whether or not the current change request process will suit the project at hand.
    3. Define the agreed-to change request process that fits your organization’s culture.
    4. For a change request template, you can leverage, refer to section 3.6 of Info-Tech’s Your Enterprise Application Implementation Playbook.
    5. Make any changes to the template as necessary.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project scope
    • Your change request

    Materials

    Participants

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    3.3.2 Create a change request process (Continued)

    Example of a change request process form.

    Step 3.4

    Understand what's next

    Activities

    3.4.1 Run a “lessons learned” session for continuous improvement

    3.4.2 Prepare a closure document for sign-off

    3.4.3 Document optimization and future release opportunities

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Lessons learned throughout the project-guiding

    Good project planning is key to smooth project closing

    Begin with the end in mind. Without a clear scope statement and criteria for acceptance, it’s anyone’s guess when or how a project will end.

    During the closing process, the project manager should use planning and execution documents, such as the project charter and the scope statement, to assess project completeness and obtain sign-off based on the acceptance criteria.

    Project completion criteria should be clearly defined. For example, the project is defined as finished when costs are in, vendor receipts are received, financials are reviewed and approved, etc.

    However, there are other steps to be taken after completing the project deliverables. These activities include:

    • Transferring project knowledge and operations to support
    • Completing user training
    • Obtaining business sign-off and acceptance
    • Releasing resources
    • Conducting post-mortem meeting
    • Archiving project assets

    The project manager needs to complete all project management processes, including:

    • Risk management (close out risk assessment and action plan)
    • Quality management (test the final deliverables against acceptance criteria)
    • Stakeholder management (decision log, close out issues, plan and assign owners for resolutions of open issues)
    • Project team management (performance evaluation for team members as well as the project manager)

    3.4.1 Define the process for lessons learned

    0.5-1 hour

    1. Determine the reporting frequency for lessons learned.
    2. Consider attributing lessons learned to project phases.
    3. Coordinate lessons learned check-ins with project milestones to review and reflect.
    4. At each reporting session, the project team should identify challenges and successes informally.
    5. The PM and the PMO should transform the reports from each team member into formalized lessons.
    6. Record lessons learned for each project in section 3.7 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project's lessons learned

    Materials

    Participants

    • Project Lessons Learned Template
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Lessons learned

    Example

    Form: Project successes, notes, areas of imporvement, impact, solution.

    Watch for these potential problems with project closure

    Don’t leave the door open for stakeholder dissatisfaction. Properly close out your projects.

    Potential problems with project closure.

    For further information on project closure issues, use Info-Tech’s blueprint, Get Started With Project Management Excellence.

    3.4.2 Prepare a closure document for sign-off

    0.5-1 hour

    1. Create a realistic closure and transition process that gains sign-off from the sponsor.
    2. Prepare a project closure checklist.
    3. Transfer accountability to operations, release project resources, and avoid disrupting other projects that are trying to get started.
    4. Record the project closure document in section 3.8 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project objectives
    • Your project scope
    • Your project's closure checklist

    Materials

    Participants

    • Project closure checklist Template
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Closure checklist

    Project closure checklist. project management checklist, deliverables, goals, benefits, outstanding action items and issues, handover of technical documents, knowledge transfer, sign-off.

    For further information on closure procedures, use Info-Tech’s blueprint, Begin Your Projects With the End in Mind.

    3.4.3 Document optimization and future release opportunities

    0.5-1 hour

    Consider the future opportunities for improvement post-release:

    1. Product and vendor satisfaction opportunities
    2. Capability and feature optimization opportunities
    3. Process optimization opportunities
    4. Integration optimization opportunities
    5. Data optimization opportunities
    6. Cost-saving opportunities
    7. Record optimization and future release opportunities in section 3.9 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project objectives
    • Your project scope
    • Your optimization opportunities list

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Optimization opportunities

    Example

    Optimization types and opportunities.

    Related Info-Tech Research

    Build upon your foundations

    Build an ERP Strategy and Roadmap

    • A business-led, top-management-supported initiative partnered with IT has the greatest chance of success. This blueprint provides business and IT the methodology for getting the right level of detail for the business processes that the ERP supports thus avoiding getting lost in the details.

    Governance and Management of Enterprise Software Implementation

    • Implementing enterprise software is hard. You need a framework that will greatly improve your chance of success. Traditional Waterfall project implementations have a demonstrated a low success rate for on-time, on-budget delivery.

    Select and Implement a Human Resource Information System

    • Your organization is in the midst of a selection and implementation process for a human resource information system (HRIS), and there is a need to disambiguate the market and arrive at a shortlist of vendors.

    Select and Implement an ERP Solution

    • Selecting and implementing an ERP is one of the most expensive and time-consuming technology transformations an organization can undertake. ERP projects are notorious for time and budget overruns, with only a margin of the anticipated benefits being realized.

    Right-Size Your Project Risk Investment

    • Avoid the all-or-nothing mindset; even modest investments in risk will provide a return. Learn from and record current and historical risk events so lessons learned can easily be embedded into future projects. Assign someone to own the risk topic and make it their job to keep a relevant menu of risks.

    Related Info-Tech Research

    Build upon your foundations

    Drive Business Value With a Right-Sized Project Gating Process

    • Many organizations have implemented gating as part of their project management process. So, what separates those who are successful from those who are not? For starters, successful gating requires that each gate is treated as an essential audit. That means there need to be clear roles and responsibilities in the framework.

    Master Organizational Change Management Practices

    • Organizational change management (OCM) is often an Achilles’ heel for IT departments and business units, putting projects and programs at risk – especially large, complex, transformational projects.

    Get Started With Project Management Excellence

    • Lack of proper scoping at the beginning of the project leads to constant rescoping, rescheduling, and budget overruns.

    ERP Requirements Picklist Tool

    • Use this tool to collect ERP requirements in alignment with the major functional areas of ERP. Review the existing set of ERP requirements as a starting point to compiling your organization's requirements.

    Begin Your Projects With the End in Mind

    • Stakeholders are dissatisfied with IT’s inability to meet or even provide consistent, accurate estimates. The business’ trust in IT erodes every time a project is late, lost, or unable to start.

    Get Started With IT Project Portfolio Management

    • Most companies are struggling to get their project work done. This is due in part to the fact that many prescribed remedies are confusing, disruptive, costly, or ineffective.

    Bibliography

    7 Shocking Project Management Statistics and Lessons We Should Learn.” TeamGantt, Jan. 2017.

    Akrong, Godwin Banafo, et al. "Overcoming the Challenges of Enterprise Resource Planning (ERP): A Systematic Review Approach." IJEIS vol.18, no.1 2022: pp.1-41.

    Andriole, S. “Why No One Can Manage Projects, Especially Technology Projects.” Forbes, 1 Dec. 2020.

    Andriole, Steve. “Why No One Can Manage Projects, Especially Technology Projects.” Forbes, 1 Dec. 2020.

    Beeson, K. “ERP Implementation Plan (ERP Implementation Process Guide).” ERP Focus, 8 Aug. 2022.

    Biel, Justin. “60 Critical ERP Statistics: 2022 Market Trends, Data and Analysis.” Oracle Netsuite, 12 July 2022.

    Bloch, Michael, et al. “Delivering Large-Scale IT Projects on Time, on Budget, and on Value.” McKinsey & Company, 2012.

    Buverud, Heidi. ERP System Implementation: How Top Managers' Involvement in a Change Project Matters. 2019. Norwegian School of Economics, Ph.D. thesis.

    Carlton, R. “Four ERP Implementation Case Studies You Can Learn From.” ERP Focus, 15 July 2015.

    Gopinath, S. Project Management in the Emerging World of Disruption. PMI India Research and Academic Conference 2019. Kozhikode Publishers.

    Grabis, J. “On-Premise or Cloud Enterprise Application Deployment: Fit-Gap Perspective.” Enterprise Information Systems. Edited by Filipe, J., Śmiałek, M., Brodsky, A., Hammoudi, S. ICEIS, 2019.

    Harrin, E. The Definitive Guide to Project Sponsors. RGPM, 13 Dec. 2022.

    Jacobs-Long, Ann. “EPMO’s Can Make A Difference In Your Organization.” 9 May 2012.

    Kotadia, C. “Challenges Involved in Adapting and Implementing an Enterprise Resource Planning (ERP) Systems.” International Journal of Research and Review vol. 7 no. 12 December 2020: 538-548.

    Panorama Consulting Group. "2018 ERP Report." Panorama Consulting Group, 2018. Accessed 12 Oct. 2021.

    Panorama Consulting Group. "2021 ERP Report." Panorama Consulting Group, 2021. Accessed 12 Oct. 2021.

    PM Solutions. (2014). The State of the PMO 2014.

    PMI. Pulse of the Profession. 2017.

    Podeswa, H. “The Business Case for Agile Business Analysis.” Requirements Engineering Magazine, 21 Feb. 2017.

    Project Delivery Performance in Australia. AIPM and KPMG, 2020.

    Prosci. (2020). Prosci 2020 Benchmarking Data from 2007, 2009, 2011, 2013, 2015, 2017, 2019.

    Swartz, M. “End User Adoption and Change Management Process.” Swartz Consulting LLC, 11 July 2022.

    Trammell, H. “28 Important Project Management KPIs (& How To Track Them).” ClearPoint Strategy, 2022.

    “What are Business Requirements?" Requirements.com, 18 Oct. 2018.

    “What Is the Role of a Project Sponsor?” Six Sigma Daily, 18 May 2022.

    “When Will You Think Differently About Programme Delivery?” 4th Global Portfolio and Programme Management Survey. PricewaterhouseCoopers, Sept. 2014.

    The ESG Imperative and Its Impact on Organizations

    • Buy Link or Shortcode: {j2store}196|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Governance, Risk & Compliance
    • Parent Category Link: /it-governance-risk-and-compliance
    • Global regulatory climate disclosure requirements are still evolving and are not consistent.
    • Sustainability is becoming a corporate imperative, but IT’s role is not fully clear.
    • The environmental, social, and governance (ESG) data challenge is large and continually expanding in scope.
    • Collecting the necessary data and managing ethical issues across supply chains is a daunting task.
    • Communicating long-term value is difficult when customer and employee expectations are shifting.

    Our Advice

    Critical Insight

    • An organization's approach to ESG cannot be static or tactical. It is a moving landscape that requires a flexible, holistic approach across the organization. Cross-functional coordination is essential in order to be ready to respond to changing conditions.
    • Even though the ESG data requirements are large and continually expanding in scope, many organizations have well-established data frameworks and governance practices in place to meet regulatory obligations such as Sarbanes–Oxley that should used as a starting point.

    Impact and Result

    • Organizations will have greater success if they focus their ESG program efforts on the ESG factors that will have a material impact on their company performance and their key stakeholders.
    • Continually evaluating the evolving ESG landscape and its impact on key stakeholders will enable organizations to react quickly to changing conditions.
    • A successful ESG program requires a collaborative and integrated approach across key business stakeholders.
    • Delivering high-quality metrics and performance indicators requires a flexible and digital data approach, where possible, to enable data interoperability.

    The ESG Imperative and Its Impact on Organizations Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. The ESG Imperative and Its Impact on Organizations Deck – Learn why sustainability is becoming a key measurement of corporate performance and how to set your organization up for success.

    Understand the foundational components and drivers of the broader concept of sustainability: environmental, social, and governance (ESG) and IT’s roles within an organization’s ESG program. Learn about the functional business areas involved, the roles they play and how they interact with each other to drive program success.

    • The ESG Imperative and Its Impact on Organizations Storyboard

    Infographic

    Further reading

    The ESG Imperative and Its Impact on Organizations

    Design to enable an active response to changing conditions.

    Analyst Perspective

    Environmental, social, and governance (ESG) is a corporate imperative that is tied to long-term value creation. An organization's social license to operate and future corporate performance depends on managing ESG factors well.

    Central to an ESG program is having a good understanding of the ESG factors that may have a material impact on enterprise value and key internal and external stakeholders. A comprehensive ESG strategy supported by strong governance and risk management is also essential to success.

    Capturing relevant data and applying it within risk models, metrics, and internal and external reports is necessary for sharing your ESG story and measuring your progress toward meeting ESG commitments. Consequently, the data challenges have received a lot of attention, and IT leaders have a role to play as strategic partner and enabler to help address these challenges. However, ESG is more than a data challenge, and IT leaders need to consider the wider implications in managing third parties, selecting tools, developing supporting IT architecture, and ensuring ethical design.

    For many organizations, the ESG program journey has just begun, and collaboration between IT and risk, procurement, and compliance will be critical in shaping program success.

    This is a picture of Donna Bales, Principal Research Director, Info-Tech Research Group

    Donna Bales
    Principal Research Director
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Global regulatory climate disclosure requirements are still evolving and are not consistent.
    • Sustainability is becoming a corporate imperative, but IT's role is not fully clear.
    • The ESG data challenge is large and continually expanding in scope.
    • Collecting the necessary data and managing ethical issues across supply chains is a daunting task.
    • Communicating long-term value is difficult when customer and employee expectations are shifting.

    Common Obstacles

    • The data necessary for data-driven insights and accurate disclosure is often hampered by inaccurate and incomplete primary data.
    • Other challenges include:
      • Approaching ESG holistically and embedding it into existing governance, risk, and IT capabilities.
      • Building knowledge and adapting culture throughout all levels of the organization.
      • Monitoring stakeholder sentiment and keeping strategy aligned to expectations.

    Info-Tech's Approach

    • Use this blueprint to educate yourself on ESG factors and the broader concept of sustainability.
    • Learn about Info-Tech's ESG program approach and use it as a framework to begin your ESG program journey.
    • Identify changes that may be needed in your organizational operating model, strategy, governance, and risk management approach.
    • Discover areas of IT that may need to be prioritized and resourced.

    Info-Tech Insight

    An organization's approach to ESG cannot be static or tactical. ESG is a moving landscape that requires a flexible, holistic approach across the organization. It must become part of the way you work and enable an active response to changing conditions.

    This is an image of Info-Tech's thoughtmap for eight steps of the ESG Program Journey

    Putting ESG in context

    ESG has moved beyond the tipping point to corporate table stakes

    • In recent years, ESG issues have moved from voluntary initiatives driven by corporate responsibility teams to an enterprise-wide strategic imperative.
    • Organizations are no longer being measured by financial performance but by how they contribute to a sustainable and equitable future, such as how they support sustainable innovation through their business models and their focus on collaboration and inclusion.
    • A corporation's efforts toward sustainability is measured by three components: environmental, social, and governance.

    Sustainability

    The ability of a corporation and broader society to endure and survive over the long term by managing adverse impacts well and promoting positive opportunities.

    This is an image of the United Nation's 17 sustainable goals.

    Source: United Nations

    Putting "E," "S," and "G" in context

    Corporate sustainability depends on managing ESG factors well

    • Environmental, social, and governance are the component pieces of a sustainability framework that is used to understand and measure how an organization impacts or is affected by society as a whole.
    • Human activities, particularly fossil fuel burning since the mid twentieth century, have increased greenhouse gas concentration, resulting in observable changes to the atmosphere, ocean, cryosphere, and biosphere.
    • The E in ESG relates to the positive and negative impacts an organization may have on the environment, such as the energy it takes in and the waste it discharges.
    • The S in ESG is the most ambiguous component in the framework, as social impact relates not only to risks but also prosocial behaviour. It's the most difficult to measure but can have significant financial and reputational impact on corporations if material and poorly managed.
    • The G in ESG is foundational to the realization of S and E. It encompasses how well an organization integrates these considerations into the business and how well the organization engages with key stakeholders, receives feedback, and is transparent with its intentions.

    Common examples of ESG issues include: Environmental: Climate change, greenhouse gas emissions (CHG), deforestation, biodiversity, pollution, water, waste, extended producer responsibility, etc. Social: Customer relations, employee relations, labor, human rights, occupational health and safety, community relations, supply chains, etc. Governance: Board management practices, succession planning, compensation, diversity, equity and inclusion, regulatory compliance, corruption, fraud, data hygiene and security, etc. Source: Getting started with ESG - Sustainalytics

    Understanding the drivers behind ESG

    $30 trillion is expected to be transferred from the baby boomers to Generation Z and millennials over the next decade
    – Accenture

    Drivers

    • The rapid rise of ESG investing
    • The visibility of climate change is driving governments, society, and corporations to act and to initiate and support net zero goals.
    • A younger demographic that has strong convictions and financial influence
    • A growing trend toward mandatory climate and diversity, equity, and inclusion (DEI) disclosures required by global regulators
    • Recent emphasis by regulators on board accountability and fiduciary duty
    • Greater societal awareness of social issues and sustainability
    • A new generation of corporate leadership that is focused on sustainable innovation

    The evolving regulatory landscape

    Global regulators are mobilizing toward mandatory regulatory climate disclosure

    Canada

    • Canadian Securities Administrators (CSA) NI 51-107 Disclosure of Climate-related Matters

    Europe

    • European Commission, Sustainable Finance Disclosure Regulation (SFDR)
    • European Commission, EU Supply Chain Act
    • Germany – The German Supply Chain Act (GSCA)
    • Financial Conduct Authority UK, Proposal (DP 21/4) Sustainability Disclosure Requirements and investment labels
    • UK Modern Slavery Act, 2015

    United States

    • Securities and Exchange Commission (SEC) 33-11042– The Enhancement and Standardization of Climate-Related Disclosures for Investors
    • SEC 33-11038 Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure
    • Nasdaq Board Diversity Rule (5605(f))

    New Zealand

    • New Zealand, The Financial Sector (Climate-related Disclosures and Other Matters) Amendment Act 2021

    Begin by setting your purpose

    Consider your role as a corporation in society and your impact on key stakeholders

    • The impact of a corporation can no longer be solely measured by financial impact but also its impact on social good. Corporations have become real-world actors that impact and are affected by the environment, people, and society.
    • An ESG program should start with defining your organization's purpose in terms of corporate responsibility, the role it will play, and how it will endure over time through managing adverse impacts and promoting positive impacts.
    • Corporations should look inward and outward to assess the material impact of ESG factors on their organization and key internal and external stakeholders.
    • Once stakeholders are identified, consider how the ESG factors might be perceived by delving into what matters to stakeholders and what drives their behavior.

    Understanding your stakeholder landscape is essential to achieving ESG goals

    Internal Stakeholders: Board; Management; Employees. External Stakeholders: Activists; Regulators; Customers; Lenders; Government; Investors; Stakeholders; Community; Suppliers

    Assess ESG impact

    Materiality assessments help to prioritize your ESG strategy and enable effective reporting

    • The concept of materiality as it relates to ESG is the process of gaining different perspectives on ESG issues and risks that may have significant impact (both positive and negative) on or relevance to company performance.
    • The objective of a materiality assessment is to identify material ESG issues most critical to your organization by looking a broad range of social and environmental factors. Its purpose is to narrow strategic focus and enable an organization to assess the impact of financial and non-financial risks aggregately.
    • It helps to make the case for ESG action and strategy, assess financial impact, get ahead of long-term risks, and inform communication strategies.
    • Organizations can leverage assessment tools from Sustainalytics or SASB Standards to help assess ESG risks or use guidance or benchmarking information from industry associations.

    Info-Tech Insight

    Survey key stakeholders to obtain a more holistic viewpoint of expectations and the industry landscape and gain credibility through the process.

    Use a materiality matrix to understand ESG exposure

    This is an image of a materiality matrix used to understand ESG exposure.

    Example: Beverage Company

    Follow a holistic approach

    To deliver on your purpose, sustainability must be integrated throughout the organization

    • An ESG program cannot be implemented in a silo. It must be anchored on its purpose and supported by a strong governance structure that is intertwined with other functional areas.
    • Effective governance is essential to instill trust, support sound decision making, and manage ESG.
    • Governance extends beyond shareholder rights to include many other factors, such as companies' interactions with competitors, suppliers, and governments. More transparency is sought on:
      • Corporate behavior, executive pay, and oversight of controls.
      • Board diversity, compensation, and skill set.
      • Oversight of risk management, particularly risks related to fraud, product, data, and cybersecurity

    "If ESG is the framework of non-financial risks that may have a material impact on the company's stakeholders, corporate governance is the process by which the company's directors and officers manage those risks."
    – Zurich Insurance

    A pyramid is depicted. The top of the pyramid is labeled Continual Improvement, and the following terms are inside this box. Governance: Strategy; Risk Management; Metrics & Targets. At the bottom of the pyramid is a box with right facing arrows, labeled Transparency and Disclosure. This is Informed by the TCFD Framework

    Governance and organization approach

    There is no one-size-fits-all approach

    47% of companies reported that the full board most commonly oversees climate related risks and opportunities while 20% delegate to an existing board governance committee (EY Research, 2021).

    • The organizational approach to ESG will differ across industry segments and corporations depending on material risks and their upstream and downstream value change. However, the accountability for ESG sits squarely at the CEO and board level.
    • Some organizations have taken the approach of hiring a Chief Sustainability Officer to work alongside the CEO on execution of ESG goals and stakeholder communication, while others use other members of the strategic leadership to drive the desired outcomes.
    Governance Layer Responsibilities
    Board
    • Overall accountability lies with the full board. Some responsibilities may be delegated to newly formed dedicated ESG governance committee.
    Oversight
    Executive leadership
    • Accountable for sustainability program success and will work with CEO to set ESG purpose and goals.
    Oversight and strategic direction
    Management
    • Senior management drives execution; sometimes led by a cross-functional committee.
    Execution

    Strategy alignment

    "74% of finance leaders say that investors increasingly use nonfinancial information in their decision-making."

    – "Aligning nonfinancial reporting..." EY, 2020

    • Like any journey, the ESG journey requires knowing where you are starting from and where you are heading to.
    • Once your purpose is crystalized, identify and surface gaps between where you want to go as an organization (your purpose and goals) and what you need to deliver as an organization to meet the expectations of your internal and external stakeholders (your output).
    • Using the results of the materiality assessment, weigh the risk, opportunities, and financial impact to help prioritize and determine vulnerabilities and where you might excel.
    • Finally, evaluate and make changes to areas of your business that need development to be successful (culture, accountability and board structure, ethics committee, etc.)

    Gap analysis example for delivering reporting requirements

    Organizational Goals

    • Regulatory Disclosure
      • Climate
      • DEI
      • Cyber governance
    • Performance Tracking/Annual Reporting
      • Corporate transparency on ESG performance via social, annual circular
    • Evidence-Based Business Reporting
      • Risk
      • Board
      • Suppliers

    Risk-size your ESG goals

    When integrating ESG risks, stick with a proven approach

    • Managing ESG risks is central to making sound organizational decisions regarding sustainability but also to anticipating future risks.
    • Like any new risk type, ESG risk should be interwoven into your current risk management and control framework via a risk-based approach.
    • Yet ESG presents some new risk challenges, and some risk areas may need new control processes or enhancements.
    NET NEW ENHANCEMENT
    Climate disclosure Data quality management
    Assurance specific to ESG reporting Risk sensing and assessment
    Supply chain transparency tied back to ESG Managing interconnections
    Scenario analysis
    Third-party ratings and monitoring

    Info-Tech Insight

    Integrate ESG risks early, embrace uncertainty by staying flexible, and strive for continual improvement.

    A funnel chart is depicted. The inputs to the funnel are: Strategy - Derive ESG risks from strategy, and Enterprise Risk Appetite. Inside the funnel, are the following terms: ESG; Data; Cyber. The output of the funnel is: Evidence based reporting ESG Insights & Performance metrics

    Managing supplier risks

    Suppliers are a critical input into an organization's ESG footprint

    "The typical consumer company's supply chain ... [accounts] for more than 80% of greenhouse-gas emissions and more than 90% of the impact on air, land, water, biodiversity, and geological resources."
    – McKinsey & Company, 2016

    • Although companies are accustomed to managing third parties via procurement processes, voluntary due-diligence, and contractual provisions, COVID-19 surfaced fragility across global supply chains.
    • The mismanagement of upstream and downstream risks of supply chains can harm the reputation, operations, and financial performance of businesses.
    • To build resiliency to and visibility of supply chain risk, organizations need to adapt current risk management programs, procurement practices, and risk assessment tools and techniques.
    • Procurement departments have an enhanced function, effectively acting as gatekeepers by performing due diligence, evaluating performance, and strengthening the supplier relationship through continual feedback and dialogue.
    • Technologies such as blockchain and IoT are starting to play a more dominant role in supply chain transparency.

    Raw materials are upstream and consumers are downstream.

    "Forty-five percent of survey respondents say that they either have no visibility into their upstream supply chain or that they can see only as far as their first-tier suppliers."
    – "Taking the pulse of shifting supply chains," McKinsey & Company, 2022

    Metrics and targets

    Metrics are key to stakeholder transparency, measuring performance against goals, and surfacing organizational blind spots

    • ESG metrics are qualitative or quantitative insights that measure organizations' performance against ESG goals. Along with traditional business metrics, they assist investors with assessing the long-term performance of companies based on non-financial ESG risks and opportunities.
    • Metrics, key performance indicators (KPIs), and key risk indicators (KRIs) are used to measure how ESG factors affect an organization and how an organization may impact any of the underlying issues related to each ESG factor.
    • There are several reporting standards that offer specific ESG performance metrics, such as the Global Reporting Institute (GRI), Sustainability Accounting Standards Board (SASB), and World Economic Forum (WEF).
    • For climate-related disclosures, global regulators are converging on the Task Force for Climate-related Disclosures (TCFD) and the International Sustainability Standards Board (ISSB).

    Example metrics for ESG factors

    Example metrics for environment include greenhouse gas emissions, water footprint, renewable energy share, and % of recycled material. Example social metrics include rates of injury, proportion of spend on local supplies, and percentage of gender or ethnic groups in management roles. Example governance metrics include annual CEO compensation compared to median, number of PII data breaches, and completed number of supplier assessments.

    The impact of ESG on IT

    IT plays a critical role in achieving ESG goals

    • IT groups have a critical role to play in helping organizations develop strategic plans to meet ESG goals, measure performance, monitor risks, and deliver on disclosure requirements.
    • IT's involvement extends from the CIO providing input at a strategic level to leading the charge within IT to instill new goals and adapt the culture toward one focused on sustainability.
    • To set the tone, CIOs should begin by updating their IT governance structure and setting ESG goals for IT.
    • IT leaders will need to think about resource use and efficiency and incorporate this into their IT strategy.

    Info-Tech Insight

    IT leaders need to work collaboratively with risk management to optimize decision making and continually improve ESG performance and disclosure.

    "A great strategy meeting is a meeting of the minds."
    – Max McKeown

    The data challenge

    The ESG data requirement is large and continually expanding in scope

    • To meet ESG objectives, corporations are challenged with collecting non-financial data from across functional business and geographical locations and from their supplier base and supply chains.
    • One of the biggest impediments to ESG implementation is the lack of high-quality data and of mature processes and tools to support data collection.
    • The data challenge is compounded by the availability and usability of data, immature and fragmented standards that hinder comparability, and workflow integration.

    Info-Tech Insight

    Keep your data model flexible and digital where possible to enable data interoperability.

    A flow chart is depicted. the top box is labeled ESG Program. Below that are Boxes labeled Tactical and Strategic. Below the Tactical Box, is a large X showing a lack of connection to the following points: Duplicative; Inefficient/Costly. Below the box labeled Strategic are the following terms: Data-Driven; Reusable; Digital.

    "You can have data without information, but you cannot have information without data."
    – Daniel Keys Moran

    It's more than a data challenge

    Organizations will rely on IT for execution, and IT leaders will need to be ready

    Data Management: Aggregated Reporting; Supplier Management; Cyber Management; Operational Management; Ethical Design(AI, Blockchain); IT Architecture; Resource Efficiency; Processing & Tooling; Supplier Assessment.

    Top impacts on IT departments

    1. ESG requires corporations to keep track of ESG-related risks of third parties. This will mean more robust assessments and monitoring.
    2. Many areas of ESG are new and will require new processes and tools.
    3. The SEC has upped the ante recently, requiring more rigorous accountability and reporting on cyber incidents.
    4. New IT systems and architecture may be needed to support ESG programs.
    5. Current reporting frameworks may need updating as regulators move to digital.
    6. Ethical design will need to be considered when AI is used to support risk/data management and when it is used as part of product solutions.

    Key takeaways

    • It's critical for organizations to look inward and outward to assess the material impact of ESG factors on their organization and key internal and external stakeholders.
    • ESG requires a flexible, holistic approach across the organization. It must become part of the way you work and enable an active response to changing conditions.
    • ESG introduces new risks that should not be viewed in isolation but interwoven into your current risk management and control framework via a risk-based approach.
    • Identify and integrate risks early, embrace uncertainty by staying flexible, and strive for continual improvement.
    • Metrics are key to telling your ESG story. Place the appropriate importance on the information that will be reported.
    • Recognize that the data challenge is complex and evolving and design your data model to be flexible, interoperable, and digital.
    • IT's role is far reaching, and IT will have a critical part in managing third parties, selecting tools, developing supporting IT architecture, and using ethical design.

    Definitions

    TERM DEFINITON
    Corporate Social Responsibility Management concept whereby organizations integrate social and environmental concerns in their operations and interactions with their stakeholders.
    Chief Sustainability Officer Steers sustainability commitments, helps with compliance, and helps ensure internal commitments are met. Responsibilities may extend to acting as a liaison with government and public affairs, fostering an internal culture, acting as a change agent, and leading delivery.
    ESG An acronym that stands for environment, social, and governance. These are the three components of a sustainability program.
    ESG Standard Contains detailed disclosure criteria including performance measures or metrics. Standards provide clear, consistent criteria and specifications for reporting. Typically created through consultation process.
    ESG Framework A broad contextual model for information that provides guidance and shapes the understanding of a certain topic. It sets direction but does not typically delve into the methodology. Frameworks are often used in conjunction with standards.
    ESG Factors The factors or issues that fall under the three ESG components. Measures the sustainability performance of an organization.
    ESG Rating An aggregated score based on the magnitude of an organization's unmanaged ESG risk. Ratings are provided by third-party rating agencies and are increasingly being used for financing, transparency to investors, etc.
    ESG Questionnaire ESG surveys or questionnaires are administered by third parties and used to assess an organization's sustainability performance. Participation is voluntary.
    Key Risk Indicator (KRI) A measure to indicate the potential presence, level, or trend of a risk.
    Key Performance Indicator (KPI) A measure of deviation from expected outcomes to help a firm see how it is performing.
    Materiality Material topics are topics that have a direct or indirect impact on an organization's ability to create, preserve, or erode economic, environment and social impact for itself and its stakeholder and society as a whole
    Materiality Assessment A materiality assessment is a tool to identify and prioritize the ESG issues most critical to the organization.
    Risk Sensing The range of activities carried out to identify and understand evolving sources of risk that could have a significant impact on the organization (e.g. social listening).
    Sustainability The ability of an organization and broader society to endure and survive over the long term by managing adverse impacts well and promoting positive opportunities.
    Sustainalytics Now part of Morningstar. Sustainalytics provides ESG research, ratings, and data to institutional investors and companies.
    UN Guiding Principles on Business and Human Rights (UNGPs) UN Guiding Principles on Business and Human Rights (UNGPs) provide an essential methodological foundation for how impacts across all dimensions should be assessed.

    Reporting & standard frameworks

    STANDARD DEFINITION AND FOCUS
    CDP CDP has created standards and metrics for comparing sustainability impact. Focuses on environmental data (e.g. carbon, water, and forests) and on data disclosure and benchmarking.
    (Formally Carbon Disclosure Project) Audience: All stakeholders
    Dow Jones Sustainability Indices (DJSI) Heavy on corporate governance and company performance. Equal balance of economic, environmental, and social.
    Audience: All stakeholders
    Global Reporting Initiative (GRI) International standards organization that has a set of standards to help organizations understand and communicate their impacts on climate change and social responsibility. The standard has a strong emphasis on transparency and materiality, especially on social issues.
    Audience: All stakeholders
    International Sustainability Standards Board (ISSB) Standard-setting board that sits within the International Financial Reporting Standards (IFRS) Foundation. The IFRS Foundation is a not-for-profit, public-interest organization established to develop high-quality, understandable, enforceable, and globally accepted accounting and sustainability disclosure standards.
    Audience: Investor-focused
    United Nations Sustainable Development Goals (UNSDG) Global partnership across sectors and industries to achieve sustainable development for all (17 Global Goals)
    Audience: All stakeholders
    Sustainability Accounting Standards Board (SASB) Industry-specific standards to help corporations select topics that may impact their financial performance. Focus on material impacts on financial condition or operating performance.
    Audience: Investor-focused
    Task Force Of Climate-related Disclosures (TCFD; created by the Financial Stability Board) Standards framework focused on the impact of climate risk on financial and operating performance. More broadly the disclosures inform investors of positive and negative measures taken to build climate resilience and make transparent the exposure to climate-related risk.
    Audience: Investors, financial stakeholders

    Bibliography

    Anne-Titia Bove and Steven Swartz, McKinsey, "Starting at the source: Sustainability in supply chains", 11 November 2016

    Accenture, "The Greater Wealth Transfer – Capitalizing on the intergenerational shift in wealth", 2012

    Beth Kaplan, Deloitte, "Preparing for the ESG Landscape, Readiness and reporting ESG strategies through controllership playbook", 15 February 2022

    Bjorn Nilsson et al, McKinsey & Company, "Financial institutions and nonfinancial risk: How corporates build resilience," 28 February 2022

    Bolden, Kyle, Ernst and Young, "Aligning nonfinancial reporting with your ESG strategy to communicate long-term value", 18 Dec. 2020

    Canadian Securities Administrators, "Canadian securities regulators seek comment on climate-related disclosure requirements", 18 October 2021

    Carol A. Adams et al., Global Risk Institute, "The double-materiality concept, Application and issues", May 2021

    Dunstan Allison-Hope et al, BSR, "Impact-Based Materiality, Why Companies Should-Focus Their Assessments on Impacts Rather than Perception", 3 February 2022

    EcoVadis, "The World's Most Trusted Business Sustainability Ratings",

    Ernst and Young, "Four opportunities for enhancing ESG oversight", 29 June 2021

    Federal Ministry of Labour and Social Affairs, The Act on Corporate Due Diligence Obligations in Supply Chains (Gesetz über die unternehmerischen Sorgfaltspflichten in Lieferketten)", Published into Federal Law Gazette, 22, July 2021

    "What Every Company Needs to Know", Sustainalytics

    Global Risk Institute, The GRI Perspective, "The materiality madness: why definitions matter", 22 February 2022

    John P Angkaw "Applying ERM to ESG Risk Management", 1 August 2022

    Hillary Flynn et al., Wellington Management, "A guide to ESG materiality assessments", June 2022

    Katie Kummer and Kyle Lawless, Ernst and Young, "Five priorities to build trust in ESG", 14 July 2022

    Knut Alicke et al., McKinsey & Company, "Taking the pulse of shifting supply chains", 26 August 2022

    Kosmas Papadopoulos and Rodolfo Arauj. The Harvard School Forum on Corporate Governance, "The Seven Sins of ESG Management", 23 September 2020

    KPMG, Sustainable Insight, "The essentials of materiality assessment", 2014

    Lorraine Waters, The Stack, "ESG is not an environmental issue, it's a data one", 20 May 2021

    Marcel Meyer, Deloitte, "What is TCFD and why does it matter? Understanding the various layers and implications of the recommendations",

    Michael W Peregnne et al., "The Harvard Law School Forum on Corporate Governance, The Important Legacy of the Sarbanes Oxley Act," 30 August 2022

    Michael Posner, Forbes, "Business and Human Rights: Looking Ahead To The Challenges Of 2022", 15 December 2021

    Myles Corson and Tony Kilmas, Ernst and Young, "How the CFO can balance competing demands and drive future growth", 3 November 2020

    Novisto, "Navigating Climate Data Disclosure", 2022

    Novisto, "XBRL is coming to corporate sustainability reporting", 17 April 2022

    "Official Journal of the European Union, Regulation (EU) 2019/2088 of the European Parliament and of the Council of 27 November 2019 on sustainability-related disclosures in the financial services sector", 9 December 2019

    Osler, "ESG and the future of sustainability", Podcast, 01 June 2022

    Osler, "The Rapidly Evolving World of ESG Disclosure: ISSB draft standards for sustainability and climate related disclosures", 19 May 2022

    Sarwar Choudhury and Zach Johnston, Ernst and Young "Preparing for Sox-Like ESG Regulation", 7 June 2022

    Securities and Exchange Commission, "The Enhancement and Standardization of Climate-related Disclosures for Investors", 12 May 2022

    "Securities and Exchange Commission, SEC Proposes Rules on Cybersecurity, Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies, 9 May 2022

    Sean Brown and Robin Nuttall, McKinsey & Company, "The role of ESG and purpose", 4 January 2022

    Statement by Chair Gary Gensler, "Statement on ESG Disclosure Proposal", 25 May 2022

    Svetlana Zenkin and Peter Hennig, Forbes, "Managing Supply Chain Risk, Reap ESG Rewards", 22 June 2022

    Task Force on Climate Related Financial Disclosures, "Final Report, Recommendations of the Task Force on Climate-related Financial Disclosures", June 2017

    World Economic Forum, "Why sustainable governance and corporate integrity are crucial for ESG", 29 July 2022

    World Economic Forum (in collaboration with PwC) "How to Set Up Effective Climate Governance on Corporate Boards, Guiding Principles and questions", January 2019

    World Economic Forum, "Defining the "G" in ESG Governance Factors at the Heart of Sustainable Business", June 2022

    World Economic Forum, "The Risk and Role of the Chief Integrity Officer: Leadership Imperatives in and ESG-Driven World", December 2021

    World Economic Forum, "How to Set Up Effective Climate Governance on Corporate Boards Guiding principles and questions", January 2019

    Zurich Insurance, "ESG and the new mandate for corporate governance", 2022

    Design and Build an Effective Contract Lifecycle Management Process

    • Buy Link or Shortcode: {j2store}214|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $5,039 Average $ Saved
    • member rating average days saved: 20 Average Days Saved
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • Your vendor contracts are unorganized and held in various cabinets and network shares. There is no consolidated list or view of all the agreements, and some are misplaced or lost as coworkers leave.
    • The contract process takes a long time to complete. Coworkers are unsure who should be reviewing and approving them.
    • You are concerned that you are not getting favorable terms with your vendors and not complying with your agreement commitments.
    • You are unsure what risks your organization could be exposed to in your IT vendor contacts. These could be financial, legal, or security risks and/or compliance requirements.

    Our Advice

    Critical Insight

    • Focus on what’s best for you. There are two phases to CLM. All stages within those phases are important, but choose to improve the phase that can be most beneficial to your organization in the short term. However, be sure to include reviewing risk and monitoring compliance.
    • Educate yourself. Understand the stages of CLM and how each step can rely on the previous one, like a stepping-stone model to success.
    • Consider the overall picture. Contract lifecycle management is the sum of many processes designed to manage contracts end to end while reducing corporate risk, improving financial savings, and managing agreement obligations. It can take time to get CLM organized and working efficiently, but then it will show its ROI and continuously improve.

    Impact and Result

    • Understand how to identify and mitigate risk to save the organization time and money.
    • Gain the knowledge required to implement a CLM that will be beneficial to all business units.
    • Achieve measurable savings in contract time processing, financial risk avoidance, and dollar savings.
    • Effectively review, store, manage, comply with, and renew agreements with a collaborative process

    Design and Build an Effective Contract Lifecycle Management Process Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how a contract management system will save money and time and mitigate contract risk, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Master the operational framework of contract lifecycle management.

    Understand how the basic operational framework of CLM will ensure cost savings, improved collaboration, and constant CLM improvement.

    • Design and Build an Effective Contract Lifecycle Management Process – Phase 1: Master the Operational Framework of CLM
    • Existing CLM Process Worksheet
    • Contract Manager

    2. Understand the ten stages of contract lifecycle management.

    Understand the two phases of CLM and the ten stages that make up the entire process.

    • Design and Build an Effective Contract Lifecycle Management Process – Phase 2: Understand the Ten Stages of CLM
    • CLM Maturity Assessment Tool
    • CLM RASCI Diagram
    [infographic]

    Workshop: Design and Build an Effective Contract Lifecycle Management Process

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Review Your CLM Process and Learn the Basics

    The Purpose

    Identify current CLM processes.

    Learn the CLM operational framework.

    Key Benefits Achieved

    Documented overview of current processes and stakeholders.

    Activities

    1.1 Review and capture your current process.

    1.2 Identify current stakeholders.

    1.3 Learn the operational framework of CLM.

    1.4 Identify current process gaps.

    Outputs

    Existing CLM Process Worksheet

    2 Learn More and Plan

    The Purpose

    Dive into the two phases of CLM and the ten stages of a robust system.

    Key Benefits Achieved

    A deep understanding of the required components/stages of a CLM system.

    Activities

    2.1 Understand the two phases of CLM.

    2.2 Learn the ten stages of CLM.

    2.3 Assess your CLM maturity state.

    2.4 Identify and assign stakeholders.

    Outputs

    CLM Maturity Assessment

    CLM RASCI Diagram

    Further reading

    Design and Build an Effective Contract Lifecycle Management Process

    Mitigate risk and drive value through robust best practices for contract lifecycle management.

    Our understanding of the problem

    This Research Is Designed For:

    • The CIO who depends on numerous key vendors for services
    • The CIO or Project Manager who wants to maximize the value delivered by vendors
    • The Director or Manager of an existing IT procurement or vendor management team
    • The Contracts Manager or Legal Counsel whose IT department holds responsibility for contracts, negotiation, and administration

    This Research Will Help You:

    • Implement and streamline the contract management process, policies, and procedures
    • Baseline and benchmark existing contract processes
    • Understand the importance and value of contract lifecycle management (CLM)
    • Minimize risk, save time, and maximize savings with vendor contracts

    This Research Will Also Assist

    • IT Service Managers
    • IT Procurement
    • Contract teams
    • Finance and Legal departments
    • Senior IT leadership

    This Research Will Help Them

    • Understand the required components of a CLM
    • Establish the current CLM maturity level
    • Implement a new CLM process
    • Improve on an existing or disparate process

    ANALYST PERSPECTIVE

    "Contract lifecycle management (CLM) is a vital process for small and enterprise organizations alike. Research shows that all organizations can benefit from a contract management process, whether they have as few as 25 contracts or especially if they have contracts numbering in the hundreds.

    A CLM system will:

    • Save valuable time in the entire cycle of contract/agreement processes.
    • Save the organization money, both hard and soft dollars.
    • Mitigate risk to the organization.
    • Avoid loss of revenue.

    If you’re not managing your contracts, you aren’t capitalizing on your investment with your vendors and are potentially exposing your organization to contract and monetary risk."

    - Ted Walker
    Principal Research Advisor, Vendor Management Practice
    Info-Tech Research Group

    Executive Summary

    Situation

    • Most organizations have vendor overload and even worse, no defined process to manage the associated contracts and agreements. To manage contracts, some vendor management offices (VMOs) use a shared network drive to store the contracts and a spreadsheet to catalog and manage them. Yet other less-mature VMOs may just rely on a file cabinet in Procurement and a reminder in someone’s calendar about renewals. These disparate processes likely cost your organization time spent finding, managing, and renewing contracts, not to mention potential increases in vendor costs and risk and the inability to track contract obligations.

    Complication

    • Contract lifecycle management (CLM) is not an IT buzzword, and it’s rarely on the top-ten list of CIO concerns in most annual surveys. Until a VMO gets to a level of maturity that can fully develop a CLM and afford the time and costs of doing so, there can be several challenges to developing even the basic processes required to store, manage, and renew IT vendor contracts. As is always an issue in IT, budget is one of the biggest obstacles in implementing a standard CLM process. Until senior leadership realizes that a CLM process can save time, money, and risk, getting mindshare and funding commitment will remain a challenge.

    Resolution

    • Understand the immediate benefits of a CLM process – even a basic CLM implementation can provide significant cost savings to the organization; reduce time spent on creating, negotiating, and renewing contracts; and help identify and mitigate risks within your vendor contracts.
    • Budgets don’t always need to be a barrier to a standard CLM process. However, a robust CLM system can provide significant savings to the organization.

    Info-Tech Insight

    • If you aren’t managing your contracts, you aren’t capitalizing on your investments.
    • Even a basic CLM process with efficient procedures will provide savings and benefits.
    • Not having a CLM process may be costing your organization money, time, and exposure to unmitigated risk.

    What you can gain from this blueprint

    Why Create a CLM

    • Improved contract organization
    • Centralized and manageable storage/archives
    • Improved vendor compliance
    • Risk mitigation
    • Reduced potential loss of revenue

    Knowledge Gained

    • Understanding of the value and importance of a CLM
    • How CLM can impact many departments within the organization
    • Who should be involved in the CLM steps and processes
    • Why a CLM is important to your organization
    • How to save time and money by maximizing IT vendor contracts
    • How basic CLM policies and procedures can be implemented without costly software expenditure

    The Outcome

    • A foundation for a CLM with best-practice processes
    • Reduced exposure to potential risks within vendor contracts
    • Maximized savings with primary vendors
    • Vendor compliance and corporate governance
    • Collaboration, transparency, and integration with business units

    Contract management: A case study

    CASE STUDY
    Industry Finance and Banking
    Source Apttus

    FIS Global

    The Challenge

    FIS’ business groups were isolated across the organization and used different agreements, making contract creation a long, difficult, and manual process.

    • Customers frustrated by slow and complicated contracting process
    • Manual contract creation and approval processes
    • Sensitive contract data that lacked secure storage
    • Multiple agreements managed across divisions
    • Lack of central repository for past contracts
    • Inconsistent and inaccessible

    The Solution: Automating and Streamlining the Contract Management Process

    A robust CLM system solved FIS’ various contract management needs while also providing a solution that could expand into full quote-to cash in the future.

    • Contract lifecycle management (CLM)
    • Intelligent workflow approvals (IWA)
    • X-Author for Excel

    Customer Results

    • 75% cycle time reduction
    • $1M saved in admin costs per year
    • 49% increase in sales proposal volume
    • Automation on one standard platform and solution
    • 55% stronger compliance management
    • Easy maintenance for various templates
    • Ability to quickly absorb new contracts and processes via FIS’s ongoing acquisitions

    Track the impact of CLM with these metrics

    Dollars Saved

    Upfront dollars saved

    • Potential dollars saved from avoiding unfavorable terms and conditions
    • Incentives that encourage the vendor to act in the customer’s best interest
    • Secured commitments to provide specified products and services at firm prices
    • Cost savings related to audits, penalties, and back support
    • Savings from discounts found

    Time Saved

    Time saved, which can be done in several areas

    • Defined and automated approval flow process
    • Preapproved contract templates with corporate terms
    • Reduced negotiation times
    • Locate contracts in minutes

    Pitfalls Avoided

    Number of pitfalls found and avoided, such as

    • Auto-renewal
    • Inconsistencies between sections and documents
    • Security and data not being deleted upon termination
    • Improper licensing

    The numbers are compelling

    71%

    of companies can’t locate up to 10% of their contracts.

    Source: TechnologyAdvice, 2019

    9.2%

    of companies’ annual revenue is lost because of poor contract management practices.

    Source: IACCM, 2019

    60%

    still track contracts in shared drives or email folders.

    Source: “State of Contract Management,” SpringCM, 2018

    CLM blueprint objectives

    • To provide a best-practice process for managing IT vendor contract lifecycles through a framework that organizes from the core, analyzes each step in the cycle, has collaboration and governance attached to each step, and integrates with established vendor management practices within your organization.
    • CLM doesn’t have to be an expensive managed database system in the cloud with fancy dashboards. As long as you have a defined process that has the framework steps and is followed by the organization, this will provide basic CLM and save the organization time and money over a short period of time.
    • This blueprint will not delve into the many vendors or providers of CLM solutions and their methodologies. However, we will discuss briefly how to use our framework and contract stages in evaluating a potential solution that you may be considering.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Design and Build an Effective CLM Process – project overview

    1. Master the Operational Framework

    2. Understand the Ten Stages of CLM

    Best-Practice Toolkit

    1.1 Understand the operational framework components.

    1.2 Review your current framework.

    1.3 Create a plan to implement or enhance existing processes.

    2.1 Understand the ten stages of CLM.

    2.2 Review and document your current processes.

    2.3 Review RASCI chart and assign internal ownership.

    2.4 Create an improvement plan.

    2.5 Track changes for measurable ROI.

    Guided Implementations
    • Review existing processes.
    • Understand what CLM is and why the framework is essential.
    • Create an implementation or improvement plan.
    • Review the ten stages of CLM.
    • Complete CLM Maturity Assessment.
    • Create a plan to target improvement.
    • Track progress to measure savings.
    Onsite Workshop

    Module 1: Review and Learn the Basics

    • Review and capture your current processes.
    • Learn the basic operational framework of contract management.

    Module 2 Results:

    • Understand the ten stages of effective CLM.
    • Create an improvement or implementation plan.
    Phase 1 Outcome:
    • A full understanding of what makes a comprehensive contract management system.
    Phase 2 Outcome:
    • A full understanding of your current CLM processes and where to focus your efforts for improvement or implementation.

    Workshop overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Workshop Day 1 Workshop Day 2
    Activities

    Task – Review and Learn the Basics

    Task – Learn More and Plan

    1.1 Review and capture your current process.

    1.2 Identify current stakeholders.

    1.3 Learn the operational framework of contract lifecycle management.

    1.4 Identify current process gaps.

    2.1 Understand the two phases of CLM.

    2.2 Learn the ten stages of CLM.

    2.3 Assess your CLM maturity.

    2.4 Identify and assign stakeholders.

    2.5 Discuss ROI.

    2.6 Summarize and next steps.

    Deliverables
    1. Internal interviews with business units
    2. Existing CLM Process Worksheet
    1. CLM Maturity Assessment
    2. RASCI Diagram
    3. Improvement Action Plan

    PHASE 1

    Master the Operational Framework of Contract Lifecycle Management

    Design and Build an Effective CLM Process

    Phase 1: Master the Operational Framework of Contract Lifecycle Management

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of
    2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Master the Operational Framework of Contract Lifecycle Management
    Proposed Time to Completion: 1-4 weeks

    Step 1.1: Document your Current CLM Process

    Step 1.2: Read and Understand the Operational Framework

    Step 1.3: Review Solution Options

    Start with an analyst kick-off call:

    • Understand what your current process(es) is for each stage
    • Do a probative review of any current processes
    • Interview stakeholders for input

    Review findings with analyst:

    • Discuss the importance of the framework as the core of your plan
    • Review the gaps in your existing process
    • Understand how to prioritize next steps towards a CLM

    Finalize phase deliverable:

    • Establish ownership of the framework
    • Prioritize improvement areas or map out how your new CLM will look

    Then complete these activities…

    • Document the details of your process for each stage of CLM

    With these tools & templates:

    • Existing CLM Process Worksheet

    Phase 1 Results:

    • A full understanding of what makes a comprehensive contract management system.

    What Is Contract Lifecycle Management?

    • Every contract has a lifecycle, from creation to time and usage to expiration. Organizations using a legacy or manual contract management process usually ask, “What is contract lifecycle management and how will it benefit my business?”
    • Contract lifecycle management (CLM) creates a process that manages each contract or agreement. CLM eases the challenges of managing hundreds or even thousands of important business and IT contracts that affect the day-to-day business and could expose the organization to vendor risk.
    • Managing a few contracts is quite easy, but as the number of contracts grows, managing each step for each contract becomes increasingly difficult. Ultimately, it will get to a point where managing contracts properly becomes very difficult or seemingly impossible.

    That’s where contract lifecycle management (CLM) comes in.

    CLM can save money and improve revenue by:

    • Improving accuracy and decreasing errors through standardized contract templates and approved terms and conditions that will reduce repetitive tasks.
    • Securing contracts and processes through centralized software storage, minimizing risk of lost or misplaced contracts due to changes in physical assets like hard drives, network shares, and file cabinets.
    • Using policies and procedures that standardize, organize, track, and optimize IT contracts, eliminating time spent on creation, approvals, errors, and vendor compliance.
    • Reducing the organization’s exposure to risks and liability.
    • Having contracts renewed on time without penalties and with the most favorable terms for the business.

    The Operational Framework of Contract Lifecycle Management

    Four Components of the Operational Framework

    1. Organization
    2. Analysis
    3. Collaboration and Governance
    4. Integration/Vendor Management
    • By organizing at the core of the process and then analyzing each stage, you will maximize each step of the CLM process and ensure long-term contract management for the organization.
    • Collaboration and governance as overarching policies for the system will provide accountability to stakeholders and business units.
    • Integration and vendor management are encompassing features in a well-developed CLM that add visibility, additional value, and savings to the entire organization.

    Info-Tech Best Practice

    Putting a contract manager in place to manage the CLM project will accelerate the improvements and provide faster returns to the organizations. Reference Info-Tech’s Contract Manager Job Description template as needed.

    The operational framework is key to the success, return on investment (ROI), cost savings, and customer satisfaction of a CLM process.

    This image depicts Info-Tech's Operational Framework.  It consists of a series of five concentric circles, with each circle a different colour.  On the outer circle, is the word Integration.  The next outermost circle has the words Collaboration and Governance.  The next circle has no words, the next circle has the word Analysis, and the very centre circle has the word Organization.

    1. Organization

    • Every enterprise needs to organize its contract documents and data in a central repository so that everyone knows where to find the golden source of contractual truth.
    • This includes:
      • A repository for storing and organizing contract documents.
      • A data dictionary for describing the terms and conditions in a consistent, normalized way.
      • A database for persistent data storage.
      • An object model that tracks changes to the contract and its prevailing terms over time.

    Info-Tech Insight

    Paper is still alive and doing very well at slowing down the many stages of the contract process.

    2. Analysis

    Most organizations analyze their contracts in two ways:

    • First, they use reporting, search, and analytics to reveal risky and toxic terms so that appropriate operational strategies can be implemented to eliminate, mitigate, or transfer the risk.
    • Second, they use process analytics to reveal bottlenecks and points of friction as contracts are created, approved, and negotiated.

    3. Collaboration

    • Throughout the contract lifecycle, teams must collaborate on tasks both pre-execution and post-execution.
    • This includes document collaboration among several different departments across an enterprise.
    • The challenge is to make the collaboration smooth and transparent to avoid costly mistakes.
    • For some contracting tasks, especially in regulated industries, a high degree of control is required.
    • In these scenarios, the organization must implement controlled systems that restrict access to certain types of data and processes backed up with robust audit trails.

    4. Integration

    • For complete visibility into operational responsibilities, relationships, and risk, an organization must integrate its golden contract data with other systems of record.
    • An enterprise contracts platform must therefore provide a rich set of APIs and connectors so that information can be pushed into or pulled from systems for enterprise resource planning (ERP), customer relationship management (CRM), supplier relationship management (SRM), document management, etc.

    This is the ultimate goal of a robust contract management system!

    Member Activity: Document Current CLM Processes

    1.1 Completion Time: 1-5 days

    Goal: Document your existing CLM processes (if any) and who owns them, who manages them, etc.

    Instructions

    Interview internal business unit decision makers, stakeholders, Finance, Legal, CIO, VMO, Sales, and/or Procurement to understand what’s currently in place.

    1. Use the Existing CLM Process Worksheet to capture and document current CLM processes.
    2. Establish what processes, procedures, policies, and workflows, if any, are in place for pre-execution (Phase 1) contract stages.
    3. Do the same for post-execution (Phase 2) stages.
    4. Use this worksheet as reference for assessments and as a benchmark for improvement review six to 12 months later.
    This image contains a screenshot of Info-Tech's Existing CLM Process Discovery Worksheet

    INPUT

    • Internal information from all CLM stakeholders

    OUTPUT

    • A summary of processes and owners currently in place

    Materials

    • Existing CLM processes from interviews

    Participants

    • Finance, Legal, CIO, VMO, Sales, Procurement

    PHASE 2

    Understand the Ten Stages of Contract Lifecycle Management

    Design and Build an Effective CLM Process

    Phase 1: Master the Operational Framework of Contract Lifecycle Management

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of
    2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Understand the Ten Stages of Contract Lifecycle Management

    Proposed Time to Completion: 1-10 weeks

    Step 2.1: Assess CLM Maturity

    Step 2.2: Complete a RASCI Diagram

    Start with an analyst kick-off call:

    • Review the importance of assessing the maturity of your current CLM processes
    • Discuss interview process for internal stakeholders
    • Use data from the Existing CLM Process Worksheet

    Review findings with analyst:

    • Review your maturity results
    • Identify stages that require immediate improvement
    • Prioritize improvement or implementation of process

    Then complete these activities…

    • Work through the maturity assessment process
    • Answer the questions in the assessment tool
    • Review the summary tab to learn where to focus improvement efforts

    Then complete these activities…

    • Using maturity assessment and existing process data, establish ownership for each process stage
    • Fill in the RASCI Chart based on internal review or existing processes

    With these tools & templates:

    • CLM Maturity Assessment Tool

    With these tools & templates:

    • CLM RASCI Diagram

    Phase 2 Results & Insights:

    • A full understanding of your current CLM process and where improvement is required
    • A mapping of stakeholders for each stage of the CLM process

    The Ten Stages of Contract Lifecycle Management

    There are ten key stages of contract lifecycle management.

    The steps are divided into two phases, pre-execution and post-execution.

      Pre-Execution (Phase 1)

    1. Request
    2. Create
    3. Review Risk
    4. Approve
    5. Negotiate
    6. Sign
    7. Post-Execution (Phase 2)

    8. Capture
    9. Manage
    10. Monitor Compliance
    11. Optimize

    Ten Process Stages Within the CLM Framework

    This image contains the CLM framework from earlier in the presentation, with the addition of the following ten steps: 1. Request; 2. Create Contract; 3. Review Risk; 4. Approve; 5. Negotiate; 6. Sign; 7. Capture; 8. Manage; 9. Monitor Compliance; 10. Optimize.

    Stage 1: Request or Initiate

    Contract lifecycle management begins with the contract requesting process, where one party requests for or initiates the contracting process and subsequently uses that information for drafting or authoring the contract document. This is usually the first step in CLM.

    Requests for contracts can come from various sources:

    • Business units within the organization
    • Vendors presenting their contract, including renewal agreements
    • System- or process-generated requests for renewal or extension

    At this stage, you need to validate if a non-disclosure agreement (NDA) is currently in place with the other party or is required before moving forward. At times, adequate NDA components could be included within the contract or agreement to satisfy corporate confidentiality requirements.

    Stage 1: Request or Initiate

    Stage Input

    • Information about what the contract needs to contain, such as critical dates, term length, coverage, milestones, etc.
    • Some organizations require that justification and budget approval be provided at this stage.
    • Request could come from a vendor as a pre-created contract.
    • Best practices recommend that a contract request form or template is used to standardize all required information.

    Stage Output

    • Completed request form, stored or posted with all details required to move forward to risk review and contract creation.
    • Possible audit trails.

    Stage 2: Create Contract

    • At the creation or drafting stage, the document is created, generated, or provided by the vendor. The document will contain all clauses, scope, terms and conditions, and pricing as required.
    • In some cases, a vendor-presented contract that is already prepared will go through an internal review or redlining process by the business unit and/or Legal.
    • Both internal and external review and redlining are included in this stage.
    • Also at this stage, the approvers and signing authorities are identified and added to the contract. In addition, some audit trail features may be added.

    Info-Tech Best Practice

    For a comprehensive list of terms and conditions, see our Software Terms & Conditions Evaluation Tool within Master Contract Review and Negotiation for Software Agreements.

    Stage 2: Create Contract

    Stage Input

    • Contract request form, risk review/assessment.
    • Vendor- or contractor-provided contract/agreement, either soft copy, electronic form, or more frequently, “clickwrap” web-posted document.
    • Could also include a renewal notification from a vendor or from the CLM system or admin.

    Stage Output

    • Completed draft contract or agreement, typically in a Microsoft Word or Adobe PDF format with audit trail or comment tracking.
    • Redlined document for additional revision and or acceptance.
    • Amendment or addendum to existing contract.

    Stage 3: Review Risk 1 of 2

    The importance of risk review can not be understated. The contract or agreement must be reviewed by several stakeholders who can identify risks to the organization within the contract.

    Three important definitions:

    1. Risk is the potential for a negative outcome. A risk is crossing the street while wearing headphones and selecting the next track to play on your smartphone. A negative outcome is getting hit by an oncoming person who, unremarkably, was doing something similar at the same time.
    2. Risk mitigation is about taking the steps necessary to minimize both the likelihood of a risk occurring – look around both before and while crossing the street – and its impact if it does occur – fall if you must, but save the smartphone!
    3. Contract risk is about any number of situations that can cause a contract to fail, from trivially – the supplier delivers needed goods late – to catastrophically – the supplier goes out of business without having delivered your long-delayed orders.

    Stage 3: Review Risk 2 of 2

    • Contracts must be reviewed for business terms and conditions, potential risk situations from a financial or legal perspective, business commitments or obligations, and any operational concerns.
    • Mitigating contract risk requires a good understanding of what contracts are in place, how important they are to the success of the organization, and what data they contain.

    Collectively, this is known as contract visibility.

    • Risk avoidance and mitigation are also a key component in the ROI of a CLM system and should be tracked for analysis.
    • Risk-identifying forms or templates can be used to maintain consistency with corporate standards.

    Stage 3: Review Risk

    Stage Input

    • All details of the proposed contract so that a proper risk analysis can be done as well as appropriate review with stakeholders, including:
      • Finance
      • Legal
      • Procurement
      • Security
      • Line-of-business owner
      • IT stakeholders

    Stage Output

    • A list of identified concerns that could expose the business unit or organization.
    • Recommendations to minimize or eliminate identified risks.

    Stage 4: Approve

    The approval stage can be a short process if policies and procedures are already in place. Most organizations will have defined delegation of authority or approval authority depending on risk, value of the contract, and other corporate considerations.

    • Defined approval levels should be known within the organization and can be applied to the approval workflow, expediting the approval of drafted terms, conditions, changes, and cost/spend within the contract internally.
    • Tracking and flexibility needs to considered in the approval process.
    • Gates need to be in place to ensure that a required approver has approved the contract before it moves to the next approver.
    • Flexibility is needed in some situations for ad hoc approval tasks and should include audit trail as required.
    • Approvers can include business units, Finance, Legal, Security, and C-level leaders

    Stage 4: Approve

    Stage Input

    • Complete draft contract with all terms and conditions (T&Cs) and approval trail.
    • Amendment or addendum to existing contract.

    Stage Output

    • Approved draft contract ready to move to the next step of negotiating with the vendor.
    • Approved amendment or addendum to existing or renewal agreement.

    Stage 5: Negotiate

    • At this stage, there should be an approved draft of the contract that can be presented to the other party or vendor for review.
    • Typically organizations will negotiate their larger deals for terms and conditions with the goal of balancing the contractual allocation of risk with the importance of the vendor or agreement and its value to the business.
    • Several people on either side are typically involved and will discuss legal and commercial terms of the contract. Throughout the process, negotiators may leverage a variety of tools, including playbooks with preferred and fallback positions, clause libraries, document redlines and comparisons, and issue lists.
    • Audit trails or tracking of changes and acceptances is an important part of this stage. Tracking will avoid duplication and lost or missed changes and will speed up the entire process.
    • A final, clean document is created at this point and readied for execution.

    Stage 5: Negotiate

    Stage Input

    • Approved draft contract ready to move to the next step of negotiating with the vendor.
    • Approved amendment or addendum to existing or renewal agreement.

    Stage Output

    • A finalized and approved contract or amendment with agreed-upon terms and conditions ready for signatures.

    Info-Tech Insight

    Saving the different versions of a contract during negotiations will save time, provide reassurance of agreed terms as you move through the process, and provide reference for future negotiations with the vendor.

    Stage 6: Sign or Execute

    • At this stage in the process, all the heavy lifting in a contract’s creation is complete. Now it’s signature time.
    • To finalize the agreement, both parties need to the sign the final document. This can be done by an in-person wet ink signature or by what is becoming more prevalent, digital signature through an e-signature process.
    • Once complete, the final executed documents are exchanged or received electronically and then retained by each party.

    Stage 6: Sign or Execute

    Stage Input

    • A finalized and approved contract or amendment with agreed-upon terms and conditions ready for signatures.

    Stage Output

    • An executed contract or amendment ready to move to the next stage of CLM, capturing in the repository.

    Info-Tech Best Practice

    Process flow provisions should made for potential rejection of the contract by signatories, looping the contract back to the appropriate stage for rework or revision.

    Stage 7: Capture in Database/Repository 1 of 2

    • This is one of the most important stages of a CLM process. Executed agreements need to be stored in a single manageable, searchable, reportable, and centralized repository.
    • All documents should to be captured electronically, reviewed for accuracy, and then posted to the CLM repository.
    • The repository can be in various formats depending on the maturity, robustness, and budget of the CLM program.

    Most repositories are some type of database:

    • An off-the-shelf product
    • A PaaS cloud-based solution
    • A homegrown, internally developed database
    • An add-on module to your ERP system

    Stage 7: Capture in Database/Repository 2 of 2

    Several important features of an electronic repository should be considered:

    • Consistent metadata tagging of clauses, terms, conditions, dates, etc.
    • Centralized summary view of all contracts
    • Controlled access for those who need to review and manage the contracts

    Establishing an effective repository will be key to providing measurable value to the organization and saving large amounts of time for the business unit.

    Info-Tech Insight

    Planning for future needs by investing a little more money into a better, more robust repository could pay bigger dividends to the VMO and organization while providing a higher ROI over time as advanced functionality is deployed.

    Stage 8: Manage

    • Once an agreement is captured in the repository, it needs to be managed from both an operational and a commitment perspective.
    • Through a summary view or master list, contracts need to be operationally managed for end dates and renewals, vendor performance, discounts, and rebates.
    • Managing contracts for commitment and compliance will ensure all contract requirements, rights, service-level agreements (SLAs), and terms are fulfilled. This will eliminate the high costs of missed SLAs, potential breaches, or missed renewals.
    • Managing contracts can be improved by adding metadata to the records that allow for easier search and retrieval of contracts or even proactive notification.
    • The repository management features can and should be available to business stakeholders, or reporting from a CLM admin can also alert stakeholders to renewals, pricing, SLAs, etc.
    • Also important to this stage is reporting. This can be done by an admin or via a self-serve feature for stakeholders, or it could even be automated.

    Stage 9: Monitor Compliance 1 of 2

    • At this stage, the contracts or agreements need to be monitored for the polices within them and the purpose for which they were signed.
    • This is referred to as obligation management and is a key step to providing savings to the organization and mitigating risk.
    • Many contracts contain commitments by each party. These can include but are not limited to SLAs, service uptime targets, user counts, pricing threshold discounts and rebates, renewal notices to vendors, and training requirements.
    • All of these obligations within the contracts should be summarized and monitored to ensure that all commitments are delivered on. Managing obligations will mitigate risks, maximize savings and rebates to the organization, and minimize the potential for a breach within the contract.

    Stage 9: Monitor Compliance 2 of 2

    • Monitoring and measuring vendor commitments and performance will also be a key factor in maximizing the benefits of the contract through vendor accountability.
    • Also included in this stage is renewal and/or disposition of the contract. If renewal is due, it should go back to the business unit for submission to the Stage 1: Request process. If the business unit is not going to renew the contract, the contract must be tagged and archived for future reference.

    Stage 10: Optimize

    • The goal of this stage is to improve the other stages of the process as well as evaluate how each stage is integrating with the core operational framework processes.
    • With more data and improved insight into contractual terms and performance, a business can optimize its portfolio for better value, greater savings, and lower-risk outcomes.
    • For high-performance contract teams, the goal is a continuous feedback loop between the contract portfolio and business performance. If, for example, the data shows that certain negotiation issues consume a large chunk of time but yield no measurable difference in risk or performance, you may tweak the playbook to remedy those issues quickly.

    Additional optimization tactics:

    • Streamlining contract renewals with auto-renew
    • Predefined risk review process or template, continuous review/improvement of negotiation playbook
    • Better automation or flow of approval process
    • Better signature delegation process if required
    • Improving repository search with metadata tagging
    • Automating renewal tracking or notice process
    • Tracking the time a contract spends in each stage

    Establish Your Current CLM Maturity Position

    • Sometimes organizations have a well-defined pre-execution process but have a poor post-signature process.
    • Identifying your current processes or lack thereof will provide you with a starting point in developing a plan for your CLM. It’s possible that most of the stages are there and just need some improvements, or maybe some are missing and need to be implemented.
    • It’s not unusual for organizations to have a manual pre-execution process and an automated backend repository with compliance and renewal notices features.

    Info-Tech Best Practice

    Use the CLM Maturity Assessment Tool to outline where your organization is at each stage of the process.

    Member Activity: Assess Current CLM Maturity

    2.1 Completion Time 1-2 days

    Goal: Identify and measure your existing CLM processes, if any, and provide a maturity value to each stage. The resulting scores will provide a maturity assessment of your CLM.

    Instructions

    1. Use the Existing CLM Process Worksheet to document current CLM processes.
    2. Using the CLM worksheet info, answer the questions in the CLM Maturity Assessment Tool.
    3. Review the results and scores on Tab 3 to see where you need to focus your initial improvements.
    4. Save the initial assessment for future reference and reassess in six to 12 months to measure progress.

    This image contains a screenshot from Info-Tech's CLM Maturity Assessment Tool.

    INPUT

    • Internal information from all CLM stakeholders

    OUTPUT

    • A summary of processes and owners currently in place in the organization

    Materials

    • Existing CLM processes from interviews

    Participants

    • Finance, Legal, CIO, VMO, Sales, Procurement

    Member Activity: Complete RASCI Chart

    2.2 Completion Time 2-6 hours

    Goal: Identify who in your organization is primarily accountable and involved in each stage of the CLM process.

    Instructions

    Engage internal business unit decision makers, stakeholders, Finance, Legal, CIO, VMO, Sales, and Procurement as required to validate who should be involved in each stage.

    1. Using the information collected from internal reviews, assign a level in the CLM RASCI Diagram to each team member.
    2. Use the resulting RASCI diagram to guide you through developing or improving your CLM stages.

    This image contains a screenshot from Info-Tech's CLM RASCI Diagram.

    INPUT

    • Internal interview information

    OUTPUT

    • Understanding of who is involved in each CLM stage

    Materials

    • Interview data
    • RASCI Diagram

    Participants

    • Finance, Legal, CIO, VMO, Sales, Procurement

    Applying CLM Framework and Stages to Your Organization

    • Understand what CLM process you currently do or do not have in place.
    • Review implementation options: automated, semi-automated, and manual solutions.
    • If you are improving an existing process, focus on one phase at a time, perfect it, and then move to the other phase. This can also be driven by budget and time.
    • Create a plan to start with and then move to automating or semi-automating the stages.
    • Building onto or enhancing an existing system or processes can be a cost-effective method to produce near-term measurable savings
    • Focus on one phase at a time, then move on to the other phase.
    • While reviewing implementation of or improvements to CLM stages, be sure to track or calculate the potential time and cost savings and risk mitigation. This will help in any required business case for a CLM.

    CLM: An ROI Discussion 1 of 2

    • ROI can be easier to quantify and measure in larger organizations with larger CLM, but ROI metrics can be obtained regardless of the company or CLM size.
    • Organizations recognize their ROI through gains in efficiency across the entire business as well as within individual departments involved in the contracting process. They also do so by reducing the risk associated with decentralized and insecure storage of and access to their contracts, failure to comply with terms of their contracts, and missing deadlines associated with contracts.

    Just a few of the factors to consider within your own organization include:

    • The number of people inside and outside your company that touch your contracts.
    • The number of hours spent weekly, monthly, and annually managing contracts.
    • Potential efficiencies gained in better managing those contracts.
    • The total number of contracts that exist at any given time.
    • The average value and total value of those contract types.
    • The potential risk of being in breach of any of those contracts.
    • The number of places contracts are stored.
    • The level of security that exists to prevent unauthorized access.
    • The potential impact of unauthorized access to your sensitive contract data.

    CLM: An ROI Discussion 2 of 2

    Decision-Maker Apprehensions

    Decision-maker concerns arise from a common misunderstanding – that is, a fundamental failure to appreciate the true source of contract management value. This misunderstanding goes back many years to the time when analysts first started to take an interest in contract management and its automation. Their limited experience (primarily in retail and manufacturing sectors) led them to think of contract management as essentially an administrative function, primarily focused on procurement of goods. In such environments, the purpose of automation is focused on internal efficiency, augmented by the possibility of savings from reduced errors (e.g. failing to spot a renewal or expiry date) or compliance (ensuring use of standard terms).

    Today’s CLM systems and processes can provide ROI in several areas in the business.

    Info-Tech Insight

    Research on ROI of CLM software shows significant hard cost savings to an organization. For example, a $10 million company with 300 contracts valued at $3 million could realize savings of $83,400 and avoid up to $460,000 in lost revenues. (Derived from: ACCDocket, 2018)

    Additional Considerations 1 of 2

    Who should own and/or manage the CLM process within an organization? Legal, VMO, business unit, Sales?

    This is an often-discussed question. Research suggests that there is no definitive answer, as there are several variables.

    Organizations needs to review what makes the best business sense for them based on several considerations and then decide where CLM belongs.

    • Business unit budgets and time management
    • Available Administration personnel and time
    • IT resources
    • Security and access concerns
    • Best fit based on organizational structure

    35% of law professionals feel contract management is a legal responsibility, while 45% feel it’s a business responsibility and a final 20% are unsure where it belongs. (Source: “10 Eye-Popping Contract Management Statistics,” Apttus, 2018)

    Additional Considerations 2 of 2

    What type of CLM software or platform should we use?

    This too is a difficult question to answer definitively. Again, there are several variables to consider. As well, several solutions are available, and this is not a one-size-fits-all scenario.

    As with who should own the CLM process, organizations must review the various CLM software solutions available that will meet their current and future needs and then ask, “What do we need the system to do?”

    • Do you build a “homegrown” solution?
    • Should it be an add-on module to the current ERP or CRM system?
    • Is on-premises more suitable?
    • Is an adequate off-the-shelf (OTS) solution available?
    • What about the many cloud offerings?
    • Is there a basic system to start with that can expand as you grow?

    Info-Tech Insight

    When considering what type of solution to choose, prioritize what needs to been done or improved. Sometimes solutions can be deployed in phases as an “add-on” type modules.

    Summary of Accomplishment

    Knowledge Gained

    • Documented current CLM process
    • Core operational framework to build a CLM process on
    • Understanding of best practices required for a sustainable CLM

    Processes Optimized

    • Internal RASCI process identified
    • Existing internal stage improvements
    • Internal review process for risk mitigation

    Deliverables Completed

    • Existing CLM Processes Worksheet
    • CLM Maturity Assessment
    • CLM RASCI Chart
    • CLM improvement plan

    Project Step Summary

    Client Project: CLM Assessment and Improvement Plan

    1. Set your goals – what do you want to achieve in your CLM project?
    2. Assess your organization’s current CLM position in relation to CLM best practices and stages.
    3. Map your organization’s RASCI structure for CLM.
    4. Identify opportunities for stage improvements or target all low stage assessments.
    5. Prioritize improvement processes.
    6. Track ROI metrics.
    7. Develop a CLM implementation or improvement plan.

    Info-Tech Insight

    This project can fit your organization’s schedule:

    • Do-it-yourself with your team.
    • Remote delivery (Info-Tech Guided Implementation).

    CLM Blueprint Summary and Conclusion

    • Contract management is a vital component of a responsible VMO that will benefit all business units in an organization, save time and money, and reduce risk exposure.
    • A basic well-deployed and well-managed CLM will provide ROI in the short term.
    • Setting an improvement plan with concise improvements and potential cost savings based on process improvements will help your business case for CLM get approval and leadership buy-in.
    • Educating and aligning all business units and stakeholders to any changes to CLM processes will ensure that cost savings and ROI are achieved.
    • When evaluating a CLM software solution, use the operational framework and the ten process stages in this blueprint as a reference guide for CLM vendor functionality and selection.

    Related Info-Tech Research

    Master Contract Review and Negotiation

    Optimize spend with significant cost savings and negotiate from a position of strength.

    Manage Your Vendors Before They Manage You

    Maximize the value of vendor relationships.

    Bibliography

    Burla, Daniel. “The Must Know Of Transition to Dynamics 365 on Premise.” Sherweb, 14 April 2017. Web.

    Anand, Vishal, “Strategic Considerations in Implementing an End-to-End Contract Lifecycle Management Solution.” DWF Mindcrest, 20 Aug. 2016. Web.

    Alspaugh, Zach. “10 Eye-Popping Contract Management Statistics from the General Counsel’s Technology Report.” Apttus, 23 Nov. 2018. Web.

    Bishop, Randy. “Contract Management is not just a cost center.” ContractSafe, 9 Sept. 2019. Web.

    Bryce, Ian. “Contract Management KPIs - Measuring What Matters.” Gatekeeper, 2 May 2019. Web.

    Busch, Jason. “Contract Lifecycle Management 101.” Determine. 4 Jan. 2018. Web.

    “Contract Management Software Buyer's Guide.” TechnologyAdvice, 5 Aug. 2019. Web.

    Dunne, Michael. “Analysts Predict that 2019 will be a Big Year for Contract Lifecycle Management.” Apttus, 19 Nov. 2018. Web.

    “FIS Case Study.” Apttus, n.d. Web.

    Gutwein, Katie. “3 Takeaways from the 2018 State of Contract Management Report.” SpringCM, 2018. Web.

    “IACCM 2019 Benchmark Report.” IAACM, 4 Sept. 2019. Web.

    Linsley, Rod. “How Proverbial Wisdom Can Help Improve Contract Risk Mitigation.” Gatekeeper, 2 Aug. 2019. Web.

    Mars, Scott. “Contract Management Data Extraction.” Exari, 20 June 2017. Web.

    Rodriquez, Elizabeth. “Global Contract Life-Cycle Management Market Statistics and Trends 2019.” Business Tech Hub, 17 June 2017. Web.

    “State of Contract Management Report.” SpringCM, 2018. Web.

    Teninbaum, Gabriel, and Arthur Raguette. “Realizing ROI from Contract Management Technology.” ACCDocket.com, 29 Jan. 2018. Web.

    Wagner, Thomas. “Strategic Report on Contract Life cycle Management Software Market with Top Key Players- IBM Emptoris, Icertis, SAP, Apttus, CLM Matrix, Oracle, Infor, Newgen Software, Zycus, Symfact, Contract Logix, Coupa Software.” Market Research, 21 June 2019. Web.

    “What is Your Contract Lifecycle Management (CLM) Persona?” Spend Matters, 19 Oct. 2017. Web.

    Domino – Maintain, Commit to, or Vacate?

    • Buy Link or Shortcode: {j2store}113|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Strategy and Organizational Design
    • Parent Category Link: /strategy-and-organizational-design

    If you have a Domino/Notes footprint that is embedded within your business units and business processes and is taxing your support organization, you may have met resistance from the business and been asked to help the organization migrate away from the Lotus Notes platform. The Lotus Notes platform was long used by technology and businesses and a multipurpose solution that, over the years, became embedded within core business applications and processes.

    Our Advice

    Critical Insight

    For organizations that are struggling to understand their options for the Domino platform, the depth of business process usage is typically the biggest operational obstacle. Migrating off the Domino platform is a difficult option for most organizations due to business process and application complexity. In addition, migrating clients have to resolve the challenges with more than one replaceable solution.

    Impact and Result

    The most common tactic is for the organization to better understand their Domino migration options and adopt an application rationalization strategy for the Domino applications entrenched within the business. Options include retiring, replatforming, migrating, or staying with your Domino platform.

    Domino – Maintain, Commit to, or Vacate? Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Domino – Maintain, Commit to, or Vacate? – A brief deck that outlines key migration options for HCL Domino platforms.

    This blueprint will help you assess the fit, purpose, and price of Domino options; develop strategies for overcoming potential challenges; and determine the future of Domino for your organization.

    • Domino – Maintain, Commit to, or Vacate? Storyboard

    2. Application Rationalization Tool – A tool to understand your business-developed applications, their importance to business process, and the potential underlying financial impact.

    Use this tool to input the outcomes of your various application assessments.

    • Application Rationalization Tool
    [infographic]

    Further reading

    Domino – Maintain, Commit to, or Vacate?

    Lotus Domino still lives, and you have options for migrating away from or remaining with the platform.

    Executive Summary

    Info-Tech Insight

    “HCL announced that they have somewhere in the region of 15,000 Domino customers worldwide, and also claimed that that number is growing. They also said that 42% of their customers are already on v11 of Domino, and that in the year or so since that version was released, it’s been downloaded 78,000 times. All of which suggests that the Domino platform is, in fact, alive and well.”
    – Nigel Cheshire in Team Studio

    Your Challenge

    You have a Domino/Notes footprint embedded within your business units and business processes. This is taxing your support organization; you are meeting resistance from the business, and you are now asked to help the organization migrate away from the Lotus Notes platform. The Lotus Notes platform was long used by technology and businesses as a multipurpose solution that, over the years, became embedded within core business applications and processes.

    Common Obstacles

    For organizations that are struggling to understand their options for the Domino platform, the depth of business process usage is typically the biggest operational obstacle. Migrating off the Domino platform is a difficult option for most organizations due to business process and application complexity. In addition, migrating clients have to resolve the challenges with more than one replaceable solution.

    Info-Tech Approach

    The most common tactic is for the organization to better understand their Domino migration options and adopt an application rationalization strategy for the Domino applications entrenched within the business. Options include retiring, replatforming, migrating, or staying with your Domino platform.

    Review

    Is “Lotus” Domino still alive?

    Problem statement

    The number of member engagements with customers regarding the Domino platform has, as you might imagine, dwindled in the past couple of years. While many members have exited the platform, there are still many members and organizations that have entered a long exit program, but with how embedded Domino is in business processes, the migration has slowed and been met with resistance. Some organizations had replatformed the applications but found that the replacement target state was inadequate and introduced friction because the new solution was not a low-code/business-user-driven environment. This resulted in returning the Domino platform to production and working through a strategy to maintain the environment.

    This research is designed for:

    • IT strategic direction decision-makers
    • IT managers responsible for an existing Domino platform
    • Organizations evaluating migration options for mission-critical applications running on Domino

    This research will help you:

    1. Evaluate migration options.
    2. Assess the fit and purpose.
    3. Consider strategies for overcoming potential challenges.
    4. Determine the future of this platform for your organization.

    The “everything may work” scenario

    Adopt and expand

    Believe it or not, Domino and Notes are still options to consider when determining a migration strategy. With HCL still committed to the platform, there are options organizations should seek to better understand rather than assuming SharePoint will solve all. In our research, we consider:

    Importance to current business processes

    • Importance of use
    • Complexity in migrations
    • Choosing a new platform

    Available tools to facilitate

    • Talent/access to skills
    • Economies of scale/lower cost at scale
    • Access to technology

    Info-Tech Insight

    With multiple options to consider, take the time to clearly understand the application rationalization process within your decision making.

    • Archive/retire
    • Application migration
    • Application replatform
    • Stay right where you are

    Eliminate your bias – consider the advantages

    “There is a lot of bias toward Domino; decisions are being made by individuals who know very little about Domino and more importantly, they do not know how it impacts business environment.”

    – Rob Salerno, Founder & CTO, Rivet Technology Partners

    Domino advantages include:

    Modern Cloud & Application

    • No-code/low-code technology

    Business-Managed Application

    • Business written and supported
    • Embrace the business support model
    • Enterprise class application

    Leverage the Application Taxonomy & Build

    • A rapid application development platform
    • Develop skill with HCL training

    HCL Domino is a supported and developed platform

    Why consider HCL?

    • Consider scheduling a Roadmap Session with HCL. This is an opportunity to leverage any value in the mission and brand of your organization to gain insights or support from HCL.
    • Existing Domino customers are not the only entities seeking certainty with the platform. Software solution providers that support enterprise IT infrastructure ecosystems (backup, for example) will also be seeking clarity for the future of the platform. HCL will be managing these relationships through the channel/partner management programs, but our observations indicate that Domino integrations are scarce.
    • HCL Domino should be well positioned feature-wise to support low-code/NoSQL demands for enterprises and citizen developers.

    Visualize Your Application Roadmap

    1. Focus on the application portfolio and crafting a roadmap for rationalization.
      • The process is intended to help you determine each application’s functional and technical adequacy for the business process that it supports.
    2. Document your findings on respective application capability heatmaps.
      • This drives your organization to a determination of application dispositions and provides a tool to output various dispositions for you as a roadmap.
    3. Sort the application portfolio into a disposition status (keep, replatform, retire, consolidate, etc.)
      • This information will be an input into any cloud migration or modernization as well as consolidation of the infrastructure, licenses, and support for them.

    Our external support perspective

    by Darin Stahl

    Member Feedback

    • Some members who have remaining Domino applications in production – while the retire, replatform, consolidate, or stay strategy is playing out – have concerns about the challenges with ongoing support and resources required for the platform. In those cases, some have engaged external services providers to augment staff or take over as managed services.
    • While there could be existing support resources (in house or on retainer), the member might consider approaching an external provider who could help backstop the single resource or even provide some help with the exit strategies. At this point, the conversation would be helpful in any case. One of our members engaged an external provider in a Statement of Work for IBM Domino Administration focused on one-time events, Tier 1/Tier 2 support, and custom ad hoc requests.
    • The augmentation with the managed services enabled the member to shift key internal resources to a focus on executing the exit strategies (replatform, retire, consolidate), since the business knowledge was key to that success.
    • The member also very aggressively governed the Domino environment support needs to truly technical issues/maintenance of known and supported functionality rather than coding new features (and increasing risk and cost in a migration down the road) – in short, freezing new features and functionality unless required for legal compliance or health and safety.
    • There obviously are other providers, but at this point Info-Tech no longer maintains a market view or scan of those related to Domino due to low member demand.

    Domino database assessments

    Consider the database.

    • Domino database assessments should be informed through the lens of a multi-value database, like jBase, or an object system.
    • The assessment of the databases, often led by relational database subject matter experts grounded in normalized databases, can be a struggle since Notes databases must be denormalized.
    Key/Value Column

    Use case: Heavily accessed, rarely updated, large amounts of data
    Data Model: Values are stored in a hash table of keys.
    Fast access to small data values, but querying is slow
    Processor friendly
    Based on amazon's Dynamo paper
    Example: Project Voldemort used by LinkedIn

    this is a Key/Value example

    Use case: High availability, multiple data centers
    Data Model: Storage blocks of data are contained in columns
    Handles size well
    Based on Google's BigTable
    Example: Hadoop/Hbase used by Facebook and Yahoo

    This is a Column Example
    Document Graph

    Use case: Rapid development, Web and programmer friendly
    Data Model: Stores documents made up of tagged elements. Uses Key/Value collections
    Better query abilities than Key/Value databases.
    Inspired by Lotus Notes.
    Example: CouchDB used by BBC

    This is a Document Example

    Use case: Best at dealing with complexity and relationships/networks
    Data model: Nodes and relationships.
    Data is processed quickly
    Inspired by Euler and graph theory
    Can easily evolve schemas
    Example: Neo4j

    This is a Graph Example

    Understand your options

    Archive/Retire

    Store the application data in a long-term repository with the means to locate and read it for regulatory and compliance purposes.

    Migrate

    Migrate to a new version of the application, facilitating the process of moving software applications from one computing environment to another.

    Replatform

    Replatforming is an option for transitioning an existing Domino application to a new modern platform (i.e. cloud) to leverage the benefits of a modern deployment model.

    Stay

    Review the current Domino platform roadmap and understand HCL’s support model. Keep the application within the Domino platform.

    Archive/retire

    Retire the application, storing the application data in a long-term repository.

    Abstract

    The most common approach is to build the required functionality in whatever new application/solution is selected, then archive the old data in PDFs and documents.

    Typically this involves archiving the data and leveraging Microsoft SharePoint and the new collaborative solutions, likely in conjunction with other software-as-a-service (SaaS) solutions.

    Advantages

    • Reduce support cost.
    • Consolidate applications.
    • Reduce risk.
    • Reduce compliance and security concerns.
    • Improve business processes.

    Considerations

    • Application transformation
    • eDiscovery costs
    • Legal implications
    • Compliance implications
    • Business process dependencies

    Info-Tech Insights

    Be aware of the costs associated with archiving. The more you archive, the more it will cost you.

    Application migration

    Migrate to a new version of the application

    Abstract

    An application migration is the managed process of migrating or moving applications (software) from one infrastructure environment to another.

    This can include migrating applications from one data center to another data center, from a data center to a cloud provider, or from a company’s on-premises system to a cloud provider’s infrastructure.

    Advantages

    • Reduce hardware costs.
    • Leverage cloud technologies.
    • Improve scalability.
    • Improve disaster recovery.
    • Improve application security.

    Considerations

    • Data extraction, starting from the document databases in NSF format and including security settings about users and groups granted to read and write single documents, which is a powerful feature of Lotus Domino documents.
    • File extraction, starting from the document databases in NSF format, which can contain attachments and RTF documents and embedded files.
    • Design of the final relational database structure; this activity should be carried out without taking into account the original structure of the data in Domino files or the data conversion and loading, from the extracted format to the final model.
    • Design and development of the target-state custom applications based on the new data model and the new selected development platform.

    Application replatform

    Transition an existing Domino application to a new modern platform

    Abstract

    This type of arrangement is typically part of an application migration or transformation. In this model, client can “replatform” the application into an off-premises hosted provider platform. This would yield many benefits of cloud but in a different scaling capacity as experienced with commodity workloads (e.g. Windows, Linux) and the associated application.

    Two challenges are particularly significant when migrating or replatforming Domino applications:

    • The application functionality/value must be reproduced/replaced with not one but many applications, either through custom coding or a commercial-off-the-shelf/SaaS solution.
    • Notes “databases” are not relational databases and will not migrate simply to an SQL database while retaining the same business value. Notes databases are essentially NoSQL repositories and are difficult to normalize.

    Advantages

    • Leverage cloud technologies.
    • Improve scalability.
    • Align to a SharePoint platform.
    • Improve disaster recovery.
    • Improve application security.

    Considerations

    • Application replatform resource effort
    • Network bandwidth
    • New platform terms and conditions
    • Secure connectivity and communication
    • New platform security and compliance
    • Degree of complexity

    Info-Tech Insights

    There is a difference between a migration and a replatform application strategy. Determine which solution aligns to the application requirements.

    Stay with HCL

    Stay with HCL, understanding its future commitment to the platform.

    Abstract

    Following the announced acquisition of IBM Domino and up until around December 2019, HCL had published no future roadmap for the platform. The public-facing information/website at the time stated that HCL acquired “the product family and key lab services to deliver professional services.” Again, there was no mention or emphasis on upcoming new features for the platform. The product offering on their website at the time stated that HCL would leverage its services expertise to advise clients and push applications into four buckets:

    1. Replatform
    2. Retire
    3. Move to cloud
    4. Modernize

    That public-facing messaging changed with release 11.0, which had references to IBM rebranded to HCL for the Notes and Domino product – along with fixes already inflight. More information can be found on HCL’s FAQ page.

    Advantages

    • Known environment
    • Domino is a supported platform
    • Domino is a developed platform
    • No-code/low-code optimization
    • Business developed applications
    • Rapid application framework

    This is the HCL Domino Logo

    Understand your tools

    Many tools are available to help evaluate or migrate your Domino Platform. Here are a few common tools for you to consider.

    Notes Archiving & Notes to SharePoint

    Summary of Vendor

    “SWING Software delivers content transformation and archiving software to over 1,000 organizations worldwide. Our solutions uniquely combine key collaborative platforms and standard document formats, making document production, publishing, and archiving processes more efficient.”*

    Tools

    Lotus Notes Data Migration and Archiving: Preserve historical data outside of Notes and Domino

    Lotus Note Migration: Replacing Lotus Notes. Boost your migration by detaching historical data from Lotus Notes and Domino.

    Headquarters

    Croatia

    Best fit

    • Application archive and retire
    • Migration to SharePoint

    This is an image of the SwingSoftware Logo

    * swingsoftware.com

    Domino Migration to SharePoint

    Summary of Vendor

    “Providing leading solutions, resources, and expertise to help your organization transform its collaborative environment.”*

    Tools

    Notes Domino Migration Solutions: Rivit’s industry-leading solutions and hardened migration practice will help you eliminate Notes Domino once and for all.

    Rivive Me: Migrate Notes Domino applications to an enterprise web application

    Headquarters

    Canada

    Best fit

    • Application Archive & Retire
    • Migration to SharePoint

    This is an image of the RiVit Logo

    * rivit.ca

    Lotus Notes to M365

    Summary of Vendor

    “More than 300 organizations across 40+ countries trust skybow to build no-code/no-compromise business applications & processes, and skybow’s community of customers, partners, and experts grows every day.”*

    Tools

    SkyBow Studio: The low-code platform fully integrated into Microsoft 365

    Headquarters:

    Switzerland

    Best fit

    • Application Archive & Retire
    • Migration to SharePoint

    This is an image of the SkyBow Logo

    * skybow.com | About skybow

    Notes to SharePoint Migration

    Summary of Vendor

    “CIMtrek is a global software company headquartered in the UK. Our mission is to develop user-friendly, cost-effective technology solutions and services to help companies modernize their HCL Domino/Notes® application landscape and support their legacy COBOL applications.”*

    Tools

    CIMtrek SharePoint Migrator: Reduce the time and cost of migrating your IBM® Lotus Notes® applications to Office 365, SharePoint online, and SharePoint on premises.

    Headquarters

    United Kingdom

    Best fit

    • Application replatform
    • Migration to SharePoint

    This is an image of the CIMtrek Logo

    * cimtrek.com | About CIMtrek

    Domino replatform/Rapid application selection framework

    Summary of Vendor

    “4WS.Platform is a rapid application development tool used to quickly create multi-channel applications including web and mobile applications.”*

    Tools

    4WS.Platform is available in two editions: Community and Enterprise.
    The Platform Enterprise Edition, allows access with an optional support pack.

    4WS.Platform’s technical support provides support services to the users through support contracts and agreements.

    The platform is a subscription support services for companies using the product which will allow customers to benefit from the knowledge of 4WS.Platform’s technical experts.

    Headquarters

    Italy

    Best fit

    • Application replatform

    This is an image of the 4WS PLATFORM Logo

    * 4wsplatform.org

    Activity

    Understand your Domino options

    Application Rationalization Exercise

    Info-Tech Insight

    Application rationalization is the perfect exercise to fully understand your business-developed applications, their importance to business process, and the potential underlying financial impact.

    This activity involves the following participants:

    • IT strategic direction decision-makers.
    • IT managers responsible for an existing Domino platform
    • Organizations evaluating platforms for mission-critical applications.

    Outcomes of this step:

    • Completed Application Rationalization Tool

    Application rationalization exercise

    Use this Application Rationalization Tool to input the outcomes of your various application assessments

    In the Application Entry tab:

    • Input your application inventory or subset of apps you intend to rationalize, along with some basic information for your apps.

    In the Business Value & TCO Comparison tab, determine rationalization priorities.

    • Input your business value scores and total cost of ownership (TCO) of applications.
    • Review the results of this analysis to determine which apps should require additional analysis and which dispositions should be prioritized.

    In the Disposition Selection tab:

    • Add to or adapt our list of dispositions as appropriate.

    In the Rationalization Inputs tab:

    • Add or adapt the disposition criteria of your application rationalization framework as appropriate.
    • Input the results of your various assessments for each application.

    In the Disposition Settings tab:

    • Add or adapt settings that generate recommended dispositions based on your rationalization inputs.

    In the Disposition Recommendations tab:

    • Review and compare the rationalization results and confirm if dispositions are appropriate for your strategy.

    In the Timeline Considerations tab:

    • Enter the estimated timeline for when you execute your dispositions.

    In the Portfolio Roadmap tab:

    • Review and present your roadmap and rationalization results.

    Follow the instructions to generate recommended dispositions and populate an application portfolio roadmap.

    This image depicts a scatter plot graph where the X axis is labeled Business Value, and the Y Axis is labeled Cost. On the graph, the following datapoints are displayed: SF; HRIS; ERP; ALM; B; A; C; ODP; SAS

    Info-Tech Insight

    Watch out for misleading scores that result from poorly designed criteria weightings.

    Related Info-Tech Research

    Build an Application Rationalization Framework

    Manage your application portfolio to minimize risk and maximize value.

    Embrace Business-Managed Applications

    Empower the business to implement their own applications with a trusted business-IT relationship.

    Satisfy Digital End Users With Low- and No-Code

    Extend IT, automation, and digital capabilities to the business with the right tools, good governance, and trusted organizational relationships.

    Maximize the Benefits from Enterprise Applications with a Center of Excellence

    Optimize your organization’s enterprise application capabilities with a refined and scalable methodology.

    Drive Successful Sourcing Outcomes With a Robust RFP Process

    Leverage your vendor sourcing process to get better results.

    Research Authors

    Darin Stahl, Principal Research Advisor, Info-Tech Research Group

    Darin Stahl, Principal Research Advisor,
    Info-Tech Research Group

    Darin is a Principal Research Advisor within the Infrastructure practice, leveraging 38+ years of experience. His areas of focus include IT operations management, service desk, infrastructure outsourcing, managed services, cloud infrastructure, DRP/BCP, printer management, managed print services, application performance monitoring, managed FTP, and non-commodity servers (zSeries, mainframe, IBM i, AIX, Power PC).

    Troy Cheeseman, Practice Lead, Info-Tech Research Group

    Troy Cheeseman, Practice Lead,
    Info-Tech Research Group

    Troy has over 24 years of experience and has championed large enterprise-wide technology transformation programs, remote/home office collaboration and remote work strategies, BCP, IT DRP, IT operations and expense management programs, international right placement initiatives, and large technology transformation initiatives (M&A). Additionally, he has deep experience working with IT solution providers and technology (cloud) startups.

    Research Contributors

    Rob Salerno, Founder & CTO, Rivit Technology Partners

    Rob Salerno, Founder & CTO, Rivit Technology Partners

    Rob is the Founder and Chief Technology Strategist for Rivit Technology Partners. Rivit is a system integrator that delivers unique IT solutions. Rivit is known for its REVIVE migration strategy which helps companies leave legacy platforms (such as Domino) or move between versions of software. Rivit is the developer of the DCOM Application Archiving solution.

    Bibliography

    Cheshire, Nigel. “Domino v12 Launch Keeps HCL Product Strategy On Track.” Team Studio, 19 July 2021. Web.

    “Is LowCode/NoCode the best platform for you?” Rivit Technology Partners, 15 July 2021. Web.

    McCracken, Harry. “Lotus: Farewell to a Once-Great Tech Brand.” TIME, 20 Nov. 2012. Web.

    Sharwood, Simon. “Lotus Notes refuses to die, again, as HCL debuts Domino 12.” The Register, 8 June 2021. Web.

    Woodie, Alex. “Domino 12 Comes to IBM i.” IT Jungle, 16 Aug. 2021. Web.

    Consolidate Your Data Centers

    • Buy Link or Shortcode: {j2store}498|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Data Center & Facilities Strategy
    • Parent Category Link: /data-center-and-facilities-strategy
    • Data center operating costs continue to escalate as organizations struggle with data center sprawl.
    • While data center consolidation is an attractive option to reduce cost and sprawl, the complexity of these projects makes them extremely difficulty to execute.
    • The status quo is also not an option, as budget constraints and the challenges with managing multiple data centers continues to increase.

    Our Advice

    Critical Insight

    • Despite consolidation being an effective way of addressing sprawl, it is often difficult to secure buy-in and funding from the business.
    • Many consolidation projects suffer cost overruns due to unforeseen requirements and hidden interdependencies which could have been mitigated during the planning phase.
    • Organizations that avoid consolidation projects due to their complexity are just deferring the challenge, while costs and inefficiencies continue to increase.

    Impact and Result

    • Successful data center consolidation will have an immediate impact on reducing data center sprawl. Maximize your chances of success by securing buy-in from the business.
    • Avoid cost overruns and unforeseen requirements by engaging with the business at the start of the process. Clearly define business requirements and establish common expectations.
    • While cost improvements often drive data center consolidation, successful projects will also improve scalability, operational efficiency, and data center redundancy.

    Consolidate Your Data Centers Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should perform a data center consolidation, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Discover

    Identify IT infrastructure systems and establish dependency bundles for the current and target sites.

    • Consolidate Your Data Centers – Phase 1: Discover
    • Data Center Consolidation Data Collection Workbook
    • Data Center Consolidation Project Planning and Prioritization Tool

    2. Plan

    Build a strong business case for data center consolidation by leveraging a TCO analysis and incorporating business requirements.

    • Consolidate Your Data Centers – Phase 2: Plan
    • Data Center Consolidation TCO Comparison Tool
    • Data Center Relocation Vendor Statement of Work Evaluation Tool

    3. Execute

    Streamline the move-day process through effective communication and clear delegation of duties.

    • Consolidate Your Data Centers – Phase 3: Execute
    • Communications Plan Template for Data Center Consolidation
    • Data Center Consolidation Executive Presentation
    • Minute-to-Minute Move Day Script (PDF)
    • Minute-to-Minute Move Day Script (Visio)
    • Data Center Relocation Minute-to-Minute Project Planning and Monitoring Tool

    4. Close

    Close the loop on the data center consolidation project by conducting an effective project retrospective.

    • Consolidate Your Data Centers – Phase 4: Close
    • Data Center Relocation QA Team Project Planning and Monitoring Tool
    • Data Center Move Issue Resolution and Change Order Template
    • Data Center Relocation Wrap-up Checklist
    [infographic]

    Present Security to Executive Stakeholders

    • Buy Link or Shortcode: {j2store}262|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $2,000 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Governance, Risk & Compliance
    • Parent Category Link: /governance-risk-compliance
    • There is a disconnect between security leaders and executive stakeholders on what information is important to present.
    • Security leaders find it challenging to convey the necessary information to obtain support for security objectives.
    • Changes to the threat landscape and shifts in organizational goals exacerbate the issue, as they impact security leaders' ability to prioritize topics to be communicated.
    • Security leaders struggle to communicate the importance of security to a non-technical audience.

    Our Advice

    Critical Insight

    Security presentations are not a one-way street. The key to a successful executive security presentation is having a goal for the presentation and ensuring that you have met your goal.

    Impact and Result

    • Developing a thorough understanding of the security communication goals.
    • Understanding the importance of leveraging highly relevant and understandable data.
    • Developing and delivering presentations that will keep your audience engaged and build trust with your executive stakeholders.

    Present Security to Executive Stakeholders Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Present Security to Executive Stakeholders – A step-by-step guide to communicating security effectively to obtain support from decision makers.

    Use this as a guideline to assist you in presenting security to executive stakeholders.

    • Present Security to Executive Stakeholders Storyboard

    2. Security Presentation Templates – A set of security presentation templates to assist you in communicating security to executive stakeholders.

    The security presentation templates are a set of customizable templates for various types of security presentation including:

    • Present Security to Executive Stakeholders Templates

    Infographic

    Further reading

    Present Security to Executive Stakeholders

    Learn how to communicate security effectively to obtain support from decision makers.

    Analyst Perspective

    Build and deliver an effective security communication to your executive stakeholders.

    Ahmad Jowhar

    As a security leader, you’re tasked with various responsibilities to ensure your organization can achieve its goals while its most important assets are being protected.

    However, when communicating security to executive stakeholders, challenges can arise in determining what topics are pertinent to present. Changes in the security threat landscape coupled with different business goals make identifying how to present security more challenging.

    Having a communication framework for presenting security to executive stakeholders will enable you to effectively identify, develop, and deliver your communication goals while obtaining the support you need to achieve your objectives.

    Ahmad Jowhar
    Research Specialist, Security & Privacy

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    • Many security leaders struggle to decide what to present and how to present security to executive stakeholders.
    • Constant changes in the security threat landscape impacts a security leader’s ability to prioritize topics to be communicated.
    • There is a disconnect between security leaders and executive stakeholders on what information is important to present.
    • Security leaders struggle to communicate the importance of security to a non-technical audience.
    • Developing a thorough understanding of security communication goals.
    • Understanding the importance of leveraging highly relevant and understandable data.
    • Developing and delivering presentations that will keep your audience engaged and build trust with your executive stakeholders.

    Info-Tech Insight

    Security presentations are not a one-way street. The key to a successful executive security presentation is having a goal for the presentation and verifying that you have met your goal.

    Your challenge

    As a security leader, you need to communicate security effectively to executive stakeholders in order to obtain support for your security objectives.

    • When it comes to presenting security to executive stakeholders, many security leaders find it challenging to convey the necessary information in order to obtain support for security objectives.
    • This is attributed to various factors, such as an increase in the threat landscape, changes to industry regulations and standards, and new organizational goals that security has to align with.
    • Furthermore, with the limited time to communicate with executive stakeholders, both in frequency and duration, identifying the most important information to address can be challenging.

    76% of security leaders struggle in conveying the effectiveness of a cybersecurity program.

    62% find it difficult to balance the risk of too much detail and need-to-know information.

    41% find it challenging to communicate effectively with a mixed technical and non-technical audience.

    Source: Deloitte, 2022

    Common obstacles

    There is a disconnect between security leaders and executive stakeholders when it comes to the security posture of the organization:

    • Executive stakeholders are not confident that their security leaders are doing enough to mitigate security risks.
    • The issue has been amplified, with security threats constantly increasing across all industries.
    • However, security leaders don’t feel that they are in a position to make themselves heard.
    • The lack of organizational security awareness and support from cross-functional departments has made it difficult to achieve security objectives (e.g. education, investments).
    • Defining an approach to remove that disconnect with executive stakeholders is of utmost importance for security leaders, in order to improve their organization’s security posture.

    9% of boards are extremely confident in their organization’s cybersecurity risk mitigation measures.

    77% of organizations have seen an increase in the number of attacks in 2021.

    56% of security leaders claimed their team is not involved when leadership makes urgent security decisions.

    Source: EY, 2021
    The image contains a screenshot of an Info-Tech Thoughtmodel titled: Presenting Security to Executive Stakeholders.

    Info-Tech’s methodology for presenting security to executive stakeholders

    1. Identify communication goals

    2. Collect information to support goals

    3. Develop communication

    4. Deliver communication

    Phase steps

    1. Identify drivers for communicating to executives
    2. Define your goals for communicating to executives
    1. Identify data to collect
    2. Plan how to retrieve data
    1. Plan communication
    2. Build a compelling communication document
    1. Deliver a captivating presentation
    2. Obtain/verify goals

    Phase outcomes

    A defined list of drivers and goals to help you develop your security presentations

    A list of data sources to include in your communication

    A completed communication template

    A solidified understanding of how to effectively communicate security to your stakeholders

    Develop a structured process for communicating security to your stakeholders

    Security presentations are not a one-way street
    The key to a successful executive security presentation is having a goal for the presentation and verifying that you have met your goal.

    Identifying your goals is the foundation of an effective presentation
    Defining your drivers and goals for communicating security will enable you to better prepare and deliver your presentation, which will help you obtain your desired outcome.

    Harness the power of data
    Leveraging data and analytics will help you provide quantitative-based communication, which will result in a more meaningful and effective presentation.

    Take your audience on a journey
    Developing a storytelling approach will help engage with your audience.

    Win your audience by building a rapport
    Establishing credibility and trust with executive stakeholders will enable you to obtain their support for security objectives.

    Tactical insight
    Conduct background research on audience members (i.e. professional background) to help understand how best to communicate with them and overcome potential objections.

    Tactical insight
    Verifying your objectives at the end of the communication is important, as it ensures you have successfully communicated to executive stakeholders.

    Project deliverables

    This blueprint is accompanied by a supporting deliverable which includes five security presentation templates.

    Report on Security Initiatives
    Template showing how to inform executive stakeholders of security initiatives.

    Report on Security Initiatives.

    Security Metrics
    Template showing how to inform executive stakeholders of current security metrics that would help drive future initiatives.

    Security Metrics.

    Security Incident Response & Recovery
    Template showing how to inform executive stakeholders of security incidents, their impact, and the response plan.

    Security Incident Response & Recovery

    Security Funding Request
    Template showing how to inform executive stakeholders of security incidents, their impact, and the response plan.

    Security Funding Request

    Key template:

    Security and Risk Update

    Template showing how to inform executive stakeholders of proactive security and risk initiatives.

    Blueprint benefits

    IT/InfoSec benefits

    Business benefits

    • Reduce effort and time spent preparing cybersecurity presentations for executive stakeholders by having templates to use.
    • Enable security leaders to better prepare what to present and how to present it to their executive stakeholders, as well as driving the required outcomes from those presentations.
    • Establish a best practice for communicating security and IT to executive stakeholders.
    • Gain increased awareness of cybersecurity and the impact executive stakeholders can have on improving an organization’s security posture.
    • Understand how security’s alignment with the business will enable the strategic growth of the organization.
    • Gain a better understanding of how security and IT objectives are developed and justified.

    Measure the value of this blueprint

    Phase

    Measured Value (Yearly)

    Phase 1: Identify communication goals

    Cost to define drivers and goals for communicating security to executives:

    16 FTE hours @ $233K* =$1,940

    Phase 2: Collect information to support goals

    Cost to collect and synthesize necessary data to support communication goals:

    16 FTE hours @ $233K = $1,940

    Phase 3: Develop communication

    Cost to develop communication material that will contextualize information being shown:

    16 FTE hours @ $233K = $1,940

    Phase 4: Deliver communication

    Potential Savings:

    Total estimated effort = $5,820

    Our blueprint will help you save $5,820 and over 40 FTE hours

    * The financial figure depicts the annual salary of a CISO in 2022

    Source: Chief Information Security Officer Salary.” Salary.com, 2022

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Phase 1

    Identify communication goals

    Phase 1 Phase 2 Phase 3 Phase 4

    1.1 Identify drivers for communicating to executives

    1.2 Define your goals for communicating to executives

    2.1 Identify data to collect

    2.2 Plan how to retrieve data

    3.1 Plan communication

    3.2 Build a compelling communication document

    4.1 Deliver a captivating presentation

    4.2 Obtain/verify support for security goals

    This phase will walk you through the following activities:

    • Understanding the different drivers for communicating security to executive stakeholders
    • Identifying different communication goals

    This phase involves the following participants:

    • Security leader

    1.1. Identify drivers for communicating to executive stakeholders

    As a security leader, you meet with executives and stakeholders with diverse backgrounds, and you aim to showcase your organization’s security posture along with its alignment with the business’ goals.

    However, with the constant changes in the security threat landscape, demands and drivers for security could change. Thus, understanding potential drivers that will influence your communication will assist you in developing and delivering an effective security presentation.

    39% of organizations had cybersecurity on the agenda of their board’s quarterly meeting.

    Source: EY, 2021.

    Info-Tech Insight

    Not all security presentations are the same. Keep your communication strategy and processes agile.

    Know your drivers for security presentations

    By understanding the influences for your security presentations, you will be able to better plan what to present to executive stakeholders.

    • These meetings, which are usually held once per quarter, provide you with less than one hour of presentation time.
    • Hence, it is crucial to know why you need to present security and whether these drivers are similar across the other presentations.

    Understanding drivers will also help you understand how to present security to executive stakeholders.

    • These drivers will shape the structure of your presentation and help determine your approach to communicating your goals.
    • For example, financial-based presentations that are driven by budget requests might create a sense of urgency or assurance about investment in a security initiative.

    Identify your communication drivers, which can stem from various initiatives and programs, including:

    • Results from internal or external audit reports.
    • Upcoming budget meetings.
    • Briefing newly elected executive stakeholders on security.

    When it comes to identifying your communication drivers, you can collaborate with subject matter experts, like your corporate secretary or steering committees, to ensure the material being communicated will align with some of the organizational goals.

    Examples of drivers for security presentations

    Audit
    Upcoming internal or external audits might require updates on the organization’s compliance

    Organizational restructuring
    Restructuring within an organization could require security updates

    Merger & Acquisition
    An M&A would trigger presentations on organization’s current and future security posture

    Cyber incident
    A cyberattack would require an immediate presentation on its impact and the incident response plan

    Ad hoc
    Provide security information requested by stakeholders

    1.2. Define your goals for communicating to executives

    After identifying drivers for your communication, it’s important to determine what your goals are for the presentation.

    • Communication drivers are mainly triggers for why you want to present security.
    • Communication goals are the potential outcomes you are hoping to obtain from the presentation.
    • Your communication goals would help identify what data and metrics to include in your presentation, the structure of your communication deck, and how you deliver your communication to executive stakeholders.

    Identifying your communication goals could require the participation of the security team, IT leadership, and other business stakeholders.

    • As a group, brainstorm the security goals that align with your business goals for the coming year.
      • Aim to have at least two business goals that align with each security goal.
    • Identify what benefits and value the executive stakeholders will gain from the security goal being presented.
      • E.g. Increased security awareness, updates on organization's security posture.
    • Identify what the ask is for this presentation.
      • E.g. Approval for increasing budget to support security initiatives, executive support to implement internal security programs.

    Info-Tech Insight

    There can be different reasons to communicate security to executive stakeholders. You need to understand what you want to get out of your presentation.

    Examples of security presentation goals

    Educate
    Educate the board on security trends and/or latest risks in the industry

    Update
    Provide updates on security initiatives, relevant security metrics, and compliance posture

    Inform
    Provide an incident response plan due to a security incident or deliver updates on current threats and risks

    Investment
    Request funding for security investments or financial updates on past security initiatives

    Ad hoc
    Provide security information requested by stakeholders

    Phase 2

    Collect information to support goals

    Phase 1Phase 2Phase 3Phase 4

    1.1 Identify drivers for communicating to executives

    1.2 Define your goals for communicating to executives

    2.1 Identify data to collect

    2.2 Plan how to retrieve data

    3.1 Plan communication

    3.2 Build a compelling communication document

    4.1 Deliver a captivating presentation

    4.2 Obtain/verify support for security goals

    This phase will walk you through the following activities:

    • Understanding what types of data to include in your security presentations
    • Defining where and how to retrieve data

    This phase involves the following participants:

    • Security leader
    • Network/security analyst

    2.1 Identify data to collect

    After identifying drivers and goals for your communication, it’s important to include the necessary data to justify the information being communicated.

    • Leveraging data and analytics will assist in providing quantitative-based communication, which will result in a more meaningful and effective presentation.
    • The data presented will showcase the visibility of an organization’s security posture along with potential risks and figures on how to mitigate those risks.
    • Providing analysis of the quantitative data presented will also showcase further insights on the figures, allow the audience to better understand the data, and show its relevance to the communication goals.

    Identifying data to collect doesn’t need to be a rigorous task; you can follow these steps to help you get started:

    • Work with your security team to identify the main type of data applicable to the communication goals.
      • E.g. Financial data would be meaningful to use when communicating a budget presentation.
    • Identify supporting data linked to the main data defined.
      • E.g. If a financial investment is made to implement a security initiative, then metrics on improvements to the security posture will be relevant.
    • Show how both the main and supporting data align with the communication goals.
      • E.g. Improvement in security posture would increase alignment with regulation standards, which would result in additional contracts being awarded and increased revenue.

    Info-Tech Insight

    Understand how to present your information in a way that will be meaningful to your audience, for instance by quantifying security risks in financial terms.

    Examples of data to present

    Educate
    Number of organizations in industry impacted by data breaches during past year; top threats and risks affecting the industries

    Update
    Degree of compliance with standards (e.g. ISO-27001); metrics on improvement of security posture due to security initiatives

    Inform
    Percentage of impacted clients and disrupted business functions; downtime; security risk likelihood and financial impact

    Investment
    Capital and operating expenditure for investment; ROI on past and future security initiatives

    Ad hoc
    Number of security initiatives that went over budget; phishing test campaign results

    2.2 Plan how to retrieve the data

    Once the data that is going to be used for the presentation has been identified, it is important to plan how the data can be retrieved, processed, and shared.

    • Most of the data leveraged for security presentations are structured data, which are highly organized data that are often stored in a relational and easily searchable database.
      • This includes security log reports or expenditures for ongoing and future security investments.
    • Retrieving the data, however, would require collaboration and cooperation from different team members.
    • You would need to work with the security team and other appropriate stakeholders to identify where the data is stored and who the data owner is.

    Once the data source and owner has been identified, you need to plan how the data would be processed and leveraged for your presentation

    • This could include using queries to retrieve the relevant information needed (e.g. SQL, Microsoft Excel).
    • Verify the accuracy and relevance of the data with other stakeholders to ensure it is the most appropriate data to be presented to the executive stakeholders.

    Info-Tech Insight

    Using a data-driven approach to help support your objectives is key to engaging with your audience.

    Plan where to retrieve the data

    Identifying the relevant data sources to retrieve your data and the appropriate data owner enables efficient collaboration between departments collecting, processing, and communicating the data and graphics to the audience.

    Examples of where to retrieve your data

    Data Source

    Data

    Data Owner

    Communication Goal

    Audit & Compliance Reports

    Percentage of controls completed to be certified with ISO 27001; Number of security threats & risks identified.

    Audit Manager;

    Compliance Manager;

    Security Leader

    Ad hoc, Educate, Inform

    Identity & Access Management (IAM) Applications

    Number of privileged accounts/department; Percentage of user accounts with MFA applied

    Network/Security Analyst

    Ad hoc, Inform, Update

    Security Information & Event Management (SIEM)

    Number of attacks detected and blocked before & after implementing endpoint security; Percentage of firewall rules that triggered a false positive

    Network/Security Analyst

    Ad hoc, Inform, Update

    Vulnerability Management Applications

    Percentage of critical vulnerabilities patched; Number of endpoints encrypted

    Network/Security Analyst

    Ad hoc, Inform, Update

    Financial & Accounting Software

    Capital & operating expenditure for future security investments; Return on investment (ROI) on past and current security investments

    Financial and/or Accounting Manager

    Ad hoc, Educate, Investments

    Phase 3

    Develop communication

    Phase 1Phase 2Phase 3Phase 4

    1.1 Identify drivers for communicating to executives

    1.2 Define your goals for communicating to executives

    2.1 Identify data to collect

    2.2 Plan how to retrieve data

    3.1 Plan communication

    3.2 Build a compelling communication document

    4.1 Deliver a captivating presentation

    4.2 Obtain/verify support for security goals

    This phase will walk you through the following activities:

    • Identifying a communication strategy for presenting security
    • Identifying security templates that are applicable to your presentation

    This phase involves the following participants:

    • Security leader

    3.1 Plan communication: Know who your audience is

    • When preparing your communication, it's important to understand who your target audience is and to conduct background research on them.
    • This will help develop your communication style and ensure your presentation caters to the expected audience in the room.

    Examples of two profiles in a boardroom

    Formal board of directors

    The executive team

    • In the private sector, this will include an appointed board of shareholders and subcommittees external to the organization.
    • In the public sector, this can include councils, commissions, or the executive team itself.
    • In government, this can include mayors, ministers, and governors.
    • The board’s overall responsibility is governance.
    • This audience will include your boss and your peers internal to the organization.
    • This category is primarily involved in the day-to-day operations of the organization and is responsible for carrying out the strategic direction set by the board.
    • The executive team’s overall responsibility is operations.

    3.1.1 Know what your audience cares about

    • Understanding what your executive stakeholders value will equip you with the right information to include in your presentations.
    • Ensure you conduct background research on your audience to assist you in knowing what their potential interests are.
    • Your background research could include:
      • Researching the audience’s professional background through LinkedIn.
      • Reviewing their comments from past executive meetings.
      • Researching current security trends that align with organizational goals.
    • Once the values and risks have been identified, you can document them in notes and share the notes with subject matter experts to verify if these values and risks should be shared in the coming meetings.

    A board’s purpose can include the following:

    • Sustaining and expanding the organization’s purpose and ability to execute in a competitive market.
    • Determining and funding the organization’s future and direction.
    • Protecting and increasing shareholder value.
    • Protecting the company’s exposure to risks.

    Examples of potential values and risks

    • Business impact
    • Financial impact
    • Security and incidents

    Info-Tech Insight
    Conduct background research on audience members (e.g. professional background on LinkedIn) to help understand how best to communicate to them and overcome potential objections.

    Understand your audience’s concerns

    • Along with knowing what your audience values and cares about, understanding their main concerns will allow you to address those items or align them with your communication.
    • By treating your executive stakeholders as your project sponsors, you would build a level of trust and confidence with your peers as the first step to tackling their concerns.
    • These concerns can be derived from past stakeholder meetings, recent trends in the industry, or strategic business alignments.
    • After capturing their concerns, you’ll be equipped with the necessary understanding on what material to include and prioritize during your presentations.

    Examples of potential concerns for each profile of executive stakeholders

    Formal board of directors

    The executive team

    • Business impact (What is the impact of IT in solving business challenges?)
    • Investments (How will it impact organization’s finances and efficiency?)
    • Cybersecurity and risk (What are the top cybersecurity risks, and how is IT mitigating those risks to the business?)
    • Business alignment (How do IT priorities align to the business strategy and goals?)
    • IT operational efficiency (How is IT set up for success with foundational elements of IT’s operational strategy?)
    • Innovation & transformation priorities (How is IT enabling the organization’s competitive advantage and supporting transformation efforts as a strategic business partner?)

    Build your presentation to tackle their main concerns

    Your presentation should be well-rounded and compelling when it addresses the board’s main concerns about security.

    Checklist:

    • Research your target audience (their backgrounds, board composition, dynamics, executive team vs. external group).
    • Include value and risk language in your presentation to appeal to your audience.
    • Ensure your content focuses on one or more of the board’s main concerns with security (e.g. business impact, investments, or risk).
    • Include information about what is in it for them and the organization.
    • Research your board’s composition and skillsets to determine their level of technical knowledge and expertise. This helps craft your presentation with the right amount of technology vs. business-facing information.

    Info-Tech Insight
    The executive stakeholder’s main concerns will always boil down to one important outcome: providing a level of confidence to do business through IT products, services, and systems – including security.

    3.1.2 Take your audience through a security journey

    • Once you have defined your intended target and their potential concerns, developing the communication through a storytelling approach will be the next step to help build a compelling presentation.
    • You need to help your executive stakeholders make sense of the information being conveyed and allow them to understand the importance of cybersecurity.
    • Taking your audience through a story will allow them to see the value of the information being presented and better resonate with its message.
    • You can derive insights for your storytelling presentation by doing the following:
      • Provide a business case scenario on the topic you are presenting.
      • Identify and communicate the business problem up front and answer the three questions (why, what, how).
      • Quantify the problems in terms of business impact (money, risk, value).

    Info-Tech Insight
    Developing a storytelling approach will help keep your audience engaged and allow the information to resonate with them, which will add further value to the communication.

    Identify the purpose of your presentation

    You should be clear about your bottom line and the intent behind your presentation. However, regardless of your bottom line, your presentation must focus on what business problems you are solving and why security can assist in solving the problem.

    Examples of communication goals

    To inform or educate

    To reach a decision

    • In this presentation type, it is easy for IT leaders to overwhelm a board with excessive or irrelevant information.
    • Focus your content on the business problem and the solution proposed.
    • Refrain from too much detail about the technology – focus on business impact and risk mitigated. Ask for feedback if applicable.
    • In this presentation type, there is a clear ask and an action required from the board of directors.
    • Be clear about what this decision is. Once again, don’t lead with the technology solution: Start with the business problem you are solving, and only talk about technology as the solution if time permits.
    • Ensure you know who votes and how to garner their support.

    Info-Tech Insight
    Nobody likes surprises. Communicate early and often. The board should be pre-briefed, especially if it is a difficult subject. This also ensures you have support when you deliver a difficult message.

    Gather the right information to include in your boardroom presentation

    Once you understand your target audience, it’s important to tailor your presentation material to what they will care about.

    Typical IT boardroom presentations include:

    • Communicating the value of ongoing business technology initiatives.
    • Requesting funds or approval for a business initiative that IT is spearheading.
    • Security incident response/Risk/DRP.
    • Developing a business program or an investment update for an ongoing program.
    • Business technology strategy highlights and impacts.
    • Digital transformation initiatives (value, ROI, risk).

    Info-Tech Insight
    You must always have a clear goal or objective for delivering a presentation in front of your board of directors. What is the purpose of your board presentation? Identify your objective and outcome up front and tailor your presentation’s story and contents to fit this purpose.

    Info-Tech Insight
    Telling a good story is not about the message you want to deliver but the one the executive stakeholders want to hear. Articulate what you want them to think and what you want them to take away, and be explicit about it in your presentation. Make your story logically flow by identifying the business problem, complication, the solution, and how to close the gap. Most importantly, communicate the business impacts the board will care about.

    Structure your presentation to tell a logical story

    To build a strong story for your presentation, ensure you answer these three questions:

    WHY

    Why is this a business issue, or why should the executive stakeholders care?

    WHAT

    What is the impact of solving the problem and driving value for the company?

    HOW

    How will we leverage our resources (technology, finances) to solve the problem?

    Examples:

    Scenario 1: The company has experienced a security incident.

    Intent: To inform/educate the board about the security incident.

    WHY

    The data breach has resulted in a loss of customer confidence, negative brand impact, and a reduction in revenue of 30%.

    WHAT

    Financial, legal, and reputational risks identified, and mitigation strategies implemented. IT is working with the PR team on communications. Incident management playbook executed.

    HOW

    An analysis of vulnerabilities was conducted and steps to address are in effect. Recovery steps are 90% completed. Incident management program reviewed for future incidents.

    Scenario 2: Security is recommending investments based on strategic priorities.

    Intent: To reach a decision with the board – approve investment proposal.

    WHY

    The new security strategy outlines two key initiatives to improve an organization’s security culture and overall risk posture.

    WHAT

    Security proposed an investment to implement a security training & phishing test campaign, which will assist in reducing data breach risks.

    HOW

    Use 5% of security’s budget to implement security training and phishing test campaigns.

    Time plays a key role in delivering an effective presentation

    What you include in your story will often depend on how much time you have available to deliver the message.

    Consider the following:

    • Presenting to executive stakeholders often means you have a short window of time to deliver your message. The average executive stakeholder presentation is 15 minutes, and this could be cut short due to other unexpected factors.
    • If your presentation is too long, you risk overwhelming or losing your audience. You must factor in the time constraints when building your board presentation.
    • Your executive stakeholders have a wealth of experience and knowledge, which means they could jump to conclusions quickly based on their own experiences. Ensure you give them plenty of background information in advance. Provide your presentation material, a brief, or any other supporting documentation before the meeting to show you are well prepared.
    • Be prepared to have deep conversations about the topic, but respect that the executive stakeholders might not be interested in hearing the tactical information. Build an elevator pitch, a one-pager, back-up slides that support your ask and the story, and be prepared to answer questions within your allotted presentation time to dive deeper.

    Navigating through Q&A

    Use the Q&A portion to build credibility with the board.

    • It is always better to say, “I’m not certain about the answer but will follow up,” than to provide false or inaccurate information on the spot.
    • When asked challenging or irrelevant questions, ensure you have an approach to deflect them. Questions can often be out of scope or difficult to answer in a group. Find what works for you to successfully navigate through these questions:
      • “Let’s work with the sub-committee to find you an answer.”
      • “Let’s take that offline to address in more detail.”
      • “I have some follow-up material I can provide you to discuss that further after our meeting.”
    • And ensure you follow up! Make sure to follow through on your promise to provide information or answers after the meeting. This helps build trust and credibility with the board.

    Info-Tech Insight
    The average board presentation is 15 minutes long. Build no more than three or four slides of content to identify the business problem, the business impacts, and the solution. Leave five minutes for questions at the end, and be prepared with back-up slides to support your answers.

    Storytelling checklist

    Checklist:

    • Tailor your presentation based on how much time you have.
    • Find out ahead of time how much time you have.
    • Identify if your presentation is to inform/educate or reach a decision.
    • Identify and communicate the business problem up front and answer the three questions (why, what, how).
    • Express the problem in terms of business impact (risk, value, money).
    • Prepare and send pre-meeting collateral to the members of the board and executive team.
    • Include no more than 5-6 slides for your presentation.
    • Factor in Q&A time at the end of your presentation window.
    • Articulate what you want them to think and what you want them to take away – put it right up front and remind them at the end.
    • Have an elevator speech handy – one or two sentences and a one-pager version of your story.
    • Consider how you will build your relationship with the members outside the boardroom.

    3.1.3 Build a compelling communication document

    Once you’ve identified your communication goals, data, and plan to present to your stakeholders, it’s important to build the compelling communication document that will attract all audiences.

    A good slide design increases the likelihood that the audience will read the content carefully.

    • Bad slide structure (flow) = Audience loses focus
      • You can have great content on a slide, but if a busy audience gets confused, they’ll just close the file or lose focus. Structure encompasses horizontal and vertical logic.
    • Good visual design = Audience might read more
      • Readers will probably skim the slides first. If the slides look ugly, they will already have a negative impression. If the slides are visually appealing, they will be more inclined to read carefully. They may even use some slides to show others.
    • Good content + Good structure + Visual appeal = Good presentation
      • A presentation is like a house. Good content is the foundation of the house. Good structure keeps the house strong. Visual appeal differentiates houses.

    Slide design best practices

    Leverage these slide design best practices to assist you in developing eye-catching presentations.

    • Easy to read: Assume reader is tight on time. If a slide looks overwhelming, the reader will close the document.
    • Concise and clear: Fewer words = more skim-able.
    • Memorable: Use graphics and visuals or pithy quotes whenever you can do so appropriately.
    • Horizontal logic: Good horizontal logic will have slide titles that cascade into a story with no holes or gaps.
    • Vertical logic: People usually read from left to right, top to bottom, or in a Z pattern. Make sure your slide has an intuitive flow of content.
    • Aesthetics: People like looking at visually appealing slides, but make sure your attempts to create visual appeal do not detract from the content.

    Your presentation must have a logical flow

    Horizontal logic

    Vertical logic

    • Horizontal logic should tell a story.
    • When slide titles are read in a cascading manner, they will tell a logical and smooth story.
    • Title & tagline = thesis (best insight).
    • Vertical logic should be intuitive.
    • Each step must support the title.
    • The content you intend to include within each slide is directly applicable to the slide title.
    • One main point per slide.

    Vertical logic should be intuitive

    The image contains a screenshot example of a bad design layout for a slide. The image contains a screenshot example of a good design layout for a slide.

    The audience is unsure where to look and in what order.

    The audience knows to read the heading first. Then look within the pie chart. Then look within the white boxes to the right.

    Horizontal and vertical logic checklists

    Horizontal logic

    Vertical logic

    • List your slide titles in order and read through them.
    • Good horizontal logic should feel like a story. Incomplete horizontal logic will make you pause or frown.
    • After a self-test, get someone else to do the same exercise with you observing them.
    • Note at which points they pause or frown. Discuss how those points can be improved.
    • Now consider each slide title proposed and the content within it.
    • Identify if there is a disconnect in title vs. content.
    • If there is a disconnect, consider changing the title of the slide to appropriately reflect the content within it, or consider changing the content if the slide title is an intended path in the story.

    Make it easy to read

    The image contains a screenshot that demonstrates an uneasy to read slide. The image contains a screenshot that demonstrates an easy to read slide.
    • Unnecessary coloring makes it hard on the eyes
    • Margins for title at top is too small
    • Content is not skim-able (best to break up the slide)

    Increase skim-ability:

    • Emphasize the subheadings
    • Bold important words

    Make it easier on the eyes:

    • Declutter and add sections
    • Have more white space

    Be concise and clear

    1. Write your thoughts down
      • This gets your content documented.
      • Don’t worry about clarity or concision yet.
    2. Edit for clarity
      • Make sure the key message is very clear.
      • Find your thesis statement.
    3. Edit for concision
      • Remove unnecessary words.
      • Use the active voice, not passive voice (see below for examples).

    Passive voice

    Active voice

    “There are three things to look out for” (8 words)

    “Network security was compromised by hackers” (6 words)

    “Look for these three things” (5 words)

    “Hackers compromised network security” (4 words)

    Be memorable

    The image contains a screenshot of an example that demonstrates a bad example of how to be memorable. The image contains a screenshot of an example that demonstrates a good example of how to be memorable.

    Easy to read, but hard to remember the stats.

    The visuals make it easier to see the size of the problem and make it much more memorable.

    Remember to:

    • Have some kind of visual (e.g. graphs, icons, tables).
    • Divide the content into sections.
    • Have a bit of color on the page.

    Aesthetics

    The image contains a screenshot of an example of bad aesthetics. The image contains a screenshot of an example of good aesthetics.

    This draft slide is just content from the outline document on a slide with no design applied yet.

    • Have some kind of visual (e.g. graphs, icons, tables) as long as it’s appropriate.
    • Divide the content into sections.
    • Have a bit of color on the page.
    • Bold or italicize important text.

    Why use visuals?

    How graphics affect us

    Cognitively

    • Engage our imagination
    • Stimulate the brain
    • Heighten creative thinking
    • Enhance or affect emotions

    Emotionally

    • Enhance comprehension
    • Increase recollection
    • Elevate communication
    • Improve retention

    Visual clues

    • Help decode text
    • Attract attention
    • Increase memory

    Persuasion

    • 43% more effective than text alone
    Source: Management Information Systems Research Center

    Presentation format

    Often stakeholders prefer to receive content in a specific format. Make sure you know what you require so that you are not scrambling at the last minute.

    • Is there a standard presentation template?
    • Is a hard-copy handout required?
    • Is there a deadline for draft submission?
    • Is there a deadline for final submission?
    • Will the presentation be circulated ahead of time?
    • Do you know what technology you will be using?
    • Have you done a dry run in the meeting room?
    • Do you know the meeting organizer?

    Checklist to build compelling visuals in your presentation

    Leverage this checklist to ensure you are creating the perfect visuals and graphs for your presentation.

    Checklist:

    • Do the visuals grab the audience’s attention?
    • Will the visuals mislead the audience/confuse them?
    • Do the visuals facilitate data comparison or highlight trends and differences in a more effective manner than words?
    • Do the visuals present information simply, cleanly, and accurately?
    • Do the visuals display the information/data in a concentrated way?
    • Do the visuals illustrate messages and themes from the accompanying text?

    3.2 Security communication templates

    Once you have identified your communication goals and plans for building your communication document, you can start building your presentation deck.

    These presentation templates highlight different security topics depending on your communication drivers, goals, and available data.

    Info-Tech has created five security templates to assist you in building a compelling presentation.

    These templates provide support for presentations on the following five topics:

    • Security Initiatives
    • Security & Risk Update
    • Security Metrics
    • Security Incident Response & Recovery
    • Security Funding Request

    Each template provides instructions on how to use it and tips on ensuring the right information is being presented.

    All the templates are customizable, which enables you to leverage the sections you need while also editing any sections to your liking.

    The image contains screenshots of the Security Presentation Templates.

    Download the Security Presentation Templates

    Security template example

    It’s important to know that not all security presentations for an organization are alike. However, these templates would provide a guideline on what the best practices are when communicating security to executive stakeholders.

    Below is an example of instructions to complete the “Security Risk & Update” template. Please note that the security template will have instructions to complete each of its sections.

    The image contains a screenshot of the Executive Summary slide. The image contains a screenshot of the Security Goals & Objectives slide.

    The first slide following the title slide includes a brief executive summary on what would be discussed in the presentation. This includes the main security threats that would be addressed and the associated risk mitigation strategies.

    This slide depicts a holistic overview of the organization’s security posture in different areas along with the main business goals that security is aligning with. Ensure visualizations you include align with the goals highlighted.

    Security template example (continued)

    The image contains a screenshot example of the Top Threats & Risks. The image contains a screenshot example of the Top Threats & Risks.

    This slide displays any top threats and risks an organization is facing. Each threat consists of 2-3 risks and is prioritized based on the negative impact it could have on the organization (i.e. red bar = high priority; green bar = low priority). Include risks that have been addressed in the past quarter, and showcase any prioritization changes to those risks.

    This slide follows the “Top Threats & Risks” slide and focuses on the risks that had medium or high priority. You will need to work with subject matter experts to identify risk figures (likelihood, financial impact) that will enable you to quantify the risks (Likelihood x Financial Impact). Develop a threshold for each of the three columns to identify which risks require further prioritization, and apply color coding to group the risks.

    Security template example (continued)

    The image contains a screenshot example of the slide, Risk Analysis. The image contains a screenshot example of the slide, Risk Mitigation Strategies & Roadmap.

    This slide showcases further details on the top risks along with their business impact. Be sure to include recommendations for the risks and indicate whether further action is required from the executive stakeholders.

    The last slide of the “Security Risk & Update” template presents a timeline of when the different initiatives to mitigate security risks would begin. It depicts what initiatives will be completed within each fiscal year and the total number of months required. As there could be many factors to a project’s timeline, ensure you communicate to your executive stakeholders any changes to the project.

    Phase 4

    Deliver communication

    Phase 1Phase 2Phase 3Phase 4

    1.1 Identify drivers for communicating to executives

    1.2 Define your goals for communicating to executives

    2.1 Identify data to collect

    2.2 Plan how to retrieve data

    3.1 Plan communication

    3.2 Build a compelling communication document

    4.1 Deliver a captivating presentation

    4.2 Obtain/verify support for security goals

    This phase will walk you through the following activities:

    • Identifying a strategy to deliver compelling presentations
    • Ensuring you follow best practices for communicating and obtaining your security goals

    This phase involves the following participants:

    • Security leader

    4.1 Deliver a captivating presentation

    You’ve gathered all your data, you understand what your audience is expecting, and you are clear on the outcomes you require. Now, it’s time to deliver a presentation that both engages and builds confidence.

    Follow these tips to assist you in developing an engaging presentation:

    • Start strong: Give your audience confidence that this will be a good investment of their time. Establish a clear direction for what’s going to be covered and what the desired outcome is.
    • Use your time wisely: Odds are, your audience is busy, and they have many other things on their minds. Be prepared to cover your content in the time allotted and leave sufficient time for discussion and questions.
    • Be flexible while presenting: Do not expect that your presentation will follow the path you have laid out. Anticipate jumping around and spending more or less time than you had planned on a given slide.

    Keep your audience engaged with these steps

    • Be ready with supporting data. Don’t make the mistake of not knowing your content intimately. Be prepared to answer questions on any part of it. Senior executives are experts at finding holes in your data.
    • Know your audience. Who are you presenting to? What are their specific expectations? Are there sensitive topics to be avoided? You can’t be too prepared when it comes to understanding your audience.
    • Keep it simple. Don’t assume that your audience wants to learn the details of your content. Most just want to understand the bottom line, the impact on them, and how they can help. More is not always better.
    • Focus on solving issues. Your audience members have many of their own problems and issues to worry about. If you show them how you can help make their lives easier, you’ll win them over.

    Info-Tech Insight
    Establishing credibility and trust with executive stakeholders is important to obtaining their support for security objectives.

    Be honest and straightforward with your communication

    • Be prepared. Being properly prepared means not only that your update will deliver the value that you expect, but also that you will have confidence and the flexibility you require when you’re taken off track.
    • Don’t sugarcoat it. These are smart, driven people that you are presenting to. It is neither beneficial nor wise to try to fool them. Be open and transparent about problems and issues. Ask for help.
    • No surprises. An executive stakeholder presentation is not the time or the place for a surprise. Issues seen as unexpected or contentious should always be dealt with prior to the meeting with those most impacted.

    Hone presentation skills before meeting with the executive stakeholders

    Know your environment

    Be professional but not boring

    Connect with your audience

    • Your organization has standards for how people are expected to dress at work. Make sure that your attire meets this standard – don’t be underdressed.
    • Think about your audience – would they appreciate you starting with a joke, or do they want you to get to the point as quickly as possible?
    • State the main points of your presentation confidently. While this should be obvious, it is essential. Your audience should be able to clearly see that you believe the points you are stating.
    • Present with lots of energy, smile, and use hand gestures to support your speech.
    • Look each member of the audience in the eye at least once during your presentation. Avoid looking at the ceiling, the back wall, or the floor. Your audience should feel engaged – this is essential to keeping their attention on you.
    • Never read from your slides. If there is text on a slide, paraphrase it while maintaining eye contact.

    Checklist for presentation logistics

    Optimize the timing of your presentation:

    • Less is more: Long presentations are detrimental to your cause – they lead to your main points being diluted. Keep your presentation short and concise.
    • Keep information relevant: Only present information that is important to your audience. This includes the information that they are expecting to see and information that connects to the business.
    • Expect delays: Your audience will likely have questions. While it is important to answer each question fully, it will take away from the precious time given to you for your presentation. Expect that you will not get through all the information you have to present.

    Script your presentation:

    • Use a script to stay on track: Script your presentation before the meeting. A script will help you present your information in a concise and structured manner.
    • Develop a second script: Create a script that is about half the length of the first script but still contains the most important points. This will help you prepare for any delays that may arise during the presentation.
    • Prepare for questions: Consider questions that may be asked and script clear and concise answers to each.
    • Practice, practice, practice: Practice your presentation until you no longer need the script in front of you.

    Checklist for presentation logistics (continued)

    Other considerations:

    • After the introduction of your presentation, clearly state the objective – don’t keep people guessing and consequently lose focus on your message.
    • After the presentation is over, document important information that came up. Write it down or you may forget it soon after.
    • Rather than create a long presentation deck full of detailed slides that you plan to skip over during the presentation, create a second, compact deck that contains only the slides you plan to present. Send out the longer deck after the presentation.

    Checklist for delivering a captivating presentation

    Leverage this checklist to ensure you are prepared to develop and deliver an engaging presentation.

    Checklist:

    • Start with a story or something memorable to break the ice.
    • Go in with the end state in mind (focus on the outcome/end goal and work back from there) – What’s your call to action?
    • Content must compliment your end goal, filter out any content that doesn’t compliment the end goal.
    • Be prepared to have less time to speak. Be prepared with shorter versions of your presentation.
    • Include an appendix with supporting data, but don’t be data heavy in your presentation. Integrate the data into a story. The story should be your focus.

    Checklist for delivering a captivating presentation (continued)

    • Be deliberate in what you want to show your audience.
    • Ensure you have clean slides so the audience can focus on what you’re saying.
    • Practice delivering your content multiple times alone and in front of team members or your Info-Tech counselor, who can provide feedback.
    • How will you handle being derailed? Be prepared with a way to get back on track if you are derailed.
    • Ask for feedback.
    • Record yourself presenting.

    4.2 Obtain and verify support on security goals

    Once you’ve delivered your captivating presentation, it’s imperative to communicate with your executive stakeholders.

    • This is your opportunity to open the floor for questions and clarify any information that was conveyed to your audience.
    • Leverage your appendix and other supporting documents to justify your goals.
    • Different approaches to obtaining and verifying your goals could include:
      • Acknowledgment from the audience that information communicated aligns with the business’s goals.
      • Approval of funding requests for security initiatives.
      • Written and verbal support for implementation of security initiatives.
      • Identifying next steps for information to communicate at the next executive stakeholder meeting.

    Info-Tech Insight
    Verifying your objectives at the end of the presentation is important, as it ensures you have successfully communicated to executive stakeholders.

    Checklist for obtaining and verify support on security goals

    Follow this checklist to assist you in obtaining and verifying your communication goals.

    Checklist:

    • Be clear about follow-up and next steps if applicable.
    • Present before you present: Meet with your executive stakeholders before the meeting to review and discuss your presentation and other supporting material and ensure you have executive/CEO buy-in.
    • “Be humble, but don’t crumble” – demonstrate to the executive stakeholders that you are an expert while admitting you don’t know everything. However, don’t be afraid to provide your POV and defend it if need be. Strike the right balance to ensure the board has confidence in you while building a strong relationship.
    • Prioritize a discussion over a formal presentation. Create an environment where they feel like they are part of the solution.

    Summary of Accomplishment

    Problem Solved

    A better understanding of security communication drivers and goals

    • Understanding the difference between communication drivers and goals
    • Identifying your drivers and goals for security presentation

    A developed a plan for how and where to retrieve data for communication

    • Insights on what type of data can be leveraged to support your communication goals
    • Understanding who you can collaborate with and potential data sources to retrieve data from

    A solidified communication plan with security templates to assist in better presenting to your audience

    • A guideline on how to prepare security presentations to executive stakeholders
    • A list of security templates that can be customized and used for various security presentations

    A defined guideline on how to deliver a captivating presentation to achieve your desired objectives

    • Clear message on best practices for delivering security presentations to executive stakeholders
    • Understanding how to verify your communication goals have been obtained

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Related Info-Tech Research

    Build an Information Security Strategy
    This blueprint will walk you through the steps of tailoring best practices to effectively manage information security.

    Build a Security Metrics Program to Drive Maturity
    This blueprint will assist you in identifying security metrics that can tie to your organizational goals and build those metrics to achieve your desired maturity level.

    Bibliography

    Bhadauriya, Amit S. “Communicating Cybersecurity Effectively to the Board.” Metricstream. Web.
    Booth, Steven, et al. “The Biggest Mistakes Made When Presenting Cyber Security to Senior Leadership or the Board, and How to Fix Them.” Mandiant, May 2019. Web.
    Bradford, Nate. “6 Slides Every CISO Should Use in Their Board Presentation.” Security Boulevard, 9 July 2020. Web.
    Buckalew, Lauren, et al. “Get the Board on Board: Leading Cybersecurity from the Top Down.” Newsroom, 2 Dec. 2019. Web.
    Burg, Dave, et al. “Cybersecurity: How Do You Rise above the Waves of a Perfect Storm?” EY US - Home, EY, 22 July 2021. Web.
    Carnegie Endowment for International Peace. Web.
    “Chief Information Security Officer Salary.” Salary.com, 2022. Web.
    “CISO's Guide to Reporting to the Board - Apex Assembly.” CISO's Guide To Reporting to the Board. Web.
    “Cyber Security Oversight in the Boardroom” KPMG, Jan. 2016. Web.
    “Cybersecurity CEO: My 3 Tips for Presenting in the Boardroom.” Cybercrime Magazine, 31 Mar. 2020. Web.
    Dacri , Bryana. Do's & Don'ts for Security Professionals Presenting to Executives. Feb. 2018. Web.
    Froehlich, Andrew. “7 Cybersecurity Metrics for the Board and How to Present Them: TechTarget.” Security, TechTarget, 19 Aug. 2022. Web.
    “Global Board Risk Survey.” EY. Web.
    “Guidance for CISOs Presenting to the C-Suite.” IANS, June 2021. Web.
    “How to Communicate Cybersecurity to the Board of Directors.” Cybersecurity Conferences & News, Seguro Group, 12 Mar. 2020. Web.
    Ide, R. William, and Amanda Leech. “A Cybersecurity Guide for Directors” Dentons. Web.
    Lindberg, Randy. “3 Tips for Communicating Cybersecurity to the Board.” Cybersecurity Software, Rivial Data Security, 8 Mar. 2022. Web.
    McLeod, Scott, et al. “How to Present Cybersecurity to Your Board of Directors.” Cybersecurity & Compliance Simplified, Apptega Inc, 9 Aug. 2021. Web.
    Mickle, Jirah. “A Recipe for Success: CISOs Share Top Tips for Successful Board Presentations.” Tenable®, 28 Nov. 2022. Web.
    Middlesworth, Jeff. “Top-down: Mitigating Cybersecurity Risks Starts with the Board.” Spiceworks, 13 Sept. 2022. Web.
    Mishra, Ruchika. “4 Things Every CISO Must Include in Their Board Presentation.” Security Boulevard, 17 Nov. 2020. Web.
    O’Donnell-Welch, Lindsey. “CISOs, Board Members and the Search for Cybersecurity Common Ground.” Decipher, 20 Oct. 2022. Web.

    Bibliography

    “Overseeing Cyber Risk: The Board's Role.” PwC, Jan. 2022. Web.
    Pearlson, Keri, and Nelson Novaes Neto. “7 Pressing Cybersecurity Questions Boards Need to Ask.” Harvard Business Review, 7 Mar. 2022. Web.
    “Reporting Cybersecurity Risk to the Board of Directors.” Web.
    “Reporting Cybersecurity to Your Board - Steps to Prepare.” Pondurance ,12 July 2022. Web.
    Staynings, Richard. “Presenting Cybersecurity to the Board.” Resource Library. Web.
    “The Future of Cyber Survey.” Deloitte, 29 Aug. 2022. Web.
    “Top Cybersecurity Metrics to Share with Your Board.” Packetlabs, 10 May 2022. Web.
    Unni, Ajay. “Reporting Cyber Security to the Board? How to Get It Right.” Cybersecurity Services Company in Australia & NZ, 10 Nov. 2022. Web.
    Vogel, Douglas, et al. “Persuasion and the Role of Visual Presentation Support.” Management Information Systems Research Center, 1986.
    “Welcome to the Cyber Security Toolkit for Boards.” NCSC. Web.

    Research Contributors

    • Fred Donatucci, New-Indy Containerboard, VP, Information Technology
    • Christian Rasmussen, St John Ambulance, Chief Information Officer
    • Stephen Rondeau, ZimVie, SVP, Chief Information Officer

    Prepare for Negotiations More Effectively

    • Buy Link or Shortcode: {j2store}224|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: $6,000 Average $ Saved
    • member rating average days saved: 4 Average Days Saved
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • IT budgets are increasing, but many CIOs feel their budgets are inadequate to accomplish what is being asked of them.
    • Eighty percent of organizations don’t have a mature, repeatable, scalable negotiation process.
    • Training dollars on negotiations are often wasted or ineffective.

    Our Advice

    Critical Insight

    • Negotiations are about allocating risk and money – how much risk is a party willing to accept at what price point?
    • Using a cross-functional/cross-insight team structure for negotiation preparation yields better results.
    • Soft skills aren’t enough and theatrical negotiation tactics aren’t effective.

    Impact and Result

    A good negotiation process can help:

    • Maximize budget dollars.
    • Improve vendor performance.
    • Enhance relationships internally and externally.

    Prepare for Negotiations More Effectively Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should create and follow a scalable process for preparing to negotiate with vendors, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Before

    Throughout this phase, the 12 steps for negotiation preparation are identified and reviewed.

    • Prepare for Negotiations More Effectively – Phase 1: Before
    • Before Negotiating Tool
    [infographic]

    Workshop: Prepare for Negotiations More Effectively

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 12 Steps to Better Negotiation Preparation

    The Purpose

    Improve negotiation preparation.

    Understand how to use the Info-Tech Before Negotiating Tool.

    Key Benefits Achieved

    A scalable framework for negotiation preparation will be created.

    The Before Negotiating Tool will be configured for the customer’s environment.

    Activities

    1.1 Establish specific negotiation goals and ranges.

    1.2 Identify and assess alternatives to a negotiated agreement.

    1.3 Identify and evaluate assumptions made by the parties.

    1.4 Conduct research.

    1.5 Identify and evaluate relationship issues.

    1.6 Identify and leverage the team structure.

    1.7 Identify and address leverage issues.

    1.8 Evaluate timeline considerations.

    1.9 Create a strategy.

    1.10 Draft a negotiation agenda.

    1.11 Draft and answer questions.

    1.12 Rehearse (informal and formal).

    Outputs

    Sample negotiation goals and ranges will be generated via a case study to demonstrate the concepts and how to use the Before Negotiating Tool (this will apply to each Planned Activity)

    Sample alternatives will be generated

    Sample assumptions will be generated

    Sample research will be generated

    Sample relationship issues will be generated

    Sample teams will be generated

    Sample leverage items will be generated

    Sample timeline issues will be generated

    A sample strategy will be generated

    A sample negotiation agenda will be generated

    Sample questions and answers will be generated

    Sample rehearsals will be conducted

    Implement and Optimize Application Integration Governance

    • Buy Link or Shortcode: {j2store}361|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Enterprise Integration
    • Parent Category Link: /enterprise-integration
    • Enterprises begin integrating their applications without recognizing the need for a managed and documented governance model.
    • Application Integration (AI) is an inherently complex concept, involving the communication among multiple applications, groups, and even organizations; thus developing a governance model can be overwhelming.
    • The options for AI Governance are numerous and will vary depending on the size, type, and maturity of the organization, adding yet another layer of complexity.

    Our Advice

    Critical Insight

    • Governance is essential with integrated applications. If you are planning to integrate your applications, you should already be considering a governance model.
    • Proper governance requires oversight into chains of responsibility, policy, control mechanisms, measurement, and communication.
    • People and process are key. Technology options to aid in governance of integrated apps exist, but will not greatly contribute to the success of AI.

    Impact and Result

    • Assess your capabilities and determine which area of governance requires the most attention to achieve success in AI.
    • Form an Integration Center of Competency to oversee AI governance to ensure compliance and increase success.
    • Conduct ongoing training with your personnel to ensure up-to-date skills and end user understanding.
    • Frequently revisit your AI governance strategy to ensure alignment with business goals.

    Implement and Optimize Application Integration Governance Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Implement and optimize Application Integration Governance

    Know where to start and where to focus your attention in the implementation of an AI governance strategy.

    • Storyboard: Implement and Optimize Application Integration Governance

    2. Assess the organization's capabilities in AI Governance

    Assess your current and target states in AI Governance.

    • Application Integration Governance Gap Analysis Tool

    3. Create an Integration Center of Competency

    Have a governing body to oversee AI Governance.

    • Integration Center of Competency Charter Template

    4. Establish AI Governance principles and guidelines

    Create a basis for the organization’s AI governance model.

    • Application Integration Policy and Principles Template

    5. Create an AI service catalog

    Keep record of services and interfaces to reduce waste.

    • Integration Service Catalog Template
    [infographic]

    Monitor IT Employee Experience

    • Buy Link or Shortcode: {j2store}543|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $29,096 Average $ Saved
    • member rating average days saved: 19 Average Days Saved
    • Parent Category Name: Engage
    • Parent Category Link: /engage
    • In IT, high turnover and sub-optimized productivity can have huge impacts on IT’s ability to execute SLAs, complete projects on time, and maintain operations effectively.
    • With record low unemployment rates in IT, retaining top employees and keeping them motivated in their jobs has never been more critical.

    Our Advice

    Critical Insight

    • One bad experience can cost you your top employee. Engagement is the sum total of the day-to-day experiences your employees have with your company.
    • Engagement, not pay, drives results. Engagement is key to your team's productivity and ability to retain top talent. Approach it systematically to learn what really drives your team.
    • It’s time for leadership to step up. As the CIO, it’s up to you to take ownership of your team’s engagement.

    Impact and Result

    • Info-Tech tools and guidance will help you initiate an effective conversation with your team around engagement, and avoid common pitfalls in implementing engagement initiatives.
    • Monitoring employee experience continuously using the Employee Experience Monitor enables you to take a data-driven approach to evaluating the success of your engagement initiatives.

    Monitor IT Employee Experience Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should focus on employee experience to improve engagement in IT, review Info-Tech’s methodology, and understand how our tools will help you construct an effective employee engagement program.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Start monitoring employee experience

    Plan out your employee engagement program and launch the Employee Experience Monitor survey for your team.

    • Drive IT Performance by Monitoring Employee Experience – Phase 1: Start Monitoring Employee Experience
    • None
    • None
    • EXM Setup Guide
    • EXM Training Guide for Managers
    • None
    • EXM Communication Template

    2. Analyze results and ideate solutions

    Interpret your Employee Experience Monitor results, understand what they mean in the context of your team, and involve your staff in brainstorming engagement initiatives.

    • Drive IT Performance by Monitoring Employee Experience – Phase 2: Analyze Results and Ideate Solutions
    • EXM Focus Group Facilitation Guide
    • Focus Group Facilitation Guide Driver Definitions

    3. Select and implement engagement initiatives

    Select engagement initiatives for maximal impact, create an action plan, and establish open and ongoing communication about engagement with your team.

    • Drive IT Performance by Monitoring Employee Experience – Phase 3: Measure and Communicate Results
    • Engagement Progress One-Pager
    [infographic]

    Workshop: Monitor IT Employee Experience

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Launch the EXM

    The Purpose

    Set up the EXM and collect a few months of data to build on during the workshop.

    Key Benefits Achieved

    Arm yourself with an index of employee experience and candid feedback from your team to use as a starting point for your engagement program.

    Activities

    1.1 Identify EXM use case.

    1.2 Identify engagement program goals and obstacles.

    1.3 Launch EXM.

    Outputs

    Defined engagement goals.

    EXM online dashboard with three months of results.

    2 Explore Engagement

    The Purpose

    To understand the current state of engagement and prepare to discuss the drivers behind it with your staff.

    Key Benefits Achieved

    Empower your leadership team to take charge of their own team's engagement.

    Activities

    2.1 Review EXM results to understand employee experience.

    2.2 Finalize focus group agendas.

    2.3 Train managers.

    Outputs

    Customized focus group agendas.

    3 Hold Employee Focus Groups

    The Purpose

    Establish an open dialogue with your staff to understand what drives their engagement.

    Key Benefits Achieved

    Understand where in your team’s experience you can make the most impact as an IT leader.

    Activities

    3.1 Identify priority drivers.

    3.2 Identify engagement KPIs.

    3.3 Brainstorm engagement initiatives.

    3.4 Vote on initiatives within teams.

    Outputs

    Summary of focus groups results

    Identified engagement initiatives.

    4 Select and Plan Initiatives

    The Purpose

    Learn the characteristics of successful engagement initiatives and build execution plans for each.

    Key Benefits Achieved

    Choose initiatives with the greatest impact on your team’s engagement, and ensure you have the necessary resources for success.

    Activities

    4.1 Select engagement initiatives with IT leadership.

    4.2 Discuss and decide on the top five engagement initiatives.

    4.3 Create initiative project plans.

    4.4 Build detailed project plans.

    4.5 Present project plans.

    Outputs

    Engagement project plans.

    Collaborate Effectively in Microsoft Teams

    • Buy Link or Shortcode: {j2store}63|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: End-User Computing Applications
    • Parent Category Link: /end-user-computing-applications

    Your organization has adopted Microsoft Teams, but users are not maximizing their use of it.

    • IT needs to support the business to get the best value out of Microsoft Teams: managing Teams effectively while also enabling end users to use Teams creatively.
    • IT must follow best practices for evaluation of new functionality when integrating Microsoft and third-party apps and also communicate changes to end users.
    • Due in part to the frequent addition of new features and lack of communication and training, many organizations don’t know which apps would benefit their users.

    Our Advice

    Critical Insight

    Collaboration is as much an art as a science. IT can help users collaborate more effectively in Teams by removing friction – while still maintaining guardrails – for users attempting to build out and experiment with features and capabilities.

    Impact and Result

    Use Info-Tech’s Collaborate Effectively in Microsoft Teams to help collaboration flourish:

    • Collate key organizational collaboration use cases.
    • Prioritize the most important Teams apps and features to support use cases.
    • Implement request process for new Teams apps.
    • Communicate new Teams collaboration functionality.

    Collaborate Effectively in Microsoft Teams Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Collaborate Effectively in Microsoft Teams Deck – Maximize the use of your chosen collaboration software solution.

    Set up your users for Teams collaboration success. Create a process that improves their ability to access, understand, and maximize their use of your chosen collaboration software solution.

    • Collaborate Effectively in Microsoft Teams Storyboard

    2. Microsoft Teams End-User Satisfaction Survey – Capture end-user feedback on their collaborative use of Microsoft Teams.

    The survey responses will inform your organization's collaboration use cases for Teams and help you to identify which features and apps to enable.

    • Microsoft Teams End-User Satisfaction Survey

    3. Microsoft Teams Planning Tool – A tool to help prioritize features to implement.

    Use this Excel tool to help you document the organization’s key collaboration use cases and prioritize which Teams apps to implement and encourage adoption on.

    • Microsoft Teams Planning Tool
    [infographic]

    Further reading

    Collaborate Effectively in Microsoft Teams

    Empower your users to explore Teams collaboration beyond the basics.

    Analyst Perspective

    Life after Teams implementation

    You have adopted Teams, implemented it, and painted an early picture for your users on the basics. However, your organization is not yet maximizing its use of Teams' collaboration capabilities. Although web conferencing, channel-based collaboration, and chat are the most obvious ways Teams supports collaboration, users must explore Teams' functionality further to harness the application's full potential.

    You should enable your users to expand their collaboration use cases in Teams, but not at the risk of being flooded with app requests, nor user confusion or dissatisfaction. Instead, develop a process to evaluate and integrate new apps that will benefit the organization. Encourage your users to request new apps that will benefit them, while proactively planning for app integration that users should be alerted to.

    Photo of Emily Sugerman, Research Analyst, Infrastructure and Operations, Info-Tech Research Group. Emily Sugerman
    Research Analyst, Infrastructure and Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Your organization has adopted Microsoft Teams, but users are not getting the maximum benefit.

    • IT needs to support the business to get the best value out of Microsoft Teams: managing Teams effectively while enabling end-user creativity.
    • IT must follow best practices for evaluating new functionality when integrating Microsoft and third-party apps, while communicating changes to end users.
    • Due partly to the frequent addition of new features and lack of communication and training, many organizations don't know which apps would benefit their users.

    Common Obstacles

    • Users are unenthusiastic about exploring Teams further due to negative past experiences, preference for other applications, or indifference.
    • End users are unaware of the available range of features. When they become aware and try to add unapproved or unlicensed apps, they experience the frustration of being declined.
    • Users seek support from IT who are unfamiliar with new Teams features an apps, or with supporting Teams beyond the basics.
    • IT teams have no process to raise end-user awareness of these apps and functionality.

    Info-Tech's Approach

    Use Info-Tech's Collaborate Effectively in Microsoft Teams to help collaboration flourish:

    • Collate key organizational collaboration use cases
    • Prioritize the most important Teams apps and features to support use cases
    • Implement request process for new Teams apps
    • Communicate new Teams collaboration functionality

    Info-Tech Insight

    Collaboration is as much an art as a science. IT can help users collaborate more effectively in Teams by removing friction – while still maintaining guardrails – for users attempting to build out and experiment with features and capabilities.

    Are your users in a Teams rut?

    Are users failing to maximize their use of Teams to collaborate and get work done?

    Teams can do much more than chat, video conferencing, and document sharing. A fully-deployed Teams also lets users leverage apps and advanced collaboration features.

    However, IT must create a process for evaluating and approving Microsoft and third-party apps, and for communicating changes to end users.

    In the end, IT needs to support the business to get the best value out of Microsoft Teams: managing Teams effectively while also enabling end-user creativity.

    Third-party app use in Teams is rising:

    “Within Teams, the third-party apps with 10,000 users and above rose nearly 40% year-over-year.”
    Source: UC Today, 2023.

    Collaborate effectively in Microsoft Teams

    Set up your users for Teams collaboration success. Create a process that improves their ability to access, understand, and maximize their use of your chosen collaboration software solution.

    Challenges with Teams collaboration

    • Lack of motivation to explore available features
    • Scattered information
    • Lack of comfort using Teams beyond the basics
    • Blocked apps
    • Overlapping features
    • Confusing permissions

    Empowering Collaboration in Microsoft Teams

    1. Identify current collaboration challenges and use cases in Teams
    2. Create Teams app request workflows
    3. Set up communication hubs in Teams
    4. Empower end users to customize their Teams for effective collaboration

    Solution

    • Collate key organizational collaboration use cases
    • Prioritize the most important Teams apps and features to support use cases
    • Implement request process for new Teams apps
    • Communicate new Teams collaboration functionality

    Project deliverables

    Use these tools to develop your plan to enable effective collaboration in Microsoft Teams.

    Key deliverable:

    Microsoft Teams Planning Tool

    An Excel tool for documenting the organization's key collaboration use cases and prioritizing which Teams apps to implement and encourage adoption of.

    Sample of the Microsoft Teams Planning Tool deliverable.

    Additional support:

    Microsoft Teams End-User Satisfaction Survey

    Use or adapt this survey to capture user perception of how effectively Teams supports collaboration needs.

    Sample of the End-user satisfaction survey deliverable.

    Insight Summary

    Key Insight:

    Collaboration is as much an art as a science. IT can help users collaborate more effectively in Teams by removing friction – while still maintaining guardrails – for users attempting to build out and experiment with features and capabilities.

    Additional insights:

    Insight 1

    Users can browse the Teams app store and attempt to add unapproved apps, but they may not be able to distinguish between available and blocked apps. To avoid a bad user experience, communicate which apps they can add without additional approval and which they will need to send through an approval process.

    Insight 2

    Teams lets you customize the message users see when they request unapproved apps and/or redirect their request to your own URL. Review this step in the request process to ensure users are seeing the instructions that they need to see.

    Insight 3

    A Teams hub is where users can access a service catalog of approved Teams apps and submit service requests for new ones via the Make a Request button.

    Section 1: Collaborating Effectively in Teams for IT

    Section 1

    Collaborating Effectively in Teams for IT

    Section 2

    Collaborating Effectively in Teams for End Users

    Stop: Do you need the Teams Cookbook?

    If you:

    • are at the Teams implementation stage,
    • require IT best practices for initial governance of Teams creation, or
    • require end-user best practices for basic Teams functionality …

    Consult the Microsoft Teams Cookbook first.

    Understand the Microsoft vision of Teams collaboration

    Does it work for you?

    Microsoft's vision for Teams collaboration is to enable end-user freedom. For example, out of the box, users can create their own teams and channels unless IT restricts this ability.

    Teams is meant to be more than just chats and meetings. Microsoft is pushing Teams app integration so that Teams becomes, essentially, a landing page from which users can centralize their work and org updates.

    In partnership with the business, IT must determine which guardrails are necessary to balance end-user collaboration and creativity with the need for governance and control.

    Why is it difficult to increase the caliber of collaboration in Teams?

    Because collaboration is inherently messy, complex, and creative

    Schubert & Glitsch find that enterprise collaboration systems (such as Teams) have characteristics that reflect the unstructured and creative nature of collaboration. These systems “are designed to support joint work among people in the workplace. . . [They] contain, for the most part, unstructured content such as documents, blogs, or news posts,” and their implementations “are often reported to follow a ‘bottom up' and rather experimental introduction approach.” The open-endedness of the tool requires users to be able to creatively and voluntarily apply it, which in turn requires more enterprise effort to help increase adoption over time through trial and error.

    Source: Procedia Computer Science, 2015

    Info-Tech Insight

    Collaboration is as much an art as a science. IT can help users collaborate more effectively in Teams by removing friction – while still maintaining guardrails – for users attempting to build out and experiment with features and capabilities.

    Activity 1: Identify current challenges

    Input: Team input, Survey results
    Output: List of Teams challenges experienced by the organization
    Materials: Whiteboard (digital or physical)
    Participants: Teams collaboration working group

    First, identify what works and what doesn't for your users in Teams

    • Have users reported any challenges with Teams as their primary means of channel-based collaboration? Run a short survey to capture end-user sentiment on how Teams works for them. This survey can be set up and distributed through Microsoft Forms. Distribute either to the whole organization or a specific focus group. Gather feedback from users on the following: What are the major ways they need to collaborate to do their jobs? What IT-supported tools do they need to support this collaboration? What specific aspects of Teams do they want to better exploit?
    • If you send out transactional surveys on service desk tickets, run a report on Teams-related tickets to identify common complaints.
    • Brainstorm Teams challenges IT has experienced personally or have seen reported – especially difficulties with collaboration.
    • Once you have the data, group the challenges into themes. Are the challenges specifically related to collaboration? Data issues? Support issues? Access issues? Technical issues? Document them in tab 2 of the Microsoft Teams Planning Tool.

    Download the Microsoft Teams End-User Satisfaction Survey template

    Define your organization's key collaboration scenarios

    Next, identify what users need to do in Teams

    The term collaboration scenarios has been proposed to describe the types of collaboration behavior your software – in this case, Teams – must support (Schubert & Glitsch, 2015). A successful implementation of this kind of tool requires that you “identif[y] use cases and collaboration scenarios that best suit a specific company and the people working in it” (Schubert & Glitsch, 2016).

    Teams tends to support the following kinds of collaboration and productivity goals (see list).

    What types of collaboration scenarios arise in the user feedback in the previous activity? What do users most need to do?

    Be proactive: Configure Microsoft Teams to match collaboration scenarios/use cases your users must engage in. This will help prevent an increase in shadow IT, where users attempt to bring in unapproved/unreviewed software that might duplicate your existing service catalog and/or circumvent the proper review and procurement process.

    MS Teams Use Cases

    1. Gather feedback
    2. Collaboratively create content
    3. Improve project & task management
    4. Add media content
    5. Conduct knowledge management
    6. Increase meeting effectiveness
    7. Increase employee engagement
    8. Enhance professional development
    9. Provide or access support
    10. Add third-party apps

    Activity 2: Match your collaboration scenarios to Teams capabilities

    Input: Collaboration scenarios, Teams use cases
    Output: Ranked list of Teams features to implement and/or promote
    Materials: Microsoft Teams Planning Tool
    Participants: Teams collaboration working group

    Which features support the key collaboration use cases?

    1. Using the Microsoft Teams Planning Tool, list your organization's key collaboration scenarios. Draw on the data returned in the previous activity. List them in Tab 2.
    2. See the following slide for the types of collaboration use cases Teams is designed to support. In the planning tool, select use cases that best match your organizational collaboration scenarios.
    3. Dive into more specific features on Tab 3, which are categorized by collaboration use case. Where do users' collaboration needs align with Teams' inherent capabilities? Add lines in Tab C for the third-party apps that you are considering adding to Teams.
    4. In columns B and C of Tab 3, decide and prioritize the candidates for implementation. Review the list of prioritized features on tab 4.

    NB: Microsoft has introduced a Teams Premium offering, with additional capabilities for meetings and webinars (including customized banding, meeting watermarks, and virtual webinar green rooms) and will paywall some features previously available without Premium (live caption translations, meeting data on attendee departure/arrival times) (“What is Microsoft Teams Premium?”, n.d.)

    Download the Microsoft Teams Planning Tool

    MS Teams productivity & collab features

    Teams apps & collaboration features enable the following types of work. When designing collaboration use cases, identify which types of collaboration are necessary, then explore each category in depth.

    1. Gather feedback

      Solicit feedback and comments, and provide updates
    2. Collaboratively create content

      Compose as a group, with live-synced changes
    3. Improve project & task management

      Keep track of projects and tasks
    4. Add media content

      Enrich Teams conversations with media, and keep a library of video resources
    5. Knowledge management

      Pull together document libraries and make information easier to find
    6. Increase meeting effectiveness

      Facilitate interactions and document meeting outcomes
    7. Increase employee engagement

      Use features that enhance social interaction among Teams users
    8. Enhance professional development

      Find resources to help achieve professional goals
    9. Provide or access support

      IT and user-facing resources for accessing and/or providing support
    10. Add third-party apps

      Understand the availability/restrictions of the built-in Teams app catalog

    The Teams app store

    • The lure of the app store: Your users will encounter a mix of supported and unsupported applications, some of which they can access, some for which you have no licenses, some built by your organization, some built by Microsoft or third parties. However, the distinction between these categories may not be immediately apparent to users. Microsoft does not remove blocked apps from users' view.
    • Users may attempt to add unsupported apps and then receive error messages or prompts to send a request through Teams to IT for approval.
    • App add-ins are not limited to those built by Microsoft Corporation. The Teams app store also features a plethora of third-party apps that can provide value.
    • However, their third-party status introduces another set of complications.
    • Attempting to add third-party apps may expose users to sales pitches and encourage the implementation of shadow IT, circumventing the IT request process.

    Info-Tech Insight

    Users can browse and attempt to add unapproved apps in the Teams app store, but they may have difficulty distinguishing between available and blocked apps. To avoid a bad user experience, communicate to your users which apps they can add without additional approval, and which must be sent through an approval process.

    Decide how you will evaluate requests for new Teams apps

    • As you encourage users to explore and fully utilize Teams, you may see increased requests for admin approval for apps you do not currently support.
    • To prevent disorganized response and user dissatisfaction, build out a workflow for handling new/unapproved Teams app requests. Ensure the workflow accounts for Microsoft and third-party apps.
    • What must you consider when integrating third-party tools? You must have control over what users may add. These requests should follow, or build upon, your existing process for non-standard requests, including a process for communicating the change.
    • Track the fulfillment time for Teams app requests. The longer the user must wait for a response, the more their satisfaction will decline.

    icrosoft suggests that you regularly review the app usage report in the Teams admin center as “a signal about the demand for an app within your organization.” This will help you proactively determine which apps to evaluate for approval.

    Build request workflow for unsupported Teams apps

    What are the key steps?

    1. Request comes in
    2. Review by a technical review team
    3. Review by service desk or business analyst
    4. Additional operational technical reviews if necessary
    5. Procurement and installation
    6. Communication of result to requester
    7. App added to the catalog so it can be used by others

    Example workflow of a 'Non-Standard Software Request Process'.

    Info-Tech Insight

    Teams allows you to customize the message users see when they request an unapproved app and/or redirect their request to your own URL. Review this step in the request process to ensure your users are seeing the instructions that they need to see.

    Download the Service Request Workflow library

    Incorporate new approved service requests into a service request catalog

    Follow the process in Reduce Shadow IT With a Service Request Catalog to build out a robust request management process and service catalog to continuously incorporate new non-standard requests and advertise new Teams apps:

    • Design the service
    • Design the catalog
    • Build the catalog
    • Market the service

    Sample of the 'Reduce Shadow IT With a Service Request Catalog' blueprint.

    Add a company hub to Teams

    Use Teams to help users access the company intranet for organizational information that is relevant to their roles.

    This can be done in two ways:

    1. By adding a SharePoint home site to Teams.
    2. By leveraging Viva Connections: A hub to access other apps and Viva services. The user sees a personalized dashboard, feed, and resources.

    Venn diagram with two circles 'Viva Connections - App-based employee experience where individuals get their work done' and 'Home Sites - Portal that features organizational news, events, and supplemental resources'. The overlapping middle has a list: 'News, Shared navigation, Integrates with M365, Developer platforms & management, Audience targeting, Web parts, Permissions'. (Venn diagram recreated from Microsoft Learn, 2023.)

    Info-Tech Insight

    The hub is where users can access a service catalog of approved Teams apps and submit service requests for a new one via a Make a Request button.

    Communicate changes to Teams

    Let end users know what's available and how to add new productivity tools.

    Where will users find approved Teams apps? How will you inform people about what's available? Once a new app is available, how is this communicated?

    Options:

    • Communicate new Teams features in high-visibility places (e.g. the Hub).
    • Leverage the Power Apps Bulletins app in Teams to communicate regular announcements about new features.
    • Create a company-wide Team with a channel called “What's New in Teams.” Post updates on new features and integrations, and link to more detailed knowledgebase articles on how to use the new features.
    • Aim for the sweet spot of communication frequency: not too much nor too little.

    Measure your success

    Determine how you will evaluate the success of your efforts to improve the Teams collaboration experience

    Improved satisfaction with Teams: Increased net promoter score (NPS)

    Utilization of features: Increased daily average users on key features, apps, integrations

    Timeliness: % of SLAs met for service request fulfillment

    Improved communication to end users about Teams' functionality: Satisfaction with knowledgebase articles on Teams

    Satisfaction with communication from IT

    Section 2: Collaborating Effectively in Teams for End Users

    Section 1

    Collaborating Effectively in Teams for IT

    Section 2

    Collaborating Effectively in Teams for End Users

    For IT: Use this section to help users understand Teams collaboration features

    Share the collateral in this section with your users to support their deeper exploration of Teams collaboration.

    • Use the Microsoft Teams Planning Tool to prepare a simple service catalog of the features and apps available to your users.
    • Edit Tab 2 (MS Teams Collab Features & Apps) by deleting the blocked apps/features.
    • Share this document with your users by linking to it via this image on the following slides:
    Sample of the Microsoft Teams Planning Tool deliverable.

    Download the Microsoft Teams Planning Tool for an expanded list of features & apps

    End-user customization of Teams

    Consider how you want to set up your Teams view. Add the apps you already use to have them at your fingertips in Teams.

    You can . . .

    1. Customize your navigation bar by pinning your preferred apps and working with them within Teams (Microsoft calls these personal apps).
    2. Customize your message bar by adding the app extensions you find most useful. Screenshot of the message bar with the 3-dot highlighted.
    3. Customize chats and Teams by adding tabs with content your group needs frequent access to. Screenshot of MS Teams tabs with the plus sign highlighted.
    4. Set up connectors to send notifications from apps to a Team and bots to answer questions and automate simple tasks. Screenshot of the 'Set up a connector' button.

    Learn more from Microsoft here

    MS Teams productivity & collab features

    The Apps catalog includes a range of apps that users may add to channels, chat, or the navigation bar. Teams also possesses other collaboration features that may be underused in your organization.

    1. Gather feedback

      Solicit feedback and comments, and provide updates
    2. Collaboratively create content

      Compose as a group, with live-synced changes
    3. Improve project & task management

      Keep track of projects and tasks
    4. Add media content

      Enrich Teams conversations with media, and keep a library of video resources
    5. Knowledge management

      Pull together document libraries and make information easier to find
    6. Increase meeting effectiveness

      Facilitate interactions and document meeting outcomes
    7. Increase employee engagement

      Use features that enhance social interaction among Teams users
    8. Enhance professional development

      Find resources to help achieve professional goals
    9. Provide or access support

      IT and user-facing resources for accessing and/or providing support
    10. Add third-party apps

      Understand the availability/restrictions of the built-in Teams app catalog

    Samples of four features: 'Prioritize with a voting table', 'Launch a live meeting poll', 'Launch a survey', and 'Request an update'.

    Download the Microsoft Teams Collaboration Tool for an expanded list of features & apps

    Use integrated Teams features to gather feedback and provide updates

    • Vote: Create a list of items for teams to brainstorm pros and cons, and then tabulate votes on. This component can be edited inline by anyone with whom the component is shared. The edits will sync anywhere the component is shared.
    • Meeting polls: Capture instant feedback from teams, chat, and call participants. Participant anonymity can be set by the poll organizer. Results can be exported.
    • Create surveys and quizzes and share the results. Results can be exported.
    • Create, track, and review updates and progress reports from teams and individuals.

    Collaboratively create content

    Samples of four features: 'Add Office suite docs', 'Brainstorm in Whiteboard', 'Add Loop components', and 'Take notes in OneNote'.

    Download the Microsoft Teams Planning Tool for an expanded list of features & apps

    Use integrated Teams features composed as a group, with live-synced changes

    • Microsoft Office documents: Add/upload files to a chat or channel discussion. Find them again in the Files tab or add the file itself as a tab to a chat or channel and edit it within Teams.
    • Brainstorm with the Whiteboard application. Add a whiteboard to a tab or to a meeting.
    • Add Loop components to a chat: Create a list, checklist, paragraph, or table that can be edited in real time by anyone in the chat.
    • Add OneNote to a chat or channel tab or use during a meeting to take notes. Pin OneNote to your app bar if it's one of your most frequently-used apps.

    Improve project & task management

    Samples of four features: 'Request approvals and updates', 'Add & track tasks', 'Create a personal notespace', and 'Manage workflows'.

    Download the Microsoft Teams Planning Tool for an expanded list of features & apps

    Keep track of projects and tasks

    • Use the Approvals and Update apps to create, track, and respond to requests for approvals and progress reports within Teams.
    • Use Tasks by Planner & To Do to track both individual and team tasks. Pin the Tasks app to the app bar, add a plan as a tab to a Team, and turn any Teams message into a task by right-clicking on it.
    • Start a chat with yourself to maintain a private space to jot down quick notes.
    • Add Lists to a Teams channel.
    • Explore automation: Add pre-built Teams workflows from the Workflows app, or build new ones in PowerAutomate
    • IT teams may leverage Teams apps like Azure Boards, Pipelines, Repos, AD notifications, and GitHub.

    Add media content

    Samples of four features: 'Share news stories', 'Share YouTube videos', 'Share Stream content', and 'Add RSS feeds'.

    Download the Microsoft Teams Planning Tool for an expanded list of features & apps

    Enrich Teams conversations with media, and keep a library of video resources

    • Search for and add specific news stories to a chat or channel. See recent news stories in search.
    • Search, share, and watch YouTube videos.
    • Share video links from Microsoft Stream.
    • Add RSS feeds.

    Knowledge management

    Samples of four features: 'SharePoint Pages', 'SharePoint document library', 'SharePoint News', and 'Who'.

    Download the Microsoft Teams Planning Tool for an expanded list of features & apps

    Pull together document libraries and make information easier to find

    • Add a page from an existing SharePoint site to a Team as a tab.
    • Add a SharePoint document library to a Team as a tab.
    • Search names of members of your organization to learn about their role, place in the organizational structure, and contact information.

    Increase meeting effectiveness

    Samples of four features: 'Take meeting notes', 'Set up a Q&A', 'Use live captions', and 'Record and transcribe meetings'.

    Download the Microsoft Teams Planning Tool for an expanded list of features & apps

    Facilitate interactions and document meeting outcomes

    • Take simple notes during a meeting.
    • Start conversations and ask and answer questions in a dedicated Q&A space during the Teams meeting.
    • Turn on live captions during the meeting.
    • Record a meeting and automatically generate a transcript of the meeting.
    • Assign attendees to breakout rooms.
    • Track the effectiveness of the meeting by producing an attendance report with the number of attendees, the meeting start/end time, a list of the attendees, and participation in activities.

    Increase employee engagement

    Samples of four features: 'Send praise', 'Build an avatar', 'Add video effects', and 'Play games during meetings'.

    Download the Microsoft Teams Planning Tool for an expanded list of features & apps

    Use features that enhance social interaction among Teams users

    • Send supportive comments to colleagues using Praise.
    • Build out digital avatars to toggle on during meetings instead of your own video.
    • Apply different visual effects, filters, and backgrounds to your screen during meetings.
    • Games for Work: Launch icebreaker games during a meeting.
    • Translate a Teams message from another language to your default language.
    • Send emojis, GIFs, and stickers in messages or as reactions to others' messages. You can also send reactions live during meetings to increase meeting engagement.

    Enhance professional development

    Samples of four features: 'Launch Viva Learning', 'Turn on Speaker Coach', 'Viva Insights', and 'Viva Goals'.

    Download the Microsoft Teams Planning Tool for an expanded list of features & apps

    Connect with learning resources and apply data-driven feedback based on Teams usage

    • Add learning materials from various course catalogs in Viva Learning.
    • Speaker Coach: Receive AI feedback on your performance as a speaker during a meeting.
    • Receive automatically generated insights and suggestions from Viva Insights on work habits and time allocation to different work activities.
    • Viva Goals: Track organizational "objectives and key results"/manage organizational goals

    Provide or access support

    Samples of four features: 'Access MS Support', 'Manage Teams & M365', 'Deploy power virtual agents', and 'Consult MS resource center'.

    Download the Microsoft Teams Planning Tool for an expanded list of features & apps

    IT and user-facing resources for accessing or providing support

    • Admin: Carry out simple Teams management tasks (for IT).
    • Power Virtual Agents: Build out chatbots to answer user questions (can be built by IT and end users for their customers).
    • Resource Center: A combination of pre-built Microsoft resources (tips, templates) with resources provided by organizational IT.
    • Support: Access Microsoft self-serve knowledgebase articles (for IT).

    Add third-party apps

    Understand the availability/restrictions of the built-in Teams app catalog

    • App add-ins are not limited to those built by Microsoft Corporation. The Teams app store also features a plethora of third-party apps that may provide value.
    • However, being able to view an app in the app store does not necessarily mean it's supported or licensed by your organization.
    • Teams will allow users to request access to apps, which will then be evaluated by your IT support team. Follow your service desk's recommended request process for requesting and justifying the addition of a new Teams app that is not currently supported.
    • Before making the request, investigate existing Teams features to determine if the functionality is already available.

    Research contributors

    Mike Cavanagh
    Global Service Desk Manager
    Clearwater Seafoods LP

    Info-Tech contributors:

    Benedict Chang, Senior Advisory Analyst

    John Donovan, Principal Research Director

    Allison Kinnaird, Practice Lead

    P.J. Ryan, Research Director

    Natalie Sansone, Research Director

    Christine West, Managing Partner

    Related Info-Tech Research

    Sample of the 'Reduce Shadow IT with a Service Request Catalog' blueprint.

    Reduce Shadow IT With a Service Request Catalog

    Foster business relationships through sourcing-as-a-service. There is a direct correlation between service delivery dissatisfaction and increases in shadow IT. Whether the goal is to reduce shadow IT or gain control, improved customer service and fast delivery are key to making lasting changes.

    Sample of the 'Microsoft Teams Cookbook' blueprint.

    Microsoft Teams Cookbook

    Recipes for best practices and use cases for Teams. Microsoft Teams is not a standalone app. Successful utilization of Teams occurs when conceived in the broader context of how it integrates with M365. Understanding how information flows between Teams, SharePoint Online, and OneDrive for Business, for instance, will aid governance with permissions, information storage, and file sharing.

    Sample of the 'Govern Office 365 (M365)' blueprint.

    Govern Office 365

    You bought it. Use it right. Map your organizational goals to the administration features available in the Office 365/M365 console. Your governance should reflect your requirements.

    Bibliography

    Mehta, Tejas. “The Home Site App for Microsoft Teams.” Microsoft Community Hub. https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/the-home-site-app-for-microsoft-teams/ba-p/1714255.

    Overview: Viva Connections. 7 Mar. 2023, https://learn.microsoft.com/en-us/viva/connections/viva-connections-overview.

    Rogers, Laura. “SharePoint Home Site in Teams.” Wonderlaura, 24 Jun 2021. https://wonderlaura.com/2021/06/24/sharepoint-home...

    Schubert, Petra, and Johannes H. Glitsch. “Adding Structure to Enterprise Collaboration Systems: Identification of Use Cases and Collaboration Scenarios.” Procedia Computer Science, vol. 64, Jan. 2015, pp. 161–69. ScienceDirect, https://doi.org/10.1016/j.procs.2015.08.477.

    Schubert, Petra, and Johannes Glitsch. “Use Cases and Collaboration Scenarios: How Employees Use Socially-Enabled Enterprise Collaboration Systems (ECS).” International Journal of Information Systems and Project Management, vol. 4, no. 2, Jan. 2016, pp. 41–62.

    Thompson, Mark. “User Requests for Blocked Apps in the Teams Store.” Supersimple365, 5 Apr 2022, https://supersimple365.com/user-requests-for-apps-...

    “What is Microsoft Teams Premium?” Breakwater IT, n.d., https://breakwaterit.co.uk/guides/microsoft-teams-...

    Wills, Jonny. “Microsoft Teams Monthly Users Hits 280 Million.” UC Today, 25 Jan. 2023, https://www.uctoday.com/unified-communications/microsoft-teams-monthly-users-hits-280-million/.

    IT Project Management Lite

    • Buy Link or Shortcode: {j2store}187|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Project Management Office
    • Parent Category Link: /project-management-office
    • Organizations want reliable project reporting and clear, consistent project management standards, but many are unwilling or unable to allocate time for it.
    • Many IT project managers are given project management responsibilities in addition to other full-time roles – without any formal allocation of time, authority, or training.
    • Most IT project managers and stakeholders actually want clear and consistent standards but resist tools and procedures they believe are too time consuming and inflexible.
    • Standard project management procedures must be “light” enough for project managers to adapt to a wide range of projects without increasing the total time required to manage projects successfully.

    Our Advice

    Critical Insight

    • Most IT project management advice is focused on the largest 10-20% of projects – projects with large enough budgets to allocate time to project management. This leaves most IT projects (and most people who manage IT projects) in limbo between high-risk ad hoc management and high-cost project management best practices.
    • Project management success doesn’t equate to project success. While formal methodologies are a key ingredient in the success of large, complex projects, most IT projects do not require the same degree of rigorous record-keeping and planning.
    • Consistent, timely, and accurate reporting is the “linchpin” in any sustainable project and portfolio management practice.

    Impact and Result

    • Maintain timely and accurate project portfolio reporting with right-sized tools and processes.
    • Establish clear and consistent project management standards that make better use of time already spent managing projects.
    • Enable project managers to manage their projects more successfully with a set of flexible and lightweight tools and templates.

    IT Project Management Lite Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess the value of a minimum-viable PMO strategy

    Perform a measured value assessment for building and managing a minimum-viable PMO.

    • IT Project Management Lite Storyboard

    2. Perform a project and portfolio needs assessment

    Focus on the minimum required to maintain accuracy of portfolio reporting and effectiveness in managing projects.

    • Minimum-Viable PMO Needs Assessment

    3. Establish standards for realistic, accurate, and consistent portfolio reporting

    Emphasize reporting high-level project status as a way to identify and address issues to achieve the best results with the least effort.

    • Minimum-Viable Project and Portfolio Management SOP

    4. Create a standard, right-sized project management toolkit

    Free PMs to focus on actually managing the project while still delivering accurate portfolio metrics.

    • Zero-Allocation Project Management Workbook

    5. Train PMs for zero allocation

    Ensure project manager compliance with the portfolio reporting process by incorporating activities that create value.

    • Zero-Allocation Project Manager Development Plan
    • Zero-Allocation Project Management Survival Guide

    6. Perform a post-implementation assessment

    Evaluate success and identify opportunities for further improvement.

    Infographic

    Workshop: IT Project Management Lite

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Preparation

    The Purpose

    Define goals and success criteria.

    Finalize agenda.

    Gather information: update project and resource lists (Info-Tech recommends using the Project Portfolio Workbook).

    Key Benefits Achieved

    More efficiently organized and executed workshop.

    Able to better customize and tailor content to your specific needs.

    Activities

    1.1 Discuss specific pain points with regards to project manager allocations

    1.2 Review project lists, tools and templates, and other documents

    1.3 Map existing strategies to Info-Tech’s framework

    Outputs

    Understanding of where efforts must be focused in workshop

    Assessment of what existing tools and templates may need to be included in zero-allocation workbook

    Revisions that need to be made based on existing strategies

    2 Make the Case and Assess Needs

    The Purpose

    Assess current state (including review of project and resource lists).

    Discuss and analyze SWOT around project and portfolio management.

    Define target state.

    Define standards / SOP / processes for project and portfolio management.

    Key Benefits Achieved

    Gain perspective on how well your processes match up with the amount of time your project managers have for their PM duties.

    Determine the value of the time and effort that your project teams are investing in project management activities.

    Begin to define resource optimized processes for zero-allocation project managers.

    Ensure consistent implementation of processes across your portfolio.

    Establish project discipline and best practices that are grounded in actual project capacity.

    Activities

    2.1 Perform and/or analyze Minimum-Viable PMO Needs Assessment

    2.2 SWOT analysis

    2.3 Identify target allocations for project management activities

    2.4 Begin to define resource optimized processes for zero-allocation project managers

    Outputs

    Current state analysis based on Minimum-Viable PMO Needs Assessment

    Overview of current strengths, weaknesses, opportunities and threats

    Target state analysis based on Minimum-Viable PMO Needs Assessment

    A refined Minimum-Viable Project and Portfolio Management SOP

    3 Establish Strategy

    The Purpose

    Select and customize project and portfolio management toolkit.

    Implement (test/pilot) toolkit and processes.

    Customize project manager training plan.

    Evaluate and refine toolkit and processes as needed.

    Key Benefits Achieved

    Ensure consistent implementation of processes across your portfolio.

    Establish project discipline and best practices that are grounded in actual project capacity.

    A customized training session that will suit the needs of your project managers.

    Activities

    3.1 Customize the Zero-Allocation Toolkit to accommodate the needs of your projects

    3.2 Test toolkit on projects currently underway

    3.3 Tweak project manager training to suit the needs of your team

    Outputs

    Customized Zero-Allocation Project Management Workbook

    A tested and standardized copy of the workbook

    A customized training session for your project managers (to take place on Day 4 of Info-Tech’s workshop)

    4 Train Your Zero-Allocation Project Managers

    The Purpose

    Communicate project and portfolio management SOP to Project Managers.

    Deliver project manager training: standards for portfolio reporting and toolkit.

    Key Benefits Achieved

    Equip project managers to improve their level of discipline and documentation without spending more time in record keeping and task management.

    Execute a successful training session that clearly and succinctly communicates your minimal and resource-optimized processes.

    Activities

    4.1 Project Manager Training, including communication of the processes and standard templates and reports that will be adopted by all project managers

    Outputs

    Educated and disciplined project managers, aware of the required processes for portfolio reporting

    5 Assess Strategy and Next Steps

    The Purpose

    Debrief from the training session.

    Plan for ongoing evaluation and improvement.

    Evaluate and refine toolkit and processes if needed.

    Answer any remaining questions.

    Key Benefits Achieved

    Assess portfolio and project manager performance in light of the strategy implemented.

    Understanding of how to keep living documents like the workbook and SOP up to date.

    Clearly defined next steps.

    Activities

    5.1 Review the customized tools and templates

    5.2 Send relevant documentation to relevant stakeholders

    5.3 Schedule review call

    5.4 Schedule follow-up call with analysts to discuss progress in six months

    Outputs

    Finalized workbook and processes

    Satisfied and informed stakeholders

    Scheduled review call

    Scheduled follow-up call

    Design a Coordinated Vulnerability Disclosure Program

    • Buy Link or Shortcode: {j2store}322|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $10,000 Average $ Saved
    • member rating average days saved: 20 Average Days Saved
    • Parent Category Name: Threat Intelligence & Incident Response
    • Parent Category Link: /threat-intelligence-incident-response
    • Businesses prioritize speed to market over secure coding and testing practices in the development lifecycle. As a result, vulnerabilities exist naturally in software.
    • To improve overall system security, organizations are leveraging external security researchers to identify and remedy vulnerabilities, so as to mitigate the overall security risk.
    • A primary challenge to developing a coordinated vulnerability disclosure (CVD) program is designing repeatable procedures and scoping the program to the organization’s technical capacity.

    Our Advice

    Critical Insight

    • Having a coordinated vulnerability disclosure program is likely to be tomorrow’s law. With pressures from federal government agencies and recommendations from best-practice frameworks, it is likely that a CVD will be mandated in the future to encourage organizations to be equipped and prepared to respond to externally disclosed vulnerabilities.
    • CVD programs such as bug bounty and vulnerability disclosure programs (VDPs) may reward differently, but they have the same underlying goals. As a result, you don't need dramatically different process documentation.

    Impact and Result

    • Design a coordinated vulnerability disclosure program that reflects business, customer, and regulatory obligations.
    • Develop a program that aligns your resources with the scale of the coordinated vulnerability disclosure program.
    • Follow Info-Tech’s vulnerability disclosure methodology by leveraging our policy, procedure, and workflow templates to get you started.

    Design a Coordinated Vulnerability Disclosure Program Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should design a coordinated vulnerability disclosure program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess goals

    Define the business, customer, and compliance alignment for the coordinated vulnerability disclosure program.

    • Design a Coordinated Vulnerability Disclosure Program – Phase 1: Assess Goals
    • Information Security Requirements Gathering Tool

    2. Formalize the program

    Equip your organization for coordinated vulnerability disclosure with formal documentation of policies and processes.

    • Design a Coordinated Vulnerability Disclosure Program – Phase 2: Formalize the Program
    • Coordinated Vulnerability Disclosure Policy
    • Coordinated Vulnerability Disclosure Plan
    • Coordinated Vulnerability Disclosure Workflow (Visio)
    • Coordinated Vulnerability Disclosure Workflow (PDF)
    [infographic]

    Fix Your IT Culture

    • Buy Link or Shortcode: {j2store}518|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $32,499 Average $ Saved
    • member rating average days saved: 20 Average Days Saved
    • Parent Category Name: Lead
    • Parent Category Link: /lead
    • Go beyond value statements to create a culture that enables the departmental strategy.
    • There is confusion about how to translate culture from an abstract concept to something that is measurable, actionable, and process driven.
    • Organizations lack clarity about who is accountable and responsible for culture, with groups often pointing fingers at each other.

    Our Advice

    Critical Insight

    • When it comes to culture, the lived experience can be different from stated values. Culture is the pattern of behaviors and the way work is done rather than simply perks, working environment, and policy.
    • Executives’ active participation in culture change is paramount. If executives aren’t willing to change the way they behave, attempts to shift the culture will fail.
    • Elevate culture to a business imperative. Foster a culture that is linked to strategy rather than trying to replicate the hot culture of the moment.
    • Target values that will have the greatest impact. Select a few focus values as a guide and align all behaviors and work practices to those values.

    Impact and Result

    • Executives need to clarify how the culture they want will help achieve their strategy and choose the focus values that will have the maximum impact.
    • Measure the current state of culture and facilitate the process of leveraging existing elements while shifting undesirable ones.

    Fix Your IT Culture Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should improve your culture to enable your strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assessment: Determine current culture and identify focus values

    Complete a cultural assessment and select focus values to form core culture efforts.

    • Culture Documentation Template
    • IT Departmental Values Survey
    • IT Culture Diagnostic
    • Cultural Assessment Report Template

    2. Tools: Give IT executives the tools to drive change

    Enable executives to gather feedback on behavioral perceptions and support behavioral change.

    • Executive Reflection Template

    3. Behavioral Alignment: Align IT behaviors to the desired culture

    Review all areas of the department to understand where the links to culture exist and create a communication plan.

    • Standard Internal Communications Plan
    • IT Competency Library
    • Leadership Competency Library

    4. Sustainment: Disseminate and manage culture within the department

    Customize a process to infuse behaviors aligned with focus values in work practices and complete the first wave of meetings.

    • Culture Facilitation Guide for Leaders
    [infographic]

    Lead Strategic Decision Making With Service Portfolio Management

    • Buy Link or Shortcode: {j2store}397|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Service Management
    • Parent Category Link: /service-management
    • There are no standardized processes for the intake of new ideas and no consistent view of the drivers needed to assess the value of these ideas.
    • IT is spending money on low-value services and doesn’t have the ability to understand and track value in order to prioritize IT investment.
    • CIOs are not trusted to drive innovation.

    Our Advice

    Critical Insight

    • The service portfolio empowers IT to be a catalyst in business strategy, change, and growth.
    • IT must drive value-based investment by understanding value of all services in the portfolio.
    • Organizations must assess the value of their services throughout their lifecycle to optimize business outcomes and IT spend.

    Impact and Result

    • Optimize IT investments by prioritizing services that provide more value to the business, ensuring that you do not waste money on low-value or out-of-date IT services.
    • Ensure that services are directly linked to business objectives, goals, and needs, keeping IT embedded in the strategic vision of the organization.
    • Enable the business to understand the impact of IT capabilities on business strategy.
    • Ensure that IT maintains a strategic and tactical view of the services and their value.
    • Drive agility and innovation by having a streamlined view of your business value context and a consistent intake of ideas.
    • Provide strategic leadership and create new revenue by understanding the relative value of new ideas vs. existing services.

    Lead Strategic Decision Making With Service Portfolio Management Research & Tools

    Start here – read the Executive Brief

    Service portfolio management enables organizations to become strategic value creators by establishing a dynamic view of service value. Understand the driving forces behind the need to manage services through their lifecycles.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish the service portfolio

    Establish and understand the service portfolio process by setting up the Service Portfolio Worksheet.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 1: Establish the Service Portfolio
    • Service Portfolio Worksheet

    2. Develop a value assessment framework

    Use the value assessment tool to assess services based on the organization’s context of value.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 2: Develop a Value Assessment Framework
    • Value Assessment Tool
    • Value Assessment Example Tool

    3. Manage intake and assessment of initiatives

    Create a centralized intake process to manage all new service ideas.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 3: Manage Intake and Assessment of Initiatives
    • Service Intake Form

    4. Assess active services

    Continuously validate the value of the existing service and determine the future of service based on the value and usage of the service.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 4: Assess Active Services

    5. Manage and communicate the service portfolio

    Communicate and implement the service portfolio within the organization, and create a mechanism to seek out continuous improvement opportunities.

    • Lead Strategic Decision Making With Service Portfolio Management – Phase 5: Manage and Communicate the Service Portfolio
    [infographic]

    Workshop: Lead Strategic Decision Making With Service Portfolio Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish the Service Portfolio

    The Purpose

    Establish and understand the service portfolio process by setting up the Service Portfolio Worksheet.

    Understand at a high level the steps involved in managing the service portfolio.

    Key Benefits Achieved

    Adapt the Service Portfolio Worksheet to organizational needs and create a plan to begin documenting services in the worksheet.

    Activities

    1.1 Review the Service Portfolio Worksheet.

    1.2 Adapt the Service Portfolio Worksheet.

    Outputs

    Knowledge about the use of the Service Portfolio Worksheet.

    Adapt the worksheet to reflect organizational needs and structure.

    2 Develop a Value Assessment Framework

    The Purpose

    Understand the need for a value assessment framework.

    Key Benefits Achieved

    Identify the organizational context of value through a holistic look at business objectives.

    Leverage Info-Tech’s Value Assessment Tool to validate and determine service value.

    Activities

    2.1 Understand value from business context.

    2.2 Determine the governing body.

    2.3 Assess culture and organizational structure.

    2.4 Complete the value assessment.

    2.5 Discuss value assessment score.

    Outputs

    Alignment on value context.

    Clear roles and responsibilities established.

    Ensure there is a supportive organizational structure and culture in place.

    Understand how to complete the value assessment and obtain a value score for selected services.

    Understand how to interpret the service value score.

    3 Manage Intake and Assessment of Initiatives

    The Purpose

    Create a centralized intake process to manage all new service ideas.

    Key Benefits Achieved

    Encourage collaboration and innovation through a transparent, formal, and centralized service intake process.

    Activities

    3.1 Review or design the service intake process.

    3.2 Review the Service Intake Form.

    3.3 Design a process to assess and transfer service ideas.

    3.4 Design a process to transfer completed services to the service catalog.

    Outputs

    Create a centralized process for service intake.

    Complete the Service Intake Form for a specific initiative.

    Have a process designed to transfer approved projects to the PMO.

    Have a process designed for transferring of completed services to the service catalog.

    4 Assess Active Services

    The Purpose

    Continuously validate the value of existing services.

    Key Benefits Achieved

    Ensure services are still providing the expected outcome.

    Clear next steps for services based on value.

    Activities

    4.1 Discuss/review management of active services.

    4.2 Complete value assessment for an active service.

    4.3 Determine service value and usage.

    4.4 Determine the next step for the service.

    4.5 Document the decision regarding the service outcome.

    Outputs

    Understand how active services must be assessed throughout their lifecycles.

    Understand how to assess an existing service.

    Place the service on the 2x2 matrix based on value and usage.

    Understand the appropriate next steps for services based on value.

    Formally document the steps for each of the IRMR options.

    5 Manage and Communicate Your Service Portfolio

    The Purpose

    Communicate and implement the service portfolio within the organization.

    Key Benefits Achieved

    Obtain buy-ins for the process.

    Create a mechanism to identify changes within the organization and to seek out continuous improvement opportunities for the service portfolio management process and procedures.

    Activities

    5.1 Create a communication plan for service portfolio and value assessment.

    5.2 Create a communication plan for service intake.

    5.3 Create a procedure to continuously validate the process.

    Outputs

    Document the target audience, the message, and how the message should be communicated.

    Document techniques to encourage participation and promote participation from the organization.

    Document the formal review process, including cycle, roles, and responsibilities.

    Define Requirements for Outsourcing the Service Desk

    • Buy Link or Shortcode: {j2store}493|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • In organizations where technical support is viewed as non-strategic, many see outsourcing as a cost-effective way to provide this support. However, outsourced projects often fall short of their goals in terms of cost savings and the quality of support. 
    • Significant administrative work and up-front costs are required to outsource the service desk, and poor planning often results in project failure and a decrease of end-user satisfaction.
    • A complete turnover of the service desk can result in lost knowledge and control over processes, and organizations without an exit strategy can struggle to bring their service desk back in house and return the confidence of end users.

    Our Advice

    Critical Insight

    • Outsourcing is easy. Realizing the expected cost, quality, and focus benefits is hard. Successful outsourcing without being directly involved in service desk management is almost impossible.
    • You don’t need to standardize before you outsource, but you still need to conduct your due diligence. If you outsource without thinking about how you want the future to work, you will likely be unsatisfied with the result.
    • If cost is your only driver for outsourcing, understand that it comes at a cost. Customer service quality will likely be less, and your outsourcer may not add on frills such as Continual Improvement. Be careful that your specialists don’t end up spending more time working on incidents and service requests.

    Impact and Result

    • First decide if outsourcing is the correct step; there may be more preliminary work to do beforehand.
    • Assess requirements and make necessary adjustments before developing an outsource RFP.
    • Clearly define the project and produce an RFP to provide to vendors.
    • Plan for long-term success, not short-term gain.
    • Prepare to retain some of the higher-level service desk work.

    Define Requirements for Outsourcing the Service Desk Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define Requirements for Outsourcing the Service Desk Deck – A step-by-step document to walk you through building a strategy for efficient service desk outsourcing.

    This storyboard will help you craft a project charter, create an RFP, and outline strategies to build a long-term relationship with the vendor.

    • Define Requirements for Outsourcing the Service Desk – Storyboard
    • Service Desk Outsourcing Requirements Database Library

    2. Service Desk Outsourcing Project Charter Template and Requirements Library – Best-of-breed templates to help you determine processes and build a strategy to outsource them.

    These templates will help you determine your service desk requirements and document your proposed service desk outsourcing strategy.

    • Service Desk Outsourcing Project Charter Template

    3. Service Desk Outsourcing RFP Template – A structured document to help you outline expectations and communicate requirements to managed service providers.

    This template will allow you to create a detailed RFP for your outsourcing agreement, document the statement of work, provide service overview, record exit conditions, and document licensing model and estimated pricing.

    • Service Desk Outsourcing RFP Template

    4. Service Desk Outsourcing Reference Interview Template and Scoring Tool – Materials to help you conduct efficient briefings and select the best vendor to fulfill your service desk requirements.

    Use the Reference Interview Template to outline a list of questions for interviewing current/previous customers of your candidate vendors. These interviews will help you with unbiased vendor scoring. The RFP Vendor Scoring Tool will help you facilitate vendor briefings with your list of questions and score candidate vendors efficiently through quantifying evaluations.

    • Service Desk Outsourcing Reference Interview Template
    • Service Desk Outsourcing RFP Scoring Tool

    Infographic

    Further reading

    Define Requirements for Outsourcing the Service Desk

    Prepare your RFP for long-term success, not short-term gains

    Define Requirements for Outsourcing the Service Desk

    Prepare your RFP for long-term success, not short-term gains

    EXECUTIVE BRIEF

    Analyst Perspective

    Outsource services with your eyes wide open.

    Cost reduction has traditionally been an incentive for outsourcing the service desk. This is especially the case for organizations that don't have minimal processes in place and those that need resources and skills to fill gaps.

    Although cost reduction is usually the main reason to outsource the service desk, in most cases service desk outsourcing increases the cost in a short run. But without a proper model, you will only outsource your problems rather than solving them. A successful outsourcing strategy follows a comprehensive plan that defines objectives, assigns accountabilities, and sets expectations for service delivery prior to vendor outreach.

    For outsourcing the service desk, you should plan ahead, work as a group, define requirements, prepare a strong RFP, and contemplate tension metrics to ensure continual improvement. As you build a project charter to outline your strategy for outsourcing your IT services, ensure you focus on better customer service instead of cost optimization. Ensure that the outsourcer can support your demands, considering your long-term achievement.

    Think about outsourcing like a marriage deed. Take into account building a good relationship before beginning the contract, ensure to include expectations in the agreement, and make it possible to exit the agreement if expectations are not satisfied or service improvement is not achieved.

    This is a picture of Mahmoud Ramin, PhD, Senior Research Analyst, Infrastructure and Operations, Info-Tech Research Group

    Mahmoud Ramin, PhD
    Senior Research Analyst
    Infrastructure and Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    In organizations where technical support is viewed as non-strategic, many see outsourcing as a cost-effective way to provide this support. However, outsourcing projects often fall short of their goals in terms of cost savings and quality of support.

    Common Obstacles

    Significant administrative work and up-front costs are required to outsource the service desk, and poor planning often results in project failure and the decrease of end-user satisfaction.

    A complete turnover of the service desk can result in lost knowledge and control over processes, and organizations without an exit strategy can struggle to bring their service desk back in house and reestablish the confidence of end users.

    Info-Tech's Approach

    • First decide if outsourcing is the correct step; there may be more preliminary work to do beforehand.
    • Assess requirements and make necessary adjustments before developing an outsource RFP.
    • Clearly define the project and produce an RFP to provide to vendors.
    • Plan for long-term success, not short-term gains.
    • Prepare to retain some of the higher-level service desk work.

    Info-Tech Insight

    Outsourcing is easy. Realizing all of the expected cost, quality, and focus benefits is hard. Successful outsourcing without being directly involved in service desk management is almost impossible.

    Your challenge

    This research is designed to help organizations that need to:

    • Outsource the service desk or portions of service management to improve service delivery.
    • Improve and repatriate existing outsourcing outcomes by becoming more engaged in the management of the function. Regular reviews of performance metrics, staffing, escalation, knowledge base content, and customer satisfaction are critical.
    • Understand the impact that outsourcing would have on the service desk.
    • Understand the potential benefits that outsourcing can bring to the organization.

    This image contains a donut chart with the following information: Salaries and Benefits - 68.50%; Technology - 9.30%; Office Space and Facilities Expense - 14.90%; Travel, Training, and Office Supplies - 7.30%

    Source: HDI 2017

    About 68.5% of the service desk fund is allocated to agent salaries, while only 9.3% of the service desk fund is spent on technology. The high ratio of salaries and expenses over other expense drives organizations to outsource their service desk without taking other considerations into account.

    Info-Tech Insight

    The outsourcing contract must preserve your control, possession, and ownership of the intellectual property involved in the service desk operation. From the beginning of the process, repatriation should be viewed as a possibility and preserved as a capability.

    Your challenge

    This research helps organizations who would like to achieve these goals:

    • Determine objectives and requirements to outsource the service desk.
    • Develop a project charter and build an outsourcing strategy to efficiently define processes to reduce risk of failure.
    • Build an outsourcing RFP and conduct interviews to identify the best candidate for service delivery.
    • Build a long-term relationship with an outsourcing vendor, making sure the vendor is able to satisfy all requirements.
    • Include a continual improvement plan in the outsourcing strategy and contain the option upon service delivery dissatisfaction.

    New hires require between 10 and 80 hours of training (Forward Bpo Inc., 2019).

    A benchmark study by Zendesk from 45,000 companies reveals that timely resolution of issues and 24/7 service are the biggest factors in customer service experience.

    This image contains a bar graph with the following data: Timely issue resolution; 24/7 support; Friendly agent; Desired contact method; Not to repeat info; Proactive support; Self-serve; Call back; Rewards & freebies

    These factors push many businesses to consider service desk outsourcing to vendors that have capabilities to fulfill such requirements.

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • In most cases, organizations must perform significant administrative work before they can make a move. Those that fail to properly prepare impede a smooth transition, the success of the vendor, and the ability to repatriate.
    • Successful outsourcing comes from the recognition that an organization is experiencing complete turnover of its service desk staff. These organizations engage the vendor to transition knowledge and process to ensure continuity of quality.
    • IT realizes the most profound hidden costs of outsourcing when the rate of ticket escalation increases, diminishing the capacity of senior technical staff for strategic project work.

    Many organizations may not get the value they expect from outsourcing in their first year.

    Common Reasons:

    • Overall lack of due diligence in the outsourcing process
    • Unsuitable or unclear service transition plan
    • Poor service provider selection and management

    Poor transition planning results in delayed benefits and a poor relationship with your outsourcing service provider. A poor relationship with your service provider results in poor communication and knowledge transfer.

    Key components of a successful plan:

    1. Determine goals and identify requirements before developing an RFP.
    2. Finalize your outsourcing project charter and get ready for vendor evaluation.
    3. Assess and select the most appropriate provider; manage the transition and vendor relationship.

    Outsource the service desk properly, and you could see a wide range of benefits

    Service Desk Outsourcing: Ability to scale up/down; Reduce fixed costs; Refocus IT efforts on core activities; Access to up-to-date technology; Adhere to  ITSM best practices; Increased process optimization; Focus IT efforts on advanced expertise; Reframe to shift-left;

    Info-Tech Insight

    In your service desk outsourcing strategy, rethink downsizing first-level IT service staff. This can be an opportunity to reassign resources to more valuable roles, such as asset management, development or project backlog. Your current service desk staff are most likely familiar with the current technology, processes, and regulations within IT. Consider the ways to better use your existing resources before reducing headcount.

    Info-Tech's Approach

    Determine Goals

    Conduct activities in the blueprint to pinpoint your current challenges with the service desk and find out objectives to outsource customer service.

    Define Requirements

    You need to be clear about the processes that will be outsourced. Considering your objectives, we'll help you discover the processes to outsource, to help you achieve your goals.

    Develop RFP

    Your expectations should be documented in a formal proposal to help vendors provide solid information about how they will satisfy your requirements and what their plan is.

    Build Long-Term Relationship

    Make sure to plan for continual improvement by setting expectations, tracking the services with proper metrics, and using efficient communication with the provider. Think about the rainy day and include exit conditions for ending the relationship if needed.

    Info-Tech's methodology

    1. Define the Goal

    2. Design an Outsourcing Strategy

    3. Develop an RFP and Make a Long-Term Relationship

    Phase Steps

    1.1 Identify goals and objectives

    1.2 Assess outsourcing feasibility

    2.1 Identify project stakeholders

    2.2 Outline potential risks and constraints

    3.1 Prepare service overview and responsibility matrix

    3.2 Define approach to vendor relationship management

    3.3 Manage the outsource relationship

    Phase Outcomes

    Service Desk Outsourcing Vision and Goals

    Service Desk Processes to Outsource

    Outsourcing Roles and Responsibilities

    Outsourcing Risks and Constraints

    Service Desk Outsourcing Project Charter

    Service Desk Outsourcing RFP

    Continual Improvement Plan

    Exit Strategy

    This is an image of the strategy which you will use to build your requirements for outsourcing the service desk.  it includes: 1. Define the Goal; 2. Design an Outsourcing Strategy; 3. Develop RFP and long-term relationship.

    Insight summary

    Focus on value

    Outsourcing is easy. Realizing all of the expected cost, quality, and focus benefits is hard. Successful outsourcing without being directly involved in service desk management is almost impossible.

    Define outsourcing requirements

    You don't need to standardize before you outsource, but you still need to conduct your due diligence. If you outsource without thinking about how you want the future to work, you will likely be unsatisfied with the result.

    Don't focus on cost

    If cost is your only driver for outsourcing, understand that there will be other challenges. Customer service quality will likely be less, and your outsourcer may not add on frills such as Continual Improvement. Be careful that your specialists don't end up spending more time working on incidents and service requests.

    Emphasize on customer service

    A bad outsourcer relationship will result in low business satisfaction with IT overall. The service desk is the face of IT, and if users are dissatisfied with the service desk, then they are much likelier to be dissatisfied with IT overall.

    Vendors are not magicians

    They have standards in place to help them succeed. Determine ITSM best practices, define your requirements, and adjust process workflows accordingly. Your staff and end users will have a much easier transition once outsourcing proceeds.

    Plan ahead to guarantee success

    Identify outsourcing goals, plan for service and system integrations, document standard incidents and requests, and track tension metrics to make sure the vendor does the work efficiently. Aim for building a long-term relationship but contemplate potential exit strategy.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    This is a screenshot from the Service Desk Outsourcing Requirements Database Library

    Service Desk Outsourcing Requirements Database Library

    Use this library to guide you through processes to outsource

    This is a screenshot from the Service Desk Outsourcing RFP Template

    Service Desk Outsourcing RFP Template

    Use this template to craft a proposal for outsourcing your service desk

    This is a screenshot from the Service Desk Outsourcing Reference Interview Template

    Service Desk Outsourcing Reference Interview Template

    Use this template to verify vendor claims on service delivery with pervious or current customers

    This is a screenshot from the Service Desk Outsourcing Vendor Proposal Scoring Tool

    Service Desk Outsourcing Vendor Proposal Scoring Tool

    Use this tool to evaluate RFP submissions

    Key deliverable:

    This is a screenshot from the key deliverable, Service Desk Outsourcing Project Charter

    Service Desk Outsourcing Project Charter

    Document your project scope and outsourcing strategy in this template to organize the project for efficient resource and requirement allocation

    Blueprint benefits

    IT Benefits

    Business Benefits

    • Determine current challenges with the service desk and identify services to outsource.
    • Make the project charter for an efficient outsourcing strategy that will lead to higher satisfaction from IT.
    • Select the best outsource vendor that will satisfy most of the identified requirements.
    • Reduce the risk of project failure with efficient planning.
    • Understand potential feasibility of service desk outsourcing and its possible impact on business satisfaction.
    • Improve end-user satisfaction through a better service delivery.
    • Conduct more efficient resource allocation with outsourcing customer service.
    • Develop a long-term relationship between the enterprise and vendor through a continual improvement plan.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1Phase 2Phase 3

    Call #1: Scope your specific challenges and objectives

    Call #3: Identify project stakeholders, and potential risks and constraints

    Call #5: Create a detailed RFP

    Call #6: Identify strategy risks.

    Call #2: Assess outsourcing feasibility and processes to outsourceCall #4: Create a list of metrics to ensure efficient reporting

    Call #7: Prepare for vendor briefing and scoring each vendor

    Call #8: Build a communication plan

    A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 to 10 calls over the course of 4 to 6 months.

    Phase 1

    Define the goal

    Define the goal

    Design an outsourcing strategy

    Develop an RFP and make a long-term relationship

    1.1 Identify goals and objectives

    1.2 Assess outsourcing feasibility

    2.1 Identify project stakeholders

    2.2 Outline potential risks and constraints

    3.1 Prepare a service overview and responsibility matrix

    3.2 Define your approach to vendor relationship management

    3.3 Manage the outsource relationship

    This phase will walk you through the following activities:

    • Analysis outsourcing objectives
    • Assess outsourcing feasibility
    • Identify services and processes to outsource

    This phase involves the following participants:

    • Service Desk Team
    • IT Leadership

    Define requirements for outsourcing service desk support

    Step 1.1

    Identify goals and objectives

    Activities

    1.1.1 Find out why you want to outsource your service desk

    1.1.2 Document the benefits of outsourcing your service desk

    1.1.3 Identify your outsourcing vision and goals

    1.1.4 Prioritize service desk outsourcing goals to help structure your mission statement

    1.1.5 Craft a mission statement that demonstrates your decision to reach your outsourcing objectives

    Define the goal

    This step requires the following inputs:

    • List of strengths and weaknesses of the service desk
    • Challenges with the service desk

    This step involves the following participants:

    • CIO
    • IT Leadership
    • Service Desk Manager
    • IT Managers

    Outcomes of this step

    • Service desk outsourcing vision and goals
    • Benefits of outsourcing the service desk
    • Mission statement

    What is your rationale to outsource the service desk?

    Potential benefits of outsourcing the service desk:

    • Bring in the expertise and knowledge to manage tickets according to best-practice guidelines
    • Reduce the timeline to response and resolution
    • Improve IT productivity
    • Enhance IT services and improve performance
    • Augment relationship between IT and business through service-level improvement
    • Free up the internal team and focus IT on complex projects and higher priority tasks
    • Speed up service desk optimization
    • Improve end-user satisfaction through efficient IT services
    • Reduce impact of incidents through effective incident management
    • Increase service consistency via turnover reduction
    • Expand coverage hour and access points
    • Expand languages to service different geographical areas

    1.1.1 Find out why you want to outsource your service desk

    1 hour

    Service desk is the face of IT. Service desk improvement increases IT efficiency, lowers operation costs, and enhances business satisfaction.

    Common challenges that result in deciding to outsource the service desk are:

    Participants: IT Director, Service Desk Manager, Service Desk Team

    ChallengeExample
    Lack of tier 1 supportStartup does not have a dedicated service desk to handle incidents and provide services to end users.
    Inefficient ticket handlingMTTR is very high and end users are frustrated with their issues not getting solved quickly. Even if they call service desk, they are put on hold for a long time. Due to these inefficiencies, their daily work is greatly impacted.
    Restricted service hoursCompany headquartered in Texas does not have resources to provide 24/7 IT service. When users in the East Asia branch have a laptop issue, they must wait until the next day to get response from IT. This has diminished their satisfaction.
    Restricted languagesCompany X is headquartered in New York. An end user not fluent in English from Madrid calls in for support. It takes five minutes for the agent to understand the issue and log a ticket.
    Ticket backlogIT is in firefighting mode, very busy with taking care of critical incidents and requests from upper management. Almost no one is committed to the SLA because of their limited availability.

    Brainstorm your challenges with the service desk. Why have you decided to outsource your service desk? Use the above table as a sample.

    1.1.2 Document benefits of outsourcing your service desk

    1 hour

    1. Review the challenges with your current service desk identified in activity 1.1.1.
    2. Discuss possible ways to tackle these challenges. Be specific and determine ways to resolve these issues if you were to do it internally.
    3. Determine potential benefits of outsourcing the service desk to IT, business, and end users.
    4. For each benefit, describe dependencies. For instance, to reduce the number of direct calls (benefit), users should have access to service desk as a single point of contact (dependency).
    5. Document this activity in the Service Desk Outsourcing Project Charter Template.

    Download the Project Charter Template

    Input

    • List of challenges with the current service desk from activity 1.1.1

    Output

    • Benefits of outsourcing the service desk

    Materials

    • Whiteboard/flip charts
    • Markers
    • Sticky notes
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • Service Desk Team
    • IT Managers

    Why should you not consider cost reduction as a primary incentive to outsourcing the service desk?

    Assume that some of the costs will not go away with outsourcing

    When you outsource, the vendor's staff tend to gradually become less effective as:

    • They are managed by metrics to reduce costs by escalating sooner, reducing talk time, and proposing questionable solutions.
    • Turnover results in new employees that get insufficient training.

    You must actively manage the vendor to identify and resolve these issues. Many organizations find that service desk management takes more time after they outsource.

    You need to keep spending on service desk management, and you may not get away from technology infrastructure spending.

    Info-Tech Insight

    In their first year, almost 42% of Info-Tech's clients do not get the real value of outsourcing services as expected. This iss primarily because of misalignment of organizational goals with outcomes of the outsourced services.

    Consider the hidden costs of outsourcing

    Expected Costs

    Unexpected Costs

    Example

    Transition CostsSeverance and staff retention
    • Cost to adapt to vendor standards
    • Training cost of vendor staff
    • Lost productivity
    • Format for requirements
    • Training report developers to work with vendor systems
    FeesPrice of the engagement
    • Extra fees for additional services
    • Extra charges for uploading data to cloud storage
    • Portal access
    Management CostsTime directing account
    • Time directly managing vendor staff
    • Checking deliverables for errors
    • Disputing penalty amounts
    Rework CostsDowntime, defect rate, etc. (quality metrics measured in SLAs)
    • Time spent adapting deliverables for unanticipated requirements
    • Time spent assuring the quality and usefulness of deliverables
    • Completing quality assurance and updating knowledgebase articles
    • Adapting reporting for presentation to stakeholders

    Determine strategies to avoid each hidden cost

    Costs related to transitioning into the engagementAdapting to standards and training costs

    Adapting to standards: Define the process improvements you will need to work with each potential vendor.

    Training costs for vendor staff: Reduce training costs by keeping the same vendor staff on all of your projects.

    Fee-related costs

    Fees for additional services (that you thought were included)

    Carefully review each proposed statement of work to identify and reduce extra fees. Understand why extra fees occur in the SLA, the contract, and the proposed statement of work, and take steps to protect yourself and the vendor.

    Management-related costs

    Direct management of vendor staff and dispute resolution

    Direct management of vendor staff: Avoid excessive management costs by defining a two-tier management structure on both sides of the engagement.

    Time spent resolving disputes: Avoid prolonged resolution costs by defining terms of divorce for the engagement up front.

    Rework costs

    Unanticipated requirements and integration with existing systems

    Unanticipated requirements: Use a two-stage process to define requirements, starting with business people and then with review by technical staff.

    Integration with existing systems: Obtain a commitment from vendors that deliverables will conform to standards at points of integration with your systems.

    Your outsourcing strategy should address the reasons you decided to outsource

    A clear vision of strategic objectives prior to entering an outsourcing agreement will allow you to clearly communicate these objectives to the Managed Service Provider (MSP) and use them as a contracted basis for the relationship.

    • Define the business' overall approach to outsourcing along with the priorities, rules, and principles that will drive the outsourcing strategy and every subsequent outsourcing decision and activity.
    • Define specific business, service, and technical goals for the outsourcing project and relevant measures of success.

    "People often don't have a clear direction around what they're trying to accomplish. The strategic goals should be documented. Is this a cost-savings exercise? Is it because you're deficient in one area? Is it because you don't have the tools or expertise to run the service desk yourself? Figure out what problem you're trying to solve by outsourcing, then build your strategy around that.
    – Jeremy Gagne, Application Support Delivery Manager, Allegis Group

    Most organizations are driven to consider outsourcing their service desk hoping to improve the following:

    • Ability to scale (train people and acquire skills)
    • Focus on core competencies
    • Decrease capital costs
    • Access latest technology without large investment
    • Resolve labor force constraints
    • Gain access to special expertise without paying a full salary
    • Save money overall

    Info-Tech Insight

    Use your goals and objectives as a management tool. Clearly outline your desired project outcomes to both your in-house team and the vendor during implementation and monitoring. It will allow a common ground to unite both parties as the project progresses.

    Mitigate pitfalls that lay in the way of desired outcomes of outsourcing

    Desired outcomePitfalls to overcome
    IT can focus on core competencies and strategic initiatives rather than break-fix tasks.Escalation to second- and third-level support usually increases when the first level has been outsourced. Outsourcers will have less experience with your typical incidents and will give up on trying to solve some issues more quickly than your internal level-one staff.
    Low outsourcing costs compared to the costs needed to employ internal employees in the same role. Due to lack of incentive to decrease ticket volume, costs are likely to increase. As a result, organizations often find themselves paying more overall for an outsourced service desk than if they had a few dedicated IT service desk employees in-house.
    Improved employee morale as a result of being able to focus on more interesting tasks.Management often expects existing employee morale to increase as a result of shifting their focus to core and strategic tasks, but the fear of diminished job security often spreads to the remaining non-level-one employees.

    1.1.3 Identify outsourcing vision and goals

    Identify the goals and objectives of outsourcing to inform your strategy.

    Participants: IT Director, Service Desk Manager, Service Desk Team

    1-2 hours

    1. Meet with key business stakeholders and the service desk staff who were involved in the decision to outsource.
    2. As a group, review the results from activity 1.1.1 (challenges with current service desk operations) and identify the goals and objectives of the outsourcing initiative.
    3. Determine the key performance indicator (KPI) for each goal.
    4. Identify the impacted stakeholder/s for each goal.
    5. Discuss checkpoint schedule for each goal to make sure the list stays updated.

    Use the sample table as a starting point:

    1. Document your table in the Service Desk Outsourcing Project Charter Template.
    IDGoal DescriptionKPIImpacted StakeholdersCheckpoint Schedule
    1Provide capacity to take calls outside of current service desk work hours
    • Decreased in time to response
    • Decreased time to resolve
    • IT Entire organization
    • Every month
    2Take calls in different languages
    • Improved service delivery in different geographical regions
    • Improved end-user satisfaction
    • End users
    • Every month
    3Provide field support at remote sites with no IT presence without having to fly out an employee
    • 40% faster incident resolution and request fulfillment
    • Entire organization
    • Every month
    4Improve ease of management by vendor helping with managing and optimizing service desk tasks
    • Improved service management efficiency
    • Entire organization
    • Every 3 months

    Download the Project Charter Template

    Evaluate organizational demographics to assess outsourcing rationale

    The size, complexity, and maturity of your organization are good indicators of service desk direction with regards to outsourcing.

    Organization Size

    • As more devices, applications, systems, and users are added to the mix, vendor costs will increase but their ability to meet business needs will decrease.
    • Small organizations are often either rejected by vendors for being too small or locked into a contract that is overkill for their actual needs (and budget).

    Complexity

    • Highly customized environments and organizations with specialized applications or stringent regulatory requirements are very difficult to outsource for a reasonable cost and acceptable quality.
    • In these cases, the vendor is required to train skilled support or ends up escalating more tickets back to second- and third-level support.

    Requirements

    • Organizations looking to outsource must have defined outsourcing requirements before looking at vendors.
    • Without a requirement assessment, the vendor won't have guidelines to follow and you won't be able to measure their adherence.

    Info-Tech Insight

    Although less adherence to service desk best practices can be one of the main incentives to outsourcing the service desk, IT should have minimal processes in place to be able to set expectations with targeting vendors.

    1.1.4 Prioritize service desk outsourcing goals to help structure mission statement

    0.5-1 hour

    The evaluation process for outsourcing the service desk should be done very carefully. Project leaders should make sure they won't panic internal resources and impact their performance through the transition period.

    If the outsourcing process is rushed, it will result in poor evaluation, inefficient decision making, and project failure.

    1. Refer to results in activity 1.1.3. Discuss the service desk outsourcing goals once again.
    2. Brainstorm the most important objectives. Use sticky notes to prioritize the items from the most important to the least important.
    3. Edit the order accordingly.

    Input

    • Project goals from activity 1.1.3

    Output

    • Prioritized list of outsourcing goals

    Materials

    • Whiteboard/flip charts
    • Markers
    • Sticky notes
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • Service Desk Team
    • IT Managers

    Download the Project Charter Template

    1.1.5 Craft a mission statement that demonstrates your decision to reach outsourcing objectives

    Participants: IT Director, Service Desk Manager

    0.5-1 hour

    The IT mission statement specifies the function's purpose or reason for being. The mission should guide each day's activities and decisions. The mission statement should use simple and concise terminology and speak loudly and clearly, generating enthusiasm for the organization.

    Strong IT mission statements:

    • Articulate the IT function's purpose and reason for existence
    • Describe what the IT function does to achieve its vision
    • Define the customers of the IT function
    • Can be described as:
      • Compelling
      • Easy to grasp
      • Sharply focused
      • Inspirational
      • Memorable
      • Concise

    Sample mission statements:

    • To help fulfill organizational goals, IT has decided to empower business stakeholders with outsourcing the service desk.
    • To support efficient IT service provision, better collaboration, and effective communication, [Company Name] has decided to outsource the service desk.
    • [Company Name] plans to outsource the service desk so it can identify bottlenecks and inefficiencies with current service desk processes and enable [Company Name] to innovate and support business growth.
    • Considering the goals and benefits determined in the previous activities, outline a mission statement.
    • Document your outsourcing mission statement in the "Project Overview" section of the Project Charter Template.

    Download the Project Charter Template

    Step 1.2

    Assess outsourcing feasibility

    Activities

    1.2.1 Create a baseline of customer experience

    1.2.2 Identify service desk processes to outsource

    1.2.3 Design an outsourcing decision matrix for service desk processes and services

    1.2.4 Discuss if you need to outsource only service desk or if additional services would benefit from outsourcing too

    Define the goal

    This step requires the following inputs:

    • List of service desk tasks and responsibilities

    This step involves the following participants:

    • CIO
    • IT Leadership
    • Service Desk Manager
    • Infrastructure Manager

    Outcomes of this step

    • End-user satisfaction with the service desk
    • List of processes and services to outsource

    1.2.1 Create a baseline of customer experience

    Solicit targeted department feedback on IT's core service capabilities, communications, and business enablement from end users. Use this feedback to assess end-user satisfaction with each service, broken down by department and seniority level.

    1. Complete an end-user satisfaction survey to define the current state of your IT services, including service desk (timeliness and effectiveness). With Info-Tech's end-user satisfaction program, an analyst will help you set up the diagnostic and will go through the report with you.
    2. Evaluate survey results.
    3. Communicate survey results with team leads and discuss the satisfaction rates and comments of the end users.
    4. Schedule to launch another survey one year after outsourcing the service desk.
    5. Your results will be compared to the following year's results to analyze the overall success/failure of your outsourcing project.

    A decrease of business and end-user satisfaction is a big drive to outsourcing the service desk. Conduct a customer service survey to discover your end-user experience prior to and after outsourcing the service desk.

    Don't get caught believing common misconceptions: outsourcing doesn't mean sending away all the work

    First-time outsourcers often assume they are transferring most of the operations over to the vendor, but this is often not the case.

    1. Management of performance, SLAs, and customer satisfaction remain the responsibility of your organization.
    2. Service desk outsource vendors provide first-line response. This includes answering the phones, troubleshooting simple problems, and redirecting requests that are more complex.
    3. The vendor is often able to provide specialized support for standard applications (and for customized applications if you'll pay for it). However, the desktop support still needs someone onsite, and that service is very expensive to outsource.
    4. Tickets that are focused on custom applications and require specialized or advanced support are escalated back to your organization's second- and third-level support teams.

    Switching to a vendor won't necessarily improve your service desk maturity

    You should have minimal requirements before moving.

    Whether managing in-house or outsourcing, it is your job to ensure core issues have been clarified, processes defined, and standards maintained. If your processes are ad-hoc or non-existent right now, outsourcing won't fix them.

    You must have the following in place before looking to outsource:

    • Defined reporting needs and plans
    • Formalized skill-set requirements
    • Problem management and escalation guidelines
    • Ticket templates and classification rules
    • Workflow details
    • Knowledge base standards

    Info-Tech Insight

    If you expect your problems to disappear with outsourcing, they might just get worse.

    Define long-term requirements

    Anticipate growth throughout the lifecycle of your outsourcing contract and build that into the RFP

    • Most outsourcing agreements typically last three to five years. In that time, you risk outgrowing your service provider by neglecting to define your long-term service desk requirements.
    • Outgrowing your vendor before your contract ends can be expensive due to high switching costs. Managing multiple vendors can also be problematic.
    • It is crucial to define your service desk requirements before developing a request for proposal to make sure the service you select can meet your organization's needs.
    • Make sure that the business is involved in this planning stage, as the goals of IT need to scale with the growth strategy of the business. You may select a vendor with no additional capacity despite the fact that your organization has a major expansion planned to begin two years from now. Assessing future requirements also allows you to culture match with the vendor. If your outlooks and practices are similar, the match will likely click.

    Info-Tech Insight

    Don't select a vendor for what your company is today – select a vendor for what your company will be years from now. Define your future service desk requirements in addition to your current requirements and leave room for growth and development.

    You can't outsource everything

    Manage the things that stay in-house well or suffer the consequences.

    "You can't outsource management; you can only outsource supervision." Barry Cousins, Practice Lead, Info-Tech Research Group

    What can be the vendor in charge of?

    What stays in-house?

    • Call and email answering
    • Ongoing daily ticket creation and tracking
    • Tier 1 support
    • Internal escalation to Level 2 support
    • External escalation to specialized Level 2 and Level 3 support
    • Knowledge base article creation
    • Service desk-related hardware acquisition and maintenance
    • Service desk software acquisition and maintenance
    • Security and access management
    • Disaster recovery
    • Staff acquisition
    • Facilities
    • The role of the Service Desk Manager
    • Skills and training standards
    • Document standardization
    • Knowledge base quality assurance and documentation standardization
    • Self-service maintenance, promotion, and ownership
    • Short and long-term tracking of vendor performance

    Info-Tech Insight

    The need for a Service Desk Manager does not go away when you outsource. In fact, the need becomes even stronger and never diminishes.

    Assess current service desk processes before outsourcing

    Process standards with areas such as documentation, workflow, and ticket escalation should be in place before the decision to outsource has been made.

    Every effective service desk has a clear definition of the services that they are performing for the end user. You can't provide a service without knowing what the services are.

    MSPs typically have their own set of standards and processes in play. If your service desk is not at a similar level of maturity, outsourcing will not be pleasant.

    Make sure that your metrics are reported consistently and that they tell a story.

    "Establish baseline before outsourcing. Those organizations that don't have enough service desk maturity before outsourcing should work with the outsourcer to establish the baseline."
    – Yev Khobrenkov, Enterprise Consultant, Solvera Solutions

    Info-Tech Insight

    Outsourcing vendors are not service desk builders; they're service desk refiners. Switching to a vendor won't improve your maturity; you must have a certain degree of process maturity and standardization before moving.

    Case Study

    INDUSTRY: Cleaning Supplies

    SOURCE: PicNet

    Challenge

    • Reckitt Benckiser of Australia determined that its core service desk needed to be outsourced.
    • It would retain its higher level service desk staff to work on strategic projects.
    • The MSP needed to fulfill key requirements outlined by Reckitt Benckiser.

    Solution

    • Reckitt Benckiser recognized that its rapidly evolving IT needs required a service desk that could fulfill the following tasks:
    • Free up internal IT staff.
    • Provide in-depth understanding of business apps.
    • Offer efficient, cost-effective support onsite.
    • Focus on continual service improvement (CSI).

    Results

    • An RFP was developed to support the outsourcing strategy.
    • With the project structure outlined and the requirements of the vendor for the business identified, Reckitt Benckiser could now focus on selecting a vendor that met its needs.

    1.2.1 Identify service desk processes to outsource

    2-3 hours

    Review your prioritized project goals from activity 1.1.4.

    Brainstorm requirements and use cases for each goal and describe each use case. For example: To improve service desk timeliness, IT should improve incident management, to resolve incidents according to the defined SLA and based on ticket priority levels.

    Discuss if you're outsourcing just incident management or both incident management and request fulfillment. If both, determine what level of service requests will be outsourced? Will you ask the vendor to provide a service catalog? Will you outsource self-serve and automation?

    Document your findings in the service desk outsourcing requirements database library.

    Input

    • Outsourcing project goals from activity 1.1.4

    Output

    • List of processes to outsource

    Materials

    • Sticky notes
    • Markers
    • Whiteboard/flip charts
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • Service Desk Team

    Download the Requirements Database Library

    1.2.2 Design an outsourcing decision matrix for service desk processes and services

    Participants: IT Director, Service Desk Manager, Infrastructure manager

    2-3 hours

    Most successful service desk outsourcing engagements have a primary goal of freeing up their internal resources to work on complex tasks and projects. The key outsourcing success factor is to find out internal services and processes that are standardized or should be standardized, and then determine if they can be outsourced.

    1. Review the list of identified service desk processes from activity 1.2.1.
    2. Discuss the maturity level of each process (low, medium, high) and document under the maturity column of the Outsource the Service Desk Requirements Database Library.
    3. Use the following decision matrix for each process. Discuss which tasks are important to strategic objectives, which ones provide competitive advantage, and which ones require specialized in-house knowledge.
    4. Identify processes that receive high vendor's performance advantage. For instance, access to talent, lower cost at scale, and access to technology.
    5. In your outsourcing assessment, consider a narrow scope of engagement and a broad view of what is important to business outcome.
    6. Based on your findings, determine the priority of each process to be outsourced. Document results in the service desk outsourcing requirements database library, and section 4.1 of the service desk outsourcing project charter.
    • Important to strategic objectives
    • Provides competitive advantage
    • Specialized in-house knowledge required

    This is an image of a quadrant analysis, where the X axis is labeled Vendor's Performance Advantage, and the Y axis is labeled Importance to Business Outcomes.

    • Talent/access to skills
    • Economies of scale/lower cost at scale
    • Access to technology

    Download the Requirements Database Library

    Download the Project Charter Template

    Maintain staff and training: you need to know who is being hired, how, and why

    Define documentation rules to retain knowledge

    • Establish a standard knowledge article template and list of required information.
    • Train staff on the requirements of knowledge base creation and management. Help them understand the value of the time spent recording their work.
    • It is your responsibility to assure the quality of each knowledge article. Outline accountabilities for internal staff and track for performance evaluations.

    For information on better knowledge management, refer to Info-Tech's blueprint Optimize the Service Desk With a Shift-Left Strategy.

    Expect to manage stringent skills and training standards

    • Plan on being more formal about a Service Manager position and spending more time than you allocated previously.
    • Complete a thorough assessment of the skills you need to keep the service desk running smoothly.
    • Don't forget to account for any customized or proprietary systems. How will you train vendor staff to accommodate your needs? What does their turnaround look like: would it be more likely that you acquire a dependable employee in-house?
    • Staffing requirements need to be actively monitored to ensure the outsourcer doesn't have degradation of quality or hiring standards. Don't assume that things run well – complete regular checks and ask for access to audit results.
    • Are the systems and data being accessed by the vendor highly sensitive or subject to regulatory requirements? If so, it is your job to ensure that vendor staff are being screened appropriately.

    Does your service desk need to integrate to other IT services?

    A common challenge when outsourcing multiple services to more than one vendor is a lack of collaboration and communication between vendors.

    • Leverage SIAM capabilities to integrate service desk tasks to other IT services, if needed.
    • "Service Integration and Management (SIAM) is a management methodology that can be applied in an environment that includes services sourced from a number of service providers" (Scopism Limited, 2020).
    • SIAM supports cross-functional integrations. Organizations that look for a single provider will be less likely to get maximum benefits from SIAM.

    There are three layers of entities in SIAM:

    • Customer Organization: The customer who receives services, who defines the relationship with service providers.
    • Service Integrator: End-to-end service governance and integration is done at this layer, making sure all service providers are committed to their services.
    • Service Provider: Responsible party for service delivery according to contract. It can be combination of internal provider, managed by internal agreements, and external provider, managed by SLAs between providers and customer organization.

    Use SIAM to obtain better results from multiple service providers

    In the SIAM model, the customer organization keeps strategic, governance, and business activities, while integrating other services (either internally or externally).

    This is an image of the SIAM model

    SIAM Layers. Source: SIAM Foundation BoK

    Utilize SIAM to obtain better results from multiple service providers

    SIAM reduces service duplication and improves service delivery via managing internal and external service providers.

    To utilize the SIAM model, determine the following components:

    • Service providers
    • Service consumers
    • Service outcomes
    • Service obstacles and boundaries
    • Service dependencies
    • Technical requirements and interactions for each service
    • Service data and information including service levels

    To learn more about adopting SIAM, visit Scopism.

    1.2.3 Discuss if you need to outsource only service desk or if additional services would benefit from outsourcing too

    1-2 hours

    • Discuss principles and goals of SIAM and how integrating other services can apply within your processes.
    • Review the list of service desk processes and tasks to be outsourced from activities 1.2.1 and 1.2.2.
    • Brainstorm a list of other services that are outsourced/need to be outsourced.
    • Determine providers of each service (both internal and external). Document the other services to be integrated in the project charter template and requirements database library.

    Input

    • SIAM objectives
    • List of service desk processes to outsource

    Output

    • List of other services to outsource and integrate in the project

    Materials

    • Sticky notes
    • Markers
    • Whiteboard/flip charts
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • Service Desk Team

    Download the Requirements Database Library

    Download the Project Charter Template

    Establish requirements for problem management in the outsourcing plan

    Your MSP should not just fulfill SLAs – they should be a proactive source of value.

    Problem management is a group effort. Make sure your internal team is assisted with sufficient and efficient data by the outsourcer to conduct a better problem management.

    Clearly state your organization's expectations for enabling problem management. MSPs may not necessarily need, and cannot do, problem management; however, they should provide metrics to help you discover trends, define recurring issues, and enable root cause analysis.

    For more information on problem management, refer to Info-Tech's blueprint Improve Incident and Problem Management.

    PROBLEM MANAGEMENT

    INCIDENT MANAGEMENT

    INTAKE: Ticket data from incident management is needed for incident matching to identify problems. Critical Incidents are also a main input to problem management.

    EVENT MANAGEMENT

    INTAKE: SMEs and operations teams monitoring system health events can identify indicators of potential future issues before they become incidents.

    APPLICATION, INFRASTRUCTURE, and SECURITY TEAMS

    ACTION: Problem tickets require investigation from relevant SMEs across different IT teams to identify potential solutions or workarounds.

    CHANGE MANAGEMENT

    OUTPUT: Problem resolution may need to go through Change Management for proper authorization and risk management.

    Outline problem management protocols to gain value from your service provider

    • For example, with a deep dive into ticket trend analysis, your MSP should be able to tell you that you've had a large number of tickets on a particular issue in the past month, allowing you to look into means to resolve the issue and prevent it from reoccurring.
    • A proactive MSP should be able to help your service levels improve over time. This should be built into the KPIs and metrics you ask for from the outsourcer.

    Sample Scenario

    Your MSP tracks ticket volume by platform.

    There are 100 network tickets/month, 200 systems tickets/month, and 5,000 end-user tickets/month.

    Tracking these numbers is a good start, but the real value is in the analysis. Why are there 5,000 end-user tickets? What are the trends?

    Your MSP should be providing a monthly root-cause analysis to help improve service quality.

    Outcomes:

    1. Meeting basic SLAs tells a small part of the story. The MSP is performing well in a functional sense, but this doesn't shed any insight on what kind of knowledge or value is being added.
    2. The MSP should provide routine updates on ticket trends and other insights gained through data analysis.
    3. A commitment to continual improvement will provide your organization with value throughout the duration of the outsourcing agreement.

    Phase 2

    Design an Outsourcing Strategy

    Define the goal

    Design an outsourcing strategy

    Develop an RFP and make a long-term relationship

    1.1 Identify goals and objectives

    1.2 Assess outsourcing feasibility

    2.1 Identify project stakeholders

    2.2 Outline potential risks and constraints

    3.1 Prepare a service overview and responsibility matrix

    3.2 Define your approach to vendor relationship management

    3.3 Manage the outsource relationship

    This phase will walk you through the following activities:

    • Identify roles and responsibilities
    • Determine potential risks of outsourcing the service desk
    • Build a list of metrics

    This phase involves the following participants:

    • Service Desk Team
    • IT Leadership

    Define requirements for outsourcing service desk support

    Step 2.1

    Identify project stakeholders

    Activity

    2.1.1 Identify internal outsourcing roles and responsibilities

    Design an Outsourcing Strategy

    This step requires the following inputs:

    • List of service desk roles
    • Service desk outsourcing goals

    This step involves the following participants:

    • IT Managers
    • Project Team
    • Service Desk Manager

    Outcome of this step

    • Outsourcing roles and responsibilities

    Design an outsourcing strategy to capture the vision of your service desk

    An outsourcing strategy is crucial to the proper accomplishment of an outsourcing project. By taking the time to think through your strategy beforehand, you will have a clear idea of your desired outcomes. This will make your RFP of higher quality and will result in a much easier negotiation process.

    Most MSPs are prepared to offer a standard proposal to clients who do not know what they want. These are agreements that are doomed to fail. A clearly defined set of goals (discussed in Phase 1), risks, and KPIs and metrics (covered in this phase) makes the agreement more beneficial for both parties in the long run.

    1. Identify goals and objectives
    2. Determine mission statement
    3. Define roles and responsibilities
    4. Identify risks and constraints
    5. Define KPIs and metrics
    6. Complete outsourcing strategy

    A successful outsourcing initiative depends on rigorous preparation

    Outsourcing is a garbage in, garbage out initiative. You need to give your service provider the information they need to provide an effective product.

    • Data quality is critical to your outsourcing initiative's success.
    • Your vendor will be much better equipped to help you and to better price its services if it has a thorough understanding of your IT environment.
    • This means more than just building a catalog of your hardware and software. You will need to make available documented policies and processes so you and your vendor can understand where they fit in.
    • Failure to completely document your environment can lead to a much longer time to value as your provider will have to spend much more time (and thus much more money) getting their service up and running.

    "You should fill the gap before outsourcing. You should make sure how to measure tickets, how to categorize, and what the cost of outsourcing will be. Then you'll be able to outsource the execution of the service. Start your own processes and then outsource their execution."
    – Kris Krishan, Head of IT and business systems, Waymo

    Case Study

    Digital media company built an outsourcing strategy to improve customer satisfaction

    INDUSTRY: Digital Media

    SOURCE: Auxis

    Challenge

    A Canadian multi-business company with over 13,000 employees would like to maintain a growing volume of digital content with their endpoint management.

    The client operated a tiered model service desk. Tier 1 was outsourced, and tier 2 tasks were done internally, for more complex tasks and projects.

    As a result of poor planning and defining goals, the company had issues with:

    • Low-quality ticket handling
    • High volume of tickets escalated to tier 2, restraining them from working on complex tickets
    • High turn over and a challenge with talent retention
    • Insufficient documentation to train external tier 1 team
    • Long resolution time and low end-user satisfaction

    Solution

    The company structured a strategy for outsourcing service desk and defined their expectations and requirements.

    They engaged with another outsourcer that would fulfill their requirements as planned.

    With the help of the outsourcer's consulting team, the client was able to define the gaps in their existing processes and system to:

    • Implement a better ticketing system that could follow best-practices guidelines
    • Restructure the team so they would be able to handle processes efficiently

    Results

    The proactive planning led to:

    • Significant improvement in first call resolution (82%).
    • MTTR improvement freed tier 2 to focus on business strategic objectives and allowed them to work on higher-value activities.
    • With a better strategy around outsourcing planning, the company saved 20% of cost compared to the previous outsourcer.
    • As a result of this partnership, the company is providing a 24/7 structure in multiple languages, which is aligned with the company's growth.
    • Due to having a clear strategy built for the project, the client now has better visibility into metrics that support long-term continual improvement plans.

    Define roles and responsibilities for the outsourcing transition to form the base of your outsourcing strategy

    There is no "I" in outsource; make sure the whole team is involved

    Outsourcing is a complete top-to-bottom process that involves multiple levels of engagement:

    • Management must make high-level decisions about staffing and negotiate contract details with the vendor.
    • Service desk employees must execute on the documentation and standardization of processes in an effort to increase maturity.
    • Roles and responsibilities need to be clearly defined to ensure that all aspects of the transition are completed on time.
    • Implement a full-scale effort that involves all relevant staff. The most common mistake is to have the project design follow the same top-down pattern as the decision-making process.

    Info-Tech Insight

    The service desk doesn't operate in isolation. The service desk interfaces with many other parts of the organization (such as finance, purchasing, field support, etc.), so it's important to ensure you engage stakeholders from other departments as well. If you only engage the service desk staff in your discussions around outsourcing strategy and RFP development, you may miss requirements that will come up when it's too late.

    2.1.1 Identify internal outsourcing roles and responsibilities

    2 hours

    1. The sample RACI chart in section 5 of the Project Charter Template outlines which positions are responsible, accountable, consulted, and informed for each major task within the outsourcing project.
    2. Responsible, is the group that is responsible for the execution and oversight of activities for the project. Accountable is the owner of the task/process, who is accountable for the results and outcomes. Consulted is the subject matter expert (SME) who is actively involved in the task/process and consulted on decisions. Informed is not actively involved with the task/process and is updated about decisions around the task/process.
    3. Make sure that you assign only one person as accountable per process. There can be multiple people responsible for each task. Consulted and Informed are optional for each task.
    4. Complete the RACI chart with recommended participants, and document in your service desk outsourcing project charter, under section 5.

    Input

    • RACI template
    • Org chart

    Output

    • List of roles and responsibilities for outsource project

    Materials

    • Whiteboard/flip charts
    • Markers
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • Service Desk Team

    Download the Project Charter Template

    Step 2.2

    Outline potential risks and constraints

    Activities

    2.2.1 Identify potential risks and constraints that may impact achievement of objectives

    2.2.2 Arrange groups of tension metrics to balance your reporting

    Design an Outsourcing Strategy

    This step will walk you through the following activities:

    • Outsourcing objectives
    • Potential risks

    This step involves the following participants:

    • IT Managers
    • Project Team
    • Service Desk Manager

    Outcomes of this step

    • Mitigation strategy for each risk
    • Service desk metrics

    Know your constraints to reduce surprises during project implementation

    No service desk is perfect; know your limits and plan accordingly

    Define your constraints to outsourcing the service desk.

    Consider all types of constraints and opportunities, including:

    • Business forces
    • Economic cycles
    • Disruptive tech
    • Regulation and compliance issues
    • Internal organizational issues

    Within the scope of a scouring decision, define your needs and objectives, measure those as much as possible, and compare them with the "as-is" situation.

    Start determining what alternative approaches/scenarios the organization could use to fill the gaps. Start a comparison of scenarios against drivers, goals, and risks.

    Constraints

    Goals and objectives

    • Budget
    • Maturity
    • Compliance
    • Regulations
    • Outsourcing Strategy

    Plan ahead for potential risks that may impede your strategy

    Risk assessment must go hand-in-hand with goal and objective planning

    Risk is inherent with any outsourcing project. Common outsourcing risks include:

    • Lack of commitment to the customer's goals from the vendor.
    • The distraction of managing the relationship with the vendor.
    • A perceived loss of control and a feeling of over-dependence on your vendor.
    • Managers may feel they have less influence on the development of strategy.
    • Retained staff may feel they have become less skilled in their specialist field.
    • Unanticipated expenses that were assumed to be offered by the vendor.
    • Savings only result from high capital investment in new projects on the part of the customer.

    Analyze the risks associated with a specific scenario. This analysis should identify and understand the most common sourcing and vendor risks using a risk-reward analysis for selected scenarios. Use tools and guidelines to assess and manage vendor risk and tailor risk evaluation criteria to the types of vendors and products.

    Info-Tech Insight

    Plan for the worst to prevent it from happening. Evaluating risk should cover a wide variety of scenarios including the worst possible cases. This type of thinking will be crucial when developing your exit strategy in a later exercise.

    2.2.1 Identify potential risks and constraints that may impact achievement of objectives

    1-3 hours

    1. Brainstorm any potential risks that may arise through the outsourcing project. Describe each risk and categorize both its probability of occurring and impact on the organization as high (H), medium (M), or low (L), using the table below:
    Risk Description

    Probability(H/M/L)

    Impact(H/M/L)Planned Mitigation
    Lack of documentationMMUse cloud-based solution to share documents.
    Knowledge transferLMDetailed knowledge-sharing agreement in place in the RFP.
    Processes not followedLHClear outline and definition of current processes.
    1. Identify any constraints for your outsourcing strategy that may restrict, limit, or place certain conditions on the outsourcing project.
      • This may include budget restrictions or staffing limitations.
      • Identifying constraints will help you be prepared for risks and will lessen their impact.
    2. Document risks and constraints in section 6 of the Service Desk Outsourcing Project Charter Template.

    Input

    • RACI template
    • Org chart

    Output

    • List of roles and responsibilities for outsource project

    Materials

    • Whiteboard/flip charts
    • Markers

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • Service Desk Team

    Download the Project Charter Template

    Define service tiers and roles to develop clear vendor SLAs

    Management of performance, SLAs, and customer satisfaction remain the responsibility of your organization.

    Define the tiers and/or services that will be the responsibility of the MSP, as well as escalations and workflows across tiers. A sample outsourced structure is displayed here:

    External Vendor

    Tickets beyond the scope of the service desk staff need to be escalated back to the vendor responsible for the affected system.

    Tier 3

    Tickets that are focused on custom applications and require specialized or advanced support are escalated back to your organization's second- and third-level support teams.

    Tier 2

    The vendor is often able to provide specialized support for standard applications. However, the desktop support still needs someone onsite as that service is very expensive to outsource.

    Tier 1

    Service desk outsource vendors provide first-line response. This includes answering the phones, troubleshooting simple problems, and redirecting requests that are more complex.

    Info-Tech Insight

    If you outsource everything, you'll be at the mercy of consultancy or professional services shops later on. You won't have anyone in-house to help you deploy anything; you're at the mercy of a consultant to come in and tell you what to do and how much to spend. Keep your highly skilled people in-house to offset what you'd have to pay for consultancy. If you need to repatriate your service desk later on, you will need skills in-house to do so.

    Don't become obsessed with managing by short-term metrics – look at the big picture

    "Good" metric results may simply indicate proficient reactive fixing; long-term thinking involves implementing proactive, balanced solutions.

    KPIs demonstrate that you are running an effective service desk because:

    • You close an average of 300 tickets per week
    • Your first call resolution is above 90%
    • Your talk time is less than five minutes
    • Surveys reveal clients are satisfied

    While these results may appear great on the surface, metrics don't tell the whole story.

    The effort from any support team seeks to balance three elements:

    FCR: Time; Resources; Quality

    First-Contact Resolution (FCR) Rate

    Percentage of tickets resolved during first contact with user (e.g. before they hang up or within an hour of submitting ticket). Could be measured as first-contact, first-tier, or first-day resolution.

    End-User Satisfaction

    Perceived value of the service desk measured by a robust annual satisfaction survey of end users and/or transactional satisfaction surveys sent with a percentage of tickets.

    Ticket Volume and Cost Per Ticket

    Monthly operating expenses divided by average ticket volume per month. Report ticket volume by department or ticket category, and look at trends for context.

    Average Time to Resolve (incidents) or Fulfill (service requests)

    Time elapsed from when a ticket is "open" to "resolved." Distinguish between ticket resolution vs. closure, and measure time for incidents and service requests separately.

    Focus on tension metrics to achieve long-term success

    Tension metrics help create a balance by preventing teams from focusing on a single element.

    For example, an MSP built incentives around ticket volume for their staff, but not the quality of tickets. As a result, the MSP staff rushed through tickets and gamed the system while service quality suffered.

    Use metrics to establish baselines and benchmarking data:

    • If you know when spikes in ticket volumes occur, you can prepare to resource more appropriately for these time periods
    • Create KB articles to tackle recurring issues and assist tier 1 technicians and end users.
      • Employ a root cause analysis to eliminate recurring tickets.

    "We had an average talk time of 15 minutes per call and I wanted to ensure they could handle those calls in 15 minutes. But the behavior was opposite, [the vendor] would wrap up the call, transfer prematurely, or tell the client they'd call them back. Service levels drive behavior so make sure they are aligned with your strategic goals with no unintended consequences."
    – IT Services Manager, Banking

    Info-Tech Insight

    Make sure your metrics work cooperatively. Metrics should be chosen that cause tension on one another. It's not enough to rely on a fast service desk that doesn't have a high end-user satisfaction rate or runs at too high a cost; there needs to be balance.

    2.2.2 Arrange groups of tension metrics to balance your reporting

    1-3 hours

    1. Define KPIs and metrics that will be critical to service desk success.
    2. Distribute sticky notes of different colors to participants around the table.
    3. Select a space to place the sticky notes – a table, whiteboard, flip chart, etc. – and divide it into three zones.
    4. Refer to your defined list of goals and KPIs from activity 1.1.3 and discuss metrics to fulfill each KPI. Note that each goal (critical success factor, CSF) may have more than one KPI. For instance:
      1. Goal 1: Increase end-user satisfaction; KPI 1: Improve average transactional survey score. KPI 2: Improve annual relationship survey score.
      2. Goal 2: Improve service delivery; KPI 1: Reduce time to resolve incidents. KPI 2: Reduce time to fulfill service requests.
    5. Recall that tension metrics must form a balance between:
      1. Time
      2. Resources
      3. Quality
    6. Record the results in section 7 of the Service Desk Outsourcing Project Charter Template.

    Input

    • Service desk outsourcing goals
    • Service desk outsourcing KPIs

    Output

    • List of service desk metrics

    Materials

    • Whiteboard/flip charts
    • Sticky notes
    • Markers
    • Laptops

    Participants

    • Project Team
    • Service Desk Manager

    Download the Project Charter Template

    Phase 3

    Develop an RFP and make a long-term relationship

    Define the goal

    Design an outsourcing strategy

    Develop an RFP and make a long-term relationship

    1.1 Identify goals and objectives

    1.2 Assess outsourcing feasibility

    2.1 Identify project stakeholders

    2.2 Outline potential risks and constraints

    3.1 Prepare a service overview and responsibility matrix

    3.2 Define your approach to vendor relationship management

    3.3 Manage the outsource relationship

    This phase will walk you through the following activities:

    • Build your outsourcing RFP
    • Set expectations with candidate vendors
    • Score and select your vendor
    • Manage your relationship with the vendor

    This phase involves the following participants:

    • CIO
    • Service Desk Manager
    • IT Managers
    • Project Managers

    Define requirements for outsourcing service desk support

    Step 3.1

    Prepare a service overview and responsibility matrix

    Activities

    3.1.1 Evaluate your technology, people, and process requirements

    3.1.2 Outline which party will be responsible for which service desk processes

    This step requires the following inputs:

    • Service desk processes and requirements

    This step involves the following participants:

    • CIO
    • Service Desk Manager
    • IT Managers
    • Project Managers

    Outcomes of this step

    • Knowledge management and technology requirements
    • Self-service requirements

    Develop an RFP and make a long-term relationship

    Create a detailed RFP to ensure your candidate vendor will fulfill all your requirements

    At its core, your RFP should detail the outcomes of your outsourcing strategy and communicate your needs to the vendor.

    The RFP must cover business needs and the more detailed service desk functions required. Many enterprises only consider the functionality they need, while ignoring operational and selection requirements.

    Negotiate a supply agreement with the preferred outsourcer for delivery of the required services. Ensure your RFP covers:

    1. Service specification
    2. Service levels
    3. Roles and responsibilities
    4. Transition period and acceptance
    5. Prices, payment, and duration
    6. Agreement administration
    7. Outsourcing issues

    In addition to defining your standard requirements, don't forget to take into consideration the following factors when developing your RFP:

    • Employee onboarding and hardware imaging for new users
    • Applications you need current and future support for
    • Reporting requirements
    • Self-service options
    • Remote support needs and locations

    Although it may be tempting, don't throw everything over the wall at your vendor in the RFP. Evaluate your service desk functions in terms of quality, cost effectiveness, and the value provided from the vendor. Organizations should only outsource functions that the vendor can operate better, faster, or cheaper.

    Info-Tech Insight

    Involve the right stakeholders in developing your RFP, not just service desk. If only service desk is involved in RFP discussion, the connection between tier 1 and specialists will be broken, as some processes are not considered from IT's point of view.

    Identify ITSM solution requirements

    Your vendor probably uses a different tool to manage their processes; make sure its capabilities align with the vision of your service desk.

    Your service desk and outsourcing strategy were both designed with your current ITSM solution in mind. Before you hand the reins to an MSP, it is crucial that you outline how your current ITSM solution is being used in terms of functionality.

    Find out if it's better to have the MSP use their own ITSM tools or your ITSM solution.

    Benefits of operating within your own ITSM while outsourcing the service desk:

    Disadvantages of using your own ITSM while outsourcing the service desk:

    • If you provide the service catalog, it's easier to control your ITSM tool yourself.
    • Using your own ITSM and giving access to the outsourcer will allow you to build your dashboard and access your operational metrics rather than relying on the MSP to provide you with metrics.
    • Usage of the current tool may be extended across multiple departments, so it may be in the best interest of your business to have the vendor adopt usage of the current tool.
    • While many ITSM solutions have similar functions, innate differences do exist between them. Outsourcers mostly want to operate in their own ticketing solution. As other departments besides IT may be using the service management tool, you will need to have the same tool across the organization. This makes purchasing the new ITSM license very expensive, unless you operate in the same ITSM as the outsourcer.
    • You need your vendor to be able to use the system you have in order to meet your requirements, which will limit your options in the market.
    • If the outsourcer is using your ITSM, you should provide training to them.

    Info-Tech Insight

    Defining your tool requirements can be a great opportunity to get the tool functionality you always wanted. Many MSPs offer enterprise-level ITSM tools and highly mature processes that may tempt you to operate within their ITSM environment. However, first define your goals for such a move, as well as pros and cons of operating in their service management tool to weigh if its benefits overweigh its downfalls.

    Case Study

    Lone Star College learned that it's important to select a vendor whose tool will work with your service desk

    INDUSTRY: Education

    SOURCE: ServiceNow

    Challenge

    Lone Star College has an end-user base of over 100,000 staff and students.

    The college has six campuses across the state of Texas, and each campus was using its own service desk and ITSM solution.

    Initially, the decision was to implement a single ITSM solution, but organizational complexity prevented that initiative from succeeding.

    A decision was made to outsource and consolidate the service desks of each of the campuses to provide more uniform service to end users.

    Solution

    Lone Star College selected a vendor that implemented FrontRange.

    Unfortunately, the tool was not the right fit for Lone Star's service and reporting needs.

    After some discussion, the outsourcing vendor made the switch to ServiceNow.

    Some time later, a hybrid outsourced model was implemented, with Lone Star and the vendor combining to provide 24/7 support.

    Results

    The consolidated, standardized approach used by Lone Star College and its vendor has created numerous benefits:

    • Standardized reporting
    • High end-user satisfaction
    • All SLAs are being met
    • Improved ticket resolution times
    • Automated change management.

    Lone Star outsourced in order to consolidate its service desks quickly, but the tools didn't quite match.

    It's important to choose a tool that works well with your vendor's, otherwise the same standardization issues can persist.

    Design your RFP to help you understand what the vendor's standard offerings are and what it is capable of delivering

    Your RFP should be worded in a way that helps you understand what your vendor's standard offerings are because that's what they're most capable of delivering. Rather than laying out all your requirements in a high level of detail, carefully craft your questions in a probing way. Then, understand what your current baseline is, what your target requirements are, and assess the gap.

    Design the RFP so that responses can easily be compared against one another.

    It is common to receive responses that are very different – RFPs don't provide a response framework. Comparing vastly different responses can be like comparing apples to oranges. Not only are they immensely time consuming to score, their scores also don't end up accurately reflecting the provider's capabilities or suitability as a vendor.

    If your RFP is causing a ten minute printer backlog, you're doing something wrong.

    Your RFP should not be hundreds of pages long. If it is, there is too much detail.

    Providing too much detail can box your responses in and be overly limiting on your responses. It can deter potentially suitable provider candidates from sending a proposal.

    Request
    For
    Proposal

    "From bitter experience, if you're too descriptive, you box yourself in. If you're not descriptive enough, you'll be inundated with questions or end up with too few bidders. We needed to find the best way to get the message across without putting too much detail around it."
    – Procurement Manager, Utilities

    Info-Tech's Service Desk Outsourcing RFP Template contains nine sections

    1. Statement of work
      • Purpose, coverage, and participation ààInsert the purpose and goals of outsourcing your service desk, using steps 1.1 findings in this blueprint as reference.
    2. General information
      • Information about the document, enterprise, and schedule of events ààInsert the timeline you developed for the RFP issue and award process in this section.
    3. Proposal preparation instructions
      • The vendor's understanding of the RFP, good faith statement, points of contact, proposal submission, method of award, selection and notification.
    4. Service overview
      • Information about organizational perspective, service desk responsibility matrix, vendor requirements, and service level agreements (SLAs).
    5. Scope of work, specifications and requirements
      • Technical and functional requirements à Insert the requirements gathered in Phase 1 in this section of the RFP. Remember to include both current and future requirements.
    6. Exit conditions
      • Overview of exit strategy and transition process.
    7. Vendor qualifications and references
    8. Account management and estimated pricing
    9. Vendor certification
    This is a screenshot of the Service Desk Outsourcing RFP Template.

    The main point of focus in this document is defining your requirements (discussed in Phase 1) and developing proposal preparation instructions.

    The rest of the RFP consists mostly of standard legal language. Review the rest of the RFP template and adapt the language to suit your organization's standards. Check with your legal departments to make sure the RFP adheres to company policies.

    3.1.1 Evaluate your technology, people, and process requirements

    1-2 hours

    1. Review the outsourcing goals you identified in Phase 1 (activity 1.1.3).
    2. For each goal, divide the defined requirements from your requirements database library (activity 1.2.1) into three areas:
      1. People Requirements
      2. Process Requirements
      3. Technical Requirements
    3. Group your requirements based on characteristics (e.g. recovery capabilities, engagement methodology, personnel, etc.).
    4. Validate these requirements with the relevant stakeholders.
    5. Document your results in section 4 of the Service Desk Outsourcing RFP Template.

    Input

    • Identified key requirements

    Output

    • Refined requirements to input into the RFP

    Materials

    • Whiteboard/flip charts
    • Markers
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • IT Managers

    Download the Service Desk Outsourcing RFP Template

    Assess knowledge management and technology requirements to enable the outsourcer with higher quality work

    Retain ownership of the knowledgebase to foster long-term growth of organizational intelligence

    With end users becoming more and more tech savvy, organizational intelligence is becoming an increasingly important aspect of IT support. Modern employees are able and willing to troubleshoot on their own before calling into the service desk. The knowledgebase and FAQs largely facilitate self-serve trouble shooting, both of which are not core concerns for the outsource vendor.

    Why would the vendor help you empower end users and decrease ticket volume when it will lead to less revenue in the future? Ticket avoidance is not simply about saving money by removing support. It's about the end-user community developing organizational intelligence so that it doesn't need as much technical support.

    Organizational intelligence occurs when shared knowledge and insight is used to make faster, better decisions.

    When you outsource, the flow of technical insight to your end-user community slows down or stops altogether unless you proactively drive it. Retain ownership of the knowledgebase and ensure that the content is:

    1. Validated to ensure it accurately describes the best solution.
    2. Actionable to ensure it prescribes repeatable, verifiable steps.
    3. Contextual to ensure the reader knows when NOT to apply the knowledge.
    4. Maintained to ensure the solution remains current.
    5. Applied, since knowledge is a cost with no benefit unless you apply it and turn it into organizational intelligence.

    Info-Tech Insight

    Include knowledge management process in your ticket handling workflows to make sure knowledge is transferred to the MSP and end users. For more information on knowledge management, refer to Info-Tech's Standardize the Service Desk and Optimize the Service Desk With a Shift-Left Strategy blueprints.

    Assess self-service requirements in your outsourcing plan

    When outsourcing the service desk, determine who will take ownership of the self-service portal.

    Nowadays, outsourcers provide innovative services such as self-serve options. However, bear in mind that the quality of such services is a differentiating factor. A well-maintained portal makes it easy to:

    • Report incidents efficiently via use-case-based forms
    • Place requests via a business-oriented service catalog
    • Automate request processes
    • Give visibility on ticket status
    • Access knowledgebase articles
    • Provide status on critical systems
    • Look for services by both clicking service lists and searching them
    • Provide 24/7 service via interactive communication with live agent and AI-powered machine
    • Streamline business process in multiple departments rather than only IT

    In the outsourcing process, determine your expectations from your vendor on self-serve options and discuss how they will fulfill these requirements. Similar to other processes, work internally to define a list of services your organization is providing that you can pass over to the outsourcer to convert to a service catalog.

    Use Info-Tech's Sample Enterprise Services document to start determining your business's services.

    Assess admin rights in your outsourcing plan to give access to the outsourcer while you keep ownership

    Provide accessibility to account management to improve self-service, which enables:

    • Group owners to be named who can add or remove people from their operating units
    • Users to update attributes such as photos, address, phone number
    • Synchronization with HRIS (Human Resource Information Systems) to enable two-way communication on attribute updates
    • Password reset self-service

    Ensure the vendor has access rights to execute regular clean up to help:

    • Find stale and inactive user and computer accounts (inactive, expired, stale, never logged in)
    • Bulk move and disable capabilities
    • Find empty groups and remove
    • Find and assess NTFS permissions
    • Automated tasks to search and remediate

    Give admin rights to outsourcer to enable reporting and auditing capabilities, such as:

    • Change tracking and notifications
    • Password reset attempts, account unlocks, permission and account changes
    • Anomaly detection and remediation
    • Privilege abuse, such as password sharing

    Info-Tech Insight

    Provide your MSP with access rights to enable the service desk to have account management without giving too much authentication. This way you'll enable moving tickets to the outsourcer while you keep ownership and supervision.

    3.1.2 Outline which party will be responsible for which service desk processes

    1-2 hours

    This activity is an expansion to the outcomes of activity 1.2.1, where you determined the outsourcing requirements and the party to deliver each requirement.

    1. Add your identified tasks from the requirements database library to the service desk responsibility matrix (section 4.2 of the Service Desk Outsourcing RFP Template).
    2. Break each task down into more details. For instance, incident management may include tier 1, tier 2/3, KB creation and update, reporting, and auditing.
    3. Refer to section 4.1 of your Project Charter to review the responsible party for each use case.
    4. Considering the use cases, assess whether your organization, the MSP, or both parties will be responsible for the task.
    5. Document the results in section 4.2 of the RFP.

    Input

    • Identified key requirements

    Output

    • Responsible party to deliver each task

    Materials

    • Whiteboard/flip charts
    • Markers
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • IT Managers

    Download the Service Desk Outsourcing RFP Template

    Step 3.2

    Define your approach to vendor relationship management

    Activities

    3.2.1 Define your SLA requirements

    3.2.2 Score each vendor to mitigate the risk of failure

    3.2.3 Score RFP responses

    3.2.4 Get referrals, conduct reference interviews and evaluate responses for each vendor

    Develop an RFP and make a long-term relationship

    This step requires the following inputs:

    • Service desk outsourcing RFP
    • List of service desk outsourcing requirements

    This step involves the following participants:

    • CIO
    • Service Desk Manager
    • IT Managers
    • Project Managers

    Outcomes of this step

    • Service desk SLA
    • RFP scores

    Don't rush to judgment; apply due diligence when selecting your vendor

    The most common mistake in vendor evaluation is moving too quickly. The process leading to an RFP evaluation can be exhausting, and many organizations simply want to be done with the whole process and begin outsourcing.

    The most common mistake in vendor evaluation is moving too quickly. The process leading to an RFP evaluation can be exhausting, and many organizations simply want to be done with the whole process and begin outsourcing.

    1. Call around to get referrals for each vendor
    2. Create a shortlist
    3. Review SLAs and contract terms
    4. Select your vendor

    Recognize warning signs in the MSP's proposal to ensure a successful negotiation

    Vendors often include certain conditions in their proposals that masquerade as appealing but may spell disaster. Watch for these red flags:

    1. Discounted Price
      • Vendors know the market value of their competitors' services. Price is not what sets them apart; it's the type of services offered as well as the culture present.
      • A noticeably low price is often indicative of a desperate organization that is not focused on quality managed services.
    2. No Pushback
      • Vendors should work to customize their proposal to suit both their capabilities and your needs. No pushback means they are not invested in your project as deeply as they should be.
      • You should be prepared for and welcome negotiations; they're a sign that both sides are reaching a mutually beneficial agreement.
    3. Continual SLA Improvement
      • Continual improvement is a good quality that your vendor should have, but it needs to have some strategic direction.
      • Throwing continual SLA improvement into the deal may seem great, but make sure that you'll benefit from the value-added service. Otherwise, you'll be paying for services that you don't actually need.

    Clearly define core vendor qualities before looking at any options

    Vendor sales and marketing people know just what to say to sway you: don't talk to them until you know what you're looking for.

    Geography

    Do you prefer global or local data centers? Do you need multiple locations for redundancy in case of disaster? Will language barriers be a concern?

    Contract Length

    Ensure you can terminate a poor arrangement by having shorter terms with optional renewals. It's better to renew and renegotiate if one side is losing in the deal in order to keep things fair. Don't assume that proposed long-term cost savings will provide a satisfactory service.

    Target Market

    Vendors are aiming at different business segments, from startups to large enterprises. Some will accept existing virtual machines, and others enforce compliance to appeal to government and health agencies.

    SLA

    A robust SLA strengthens a vendor's reliability and accountability. Agencies with special needs should have room in negotiations for customization. Providers should also account for regular SLA reviews and updates. Vendors should be tracking call volume and making projections that should translate directly to SLAs.

    Support

    Even if you don't need a vendor with 24/7 availability, vendors who cannot support this timing should be eliminated. You may want to upgrade later and will want to avoid the hassle of switching.

    Maturity

    Vendors must have the willingness and ability to improve processes and efficiencies over time. Maintaining the status-quo isn't acceptable in the constantly evolving IT world.

    Cost

    Consider which model makes the most sense: will you go with per call or per user pricing? Which model will generate vendor motivation to continually improve and meet your long-term goals? Watch out for variable pricing models.

    Define your SLA requirements so your MSP can create a solution that fits

    SLAs ensure accountability from the service provider and determine service price

    SLAs define the performance of the service desk and clarify what the provider and customer can expect in their outsourcing relationship.

    • Service categories
    • The acceptable range of end-user satisfaction
    • The scope of what functions of the service desk are being measured (availability, time to resolve, time to respond, etc.)
    • Credits and penalties for achieving or missing targets
    • Frequency of measurement/reporting
    • Provisions and penalties for ending the contractual relationship early
    • Management and communication structure
    • Escalation protocol for incidents relating to tiers 2 or 3

    Each MSP's RFP response will help you understand their basic SLA terms and enhanced service offerings. You need to understand the MSP's basic SLA terms to make sure they are adequate enough for your requirements. A well-negotiated SLA will balance the requirements of the customer and limit the liability of the provider in a win/win scenario.

    For more information on defining service level requirements, refer to Info-Tech's blueprint Reduce Risk With Rock-Solid Service-Level Agreements.

    3.2.1 Define your SLA requirements

    2-3 hours

    • As a team, review your current service desk SLA for the following items:
      • Response time
      • Resolution time
      • Escalation time
      • End-user satisfaction
      • Service availability
    • Use the sample table as a starting point to determine your current incident management SLA:
    • Determine your SLA expectations from the outsourcer.
    • Document your SLA expectations in section 4.4 of the RFP template.

    Participants: IT Managers, Service Desk Manager, Project Team

    Response
    PriorityResponse SLOResolution SLOEscalation Time
    T1
    Severity 1CriticalWithin 10 minutes4 hours to resolveImmediate
    Severity 2HighWithin 1 business hour8 business hours to resolve20 minutes
    Severity 3MediumWithin 4 business hours24 business hours to resolveAfter 20 minutes without progress
    Severity 4LowSame day (8 hours)72 business hours to resolve After 1 hour without progress
    SLO ResponseTime it takes for service desk to respond to service request or incident. Target response is 80% of SLO
    SLO ResolutionTime it takes to resolve incident and return business services to normal. Target resolution is 80% of SLO

    Download the Service Desk Outsourcing RFP Template

    Get a detailed plan from your selected vendor before signing a contract

    Build a standard process to evaluate candidate vendors

    Use section 5 of Info-Tech's Service Desk Outsourcing RFP Template for commonly used questions and requirements for outsourcing the service desk. Ask the right questions to secure an agreement that meets your needs. If you are already in a contract with an MSP, tale the opportunity of contract renewal to improve the contract and service.

    This is a screenshot of the Service Desk Outsourcing RFP Template.

    Download the Service Desk Outsourcing RFP Template

    Add your finalized assessment questions into Info-Tech's Service Desk Outsourcing RFP Scoring Tool to aggregate responses in one repository for comparison. Since the vendors are asked to respond in a standard format, it is easier to bring together all the responses to create a complete view of your options.

    This is an image of the Service Desk Vendor Proposal Scoring Tool

    Download the Service Desk Vendor Proposal Scoring Tool

    3.2.2 Score each vendor to mitigate the risk of failure

    1-2 hours

    Include the right requirements for your organization and analyze candidate vendors on their capability to satisfy them.

    1. Use section 5 of the RFP template to convert your determined requirements into questions to address in vendor briefings.
    2. Review the questions in the context of near- and long-term service desk outsourcing needs. In the template, we have separated requirements into 7 categories:
      • Vendor Requirements (VR)
      • Vendor Qualifications/Engagement/Administration Capabilities (VQ)
      • Service Operations (SO)
      • Service Support (SS)
      • Service Level Agreement (SLA)
      • Transition Processes (TP)
      • Account Management (AM)
    3. Define the priority for each question:
      • Required
      • Desired
      • Optional
    4. Leave the compliance and comments to when you brief with vendors.

    Input

    • Technical and functional requirements

    Output

    • Priority level for each requirement
    • Completed list of requirement questions

    Materials

    • Whiteboard/flip charts
    • Markers
    • Laptops

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • IT Managers

    Download the Service Desk Outsourcing RFP Template

    3.2.3 Score RFP responses

    2-3 hours

    1. Enter the requirements questions into the RFP Scoring Tool and use it during vendor briefings.
    2. Copy the Required and Desired priority requirements from the previous activity into the RFP Questions column.
    3. Evaluate each RFP response against the RFP criteria based on the scoring scale.
    4. The Results section in the tool shows the vendor ranking based on their overall scores.
    5. Compare potential outsourcing partners considering scores on individual requirements categories and based on overall scores.

    Input

    • Completed list of requirement questions
    • Priority level for each requirement

    Output

    • List of top vendors for outsourcing the service desk

    Materials

    • Service Desk Vendor Proposal Scoring Tool

    Participants

    • Service Desk Manager
    • IT Managers
    • Project Managers
    • IT Director/CIO

    Download the Service Desk Vendor Proposal Scoring Tool

    3.2.3 Get referrals, conduct reference interviews, and evaluate responses for each vendor

    1. Outline a list of questions to conduct reference interviews with past/present clients of your candidate vendors.
    2. Use the reference interview template as a starting point. As a group review the questions and edit them to a list that will fulfill your requirements.
    3. Ask your candidate vendors to provide you with a list of three to five clients that have/had used their services. Make sure that vendors enforce the interview will be kept anonymous and names and results won't be disclosed.
    4. Ask vendors to book a 20-30 minute call with you and their client.
    5. Document your interview comments in your updated reference interview template.
    6. Update the RFP scoring tool accordingly.

    Input

    • List of top vendors for outsourcing the service desk

    Output

    • Updated list of top vendors for outsourcing the service desk

    Materials

    • Service Desk Outsourcing Reference Interview Template
    • Service Desk Vendor Proposal Scoring Tool

    Participants

    • Service Desk Manager
    • IT Managers
    • Project Managers

    Download the Service Desk Vendor Proposal Scoring Tool

    Compare pricing models of outsourcing services

    It's a common sales tactic to use a low price as an easy solution. Carefully evaluate the vendors on your short-list and ensure that SLAs, culture, and price all match to your organization.

    Research different pricing models and accurately assess which model fits your organization. Consider the following pricing models:

    Pay per technician

    In this model, a flat rate is allocated to agents tackling your service desk tickets. This is a good option for building long-term relationship with outsourcer's agents and efficient knowledge transfer to the external team; however, it's not ideal for small organizations that deal with few tickets. This is potentially an expensive model for small teams.

    Pay per ticket

    This model considers the number of tickets handled by the outsourcer. This model is ideal if you only want to pay for your requirement. Although the internal team needs to have a close monitoring strategy to make sure the outsourcer's efficiency in ticket resolution.

    Pay per call

    This is based on outbound and inbound calls. This model is proper for call centers and can be less expensive than the other models; however, tracking is not easy, as you should ensure service desk calls result in efficient resolution rather than unnecessary follow-up.

    Pay per time (minutes or hours)

    The time spent on tickets is considered in this model. With this model, you pay for the work done by agents, so that it may be a good and relatively cheap option. As quicker resolution SLA is usually set by the organization, customer satisfaction may drop, as agents will be driven to faster resolution, not necessarily quality of work.

    Pay per user

    This model is based on number of all users, or number of users for particular applications. In this model, correlation between number of users and number of tickets should be taken into account. This is an ideal model if you want to deal with impact of staffing changes on service price. Although you should first track metrics such as mean time to resolve and average number of tickets so you can prevent unnecessary payment based on number of users when most users are not submitting tickets.

    Step 3.3

    Manage the outsource relationship

    Activities

    3.3.1 Analyze your outsourced service desk for continual improvement

    3.3.2 Make a case to either rehabilitate your outsourcing agreement or exit

    3.3.3 Develop an exit strategy in case you need to end your contract early

    Develop an RFP and make a long-term relationship

    This step requires the following inputs:

    • Service desk SLA
    • List of impacted stakeholder groups
    • List of impacts and benefits of the outsourced service desk

    This step involves the following participants:

    • CIO
    • Service Desk Manager
    • IT Managers
    • Project Managers

    Outcomes of this step

    • Communication plan
    • Vendor management strategy

    Ensure formality of your vendor management practice

    A service desk outsourcing project is an ongoing initiative. Build a relationship plan to make sure the outsourcer complies with the agreement.

    This is an iamge of the cycle of relationship management and pre-contract management.

    Monitor Vendor Performance

    Key Activity:

    Measure performance levels with an agreed upon standard scorecard.

    Manage Vendor Risk

    Key Activity:

    Periodical assessment of the vendors to ensure they are meeting compliance standards.

    Manage Vendor Contracts and Relationships

    Key Activity:
    Manage the contracts and renewal dates, the level of demand for the services/products provided, and the costs accrued.

    COMPLETE Identify and Evaluate Vendors

    Key Activity:
    Develop a plan with procurement and key internal stakeholders to define clear, consistent, and stable requirements.

    COMPLETE Select a Vendor

    Key Activity:
    Develop a consistent and effective process for selecting the most appropriate vendor.

    Manage Vendor Contracts and Relationships

    Key Activity:
    Contracts are consistently negotiated to ensure the vendor and the client have a documented and consistent understanding of mutual expectations.

    Expect the vendor to manage processes according to your standards

    You need this level of visibility into the service desk process, whether in-house or outsourced

    Each of these steps requires documentation – either through standard operating procedures, SLAs, logs, or workflow diagrams.

    • Define key operating procedures and workflows
    • Record, classify, and prioritize tickets
    • Verify, approve, and fulfill tickets
    • Investigate, diagnose, and allocate tickets
    • Resolve, recover, and close tickets
    • Track and report

    "Make sure what they've presented to you is exactly what's happening."
    – Service Desk Manager, Financial Services

    Manage the vendor relationship through regular communication

    Regular contact with your MSP provides opportunities to address issues that emerge

    Designate a relationship manager to act as a liaison at the business to be a conduit between the business and the MSP.

    • The relationship manager will take feedback from the MSP and relate it back to you to bridge the technical and business gap between the two.

    Who should be involved

    • Routine review meetings should involve the MSP and your relationship manager.
    • Technical knowledge may be needed to address specific issues, but business knowledge and relationship management skills are absolutely required.
    • Other stakeholders and people who are deeply invested in the vendor relationship should be invited or at least asked to contribute questions and concerns.

    What is involved

    • Full review of the service desk statistics, escalations, staffing changes, process changes, and drivers of extra billing or cost.
    • Updates to key documentation for the issues listed above and changes to the knowledgebase.
    • Significant drivers of customer satisfaction and dissatisfaction.
    • Changes that have/are being proposed that can impact any of the above.

    Communicate changes to end users to avoid push back and get buy-in

    Top-down processes for outsourcing will leave end users in the dark

    • Your service desk staff has been involved in the outsourcing process the entire time, but end users are affected all the same.
    • The service desk is the face of IT. A radical shift in service processes and points of contact can be detrimental to not only the service desk, but all of IT.
    • Communicating the changes early to end users will both help them cope with the change and help the MSP achieve better results.
      • An internal communication plan should be rolled out in order to inform and educate end users about the changes associated with outsourcing the service desk.
    • Your relationship manager should be tasked with communicating the changes to end users. The focus should be on addressing questions or concerns about the transition while highlighting the value gained through outsourcing to an MSP.
    • Service quality is a two-way street; the end user needs to be informed of proper protocols and points of contact so that the service desk technicians can fulfill their duties to the best of their ability.

    "When my company decided to outsource, I performed the same role but for a different company. There was a huge disruption to the business flow and a lack of communication to manage the change. The transition took weeks before any end users figured out what the new processes were for submitting a ticket and who to ask for help, and from a personal side, it became difficult to maintain relationships with colleagues."
    – IT Specialist for a financial institution

    Info-Tech Insight

    Educate the enterprise on expectations and processes that are handled by the MSP. Identify stakeholder groups affected by the outsourced processes then build a communication plan on what's been changed, what the benefits are, and how they will be impacted. Determine a timeline for communicating these initiatives and how these announcements will be made. Use InfoTech's Sample Communication Plan as a starting point.

    Build a continual improvement plan to make sure your MSP is efficiently delivering services according to expectations

    Ensure that your quality assurance program is repeatable and applicable to the outsourced services

    1. Design a QA scorecard that can help you assess steps the outsourcer agents should follow. Keep the questionnaire high level but specific to your environment. The scorecard should include questions that follow the steps to take considering your intake channels. For instance, if end users can reach the service desk via phone, chat, and email, build your QA around assessing customer service for call, chat, and ticket quality.
    2. Build a training program for agents: Develop an internal monitoring plan to relay detailed feedback to your MSP. Assess performance and utilize KBs as training materials for coaching agents on challenging transactions.
    3. Everything that goes to your service desk has to be documented; there will be no organic transfer of knowledge and experience.
    4. You need to let your MSP know how their efforts are impacting the performance of your organization. Measure your internal performance against the external performance of your service desk.
    5. Constant internal check-ins ensure that your MSP is meeting the SLAs outlined in the RFP.
    6. Routine reporting of metrics and ticket trends allow you to enact problem management. Otherwise, you risk your MSP operating your service desk with no internal feedback from its owner.
    7. Use metrics to determine the service desk functionality.

    Consider the success story of your outsourced service desk

    Build a feedback program for your outsourced services. Utilize transactional surveys to discover and tell outsourcing success to the impacted stakeholders.

    Ensure you apply steps for providing feedback to make sure processes are handled as expected. Service desk is the face of IT. Customer satisfaction on ticket transactions reflects satisfaction with IT and the organization.

    Build customer satisfaction surveys and conduct them for every transaction to get a better sense of outsourced service desk functionality. Collaborate with the vendor to make sure you build a proper strategy.

    • Build a right list of questions. Multiple and lengthy questions may lead to survey taking fatigue. Make sure you ask the right questions and give an option to the customer to comment any additional notes.
    • Give the option to users to rate the transaction. Make the whole process very seamless and doable in a few seconds.
    • Ensure to follow-up on negative feedback. This will help you find gaps in services and provide training to improve customer service.

    3.3.1 Analyze your outsourced service desk for continual improvement

    1 hour

    1. In this project, you determined the KPIs based on your service desk objectives (activity 2.2.2).
    2. Refer to your list of metrics in section 7 of the Service Desk Outsourcing Project Charter.
    3. Think about what story you want to tell and determine what factors will help move the narrative.
    4. Discuss how often you would like to track these metrics. Determine the audience for each metric.
    5. Provide the list to the MSP to create reports with auto-distribution.

    Input

    • Determined CSFs and KPIs

    Output

    • List of metrics to track, including frequency to report and audience to report to

    Materials

    • Service Desk Outsourcing Project Charter

    Participants

    • Service Desk Manager
    • IT Managers
    • Project Managers

    Download the Project Charter Template

    Reward the MSP for performance instead of "punishing" them for service failure

    Turn your vendor into a true partner by including an "earn back" condition in the contract

    MSPs often offer clients credit requests (service credits) for their service failures, which are applied to the previous month's monthly recurring charge. They are applied to the last month's MRC (monthly reoccurring charges) at the end of term and then the vendor pays out the residual.

    However, while common, service credits are not always perceived to be a strong incentive for the provider to continually focus on improvement of mean-time-to-respond/mean-time-to-resolve.

    • Engage the vendor as a true partner within a relationship only based upon Service Credits.
    • Suggest the vendor include a minor change to the non-performance processes within the final agreement: the vendor implements an "earn back" condition in the agreement.
    • Where a bank of service credits exists because of non-performance, if the provider exceeds the SLA performance metrics for a number of consecutive months (two is common), then an amount of any prior credits received by client is returned to the provider as an earn back for improved performance.
    • This can be a useful mechanism to drive improved performance.

    Measure the outsourced service desk ROI constantly to drive efficient decisions for continual improvement or an exit plan

    Efficient outsourced service desk causes positive impacts on business satisfaction. To address the true value of the services outsourced, you should evaluate the return on investment (ROI) in these areas: Emotional ROI, Time ROI, Financial ROI

    Emotional ROI

    Service desk's main purpose should be to provide topnotch services to end users. Build a customer experience program and leverage transactional surveys and relationship surveys to constantly analyze customer feedback on service quality.

    Ask yourself:

    • How have the outsourced services improved customer satisfaction?
    • How has the service desk impacted the business brand?
    • Have these services improved agents' job satisfaction?
    • What is the NPS score of the service desk?
    • What should we do to reduce the detractor rate and improve satisfaction leveraging the outsourced service desk?

    Time ROI

    Besides customer satisfaction, SLA commitment is a big factor to consider when conducting ROI analysis.

    Ask these questions:

    • Have we had improvement in FCR?
    • What are the mean time to resolve incidents and mean time to fulfill requests?
    • Is the cost incurred to outsourced services worth improvement in such metrics?

    Financial ROI

    As already mentioned in Phase 1, the main motivation for outsourcing the service desk should not be around cost reduction, but to improve performance. Regardless, it's still important to understand the financial implications of your decision.

    To evaluate the financial impact of your outsourced service desk, ask these questions:

    • How much have the outsourced services impacted our business financially?
    • How much are we paying compared to when it was done internally?
    • Considering the emotional, time, and effort factors, is it worth bringing the services in house or changing the vendor?

    3.3.2 Make a case to either rehabilitate your outsourcing agreement or exit

    3-4 hours

    1. Refer to the results of activity 2.2.2. for the list of metrics and the metrics dashboard over the past quarter.
    2. Consider emotional and time ROI, assess end-user satisfaction and SLA, and run a report comparison with the baseline that you built prior to outsourcing the service desk.
    3. Estimate the organization's IT operating expenses over the next five years if you stay with the vendor.
    4. Estimate the organization's IT operating expenses over the next five years if you switch the vendor.
    5. Estimate the organization's IT operating expenses over the next five years if you repatriate the service desk.
    6. Estimate the non-recurring costs associated with the move, such as the penalty for early contract termination, data center moving costs, and cost of potential business downtime during the move. Sum them to determine the investment.
    7. Calculate the return on investment. Discuss and decide whether the organization should consider rehabilitating the vendor agreement or ending the partnership.

    Input

    • Outsourced service desk metrics
    • Operating expenses

    Output

    • Return on investment

    Materials

    • List of metrics
    • Laptop
    • Markers
    • Flip chart/whiteboard

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • IT Managers

    For more information on conducting this activity, refer to InfoTech's blueprint Terminate the IT Infrastructure Outsourcing Relationship

    Define exit conditions to complete your contract with your MSP

    The end of outsourcing is difficult. Your organization needs to maintain continuity of service during the transition. Your MSP needs to ensure that its resources can be effectively transitioned to the next deployment with minimal downtime. It is crucial to define your exit conditions so that both sides can prepare accordingly.

    • Your exit conditions must be clearly laid out in the contract. Create a list of service desk functions and metrics that are important to your organization's success. If your MSP is not meeting those needs or performance levels, you should terminate your services.
    • Most organizations accomplish this through a clear definition of hard and measurable KPIs and metrics that must be achieved and what will happen in the case these metrics are not being regularly met. If your vendor doesn't meet these requirements as defined in your contract, you then have a valid reason and the ability to leave the agreement.

    Examples of exit conditions:

    • Your MSP did not meet their SLAs on priority 1 or 2 tickets two times within a month.
    • If they didn't meet the SLA twice in that 30 days, you could terminate the contract penalty-free.

    Info-Tech Insight

    If things start going south with your MSP, negotiate a "get well plan." Outline your problems to the MSP and have them come back to you with a list of how they're going to fix these problems to get well before you move forward with the contract.

    Try to rehabilitate before you repatriate

    Switching service providers or ending the contract can be expensive and may not solve your problems. Try to rehabilitate your vendor relationship before immediately ending it.

    You may consider terminating your outsourcing agreement if you are dissatisfied with the current agreement or there has been a change in circumstances (either the vendor has changed, or your organization has changed).

    Before doing so, consider the challenges:

    1. It can be very expensive to switch providers or end a contract.
    2. Switching vendors can be a large project involving transfer of knowledge, documentation, and data.
    3. It can be difficult to maintain service desk availability, functionality, and reliability during the transition.

    Diagnose the cause of the problem before assuming it's the MSP's fault. The issue may lie with poorly defined requirements and processes, lack of communication, poor vendor management, or inappropriate SLAs. Re-assess your strategy and re-negotiate your contract if necessary.

    Info-Tech Insight

    There are many reasons why outsourcing relationships fail, but it's not always the vendor's fault.

    Clients often think their MSP isn't doing a great job, but a lot of the time the reason comes back to the client. They may not have provided sufficient documentation on processes, were not communicating well, didn't have a regular point of contact, and weren't doing regular service reviews. Before exiting the relationship, evaluate why it's not working and try to fix things first.

    Don't stop with an exit strategy, you also need to develop a transition plan

    Plan out your transition timeline, taking into account current contract terms and key steps required. Be prepared to handle tickets immediately upon giving notice.

    • Review your outsourcing contract with legal counsel to identify areas of concern for lock-in or breech.
    • Complete a cost/benefit analysis.
    • Bring intellectual property (including ticket data, knowledge base articles, and reports) back in-house (if you'd like to repatriate the service desk) or transfer to the next service desk vendor (if you're outsourcing to another MSP).
    • Review and update service desk standard processes (escalation, service levels, ticket templates, etc.).
    • Procure service desk software, licenses, and necessary hardware as needed.
    • Train the staff (internal for repatriating the service desk, or external for the prospective MSP).
    • Communicate the transition plan and be prepared to start responding to tickets immediately.

    Info-Tech Insight

    Develop a transition plan about six months before the contract notice date. Be proactive by constantly tracking the MSP, running ROI analyses and training staff before moving the services to the internal team or the next MSP. This will help you manage the transition smoothly and handle intake channels so that upon potential exit, users won't be disrupted.

    3.3.3 Develop an exit strategy in case you need to end your contract early

    3-4 hours

    Create a plan to be prepared in case you need to end your contract with the MSP early.

    Your exit strategy should encompass both the conditions under which you would need to end your contract with the MSP and the next steps you will take to transition your services.

    1. Define the exit conditions you plan to negotiate into your contract with the MSP:
      • Identify the performance levels you will require your MSP to meet.
      • Identify the actions you expect the MSP to take if they fail to meet these performance levels.
      • Identify the conditions under which you would leave the contract early.
    2. Develop a strategy for transitioning services in the event you need to leave your contract with the MSP:
      • Will you hand the responsibility to a new MSP or repatriate the service desk back in-house?
      • How will you maintain services through the transition?
    3. Document your exit strategy in section 6 of the Service Desk Outsourcing RFP Template.

    Input

    • Outsourced service desk metrics
    • Operating expenses

    Output

    • Return on investment

    Materials

    • List of metrics
    • Laptop
    • Markers
    • Flip chart/whiteboard

    Participants

    • IT Director/CIO
    • Service Desk Manager
    • IT Managers

    Download the Service Desk Outsourcing RFP Template

    Summary of Accomplishment

    Problem Solved

    You have now re-envisioned your service desk by building a solid strategy for outsourcing it to a vendor. You first analyzed your challenges with the current service desk and evaluated the benefits of outsourcing services. Then you went through requirements assessment to find out which processes should be outsourced. Thereafter, you developed an RFP to communicate your proposal and evaluate the best candidates.

    You have also developed a continual improvement plan to ensure the outsourcer provides services according to your expectations. Through this plan, you're making sure to build a good relationship through incentivizing the vendor for accomplishments rather than punishing for service failures. However, you've also contemplated an exit plan in the RFP for potential consistent service failures.

    Ideally, this blueprint has helped you go beyond requirements identification and served as a means to change your mindset and strategy for outsourcing the service desk efficiently to gain long-term benefits.

    if you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop

    Contact your account representative for more information

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.

    This is a picture of Info-Tech analyst Mahmoud Ramin

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    This is a screenshot of activity 1.2.1 found in this blueprint

    Identify Processes to Outsource
    Identify service desk tasks that will provide the most value upon outsourcing.

    This is a screenshot of activity 3.2.2 found in this blueprint

    Score Candidate Vendors
    Evaluate vendors on their capabilities for satisfying your service desk requirements.

    Related Info-Tech Research

    Standardize the Service Desk

    • Improve customer service by driving consistency in your support approach and meeting SLAs.

    Outsource IT Infrastructure to Improve System Availability, Reliability, and Recovery

    • There are very few IT infrastructure components you should be housing internally – outsource everything else.

    Terminate the IT Infrastructure Outsourcing Relationship

    • There must be 50 ways to leave your vendor.

    Research Contributors and Experts

    Yev Khovrenkov; Enterprise Consultant, Solvera Solutions

    Kamil Salagan; I&O Manager, Bartek Ingredients

    Satish Mekerira; VP of IT, Coherus BioSciences

    Kris Krishan; Head of IT and Business Systems, Waymo

    Kris Arthur; Infra & Security Director, SEKO Logistics

    Valance Howden; Principal Research Advisor, Info-Tech Research Group

    Sandi Conrad; Principal Research Director, Info-Tech Research Group

    Graham Price; Senior Director of Executive Services, Info-Tech Research Group

    Barry Cousins; Practice Lead, Info-Tech Research Group

    Mark Tauschek; VP of I&O Research, Info-Tech Research Group

    Darin Stahl; Principal Research Advisor, Info-Tech Research Group

    Scott Yong; Principal Research Advisor, Info-Tech Research Group

    A special thank-you to five anonymous contributors

    Bibliography

    Allnutt, Charles. "The Ultimate List of Outsourcing Statistics." MicroSourcing, 2022. Accessed July 2022.
    "Considerations for outsourcing the service desk. A guide to improving your service desk and service delivery performance through outsourcing." Giva. Accessed May 2022.
    Hurley, Allison. "Service Desk Outsourcing | Statistics, Challenges, & Benefits." Forward BPO Inc., 2019. Accessed June 2022.
    Mtsweni, Patricia, et al. "The impact of outsourcing information technology services on business operations." South African Journal of Information Management, 2021, Accessed May 2022.
    "Offshore, Onshore or Hybrid–Choosing the Best IT Outsourcing Model." Calance, 2021. Accessed June 2022. Web.
    "Service Integration and Management (SIAM) Foundation Body of Knowledge." Scopism, 2020. Accessed May 2022.
    Shultz, Aaron. "IT Help Desk Outsourcing Pricing Models Comparison." Global Help Desk Services. Accessed June 2022. Web.
    Shultz, Aaron. "4 Steps to Accurately Measure the ROI of Outsourced Help Desk Services" Global Help Desk Services, Accessed June 2022. Web.
    Sunberg, John. "Great Expectations: What to Look for from Outsourced Service Providers Today." HDI. Accessed June 2022. Web.
    Walters, Grover. "Pivotal Decisions in outsourcing." Muma Case Review, 2019. Accessed May 2022.
    Wetherell, Steve. "Outsourced IT Support Services: 10 Steps to Better QA" Global Held Desk Services. Accessed May 2022. Web.

    Modernize Your Applications

    • Buy Link or Shortcode: {j2store}178|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Application modernization is essential to stay competitive and productive in today’s digital environment. Your stakeholders have outlined their digital business goals that IT is expected to meet.
    • Your application portfolio cannot sufficiently support the flexibility and efficiency the business needs because of legacy challenges.
    • Your teams do not have a framework to illustrate, communicate, and justify the modernization effort and organizational changes in the language your stakeholders understand.

    Our Advice

    Critical Insight

    • Build your digital applications around continuous modernization. End-user needs, technology, business direction, and regulations rapidly change in today’s competitive and fast-paced industry. This reality will quickly turn your modern applications into shelfware. Build continuous modernization at the center of your digital application vision to keep up with evolving business, end-user, and IT needs.
    • Application modernization is organizational change management. If you build and modernize it, they may not come. The crux of successful application modernization is centered on the strategic, well-informed, and onboarded adoption of changes in key business areas, capabilities, and processes. Organizational change management must be front and center so that applications are fit for purpose and are something that end users want and need to use.
    • Business-IT collaboration is not optional. Application modernization will not be successful if your lines of business (LOBs) and IT are not working together. IT must empathize how LOBs operate and proactively support the underlying operational systems. LOBs must be accountable for all products leveraging modern technologies and be able to rationalize the technical feasibility of their digital application vision.

    Impact and Result

    • Establish the digital application vision. Gain a grounded understanding of the digital application construct and prioritize these attributes against your digital business goals.
    • Define your modernization approach. Obtain a thorough view of your business and technical complexities, risks, and impacts. Employ the right modernization techniques based on your organization’s change tolerance.
    • Build your roadmap. Clarify the organizational changes needed to support modernization and adoption of your digital applications.

    Modernize Your Applications Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should strategically modernize your applications, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Set your vision

    Describe your application vision and set the right modernization expectations with your stakeholders.

    • Modernize Your Applications – Phase 1: Set Your Vision

    2. Identify your modernization opportunities

    Focus your modernization efforts on the business opportunities that your stakeholders care about.

    • Modernize Your Applications – Phase 2: Identify Your Modernization Opportunities

    3. Plan your modernization

    Describe your modernization initiatives and build your modernization tactical roadmap.

    • Modernize Your Applications – Phase 3: Plan Your Modernization
    [infographic]

    Workshop: Modernize Your Applications

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Set Your Vision

    The Purpose

    Discuss the goals of your application modernization initiatives

    Define your digital application vision and priorities

    List your modernization principles

    Key Benefits Achieved

    Clear application modernization objectives and high priority value items

    Your digital application vision and attributes

    Key principles that will guide your application modernization initiatives

    Activities

    1.1 State Your Objectives

    1.2 Characterize Your Digital Application

    1.3 Define Your Modernization Principles

    Outputs

    Application modernization objectives

    Digital application vision and attributes definitions

    List of application modernization principles and guidelines

    2 Identify Your Modernization Opportunities

    The Purpose

    Identify the value streams and business capabilities that will benefit the most from application modernization

    Conduct a change tolerance assessment

    Build your modernization strategic roadmap

    Key Benefits Achieved

    Understanding of the value delivery improvements modernization can bring

    Recognizing the flexibility and tolerance of your organization to adopt changes

    Select an approach that best fits your organization’s goals and capacity

    Activities

    2.1 Identify the Opportunities

    2.2 Define Your Modernization Approach

    Outputs

    Value streams and business capabilities that are ideal modernization opportunities

    Your modernization strategic roadmap based on your change tolerance and modernization approach

    3 Plan Your Modernization

    The Purpose

    Identify the most appropriate modernization technique and the scope of changes to implement your techniques

    Develop an actionable tactical roadmap to complete your modernization initiatives

    Key Benefits Achieved

    Clear understanding of what must be changed to the organization and application considering your change tolerance

    An achievable modernization plan

    Activities

    3.1 Shortlist Your Modernization Techniques

    3.2 Roadmap Your Modernization Initiatives

    Outputs

    Scope of your application modernization initiatives

    Your modernization tactical roadmap

    Leadership, Culture and Values

    • Buy Link or Shortcode: {j2store}34|cart{/j2store}
    • Related Products: {j2store}34|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.4/10
    • member rating average dollars saved: $912
    • member rating average days saved: 7
    • Parent Category Name: People and Resources
    • Parent Category Link: /people-and-resources

    The challenge

    • Your talent pool determines IT performance and stakeholder satisfaction. You need to retain talent and continually motivate them to go the extra mile.
    • The market for IT talent is growing, in the sense that talent has many more options these days. Turnover is a serious threat to IT's ability to deliver top-notch service to your company.
    • Engagement is more than HR's responsibility. IT leadership is accountable for the retention of top talent and the overall productivity of IT employees.

    Our advice

    Insight

    • Engagement goes both ways. Your initiatives must address a real need, and employees must actively seek the outcomes. Engagement is not a management edict.
    • Engagement is not about access to the latest perks and gadgets. You must address the right and challenging issues. Use a systematic approach to find what lives among the employees and address these.
    • Your impact on your employees is many times bigger than HR's. Leverage your power to lead your team to success and peak performance.

    Impact and results 

    • Our engagement diagnostic and other tools will help get to the root of disengagement in your team.
    • Our guidance helps you to avoid common errors and engagement program pitfalls. They allow you to take control of your own team's engagement.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief shows you why engagement is critical to IT performance in your company. We'll show you our methodology and the ways we can help you in handling this.

    Measure your employee engagement

    You can use our full engagement surveys.

    • Improve Employee Engagement to Drive IT Performance – Phase 1: Measure Employee Engagement (ppt)
    • Engagement Strategy Record (doc)
    • Engagement Communication Template (doc)

    Analyze the results and brainstorm solutions

    Understand your employees' engagement drivers. Involve your team in brainstorming engagement initiatives.

    • Improve Employee Engagement to Drive IT Performance – Phase 2: Analyze Results and Ideate Solutions (ppt)
    • Engagement Survey Results Interpretation Guide (ppt)
    • Full Engagement Survey Focus Group Facilitation Guide (ppt)
    • Pulse Engagement Survey Focus Group Facilitation Guide (ppt)
    • Focus Group Facilitation Guide Driver Definitions (doc)
    • One-on-One Manager Meeting Worksheet (doc)

    Select and implement engagement initiatives

    Choose those initiatives that show the most promise with the most significant impact. Create your action plan and establish transparent and open, and ongoing communication with your team.

    • IT Knowledge Transfer Plan Template (xls)
    • IT Knowledge Identification Interview Guide Template (doc)

    Build your knowledge transfer roadmap

    Knowledge transfer is an ongoing effort. Prioritize and define your initiatives.

    • Improve Employee Engagement to Drive IT Performance – Phase 3: Select and Implement Engagement Initiatives (ppt)
    • Summary of Interdepartmental Engagement Initiatives (doc)
    • Engagement Progress One-Pager (ppt)

     

    Create an Agile-Friendly Project Gating and Governance Approach

    • Buy Link or Shortcode: {j2store}162|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $33,499 Average $ Saved
    • member rating average days saved: 57 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • Organizations often apply gating and governance to IT projects to ensure resources are being used efficiently and effectively.
    • Agile project teams often complain that traditional project gating and governance interfere with their ability to delivery because traditional gating and governance were designed for Waterfall delivery methods.

    Our Advice

    Critical Insight

    Imposing a traditional gating and governance approach on an Agile project can eliminate the advantages that Agile delivery methods offer. Make sure to rework your traditional project gating and governance approach to be Agile friendly.

    Impact and Result

    • Create a project gating and governance approach that is Agile friendly and helps your organization realize the most benefit from its Agile transformation.
    • Oversee your Agile projects with confidence by adjusting the level of support and oversight they receive based on their Agilometer score.
    • Define a revised set of project gating artifacts that support Agile delivery methods.
    • Adopt a “trust but verify” approach to Agile project gating that will reduce risk and help ensure value delivery.

    Create an Agile-Friendly Project Gating and Governance Approach Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create an Agile-Friendly Project Gating and Governance Approach Deck – A step-by-step guide to creating an Agile-friendly project gating and governance approach that will support Agile delivery methods in your organization.

    This deck is a guide to creating your own Agile-friendly project gating and governance approach using Info-Tech’s Agile Gating Framework.

    • Create an Agile-Friendly Project Gating and Governance Approach – Phases 1-3

    2. Your Gates 3 and 3A Checklists – The Gates 3 and 3A Checklists are used to determine when a project is ready to enter and exit the Risk Reduction & Value Confirmation phase.

    Modify Info-Tech’s Gates 3 and 3A Checklists to meet your organization’s needs, and then use them to determine when Agile projects are ready to enter and exit the RRVC phase.

    • Gates 3 and 3A Checklists

    3. Your Agilometer – The Agilometer is used to determine a project’s readiness to use an Agile delivery method.

    Modify Info-Tech’s Agilometer to meet your organization’s needs, and then use it to determine the level of support and oversight the project will need.

    • Agilometer

    4. Your Agile Project Status Report – An Agile Status Report will be used to monitor project progress.

    Modify Info-Tech’s Agile Project Status Report to meet your organization’s needs, and then use it to monitor in-flight Agile projects.

    • Agile Project Status Report

    5. Project Burndown Chart – A tool to let you monitor project burndown over time.

    Use Info-Tech’s Project Burndown Chart to monitor the progress of your in-flight Agile projects.

    • Project Burndown Chart

    6. Traditional to Agile Gating Artifact Mapping – A tool to help you rework your project gating artifacts to be Agile-friendly.

    Use Info-Tech’s Traditional to Agile Gating Artifact Mapping tool to modify your gating artifacts for Agile projects.

    • Traditional to Agile Gating Artifact Mapping
    [infographic]

    Further reading

    Create an Agile-Friendly Project Gating and Governance Approach

    Use Info-Tech’s Agile Gating Framework as a guide to gating your Agile projects using a “trust but verify” approach.

    Table of Contents

    Analyst Perspective

    Executive Summary

    Phase 1: Establish Your Gating and Governance Purpose

    Phase 2: Understand and Adapt Info-Tech’s Agile Gating Framework

    Phase 3: Complete Your Agile Gating Framework

    Where Do I Go Next?

    Bibliography

    Facilitator Slides

    Analyst Perspective

    Make your gating and governance process Agile friendly by following a “trust but verify” approach

    Most project gating and governance approaches are designed for traditional (Waterfall) delivery methods. However, Agile delivery methods call for a different way of working that doesn’t align well with these approaches.

    Applying traditional project gating and governance to Agile projects is like trying to fit a square peg in a round hole. Not only will it make Agile project delivery less efficient, but in the extreme, it can lead to outright project failure and even derail your organization’s Agile transformation.

    If you want Agile to successfully take root in your organization, be prepared to rethink your current gating and governance practices. This document presents a framework that you can use to rework your approach to provide both effective oversight and support for your Agile projects.

    Photo of Alex Ciraco, Principal Research Director, Application Delivery and Management, Info-Tech Research Group. Alex Ciraco
    Principal Research Director,
    Application Delivery and Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge
    • Many government organizations are adopting Agile project delivery methods because they have proven to be more effective than traditional delivery approaches at responding to today’s fast pace of change.
    • Government organizations have an obligation to govern projects to ensure effective use of public resources, regardless of the delivery method being used.
    Common Obstacles
    • Most government gating and governance frameworks were designed around traditional (often called “Waterfall”) delivery methods.
    • Agile and Waterfall work in completely different ways, so imposing traditional gating and governance frameworks on Agile projects will stifle progress and can even lead to project failure.
    • Government organizations must adjust their gating and governance frameworks to accommodate Agile delivery methods.
    Info-Tech’s Approach
    • Begin by understanding the fundamental purpose of project gating and governance.
    • Next, understand the major differences between Agile and Waterfall delivery methods.
    • Then, armed with this knowledge, use Info-Tech’s Agile Gating Framework to redefine your gating and governance approach to be Agile friendly.
    Info-Tech Insight

    Imposing a traditional governance approach on an Agile project can eliminate the advantages that Agile delivery methods offer. Make sure to rework your project gating and governance approach to be Agile friendly.

    Info-Tech’s methodology for Creating an Agile-Friendly Project Gating and Governance Approach

    1. Establish Your Gating and Governance Purpose 2. Understand and Adapt Info-Tech’s Agile Gating Framework 3. Complete your Agile Gating Framework
    Phase Steps

    1.1 Understand How We Gate and Govern Projects

    1.2 Compare Traditional to Agile Delivery

    1.3 Realize What Traditional Gating Looks Like and Why

    2.1 Understand How Agile Manages Risk and Ensures Value Delivery

    2.2 Introducing Info-Tech’s Agile Gating Framework

    2.3 Create Your Agilometer

    2.4 Create an Agile-Friendly Project Status Report

    2.5 Select Your Agile Health Check Tool

    3.1 Map Your Traditional Gating Artifacts to Agile Delivery

    3.2 Determine Your Now, Next, Later Roadmap for Implementation

    Phase Outcomes
    1. Your gating/governance purpose statement
    2. A fundamental understanding of the difference between traditional and Agile delivery methods.
    1. An understanding of Info-Tech’s Agile Gating Framework
    2. Your Gates 3 and 3A checklists
    3. Your Agilometer tool
    4. Your Agile project status report template
    5. Your Agile health check tool
    1. Artifact map for your Agile gating framework
    2. Roadmap for Agile gating implementation

    Key Deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals, including:

    Agilometer Tool

    Create your customized Agilometer tool to determine project support and oversight needs.
    Sample of the 'Agilometer Tool' deliverable.

    Gates 3 and 3A Checklists

    Create your customized checklists for projects at Gates 3 and 3A.
    Sample of the 'Gates 3 and 3A Checklists' deliverable.

    Agile-Friendly Project Status Report

    Create your Agile-friendly project status report to monitor progress.
    Sample of the 'Agile-Friendly Project Status Report' deliverable.

    Artifact Mapping Tool

    Map your traditional gating artifacts to their Agile replacements.
    Sample of the 'Artifact Mapping Tool' deliverable.

    Create an Agile-Friendly Project Gating and Governance Approach

    Phase 1

    Establish your gating and governance purpose

    Phase 1

    1.1 Understand How We Gate and Govern Projects

    1.2 Compare Traditional to Agile Delivery

    1.3 Realize What Traditional Gating Looks Like And Why

    Phase 2

    2.1 Understand How Agile Manages Risk and Ensures Value Delivery

    2.2 Introducing Info-Tech’s Agile Gating Framework

    2.3 Create Your Agilometer

    2.4 Create Your Agile-Friendly Project Status Report

    2.5 Select Your Agile Health Check Tool

    Phase 3

    3.1 Map Your Traditional Gating Artifacts to Agile Delivery

    3.2 Determine Your Now, Next, Later Roadmap for Implementation

    This phase will walk you through the following activities:

    • Understand why gating and governance are so important to your organization.
    • Compare and contrast traditional to Agile delivery.
    • Identify what form traditional gating takes in your organization.

    This phase involves the following participants:

    • PMO/Gating Body
    • Delivery Managers
    • Delivery Teams
    • Other Interested Parties

    Agile gating–related facts and figures

    73% of organizations created their project gating framework before adopting or considering Agile delivery practices. (Athens Journal of Technology and Engineering)

    71% of survey respondents felt an Agile-friendly gating approach improves both productivity and product quality. (Athens Journal of Technology and Engineering)

    Moving to an Agile-friendly gating approach has many benefits:
    • Faster response to change
    • Improved productivity
    • Higher team morale
    • Better product quality
    • Faster releases
    (Journal of Product Innovation Management)

    Traditional gating approaches can undermine an Agile project

    • Most existing gating and governance frameworks (often referred to as phase-gate) impose requirements on projects that are anti-patterns to an Agile delivery approach
    • For example, any gating approach that requires a project to deliver a detailed requirements document before coding can begin will make it difficult or impossible for the project to use an Agile delivery method.
    • The same can be said for other common phase-gate requirements including:
      • Imposing a formal (and onerous) change control process on project requirements.
      • Requiring a detailed design document and/or detailed user acceptance test plan at the beginning of the project.
      • Asking the project to produce a detailed project plan.
    (DZone)
    Don’t make the mistake of asking an Agile project to follow a traditional phase-gate approach to project delivery!

    Before reworking your gating approach, you need to consider two important questions

    Answering these questions will help guide your new gating process to both be Agile friendly and meet your organization’s needs

    1. What is the fundamental purpose of gating? By examining the fundamental purpose of gating, you will be better able to adjust your approach to achieve the desired outcomes in an Agile context.
    2. How does Agile delivery differ from traditional? By understanding how Agile delivery differs from traditional, you will be better able to adjust your gating approach to support Agile delivery methods.

    Stock image of speech bubbles hanging on string with a question mark and lightbulb drawn on them.

    Build an Extensible Data Warehouse Foundation

    • Buy Link or Shortcode: {j2store}342|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Big Data
    • Parent Category Link: /big-data
    • Data warehouse implementation is a costly and complex undertaking, and can end up not serving the business' needs appropriately.
    • Too heavy a focus on technology creates a data warehouse that isn’t sustainable and ends up with poor adoption.
    • Emerging data sources and technologies add complexity to how the appropriate data is made available to business users.

    Our Advice

    Critical Insight

    • A data warehouse is a project; but successful data warehousing is a program. An effective data warehouse requires planning beyond the technology implementation.
    • Governance, not technology needs to be the core support system for enabling a data warehouse program.
    • Understand business processes at the operational, tactical, and ad hoc levels to ensure a fit-for-purpose DW is built.

    Impact and Result

    • Leverage an approach that focuses on constructing a data warehouse foundation that is able to address a combination of operational, tactical, and ad hoc business needs.
    • Invest time and effort to put together pre-project governance to inform and provide guidance to your data warehouse implementation.
    • Develop “Rosetta Stone” views of your data assets to facilitate data modeling.
    • Select the most suitable architecture pattern to ensure the data warehouse is “built right” at the very beginning.

    Build an Extensible Data Warehouse Foundation Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why the data warehouse is becoming an important tool for driving business value, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Prepare for the data warehouse foundation project

    Begin the data warehouse foundation by defining the project and governance teams, as well as reviewing supporting data management practices.

    • Build an Extensible Data Warehouse Foundation – Phase 1: Prepare for the Data Warehouse Foundation Project
    • Data Warehouse Foundation Project Plan Template
    • Data Warehouse Work Breakdown Structure Template
    • Data (Warehouse) Architect
    • Data Integration Specialist
    • Business Intelligence Specialist
    • Director of Data Warehousing/Business Intelligence
    • Data Warehouse Program Charter Template
    • Data Warehouse Steering Committee Charter Template

    2. Establish the business drivers and data warehouse strategy

    Using the business activities as a guide, develop a data model, data architecture, and technology plan for a data warehouse foundation.

    • Build an Extensible Data Warehouse Foundation – Phase 2: Establish the Business Drivers and Data Warehouse Strategy
    • Business Data Catalog
    • Data Classification Inventory Tool
    • Data Warehouse Architecture Planning Tool
    • Master Data Mapping Tool

    3. Plan for data warehouse governance

    Start developing a data warehouse program by defining how users will interact with the new data warehouse environment.

    • Build an Extensible Data Warehouse Foundation – Phase 3: Plan for Data Warehouse Governance
    • Data Warehouse Standard Operating Procedures Template
    • Data Warehouse Service Level Agreement
    [infographic]

    Workshop: Build an Extensible Data Warehouse Foundation

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Prepare for the Data Warehouse Foundation Project

    The Purpose

    Identify the members of the foundation project team.

    Define overarching statements and define success factors/risks.

    Outline basic project governance.

    Key Benefits Achieved

    Defined membership, roles, and responsibilities involved in the foundation project.

    Establishment of a steering committee as a starting point for the data warehouse program.

    Activities

    1.1 Identify foundation project team and create a RACI chart.

    1.2 Understand what a data warehouse can and cannot enable.

    1.3 Define critical success factors, key performance metrics, and project risks.

    1.4 Develop rough timelines for foundation project completion.

    1.5 Define the current and future states for key data management practices.

    Outputs

    Job Descriptions and RACI

    Data Warehouse Steering Committee Charter

    Data Warehouse Foundation Project Plan

    Work Breakdown Structure

    2 Establish the Business Drivers and Data Warehouse Strategy

    The Purpose

    Define the information needs of the business and its key processes.

    Create the components that will inform an appropriate data model.

    Design a data warehouse architecture model.

    Key Benefits Achieved

    Clear definition of business needs that will directly inform the data and architecture models.

    Activities

    2.1 Understand the most fundamental needs of the business.

    2.2 Define the data warehouse vision, mission, purpose, and goals.

    2.3 Detail the most important operational, tactical, and ad hoc activities the data warehouse should support.

    2.4 Link the processes that will be central to the data warehouse foundation.

    2.5 Walk through the four-column model and business entity modeling as a starting point for data modeling.

    2.6 Create data models using the business data glossary and data classification.

    2.7 Identify master data elements to define dimensions.

    2.8 Design lookup tables based on reference data.

    2.9 Create a fit-for-purpose data warehousing model.

    Outputs

    Data Warehouse Program Charter

    Data Warehouse Vision and Mission

    Documentation of Business Processes

    Business Entity Map

    Business Data Glossary

    Data Classification Scheme

    Data Warehouse Architecture Model

    3 Plan for Data Warehouse Governance

    The Purpose

    Create a plan for governing your data warehouse efficiently and effectively.

    Key Benefits Achieved

    Documentation of current standard operating procedures.

    Identified members of a data warehouse center of excellence.

    Activities

    3.1 Develop a technology capability map to visualize your desired state.

    3.2 Establish a data warehouse center of excellence.

    3.3 Create a data warehouse foundation roadmap.

    3.4 Define data warehouse service level agreements.

    3.5 Create standard operating procedures.

    Outputs

    Technology Capability Map

    Project Roadmap

    Service Level Agreement

    Data Warehouse Standard Operating Procedure Workbook

    Improve IT Governance to Drive Business Results

    • Buy Link or Shortcode: {j2store}190|cart{/j2store}
    • member rating overall impact (scale of 10): 9.3/10 Overall Impact
    • member rating average dollars saved: $194,553 Average $ Saved
    • member rating average days saved: 32 Average Days Saved
    • Parent Category Name: IT Governance, Risk & Compliance
    • Parent Category Link: /it-governance-risk-and-compliance
    • IT governance is the number-one predictor of value generated by IT, yet many organizations struggle to organize their governance effectively.
    • Current IT governance does not address the changing goals, risks, or context of the organization, so IT spend is not easily linked to value.
    • The right people are not making the right decisions about IT.

    Our Advice

    Critical Insight

    • Organizations do not have a governance framework in place that optimally aligns IT with the business objectives and direction.
    • Implementing IT governance requires the involvement of key business stakeholders who do not see IT’s value in corporate governance and strategy.
    • The current governance processes are poorly designed, making the time to decisions too long and driving non-compliance.

    Impact and Result

    • Use Info-Tech’s four-step process to optimize your IT governance framework.
    • Our client-tested methodology supports the enablement of IT-business alignment, decreases decision-making cycle times, and increases IT’s transparency and effectiveness in decisions around benefits realization, risks, and resources.
    • Successful completion of the IT governance redesign will result in the following outcomes:
      1. Align IT with the business context.
      2. Assess the current governance framework.
      3. Redesign the governance framework.
      4. Implement governance redesign.

    Improve IT Governance to Drive Business Results Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should redesign IT governance, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Align IT with the business context

    Align IT’s direction with the business using the Statement of Business Context.

    • Redesign IT Governance to Drive Optimal Business Results – Phase 1: Align IT With the Business Context
    • Make the Case for an IT Governance Redesign
    • Stakeholder Power Map Template
    • IT Governance Stakeholder Communication Planning Tool
    • PESTLE Analysis Template
    • Business SWOT Analysis Template
    • Statement of Business Context Template

    2. Assess the current governance framework

    Evaluate the strengths and weaknesses of current governance using the Current State Assessment.

    • Redesign IT Governance to Drive Optimal Business Results – Phase 2: Assess the Current Governance Framework
    • Current State Assessment of IT Governance

    3. Redesign the governance framework

    Build a redesign of the governance framework using the Future State Design template.

    • Redesign IT Governance to Drive Optimal Business Results – Phase 3: Redesign the Governance Framework
    • Future State Design for IT Governance
    • IT Governance Terms of Reference

    4. Implement governance redesign

    Create an implementation plan to jump-start the communication of the redesign and set it up for success.

    • Redesign IT Governance to Drive Optimal Business Results – Phase 4: Implement Governance Redesign
    • Redesign IT Governance to Drive Optimal Business Results Executive Presentation Template
    • IT Governance Implementation Plan
    [infographic]

    Workshop: Improve IT Governance to Drive Business Results

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify the Need for Governance

    The Purpose

    Identify the need for governance in your organization and engage the leadership team in the redesign process.

    Key Benefits Achieved

    Establish an engagement standard for the leadership of your organization in the IT governance redesign.

    Activities

    1.1 Identify stakeholders.

    1.2 Make the case for improved IT governance.

    1.3 Customize communication plan.

    Outputs

    Stakeholder Power Map

    Make the Case Presentation

    Communication Plan

    2 Align IT With the Business Context

    The Purpose

    Create a mutual understanding with the business leaders of the current state of the organization and the state of business it is moving towards.

    Key Benefits Achieved

    The understanding of the business context will provide an aligned foundation on which to redesign the IT governance framework.

    Activities

    2.1 Review documents.

    2.2 Analyze frameworks.

    2.3 Conduct brainstorming.

    2.4 Finalize the Statement of Business Context.

    Outputs

    PESTLE Analysis

    SWOT Analysis

    Statement of Business Context

    3 Assess the Current Governance Framework

    The Purpose

    Establish a baseline of the current governance framework.

    Key Benefits Achieved

    Develop guidelines based off results from the current state that will guide the future state design.

    Activities

    3.1 Create committee profiles.

    3.2 Build governance structure map.

    3.3 Establish governance guidelines.

    Outputs

    Current State Assessment

    4 Redesign the Governance Framework

    The Purpose

    Redesign the governance structure and the committees that operate within it.

    Key Benefits Achieved

    Build a future state of governance where the relationships and processes that are built drive optimal business results.

    Activities

    4.1 Build governance structure map.

    4.2 Create committee profiles.

    Outputs

    Future State Design

    IT Governance Terms of Reference

    5 Implement Governance Redesign

    The Purpose

    Build a roadmap for implementing the governance redesign.

    Key Benefits Achieved

    Create a transparent and relationship-oriented implementation strategy that will pave the way for a successful redesign implementation.

    Activities

    5.1 Identify next steps for the redesign.

    5.2 Establish communication plan.

    5.3 Lead executive presentation.

    Outputs

    Implementation Plan

    Executive Presentation

    Further reading

    Improve IT Governance to Drive Business Results

    Avoid bureaucracy and achieve alignment with a minimalist approach.

    ANALYST PERSPECTIVE

    Governance optimization is achieved where decision making, authority, and context meet.

    "Governance is something that is done externally to IT and well as internally by IT, with the intention of providing oversight to direct the organization to meet goals and keep things on target.

    Optimizing IT governance is the most effective way to consistently direct IT spend to areas that provide the most value in producing or supporting business outcomes, yet it is rarely done well.

    IT governance is more than just identifying where decisions are made and who has the authority to make them – it must also provide the context and criteria under which decisions are made in order to truly provide business value" (Valence Howden, Director, CIO Practice Info-Tech Research Group)

    Our understanding of the problem

    This Research is Designed For:

    • CIOs
    • CTOs
    • IT Directors

    This Research Will Help You:

    • Achieve and maintain executive and business support for optimizing IT governance.
    • Optimize your governance structure.
    • Build high-level governance processes.
    • Build governance committee charters and set accountability for decision making.
    • Plan the transition to the optimized governance structure and processes.

    This Research Will Also Assist:

    • Executive Leadership
    • IT Managers
    • IT Customers
    • Project Managers

    This Research Will Help Them:

    • Improve alignment between business decisions and IT initiatives.
    • Establish a mechanism to validate, redirect, and reprioritize IT initiatives.
    • Realize greater value from more effective decision making.
    • Receive a better overall quality of service.

    Executive Summary

    Situation

    • IT governance is the #1 predictor of value generated by IT, yet many organizations struggle to organize their governance effectively.*
    • Current IT governance does not address the changing goals, risks, or context of the organization so IT spend is not easily linked to value.
    • The right people are not making the right decisions about IT.

    Complication

    • Organizations do not have a governance framework in place that optimally aligns IT with the business objectives and direction.
    • Implementing IT governance requires the involvement of key business stakeholders who do not see IT’s value in governance and strategy.
    • The current governance processes are poorly designed, creating long decision-making cycles and driving non-compliance with regulation.

    Resolution

    • Use Info-Tech’s four-step process for optimizing your IT governance framework. Our client-tested methodology supports the enablement of IT-business alignment, decreases decision-making cycle times, and increases IT’s transparency and effectiveness in making decisions around benefits realization, risks, and resources.
    • Successful completion of the IT governance redesign will result in the following outcomes:
      1. Align IT with the business context.
      2. Assess the current governance framework.
      3. Redesign the governance framework.
      4. Implement governance redesign.

    Info-Tech Insight

    • Establish IT-business fusion. In governance, alignment is not enough. Merge IT and the business through governance to ensure business success.
    • With great governance comes great responsibility. Involve relevant business leaders, who will be impacted by IT outcomes, to take on governing responsibility of IT.
    • Let IT manage and the business govern. IT governance should be a component of enterprise governance, allowing IT leaders to focus on managing.

    IT governance is...

    An enabling framework for decision-making context and accountabilities for related processes.

    A means of ensuring business-IT collaboration, leading to increased consistency and transparency in decision making and prioritization of initiatives.

    A critical component of ensuring delivery of business value from IT spend and driving high satisfaction with IT.

    IT governance is not...

    An annoying, finger-waving roadblock in the way of getting things done.

    Limited to making decisions about technology.

    Designed tacitly; it is purposeful, with business objectives in mind.

    A one-time project; you must review and revalidate the efficiency.

    Avoid common misconceptions of IT governance

    Don’t blur the lines between governance and management; each has a unique role to play. Confusing these results in wasted time and confusion around ownership.

    Governance

    A cycle of 'Governance Processes' and 'Management Processes'. On the left side of the cycle 'Governance Processes' begins with 'Evaluate', then 'Direct', then 'Monitor'. This leads to 'Management Processes' on the right side with 'Plan', 'Build', 'Run', and 'Monitor', which then feeds back into 'Evaluate'.

    Management

    IT governance sets direction through prioritization and decision making, and monitors overall IT performance.

    Governance aligns with the mission and vision of the organization to guide IT.

    Management is responsible for executing on, operating, and monitoring activities as determined by IT governance.

    Management makes decisions for implementing based on governance direction.

    The IT Governance Framework

    An IT governance framework is a system that will design structures, processes, authority definitions, and membership assignments that lead IT toward optimal results for the business.

    Governance is performed in three ways:
    1. Evaluate

      Governance ensures that business goals are achieved by evaluating stakeholder needs, criteria, metrics, portfolio, risk, and definition of value.
    2. Direct

      Governance sets the direction of IT by delegating priorities and determining the decisions that will guide the IT organization.
    3. Monitor

      Governance establishes a framework to monitor performance, compliance to regulation, and progress on expected outcomes.

    "Everyone needs good IT, but no one wants to talk about it. Most CFOs would rather spend time with their in-laws than in an IT steering-committee meeting. But companies with good governance consistently outperform companies with bad. Which group do you want to be in?" (Martha Heller, President, Heller Search Associates)

    Create impactful IT governance by embedding it within enterprise governance

    The business should engage in IT governance and IT should influence the direction of the business.

    Enterprise Governance

    IT Governance

    Authority for enterprise governance falls to the board and executive management.

    Responsibilities Include:
    • Provide strategic direction for the organization.
    • Ensure objectives are met.
    • Set the risk standards or profile.
    • Delegate resources responsibly.
    –› Engage in –›

    ‹– Influence ‹–

    Governance of IT is a component of enterprise governance.

    Responsibilities Include:
    • Build structure, authority, process, and membership designations in a governance framework.
    • Ensure the IT organization is aligned with business goals.
    • Influence the direction of the business to ensure business success.

    Identify signals of sub-optimal IT governance within any of these domains

    If you notice any of these signals, governance redesign is right for you!

    Inability to Realize Benefits

    1. IT is unable to articulate the value of its initiatives or spend.
    2. IT is regularly delegated unplanned projects.
    3. The is no standard approach to prioritization.
    4. Projects do not meet target metrics.

    Resource Misallocation

    1. Resources are wasted due to duplication or overlap in IT initiatives.
    2. IT projects fail at an unacceptable rate, leading to wasted resources.
    3. IT’s costs continue to increase without reciprocal performance increase.

    Misdiagnosed Risks

    1. Risk appetite is incorrectly identified or not identified at all.
    2. Disagreement on the approach to risk in the organization.
    3. Increasing rate of IT incidents related to risk.
    4. IT is failing to meet regulatory requirements.

    Dissatisfied Stakeholders

    1. There are no ways to measure stakeholder satisfaction with IT.
    2. Business strategies and IT strategies are misaligned.
    3. IT’s relationship with key stakeholders is unstable and there is a lack of mutual trust.

    A majority of organizations experience significant alignment gaps

    The majority of organizations and their key stakeholders experience highly visible gaps in the alignment of IT investments and organizational goals.

    There are two bars with percentages of their length marked out for different CXO responses. The possible responses are from '1, Critical Gap' to '7, No Gap'. The top bar says '57% of CXOs identify a major gap in IT's ability to support business goals', and shows 13% answered '1, Critical Gap', 22% answered '2', and 22% answered '3'. The bottom bar says '84% of CXOs often perceive that IT is investing in areas that do not support the business' and shows 38% answered '1, Critical Gap', 33% answered '2', and 13% answered '3'.

    88% of CIOs believe that their governance is not effective. (Info-Tech Diagnostics)

    Leverage governance as the catalyst for connecting IT and the business

    49% of firms are misaligned on current performance expectations for IT.

    • 49% Misaligned
    • 51% Aligned

    67% of firms are misaligned on the target role for IT.

    • 34% Highly Misaligned
    • 33% Somewhat Misaligned
    • 33% Aligned

    A well-designed IT governance framework will hep you to:

    1. Make sure IT keeps up with the evolving business context.
    2. Align IT with the mission and the vision of the organization.
    3. Optimize the speed and quality of decision making.
    4. Meet regulatory and compliance needs in the external environment.
    5. (Info-Tech Diagnostics)

    Align with business goals through governance to attain business-IT fusion

    Create a state of business-IT fusion, in which the two become one.

    Without business-IT fusion, IT will go in a different direction, leading to a divergence of purpose and outcomes. IT can transform into a fused partner of the business by ensuring that they govern toward the same goal.

    Firefighter
    • Delivers lower value
    • Duplication of effort
    • Unclear risk profile
    • High risk exposure
    Three sets of arrows, each pointing upward and arranged in an ascending stair pattern. The first, lowest set of arrows has a large blue arrow with a small green arrow veering off to the side, unaligned. The second, middle set of arrows has a large blue arrow with a medium green arrow overlaid on its center, somewhat aligned. The third, highest set of arrows has half of a large blue arrow, and the other half is a large green arrow, aligned. Business Partner
    • Increased speed of decision making
    • Aligned with business priorities
    • Optimized utility of people, financial, and time resources
    • Monitors and mitigates risk and compliance issues

    Redesign IT governance in accordance with COBIT and proven good practice

    Info-Tech’s approach to governance redesign is rooted in COBIT, the world-class and open-source IT governance standard.

    COBIT begins with governance, EDM – Evaluate, Direct, and Monitor.

    We build upon these standards with industry best practices and add a practical approach based on member feedback.

    This blueprint will help you optimize your governance framework.

    The upper image is a pyramid with 'Info-Tech Insights, Analysts, Experts, Clients' on top, 'IT Governance Best Practices' in the middle, and 'COBIT 5' on the bottom, indicating that Info-Tech's Governance guidance is based in COBIT 5. 'This project will focus on EDM01, Set/Maintain Governance Framework.'

    Use Info-Tech’s approach to implementing an IT governance redesign

    The four phases of Info-Tech’s governance redesign methodology will help you drive greater value for the business.

    1. Align IT With the Business Context
      Align IT’s direction with the business using the Statement of Business Context Template.
    2. Assess the Current Governance Framework
      Evaluate the strengths and weaknesses of current governance using the Current State Assessment of IT Governance.
    3. Redesign the Governance Framework
      Build a redesign of the governance framework using the Future State Design for IT Governance tool.
    4. Implement Governance Redesign
      Create an IT Governance Implementation Plan to jumpstart the communication of the redesign and set it up for success.
    5. Continuously assess your governance framework to ensure alignment.

    Leverage Info-Tech’s insights for an optimal redesign process

    Common Pitfalls

    Info-Tech Solutions

    Phase 1

    There must be an active understanding of the current and future state of the business for governance to address the changing needs of the business. –›
    1. Make the case for a governance redesign.
    2. Create a custom communication plan to facilitate support.
    3. Establish a collectively agreed upon statement of business context.

    Phase 2

    Take a proactive approach to revising your governance framework. Understand why you are making decisions before actually making them. –›
    1. Conduct the IT governance current state assessment.
    2. Create governance guidelines for redesign.

    Phase 3

    Keep the current and future goals in sight to build an optimized governance framework that maintains the minimum bar of oversight required. –›
    1. Redesign the future state of IT governance in your organization.

    Phase 4

    Don’t overlook the politics and culture of your organization in redesigning your governance framework. –›
    1. Rationalize steps in an implementation plan.
    2. Outline a communication strategy to navigate culture and politics.
    3. Construct an executive presentation to facilitate transparency for the governing framework.

    Leverage both COBIT and Info-Tech-defined metrics to evaluate the success of your redesign

    These metrics will help you determine the extent to which your governance is supporting your business goals, and whether the governance in place promotes business-IT fusion.

    Benefits Realization

    1. Percent of IT-enabled investments where benefit realization is monitored through the full economic life. (COBIT-defined metric)
    2. Percent of enterprise strategic goals and requirements supported by IT strategic goals. (COBIT-defined metric)
    3. Percent of IT services where expected benefits are realized or exceeded. (COBIT-defined metric)

    Resources

    1. Satisfaction level of business and IT executives with IT-related costs and capabilities. (COBIT-defined metric)
    2. Average time to turn strategic IT objectives into an agreed-upon and approved initiative. (COBIT-defined metric)
    3. Number of deviations from resource utilization plan.

    Risks

    1. Number of security incidents causing financial loss, business disruption, or public embarrassment. (COBIT-defined metric)
    2. Number of issues related to non-compliance with policies. (COBIT-defined metric)
    3. Percentage of enterprise risk assessments that include IT-related risks. (COBIT-defined metric)
    4. Frequency with which the risk profile is updated. (COBIT-defined metric)

    Stakeholders

    1. Change in score of alignment with the scope of the planned portfolio of programs and services (using CIO-CXO Alignment Diagnostic).
    2. Percent of executive management roles with clearly defined accountabilities for IT decisions. (COBIT-defined metric)
    3. Percent of business stakeholders satisfied that IT service delivery meets agreed-upon service levels. (COBIT-defined metric)
    4. Percent of key business stakeholders involved in IT governance.

    Capture monetary value by establishing and monitoring key metrics

    While benefits of governance are often qualitative, the power of effective governance can be demonstrated through quantitative financial gains.

    Scenario 1 – Realizing Expected Gains

    Scenario 2 – Mitigating Unexpected Losses

    Metric

    Track the percentage of initiatives that provided expected ROI year over year. The optimization of the governance framework should generate an increase in this metric. Monitor this metric for continuous improvement opportunities. Track the financial losses related to non-compliance with policy or regulation. An optimized governance framework should better protect the organization against policy breach and mitigate the possibility and impact of “rogue” actions.

    Formula

    ROI of all initiatives / number of initiatives in year 2 – ROI of all initiatives / number of initiatives in year 1

    The expected result should be positive.

    Cost of non-compliance in year 2 – cost of non-compliance in year 1

    The expected result should be negative.

    Redesign IT governance to achieve optimal business outcomes

    CASE STUDY

    Industry: Healthcare
    Source: Info-Tech

    Situation

    The IT governance had been structured based on regulations and had not changed much since it was put in place. However, a move to become an integration and service focused organization had moved the organization into the world of web services, Agile development, and service-oriented architecture.

    Complication

    The existing process was well defined and entrenched, but did not enable rapid decision making and Agile service delivery. This was due to the number of committees where initiatives were reviewed, made worse by their lack of approval authority. This led to issues moving initiatives forward in the timeframes required to meet clinician needs and committed governmental deadlines.

    In addition, the revised organizational mandate had created confusion regarding the primary purpose and function of the organization and impacted the ability to prioritize spend on a limited budget.

    To complicate matters further, there was political sensitivity tied to the membership and authority of different governing committees.

    Result:

    The CEO decided that a project would be initiated by the Enterprise Architecture Group, but managed by an external consultant to optimize and restructure the governance within the organization.

    The purpose of using the external consultant was to help remove internal politics from the discussion. This allowed the organization to establish a shared view of the organization’s revised mission and IT’s role in its execution.

    The exercise led to the removal of one governing committee and the merger of two others, modification to committee authority and membership, and a refined decision-making context that was agreed to by all parties.

    The redesigned governance process led to a 30% reduction in cycle time from intake to decision, and a 15% improvement in alignment of IT spend with strategic priorities.

    Use these icons to help direct you as you navigate this research

    Use these icons to help guide you through each step of the blueprint and direct you to content related to the recommended activities.

    A small monochrome icon of a wrench and screwdriver creating an X.

    This icon denotes a slide where a supporting Info-Tech tool or template will help you perform the activity or step associated with the slide. Refer to the supporting tool or template to get the best results and proceed to the next step of the project.

    A small monochrome icon depicting a person in front of a blank slide.

    This icon denotes a slide with an associated activity. The activity can be performed either as part of your project or with the support of Info-Tech team members, who will come onsite to facilitate a workshop for your organization.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Redesign IT Governance – project overview

    Align IT With the Business Context

    Assess the Current State

    Redesign Governance

    Implement Redesign

    Supporting Tool icon

    Best-Practice Toolkit

    1.1 Identify Stakeholders
    1.2 Make the Case
    1.3 Present to Executives
    1.4 Customize Comm. Plan
    1.5 Review Documents
    1.6 Analyze Frameworks
    1.7 Conduct Brainstorming
    1.8 Finalize the SoBC
    2.1 Create Committee Profiles

    2.2 Build a Governance Structure Map

    2.3 Establish Governance Guidelines

    3.1 Build Governance Structure Map

    3.2 Create Committee Profiles

    3.3 Leverage Process Specific Governance Blueprints

    4.1 Identify Next Steps for the Redesign

    4.2 Establish Communication Plan

    4.3 Lead Executive Presentation

    Guided Implementations

    • Move towards gaining buy-in from the business if necessary. Then identify the major components of the SoBC.
    • Review SoBC and discuss a strategy to engage key stakeholders in the redesign.
    • Explore the process of identifying the four major elements of governance. Build guidelines for the future state.
    • Review the current state of governance and discuss the implications and guidelines.
    • Identify the changes that will need to be made.
    • Review redesigned structure and authority.
    • Review redesigned process and membership.
    • Discuss and review the implementation plan.
    • Prepare the presentation for the executives. Provide support on any final questions.
    Associated Activity icon

    Onsite Workshop

    Module 1:
    Align IT with the business context
    Module 2:
    Assess the current governance framework
    Module 3:
    Redesign the governance framework
    Module 4:
    Implement governance redesign
    Phase 1 Results:
    • Align IT’s direction with the business.
    Phase 2 Results:
    • Evaluate the strengths and weaknesses of current governance and build guidelines.
    Phase 3 Results:
    • Establish a redesign of the governance framework.
    Phase 4 Results:
    • Create an implementation plan for the communication of the redesign.

    Workshop overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Workshop Day 1

    Workshop Day 2

    Workshop Day 3

    Workshop Day 4

    Workshop Day 5

    Task – Identify the Need for Governance Task – Align IT with the Business Context Task – Assess the Current State Task – Redesign Governance Framework Task – Implement Governance Redesign

    Activities

    • 1.1 Identify Stakeholders
    • 1.2 Make the Case
    • 1.3 Present to Executives
    • 1.4 Customize Communication Plan
    • 2.1 Review Documents
    • 2.2 Analyze Frameworks
    • 2.3 Conduct Brainstorming
    • 2.4 Finalize the Statement of Business Context
    • 3.1 Create Committee Profiles
    • 3.2 Build Governance Structure Map
    • 3.3 Establish Governance Guidelines
    • 4.1 Build Governance Structure Map
    • 4.2 Create Committee Profiles
    • 4.3 Leverage Process Specific Governance Blueprints
    • 5.1 Identify Next Steps for the Redesign
    • 5.2 Establish Communication Plan
    • 5.3 Lead Executive Presentation

    Deliverables

    1. Make the Case Presentation
    2. Stakeholder Power Map Template
    3. Communication Plan
    1. PESTLE Analysis
    2. SWOT Analysis
    3. Statement of Business Context
    1. Current State Assessment
    1. Future State Design Tool
    2. IT Governance Terms of Reference
    1. Implementation Plan
    2. Executive Presentation

    Improve IT Governance to Drive Business Results

    PHASE 1

    Align IT With the Business Context

    Phase 1 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Align IT With the Business Context

    Proposed Time to Completion: 2-4 weeks
    Step 1.1: Identify the Need for Governance Step 1.2: Create the Statement of Business Context
    Start with an analyst kick-off call:
    • Understand the core concepts of IT governance.
    • Create a strategy for key stakeholder support.
    • Identify key communication milestones.
    Review findings with analyst:
    • Identify and discuss the process of engaging senior leadership.
    • Review findings from business analysis.
    • Review diagnostic and interview outcomes.
    Then complete these activities…
    • Identify stakeholders.
    • Make the case to executives.
    • Build a communication plan.
    Then complete these activities…
    • Review business documents.
    • Review the PESTLE and SWOT analyses.
    • Analyze outcomes of CIO-CEO Alignment Diagnostic.
    • Complete the Statement of Business Context.
    With these tools & templates:
    • Make the Case for an IT Governance Redesign
    • Stakeholder Power Map Template
    • IT Governance Stakeholder Communication Planning Tool
    With these tools & templates:
    • PESTLE Analysis Template
    • Business SWOT Analysis Template
    • CIO-CEO Alignment Diagnostic
    • Statement of Business Context Template

    Phase 1: Align IT With the Business Context

    1 2 3 4
    Align IT With the Business Context Assess the Current Governance Framework Redesign the Governance Framework Implement Governance Redesign

    Activities:

    • 1.1 Identify Stakeholders
    • 1.2 Customize Make the Case Presentation
    • 1.3 Present to Executives
    • 1.4 Customize Communication Plan
    • 1.5 Review Business Documents
    • 1.6 Analyze Business Frameworks
    • 1.7 Conduct Brainstorming Efforts
    • 1.8 Finalize the SoBC

    Outcomes:

    • Make the case for a governance redesign.
    • Create a custom communication plan to facilitate support for the redesign process.
    • Establish a collectively agreed upon statement of business context.

    Set up business-driven governance by gaining an understanding of the business context

    Fuse IT with the business by establishing a common context of what the business is trying to achieve. Align IT with the business by developing an understanding of the business state, creating a platform to build a well-aligned governance framework.

    "IT governance philosophies can no longer be a ‘black box’ … IT governance can no longer be ignored by senior executives." (Iskandar and Mohd Salleh, University of Malaya, International Journal of Digital Society)

    Info-Tech Insight

    Get consensus on the changing state of business. There must be an active understanding of the current and future state of the business for governance to address the changing needs of the business.

    The source for the governance redesign directive will dictate the route for attaining leadership buy-in

    "Without an awareness of IT governance, there is no chance that it will be followed … The higher the percentage of managers who can describe your governance, the higher the governance performance." (Jeanne Ross, Director, MIT Center for Information Systems Research)

    The path you will choose for your governance buy-in tactics will be based on the original directive to redesign governance.

    Enterprise Directive.
    In the case that the redesign is an enterprise directive, jump directly to building a communication plan.

    IT Directive.
    In the case that the redesign is an IT directive, make the case to get the business on board.

    Use the Make the Case presentation template to get buy-in from the business

    Supporting Tool icon 1A Convince senior management to redesign governance

    INSTRUCTIONS

    1. Identify Stakeholders
      Determine which business stakeholders will be impacted or involved in the redesign process.
    2. Customize the Presentation
      Identify specific pain points regarding IT-business alignment.
    3. Present to Executives
      Present the make the case presentation.

    Info-Tech Best Practice

    Use the Make the Case customizable deliverable to lead a boardroom-quality presentation proving the specific need for senior executive involvement in the governance redesign.

    Determine which business stakeholders will be impacted or involved in the redesign process

    Associated Activity icon 1.1 Identify the stakeholders for the IT governance redesign

    It is vital to identify key business and IT stakeholders before the IT governance redesign has begun. Consider whose input and influence will be necessary in order to align with the business context and redesign the governance framework accordingly.

    Business

    • Shareholders
    • Board
    • Chief Executive Officer
    • –› Example: the CEO wants to know how IT will support the achievement of strategic corporate objectives.
    • Chief Financial Officer
    • Chief Operating Officer
    • Business Executives
    • Business Process Owners
    • Strategy Executive Committee
    • Chief Risk Officer
    • Chief Information Security Officer
    • Architecture Board
    • Enterprise Risk Committee
    • Head of Human Resources
    • Compliance
    • Audit

    IT

    • Chief Information Officer
    • –› Example: the CIO would like validation from the business with regards to prioritization criteria.
    • Head Architect
    • Head of Development
    • Head of IT Operations
    • Head of IT Administration
    • Service Manager
    • Information Security Manager
    • Business Continuity Manager
    • Privacy Officer

    External

    • Government Agency
    • –› Example: some governments mandate that organizations develop and implement an IT governance framework.
    • Audit Firm

    Build a power map to prioritize stakeholders

    Associated Activity icon 1.1 2-4 hours

    Stakeholders may have competing concerns – that is, concerns that cannot be addressed with one solution. The governance redesigner must prioritize their time to address the concerns of the stakeholders who have the most power and who are most impacted by the IT governance redesign.

    Draw a stakeholder power map to visualize the importance of various stakeholders and their concerns, and to help prioritize your time with those stakeholders.

    • Power: How much influence does the stakeholder have? Enough to drive the project forward or into the ground?
    • Involvement: How interested is the stakeholder? How much involvement does the stakeholder have in the project already?
    • Impact: To what degree will the stakeholder be impacted? Will this significantly change the job?
    • Support: Is the stakeholder a supporter of the project? Neutral? A resistor?
    A power map of stakeholders with two axes and four quadrants. The vertical axis is 'Low Power' on the bottom and 'High Power' on top. The horizontal axis is 'Low Involvement' on the left and 'High Involvement' on the right. The top left quadrant is labeled 'Keep satisfied' and contains 'CFO', a Strongly Impacted Resistor, and 'COO', a Weakly Impacted Resistor. The top right quadrant is labeled 'Key Players' and contains 'CIO' and 'CEO', both Strongly Impacted Supporters. The bottom left quadrant is labeled 'Minimal effort' and contains 'Marketing Head', a Weakly Impacted Neutral, and 'Production Head', a Moderately Impacted Neutral. The bottom right quadrant is labeled 'Keep informed' and contains 'Director of Ops', a Strongly Impacted Supporter, and 'Chief Architect', a Strongly Impacted Neutral.

    Download Info-Tech’s Stakeholder Power Map Template to help you visualize your key stakeholders.

    Build a power map to prioritize stakeholders

    Associated Activity icon 1.1

    It is important to identify who will be impacted and who has power, and the level of involvement they have in the governance redesign. If they have power, will be highly impacted, and are not involved in governance, you have already lost – because they will resist later. You need to get them involved early.

    • Focus on key players – relevant stakeholders who have high power, are highly impacted, and should have a high level of involvement.
    • Engage the stakeholders that are impacted most and have the power to impede the success of redesigning IT governance.
      • For example, if a CFO, who has the power to block project funding, is heavily impacted and not involved, the IT governance redesign success will be put at risk.
    • Some stakeholders may have influence over others so you should focus your efforts on the influencer rather than the influenced.
      • For example, if an uncooperative COO is highly influenced by the Director of Operations, it is recommended to engage the latter.

    The same power map of stakeholders with two axes and four quadrants, but with focus points and notes. The vertical axis is 'Low Power' on the bottom and 'High Power' on top. The horizontal axis is 'Low Involvement' on the left and 'High Involvement' on the right. The top left quadrant is labeled 'Keep satisfied' and contains 'CFO', a Strongly Impacted Resistor, and 'COO', a Weakly Impacted Resistor, as well as a dotted line moving 'CFO' to the top right quadrant with the note 'A) needs to be engaged'. The top right quadrant is labeled 'Key Players' and contains 'CIO' and 'CEO', both Strongly Impacted Supporters, as well as the new required position of 'CFO'. The bottom left quadrant is labeled 'Minimal effort' and contains 'Marketing Head', a Weakly Impacted Neutral, and 'Production Head', a Moderately Impacted Neutral. The bottom right quadrant is labeled 'Keep informed' and contains 'Director of Ops', a Strongly Impacted Supporter, and 'Chief Architect', a Strongly Impacted Neutral, as well as a line from 'Director of Ops' to 'COO' in the top left quadrant with a note that reads 'B) Influences'.

    Identify specific pain points regarding business-IT alignment

    Associated Activity icon 1.2 2-4 hours

    INPUT: Signal Questions, CIO-CXO Alignment Diagnostic

    OUTPUT: List of Categorized Pain Points

    Materials: Make the Case for an IT Governance Redesign

    Participants: Identified Key Business Stakeholders

    1. Consider Signals for Redesign
      Refer to the Executive Brief for questions to identify pain points related to governance.
      • Benefits Realization
      • Resources
      • Risks
      • Stakeholders
    2. Conduct CIO-CEO Alignment Diagnostic
      Assess the current state of alignment between the CIO and the major stakeholders of the organization.

    See the CEO-CIO Alignment Program for more information.

    Conduct the CEO-CIO Alignment Diagnostic

    Why CEO-CIO Alignment?

    The CEO-CIO Alignment Program helps you understand the gaps between what the CEO wants for IT and what the CIO wants for IT. The program will also evaluate the current state of IT, from a strategic and tactical perspective, based on the CEO’s opinion.

    The CEO-CIO Alignment Program helps to:

    • Evaluate how the executive leadership currently feels about the IT organization’s performance along the following dimensions:
      • IT budgeting and staffing
      • IT strategic planning
      • Degree of project success
      • IT-business alignment
    • Answer the question, “What does the CEO want from IT?”
    • Understand the CEO’s perception of and vision for IT in the business.
    • Define the current and target roles for IT. Understanding IT’s current and target roles, in the eyes of the CEO, is crucial to creating IT governance. By focusing the IT governance on achieving the target role, you will ensure that the senior leadership will support the implementation of the IT governance.

    To conduct the CEO-CIO Alignment Program, follow the steps outlined below.

    1. Select the senior business leader to participate in the program. While Info-Tech suggests that the CEO participate, you might have other senior stakeholders who should be involved.
    2. Send the survey link to your senior business stakeholder and ensure the survey’s completion.
    3. Complete your portion of the survey.
    4. Hold a meeting to discuss the results and document your findings.

    See the CEO-CIO Alignment Program for more information.

    Present the “Make the Case” for IT governance redesign

    Associated Activity icon 1.3 30 minutes

    1. Review Finalized Stakeholder List
      Consolidate a list of the most important and impactful stakeholders who need further convincing to participate in the governance redesign and implementation.
    2. Present the Deck
      Include the information gathered throughout the discovery into the presentation deck and hold a meeting to review the findings.

    Business

    • Shareholders
    • Board
    • Chief Executive Officer
    • Chief Financial Officer
    • Chief Operating Officer
    • Business Executives
    • Strategy Executive Committee
    • Chief Risk Officer
    • Architecture Board
    • Enterprise Risk Committee
    • Head of Human Resources
    • Compliance

    IT

    • Chief Information Officer

    External

    • Government Agency
    • Audit Firm

    Use the Make the Case for an IT Governance Redesign template for more information.

    Create a custom communication plan to facilitate support for the redesign process

    Supporting Tool icon 1B Create a plan to engage the key stakeholders

    INSTRUCTIONS

    1. Identify Stakeholders
      Determine which business stakeholders will be involved (refer to Activity 1.1).
    2. Customize Communication Plan
      Follow up with individual communication plans.

    Info-Tech Best Practice

    Create personal communication plans to provide individualized engagement, instead of assuming that everyone will respond to the same communication style.

    Download the IT Governance Stakeholder Communication Planning Tool for more information.

    Create a communication plan to engage key stakeholders

    Associated Activity icon 1.4 1 hour
    1. Input Stakeholders
      Determine which business stakeholders will be involved (refer to Activity 1.1). Then, insert their position on the power map, the rationale to inform them, the timing of communications, and what inputs they will be needed to provide.

      Stakeholder role

      Power map position

      Why inform them

      When to inform them

      What we need from them

      Chief Executive Officer
      Chief Financial Officer
      Chief Operating Officer
    2. Identify Communication Strategy
      Outline the most effective communication plan for that stakeholder. Identify how to best communicate to the stakeholders to make sure they are appropriately engaged in the redesign process.

      Vehicle

      Audience

      Purpose

      Frequency

      Owner

      Distribution

      Level of detail

      Status Report IT Managers Project progress and deliverable status Weekly CIO, John Smith Email Details for milestones, deliverables, budget, schedule, issues, next steps
      Status Report Marketing Manager Project progress Monthly CIO, John Smith Email High-level detail for major milestone update and impact to the marketing unit

    Establish a collectively agreed upon statement of business context (SoBC)

    Supporting Tool icon 1C Document the mutual understanding of the business context

    INSTRUCTIONS

    1. Review Business Documents
      Review business documents from broad areas of the business to assess the business context.
    2. Analyze Business Frameworks
      Analyze business frameworks to articulate the current and projected future business context.
    3. Brainstorm With Key Stakeholders
      Conduct stakeholder brainstorming efforts to gain insights from key business stakeholders.
    4. Finalize the SoBC
      Document and sign the SoBC with identified stakeholders.

    Info-Tech Best Practice

    Use the Statement of Business Context customizable deliverable as a point of reference that will guide the direction of the governance redesign.

    Use the Statement of Business Context to identify the critical information needed to guide governance

    Components of the SoBC

    1. Mission
      • Who are you as an organization?
      • Who are your internal and external customers?
      • What are your core business functions?

      Example (Higher Education)
      Nurture global leaders and provide avenues for intellectual exploration.
    2. Vision
      • Is your vision statement future-facing?
      • Is your vision statement concise?
      • Is your vision statement achievable?
      • Does your vision statement involve change?

      Example
      Be a catalyst for creating the future leaders of tomorrow through dynamic and immersive educational experiences. The university will be recognized for being a prestigious innovative research hub and educational institution.
    Sample of Info-Tech's Statement of Business Context Template with the Mission and Vision Statements.

    Use the Statement of Business Context to identify the critical information needed to guide governance (cont.)

    More Components of the SoBC

    1. Strategic Objectives
      • What are the strategic initiatives of the organization?
      • Do you have a roadmap to accomplish your mission?
      • What are the primary goals of senior leaders for the organization?

      Example
      1. Meeting government regulation
      2. Revenue generation
      3. Top research quality
      4. High teaching quality
    Sample of Info-Tech's Statement of Business Context Template with Strategic Objectives.
    1. State of Business
      • Consider what the current state and future state are.
      • How does the operating model used define the state?
      • How do industry trends shape the business?
      • What internal changes impact the business model?

      Example
      Our organization aims to make quick decisions and navigate the fast-paced industry with agility, uniting the development and operational sides of the business.
    Sample of Info-Tech's Statement of Business Context Template with State of the Business.

    Leverage core concepts to determine the direction of the organization’s state of the business

    1. Mission
    2. Vision
    3. Strategic Objectives
    –›
    1. State of Business

    2. Work through if your organization’s state is small vs. large, public vs. private, and lean vs. DevOps vs. traditional.

    Small

    IT team is 30 people or less.

    Large

    IT team is more than 30 people.

    Public

    Wholly or partly funded by the government.

    Private

    No government funding is provided.
    Lean: The business aims to eliminate any waste of resources (time, effort, or money) by removing steps in the business process that do not create value. Devops/Agile: Our organization aims to make quick decisions and navigate the fast-paced industry with agility. Uniting the development and operational sides of the business. Hierarchical: Departments in the organization are siloed by function. The organization is top-down and hierarchical, and takes more time with decision making.

    ‹– Multi-State (any combination) –›

    Review business documents to assess business context

    Associated Activity icon 1.5 2-4 hours

    INPUT: Strategic Documents, Financial Documents

    OUTPUT: Mission, Vision, Strategic Objectives

    Materials: Corporate Documents

    Participants: IT Governance Redesign Owner

    Start assessing the state of the business context by leveraging easily accessible information. Many organization have strategic plans, documents, and presentations that already include a large portion of the information for the SoBC – use these sources first.

    Instructions

    1. Strategic Documents
      Leverage your organization’s strategic documents to gain understanding of the business context.

    2. Documents to Review:
    • Corporate strategy document.
    • Business unit strategy documents.
    • Annual general reports.
  • Financial Documents
    Leverage your organization’s financial documents to gain understanding of the business context.

  • Documents to Review:
    • Look for large capital expenditures.
    • Review operating costs.
    • Business cases submitted.

    Review strategic planning documents

    Overview

    Some organizations (and business units) create an authoritative strategy document. These documents contain the organization’s corporate aspirations and outline initiatives, reorganizations, and shifts in strategy. Additionally, some documents contain strategic analysis (Porter’s Five Forces, etc.).

    Action

    • Read through any of the following:
      • Corporate strategy document
      • Business unit strategy documents
      • Annual general reports
    • Watch out for key future-looking words:
      • We will be…
      • We are planning to…

    Overt Statements

    • Corporate objectives and initiatives are often explicitly stated in these documents. Look for statements that begin with phrases such as “Our corporate objectives are…”
    • Remember that different organizations use different terminology – if you cannot find the word “goal” or “objective” then look for “pillar,” “imperative,” “theme,” etc.
    • Ask a business partner to assist if you need some help.

    Covert, Outdated, and Non-Existent Statements

    • Some corporate objectives and initiatives will be mentioned in passing and will require clarification, for example:
      “As we continue to penetrate new markets, we will be diversifying our manufacturing geography to simplify distribution.”
    • Some corporate strategies may be outdated and therefore of limited use for understanding the state of business – validate the statement to ensure it is up to date.
    • Some organizations lack a strategic plan altogether. Use stakeholder interviews to identify imperatives and validate conflicting statements before moving on.

    Review financial documentation

    Overview

    Departmental budgets highlight the new projects that will launch in the next fiscal year. The overwhelming majority of these projects will have IT implications. Additionally, identifying where the department is spending money will allow you to identify business unit initiatives and operational change.

    Action

    • Scan budgets:
      • Look for large capital expenditures
      • Review operating costs
      • Review business cases submitted
    • Look for abnormalities or changes:
      • What does an increase in spending mean?
      • Does IT need to change as a result?

    Capital Budgets

    • Capital expenditures are driven by projects, which map to corporate goals and initiatives.
    • Look for large capital expenditures and cross-reference the outflows with any project plans that have been collected.
    • If an expenditure cannot be explained by project plans, request additional information.

    Operating Budgets

    • Major changes to operating costs typically reflect changes to a business unit. Some of these changes affect IT capabilities and can be classified as corporate initiatives.
    • Changes that should be classified as corporate initiatives are expansion or contraction of a labor force, outsourcing initiatives, and significant process changes.
    • Changes that should not be classified as corporate initiatives are changes in third-party fees, consulting engagements, and changes caused by inflation or growth.

    Analyze business frameworks to articulate context

    Associated Activity icon 1.6 2-4 hours

    INPUT: Industry Research, Organizational Research, Analysis Templates

    OUTPUT: PESTLE and SWOT Analysis

    Materials: Computer or Whiteboards and Markers

    Participants: IT Governance Redesign Owner

    If corporate documents denoting the key components of the SoBC are not easily available, or do not provide all information required, refer to business analysis frameworks to discover internal and external trends that impact the mission, vision, strategic objectives, and state of the business.

    1. Conduct a PESTLE Analysis
      The PESTLE analysis will support the organization in identifying external factors that impact the business. Keep watch for trends and changes in the industry.
    2. Political

      Economic

      Social

      Technological

      Legal

      Environmental

    3. Conduct a SWOT Analysis
      The SWOT analysis will be more specific to the organization and the industry in which it operates. Identify the unique strengths, weaknesses, opportunities, and threats for your organization.
    4. Strengths

      Weaknesses

      Opportunities

      Threats

    Conduct a PESTLE analysis

    Associated Activity icon 1.6 Conduct a PESTLE analysis
    • Break participants into teams and divide the categories amongst them:
      • Political trends
      • Economic trends
      • Social trends
      • Technological trends
      • Legal trends
      • Environmental trends
    • Have each group identify relevant trends under their respective categories. You must relate each trend back to the business by considering:
      • How does this affect my business?
      • Why do we care?
    • Use the prompt questions on the next slide to help the brainstorming process.
    • Have each team present its list and have remaining teams give feedback and additional suggestions.

    Political. Examine political factors such as taxes, environmental regulations, and zoning restrictions.

    Economic Examine economic factors such as interest rates, inflation rate, exchange rates, the financial and stock markets, and the job market.

    Social. Examine social factors such as gender, race, age, income, disabilities, educational attainment, employment status, and religion.

    Technological. Examine technological factors such as servers, computers, networks, software, database technologies, wireless capabilities, and availability of software as a service.

    Legal. Examine legal factors such as trade laws, labor laws, environmental laws, and privacy laws.

    Environmental. Examine environmental factors such as green initiatives, ethical issues, weather patterns, and pollution.

    Download Info-Tech’s PESTLE Analysis Template to help get started.

    Review these questions to help you conduct a PESTLE analysis

    For each prompt below, always try to answer the question: how does this affect my business?

    Political

    • Will a change in government (at any level) affect your organization?
    • Do inter-government or trade relations affect you?
    • Are there shareholder needs or demands that must be considered?

    Economical

    • How are your costs changing (moving off-shore, fluctuations in markets, etc.)?
    • Do currency fluctuations have an effect on your business?
    • Can you attract and pay for top-quality talent (e.g. desirable location, reasonable cost of living, changes to insurance requirements)?

    Social

    • What are the demographics of your customers or employees?
    • What are the attitudes of your customers or staff (do they require social media, collaboration, transparency of costs, etc.)?
    • What is the general lifecycle of an employee (i.e. is there high turnover)?
    • Is there a market of qualified staff?
    • Is your business seasonal?

    Technological

    • Do you require constant technology upgrades (faster network, new hardware, etc.)?
    • What is the appetite for innovation within your industry or business?
    • Are there demands for increasing data storage, quality, BI, etc.?
    • Are you looking at cloud technologies?
    • What is the stance on “bring your own device”?
    • Are you required to do a significant amount of development work in-house?

    Legal

    • Are there changes to trade laws?
    • Are there changes to regulatory requirements, e.g. data storage policies or privacy policies?
    • Are there union factors that must be considered?

    Environmental

    • Is there a push towards being environmentally friendly?
    • Does the weather have any effect on your business (hurricanes, flooding, etc.)?

    Conduct a SWOT analysis on the business

    Associated Activity icon 1.6 Conduct a business SWOT analysis

    Break the group into two teams.

    Assign team A internal strengths and weaknesses.

    Assign team B external opportunities and threats.

    • Have the teams brainstorm items that fit in their assigned grids. Use the prompt questions on the next slide to help you with your SWOT analysis.
    • Pick someone from each group to fill in the grids on the whiteboard.
    • Conduct a group discussion about the items on the list. Identify implications for IT and opportunities to innovate as you did for the other business and external drivers.
    Helpful
    to achieve the objective
    Harmful
    to achieve the objective
    Internal Origin
    attributes of the organization
    Strength Weaknesses
    External Origin
    attributes of the environment
    Opportunities Threats

    Download Info-Tech’s Business SWOT Analysis Template to help get started.

    Review these questions to help you conduct your SWOT analysis on the business

    Strengths (Internal)

    • What competitive advantage does your organization have?
    • What do you do better than anyone else?
    • What makes you unique (human resources, product offering, experience, etc.)?
    • Do you have location advantages?
    • Do you have price, cost, or quality advantages?
    • Does your organizational culture offer an advantage (hiring the best people, etc.)?

    Weaknesses (Internal)

    • What areas of your business require improvement?
    • Are there gaps in capabilities?
    • Do you have financial vulnerabilities?
    • Are there leadership gaps (succession, poor management, etc.)?
    • Are there reputational issues?
    • Are there factors that are making you lose sales?

    Opportunities (External)

    • Are there market developments or new markets?
    • Industry or lifestyle trends, e.g. move to mobile?
    • Are there geographical changes in the market?
    • Are there new partnerships or M&A opportunities?
    • Are there seasonal factors that can be used to the advantage of the business?
    • Are there demographic changes that can be used to the advantage of the business?

    Threats (External)

    • Are there obstacles that the organization must face?
    • Are there issues with respect to sourcing of staff or technologies?
    • Are there changes in market demand?
    • Are your competitors making changes that you are not making?
    • Are there economic issues that could affect your business?

    Conduct brainstorming efforts to gain insights from key business stakeholders

    Associated Activity icon 1.7 2-4 hours

    INPUT: SoBC Template

    OUTPUT: Completed SoBC

    Materials: Computer, Phone, or Other Mechanism of Connection

    Participants: CEO, CFO, COO, CMO, CHRO, and Business Unit Owners

    There are two ways to gather primary knowledge on the key components of the SoBC:

    1. Stakeholder Interviews
      Approach each individual to have a conversation about the key components of the SoBC. Go through the SoBC and fill it in together.
    2. Stakeholder Survey
      In the case that you are in a very large organization, create a stakeholder survey. Input the key components of the SoBC into an online survey maker and send it off the key stakeholders.

    Use the SoBC as the guide to both the interview and the survey. Be clear about the purpose of understanding the business context when connecting with key business stakeholders to participate in the brainstorming. This is a perfect opportunity to establish or develop a relationship with the stakeholders who will need to buy into the redesigned governance framework since it will involve and impact them significantly.

    Go directly to the information source – the key stakeholders

    Overview

    Talking to key stakeholders will allow you to get a holistic view of the business strategy. You will be able to ask follow-up questions to get a better understanding of abstract or complex concepts. Interviews also allow you to have targeted discussions with specific stakeholders who have in-depth subject-matter knowledge.

    Action

    • Talk to key stakeholders:
      • Structure focused, i.e. CEO or CFO
      • Customer focused, i.e. CMO or Head of Sales
      • Operational focused, i.e. COO
      • Lower-level employees or managers
    • Listen for key pains that IT could alleviate.

    Overcome the Unstructured Nature of Interviews

    • Interviewees will often explicitly state objectives and initiatives.
    • However, interviews are less formal and less structured than objective-oriented strategy documents. Objectives are often stated using informal language.
      “We’re talking rev gen here. That’s the name of the game. If we can get a foothold in India, there’s huge upside potential.” (VP Marketing)
    • Further analysis might translate this into a corporate imperative: increase revenue by growing our market share in India to 8% by January of next year.
    • If an imperative is unclear, ask the stakeholder for more detail.
    • Understand how key stakeholders evaluate, direct, and monitor their own areas of the business; this will give you insight as to their style.

    Receive final sign-off to proceed with developing the IT governance redesign

    Associated Activity icon 1.8 30 minutes

    Document any project assumptions or constraints. Before proceeding with the IT governance activities, validate the statement of business context with senior stakeholders. When consensus has been reached, have them sign the final page of the document.

    How to ensure sign-off:

    • Schedule a meeting with the senior stakeholders and conduct a review of the document. This meeting presents a great opportunity to deliver your interpretation of management expectations and make any modifications.
    • Obtaining stakeholder approval in person ensures there is no miscommunication or misunderstandings around the tasks that need to be accomplished to develop a successful IT governance.
    • This is an iterative process; if senior stakeholders have concerns over certain aspects of the document, revise and review again.
    • Final sign-off should only take place when mutual understanding has been reached.

    Download the SoBC Template and complete for final approval.

    Info-Tech Tip

    In most circumstances, you should have the SoBC validated with the following stakeholders:

    • CIO
    • CEO
    • CFO
    • Business Unit Leaders

    Understand the business context to set the foundation for governance redesign

    CASE STUDY

    Industry: Healthcare
    Source: Info-Tech

    Challenge

    The new business direction to become an integrator shifted focus to faster software iteration and on enabling integration and translation technologies, while moving away from creating complete, top-to-bottom IT solutions to be leveraged by clinicians and patients.

    Internal to the IT organization, this created a different in perspective on what was important to prioritize: foundational elements, web services, development, or data compliance issues. There was no longer agreement on which initiatives should move forward.

    Solution

    A series of mandatory meetings were held with key decision makers and SMEs within the organization in order to re-orient everyone on the overall purpose, goals, and outcomes of the organization.

    All attendees were asked to identify what they saw as the mission and vision of the organization.

    Finally, clinicians and patient representatives were brought in to describe how they were going to use the services the organization was providing and how it would enable better patient outcomes.

    Results

    Identifying the purpose of the work the IT organization was doing and how the services were going to be used realigned the different perspectives in the context of the healthcare outcomes they enabled.

    This activity provided a unifying view of the purpose and the state of the business. Understanding the business context prepared the organization to move forward with the governance redesign.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.1

    Sample of activity 1.1 'Determine which business stakeholders will be impacted or involved in the redesign process'. Identify Relevant Stakeholders

    Build a list of relevant stakeholders and identify their position on the stakeholder power map.

    1.4

    Sample of activity 1.4 'Create a communication plan to engage key stakeholders'. Communication Plan

    Build customized communication plans to engage the key stakeholders in IT governance redesign.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop

    Book a workshop with our Info-Tech analysts:

    1.7

    Sample of activity 1.7 'Review business documents to assess business context'. Gather Business Information

    Review business documents, leverage business analysis tools, and brainstorm with key executives to document the Statement of Business Context.

    1.8

    Sample of activity 1.8 'Receive final sign-off to proceed with developing the IT Governance redesign'. Finalize the Statement of Business Context

    Get final approval and acceptance on the Statement of Business Context that will guide your redesign.

    Improve IT Governance to Drive Business Results

    PHASE 2

    Assess the Current Governance Framework

    Phase 2 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Assess the Current Governance Framework

    Proposed Time to Completion: 2 weeks
    Step 2.1: Outline the Current State AssessmentStep 2.2: Review the Current State Assessment
    Start with an analyst kick-off call:
    • Connect the current business state identified in Phase 1 with the current state of governance.
    • Identify the key elements of current governance.
    • Begin building the structure and committee profiles.
    Review findings with analyst:
    • Review the current governing bodies that were identified.
    • Review the current structure that was identified.
    • Determine the strengths, weaknesses, and guidelines from the implications in the current state assessment.
    Then complete these activities…
    • Identify stakeholders.
    • Make the case to executives.
    • Build a communication plan.
    Then complete these activities…
    • Create committee profiles.
    • Build governance structure map.
    With these tools & templates:
    • Current State Assessment of IT Governance
    With these tools & templates:
    • Current State Assessment of IT Governance

    Phase 2: Assess the Current Governance Framework

    1 2 3 4
    Align IT With the Business Context Assess the Current Governance Framework Redesign the Governance Framework Implement Governance Redesign

    Activities:

    • 2.1 Create Committee Profiles
    • 2.2 Build a Governance Structure Map
    • 2.3 Establish Governance Guidelines

    Outcomes:

    • Use the Current State Assessment of IT Governance to determine governance guidelines.

    Info-Tech Insight

    Don’t be passive; take action! Take an active approach to revising your governance framework. Understand why you are making decisions before actually making them.

    Explore the current governance that exists within your organization

    Your current governance framework will give you a strong understanding of the way the key stakeholders in your business currently view IT governance.

    "Much of the focus of governance today has been on the questions:
    • Are we doing [things] the right way?
    • And are we getting them done well?"
    –› "We need to shift to…
    • Are we doing the right things?
    • Are we getting the benefits?
    • What are the outcomes?
    • What do we want to achieve?
    • How do we make intelligent decisions about what will help us achieve those outcomes?"
    (John Thorp, Author of The Information Paradox)

    Leverage this understanding of IT governance to determine where governance is occurring and how it transpires.

    Conduct a current state assessment

    Supporting Tool icon 2A Assess the current governance framework

    Use this tool to critically assess each governing body to determine the areas of improvement that are necessary in order to achieve optimal business results.

    1. Identify All Governing Bodies
      Some bodies govern intentionally, and some govern through habit and practice. Outline all bodies that take on an element of governance.
    2. Create a Governance Structure Map
      Configure the structural relationships for the governing bodies using the structure map.
    3. Reveal Strengths and Weaknesses
      Identify the strengths and weaknesses of the governance structure, authority definitions, processes, and membership.
    4. Establish Governance Guidelines
      Based on the SoBC, express clear and applicable guidelines to improve on the weaknesses while retaining the strengths of your governance framework.

    Download the Current State Assessment of IT Governance to work toward these outcomes

    Conduct a current state assessment to identify governance guidelines

    Supporting Tool icon 2A Assess the current governance framework

    How to use the Current State Assessment of IT Governance deliverable: Follow the steps below to create a cohesive understanding of the current state of IT governance and the challenges that the current system poses.

    Part A – Committee Profiles

    1. Identify Governing Bodies
    2. Leverage Committee Templates
    3. Create Committee Profiles
      Use the Committee Profile Template

    Part B – Structure Map

    1. Assess Inputs and Outputs to Express Structural Relationships
    2. Create Structure Map
      Use the Governance Structure Map

    Part C – Governance Guidelines

    1. Choose Operating Model Template
    2. Identify Strengths and Weaknesses
    3. Establish Governance Guidelines
      Use the Governance Guideline Template

    What makes up the “governance framework”?

    There are four major elements of the governance framework:

    1. Structure
      Structural relationships are shown by mapping the connections between committees.
    2. Authority
      Each committee will have a purpose and area of decision making that it is accountable for.
    3. Process
      The process includes the inputs, outputs, and activities required for the committee to function.
    4. Membership The individuals or roles who sit on each committee. Take into account members’ knowledge, capability, and political influence.

    Create governing board or committee profiles

    Supporting Tool icon 2A.1 Assess the current governance framework

    Part A – Committee Profiles

    1. Identify Governing Bodies

      Establish where governance happens and who is governing. For different organizations, the governance framework will contain a variety of governing bodies or people. Use a list format to identify governing bodies that exist in your organization.
    2. Leverage Committee Templates

      Use the templates provided. Create a profile for each governing body that currently operates in your IT governance framework as listed in step 1.
    3. Create Committee Profiles

      Identify what they are governing and how they are governing.
      Using the profiles created in step 2, identify each body’s membership roles, purpose, decision areas, inputs, and outputs. Refer to the example text in the template to guide you, but feel free to adjust the text to reflect the reality of your governing body. Screenshot of the 'Committee Template - Executive Management Committee'.
      Consider the following domains of governance:
      (refer to Executive Brief)
      • Benefits realization
      • Risks
      • Resources
      Refer to our examples for some common governing bodies.

    Consistently define the components of governance in the committee profiles

    Membership

    Membership Roles
    Insert information here that reflects who the individuals are that sit on that governing body and what their role is. Include other important information about the individuals’ knowledge, skills, or capabilities that are relevant.

    Authority

    Purpose
    Define why the committee was established in the first place.

    Decision Areas
    Explain the specific areas of decision making this group is responsible for overseeing.

    Process

    Inputs
    Consider the information and materials that are needed to make decisions.

    Outputs
    Describe the outcomes of the committee. Think about decisions that were made through the governance process.

    Screenshot of the components of governance section from the 'Committee Template'.

    Map out relationships on the Governance Map

    Supporting Tool icon 2A.2 Assess the current governance framework

    Part B – Structure Map

    Structure
    1. Assess Inputs and Outputs

      Governing Bodies

      Inputs

      Outputs

      Committee #1
      Committee #2
      Committee #3
      CFO
      IT Director
      CIO
      To understand relationships between governing bodies, list the inputs and outputs for each unique committee that rely on other committees in the table provided.
    2. Create Structure Map
      Sample of the 'Current State Structure Map'. Using the outline provided, create your own governance structure map to represent the way the governing bodies interact and feed into each other. This is crucial to ensure that the governing structure is streamlined. It will ensure that communication occurs efficiently and that there are no barriers to making decisions swiftly.

    Outline the governance structure in the governance structure map

    Associated Activity icon 2.2 30 minutes
    The 'Current State Structure Map' from the last slide, but with added description. There are three tiers of groups. At the bottom is 'Run', described as 'The lowest level of governance will be an oversight of more specific initiatives and capabilities within IT.' 'Design and Build', described as 'The second tier of groups will oversee prioritization of a certain area of governance as well as second-tier decisions that feed into strategic decisions.' At the top is 'Strategy', described as 'These groups will focus on decisions that directly connect to the strategic direction of the organization.' The specific groups laid out in the map are 'Risk and Compliance Committee' which straddle the line between 'Run' and 'Design and Build', 'Portfolio Review Board' and 'IT Steering Committee (ITSC)' both of which straddle the line between 'Design and Build' and 'Strategy', 'Executive Management Committee (EMC)' which is in 'Strategy', and 'Other' in all tiers.

    Identify strengths and weaknesses of the governance framework

    Supporting Tool icon 2A.3 Assess the current governance framework

    Part C – Governance Guidelines

    1. Choose Business State Template Choose the template that represents the identified future state of business in the Statement of Business Context. Mini sample of the 'State of Business' table from the 'Statement of Business Context'.
    2. Identify Strengths and Weaknesses Input the major strengths and weaknesses of your governance that were highlighted in the brainstorming activity. Mini sample of a Strengths and Weaknesses table.
    3. Establish Governance Guidelines Draw your own implications from the strength and weaknesses that will drive the design of your governance in its future state. These guidelines should be concise and easy to implement. Mini sample of an expanded Strengths and Weaknesses table including a row for 'Implication/Guideline'. Note: Refer to the example guidelines in the Current State Assessment of IT Governance after you have considered your own specific guidelines. The examples are supplementary for your convenience.

    Distinguish your business state from the others to ensure implications act as accurate guidelines

    Business State Options

    1

    Small

    IT team is 30 people or less.

    Large

    IT team is more than 30 people.

    2

    Public

    Wholly or partly funded by the government.

    Private

    No government funding is provided.

    3

    Lean: The business aims to eliminate any waste of resources (time, effort, or money) by removing steps in the business process that do not create value.Devops: Our organization aims to make quick decisions and navigate the fast-paced industry with agility. Uniting the development and operational sides of the business. Hierarchical: Departments in the organization are siloed by function. The organization is top-down and hierarchical, and takes more time with decision making.

    ‹– Multi-State (any combination) –›

    Multi-State Example A: If you are small organization that is publicly funded and you are shifting towards a lean methodology, combine the implications of all those groups in a way that fits your organization.

    Multi-State Example B: Your organization is shifting from a more traditional state of operating to combining the development and operations groups. Use hierarchical implications to govern one group and DevOps implications for the other.

    Identify strengths and weaknesses of the governance framework

    Associated Activity icon 2.3 2 hours

    INSTRUCTIONS

    1. Input Strengths of Governance
      Include useful components of the current framework; that may include elements that are operating well, fit the future state, or are required due to regulations or statutes.
    2. Determine Weaknesses and Challenges
      Discuss the pain points of the current governance framework by looking through the lenses of structure, authority, process, or membership.

    Consider:

    • Where is governance not meeting expectations?
    • Are we doing the right things?
    • Are we getting the benefits?
    • What are the outcomes?
    • What do we want to achieve?
    • How do we make intelligent decisions about what will help us achieve those outcomes?
    *Example

    Structure

    Authority

    Process

    Membership

    Strength

    • We must maintain a legal compliance committee due to the high level of legislation in the industry
    • The ITSC gathers and prioritizes investment options, saving time for the EMC
    • The EMC only make decisions on investments that are greater than $200,000
    • The legal board has a narrow focus, allowing it to maintain its necessary purpose efficiently
    • The information flow from ITSC to the EMC allows the EMC to spend their time effectively
    • The CIO sits on the EMC and the ITSC
    • The EMC is made up of senior leadership who have stakes in all areas of the business

    Weakness

    • Wrong number (too many/little groups)
    • Relationship is misaligned (input/output problems)
    • The tier it sits on the map is misguided
    • Duplication of the same tier of decisions in different groups
    • Approval for one specific topic occurs in more than one group
    • Lack of clarity in which group makes which decisions
    • Intake – where the information is coming from is the wrong source/inaccurate
    • Time to decision (too slow)
    • Poor results of governance (redoing projects, low value)
    • There is lack of knowledge in committee membership
    • Misplaced seniority (too Jr./Sr.)
    • Lack of representation in group (breadth across the business or depth of specific area)

    Derive governance implications from strengths and weaknesses

    Associated Activity icon 2.3 2-4 hours

    INSTRUCTIONS

    1. Copy and paste your strengths and weaknesses from part B into the template that reflects your business state.
    2. Draw your own implications from the strengths and weaknesses that will drive the design of your governance in its future state. These guidelines should be concise and practical.
    *Example

    Structure

    Authority

    Process

    Membership

    Strength

    Weakness

    Implication / Guideline

    • Make sure that the decision-making authority for most areas are at the lower tier
    • Governing bodies should be lower in the organization
    • One overarching governing body – directing priorities
    • High authority at a lower point of the organization
    • Highest tier is responsible for major budget shifts
    • High-level tier - reporting and feed in from lower level groups
    • Prioritization and sequencing occur at the mid-tier
    • Lowest governing tiers will have direct links to the customer to allow for interaction
    • Project or initiative owner as the leader of the body

    Note: Use the examples of guidelines provided in the Current State Assessment of IT Governance to help formulate your own.

    Conduct a current state assessment to identify guidelines for the future state of governance

    CASE STUDY

    Industry: Healthcare
    Source: Anonymous

    Challenge

    Over time, the organization had to create a large amount of governing committees and subcommittees in order to comply with governance frameworks applied to them and to meet regulatory compliance requirements.

    The current structure was no longer optimal to meet the newly identified mandate of the organization. However, the organization did not want to start from scratch and scrap the elements that worked, such as the dates and times that had been embedded into the organization.

    Solution

    A current state assessment was planned and executed in order to review what was currently being done and identify what could be retained and what should be added, changed, or removed to improve the governance outcomes.

    The scope involved examining how current and near-term governance needs were, or were not, met through the existing structure, bodies, and their processes.

    The organization investigated governance approaches of organizations with similar governance needs and with similar constraints to model their own.

    Results

    The outputs of this exercise included:

    • A list of effective practices and committee guidelines that could be leveraged with little to no change in the future state.
    • A list of opportunities to streamline the structure and processes.

    These guidelines were used to drive recommendations for improvements to the governance structures and processes in the organization.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    2.1

    Sample of activity 2.1 'Outline the governance structure in the governance structure map'. Create Current State Structure and Profiles

    Take the time to clearly articulate the current governance framework of your organization. Outline the structure and build the committee profiles for the governing bodies in your organization.

    2.3

    Sample of activity 2.3 'Identify strengths and weaknesses of the governance framework'. Determine Strengths, Weaknesses, and Guidelines

    Evaluate the strengths of your governance framework, the weaknesses that it exhibits, and the guidelines that will help maintain the strengths and alleviate the pains.

    Improve IT Governance to Drive Business Results

    PHASE 3

    Redesign the Governance Framework

    Phase 3 Guided Implementation

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Redesign the Governance Framework

    Proposed Time to Completion: 4 weeks
    Step 3.1: Understand the Redesign Process Step 3.2: Review Governance Structure Step 3.3: Review Governance Committees
    Start with an analyst kick-off call:
    • Review the guidelines from the current state assessment.
    • Begin modifying the governance structure, authorities, processes, and memberships.
    Review findings with analyst:
    • Determine the impact of the guidelines on the structural layout of the framework.
    • Determine the impact of the guidelines on the authority element of the framework.
    Finalize phase deliverable:
    • Determine the impact of the guidelines on the processes within the framework.
    • Determine the impact of the guidelines on the membership element of the framework.
    Then complete these activities…
    • Break down guidelines to make sure they are actionable and realistic.
    • Identify what to add, modify, or remove.
    • Review additional sources of information.
    Then complete these activities…
    • Build and review the governance structure map.
    • Identify additions, changes, or reductions in governing bodies and their areas of authority.
    Then complete these activities…
    • Use the template provided to build committee profiles for each identified committee.
    • Identify the membership, purpose, decision areas, inputs, and outputs of each.
    • Build committee charters if needed.
    With these tools & templates:
    • Current State Assessment
    • Future State Design for IT Governance
    With these tools & templates:
    • Future State Design for IT Governance
    With these tools & templates:
    • Future State Design for IT Governance
    • IT Governance Terms of Reference

    Phase 3: Redesign the Governance Framework

    1 2 3 4
    Align IT With the Business Context Assess the Current Governance Framework Redesign the Governance Framework Implement Governance Redesign

    Activities:

    • 3.1 Build a Governance Structure Map
    • 3.2 Create Committee Profiles
    • 3.3 Leverage Process-Specific Governance Blueprints

    Outcomes:

    • Use the Future State Design for IT Governance template to build the optimal governance framework for your organization.

    Info-Tech Insight

    Keep the current and future goals in sight to build an optimized governance framework that maintains the minimum bar of oversight required.

    Anticipate the outcomes of the Future State Design for IT Governance tool

    Supporting Tool icon 3A Redesign the governance frameworks

    Use this tool to guide your organization toward transformative outcomes gleaned from an optimized governance framework.

    1. Implement Structural Guidelines
      Determine what governing bodies to add, change, or remove from your governance structure.
    2. Create a Governance Structure Map
      Configure the structural relationships for the redesigned governing bodies using the structure map.
    3. Build Effective Committees
      Use the IT Governance Terms of Reference to build profiles for each newly created committee and to alter any existing committees.
    4. Determine Follow-up Governance Support
      Access external material on governance from other Info-Tech blueprints that will help with specific governance areas.

    Download the Future State Design for IT Governance template to work toward these outcomes.

    Use the Future State Design for IT Governance tool to create a custom governance framework for your organization

    Supporting Tool icon 3A Redesign the governance frameworks

    How to use the Future State Design for IT Governance deliverable: Follow the steps below to redesign the future state of IT governance. Use the guidelines to respond to challenges identified in the current governance framework based on the current state assessment.

    Part A – Structure Map

    Part B – Committee Profiles

    1a. Input Structural Guidelines 1b. Input Authority Guidelines 1a. Input Process Guidelines 1b. Input Member Guidelines
    2. Guiding Questions
    Do governing bodies operate at a tier that matches the guidelines?

    Do governing bodies focus on the decisions that align with the guidelines?
    2. Guiding Questions
    Do the process inputs and outputs reflect the structure and authority guidelines?

    Do governing bodies engage the right people who have the roles, capacity, and knowledge to govern?
    3. Add / Change (Tier/Authority) / Remove
    Governing Bodies – Structure
    3. Adapt / Refine
    Governing Bodies – Profiles
    4. Use the Structure Map to Show Redesign Use the IT Governance Terms of Reference for Redesign

    Connect key learnings to initiate governance redesign

    The future state design will reflect the state of business that was identified in Phase 1 along with the guidelines defined in Phase 2 to build a governance framework that promotes business-IT fusion.

    Statement of Business Context –› Current State Assessment

    Identified Future Business State

    Structure
    Authority

    Leverage the structure and authority guidelines to build the governance structure.

    Defined Governance Guidelines

    Process
    Membership

    Leverage the process and membership guidelines to build the governance committees.

    Future State Design

    Use structure and authority guidelines to build a new governance structure map

    Supporting Tool icon 3A.1 Redesign the governance frameworks

    Part A – Structure Map

    Structure
    Authority
    1a. Structural Guidelines1b. Authority Guidelines
    Input the guidelines from the current state assessment to guide the redesign.

    2. Leverage Guiding Questions

    Use the guiding questions provided to assess the needed changes.
    Guiding Questions


    Do governing bodies operate at a tier that matches the guidelines?


    Do governing bodies focus on the decisions that align with the guidelines?
    Build the “where/why” of governance. Consider at what tier each committee will reside and what area of governance will be part of its domain. Modify the current structure; do not start from scratch.

    3. Add / Change (Tier/Authority) / Remove

    Determine changes to structure or authority that will be occurring for each of the current governing bodies. Work within the current structure as much as possible.A mini sample of an 'Add/Change/Remove' table for governing bodies.

    4. Use the Structure Map to Show Redesign

    Create your own governance structure map to represent the way the governing bodies interact and feed into each other. A mini sample of the 'Current State Structure Map' from before.

    Maintain as much of the existing framework as possible in the redesign

    Associated Activity icon 3.1 2-4 hours

    Future State Design

    • Structure
    • Authority

    Info-Tech Best Practice

    Keep the number of added or removed committees as low as possible, while still optimizing. The less change to the structure, the easier it will be to implement.

    Refer to the example to help guide your committee redesign.

      Determine:
    1. Do the guidelines impact committees you already have? Will you have to modify the tier or the authority of those committees?
    2. Do the guidelines require you to build a new committee to meet needs?
    3. Do the guidelines require you to remove a committee that isn’t necessary?

    All Governing Bodies

    Add

    Change

    Remove

    ITSC Structure

    Authority
    Delegate the authority of portfolio investment decisions over $200K to this body
    Portfolio Review Board This committee no longer needs to exist since its authority of portfolio investment decisions over $200K has been redelegated
    Risk and Compliance Committee Create a new governing body to address increasing risk and compliance issues that face the organization

    Outline the new governance structure in the governance structure map in the Future State Design for IT Governance tool

    Associated Activity icon 3.1 The 'Current State Structure Map' from before, but with some abbreviated terms. There are three tiers of groups. At the bottom is 'Run', described as 'The lowest level of governance will be an oversight of more specific initiatives and capabilities within IT.' 'Design and Build', described as 'The second tier of groups will oversee prioritization of a certain area of governance as well as second-tier decisions that feed into strategic decisions.' At the top is 'Strategy', described as 'These groups will focus on decisions that directly connect to the strategic direction of the organization.' The specific groups laid out in the map are 'Risk and Compliance Committee' which straddle the line between 'Run' and 'Design and Build', 'Portfolio Review Board' and 'ITSC' both of which straddle the line between 'Design and Build' and 'Strategy', 'EMC' which is in 'Strategy', and 'Other' in all tiers.

    Use process and membership guidelines along with the IT Governance Terms of Reference to build committees

    Supporting Tool icon 3A.2 Redesign the governance frameworks

    Part B – Committee Profiles

    Process
    Membership
    1a. Process Guidelines 1b. Authority Guidelines
    Input the guidelines from the current state assessment to guide the redesign.

    2. Leverage Guiding Questions

    Use the guiding questions provided to assess the needed changes.
    Guiding Questions
    Do the process inputs and outputs reflect the structure and authority guidelines?

    Do governing bodies engage the right people who have the roles, capacity, and knowledge to govern?
    Build the “what/how” of governance. Build out the process and procedures that each committee will use.

    3. Adapt / Refine Governing Body Profiles

    Using your customized guidelines, create a profile for each committee.

    We have provided templates for some common committees. To make these committee profiles reflective of your organization, use the information you have gathered in your Current State Assessment of IT Governance guidelines.

    For a more detailed approach to building out specific charters for each committee refer to the IT Governance Terms of Reference.

    A mini sample of the 'Committee Template - Executive Management Committee'.

    A mini sample of the 'IT Governance Terms of Reference'.

    Use the IT Governance Terms of Reference to establish operational procedures for governing bodies

    Associated Activity icon 3.2 3-6 hours

    Future State Design

    • Process
    • Membership

    Info-Tech Best Practice

    The people on the committee matter. Governance committee membership does not have to correspond with the organizational structure, but it should correspond with the purpose and decision areas of the governance structure.

    Refer to the example to help guide your committee redesign.

      Determine:
    1. Do the guidelines alter the members needed to achieve the outcomes?
    2. Do the guidelines change the purpose and decision areas of the committee?
    3. How do the new structure’s guidelines impact the inputs and outputs of the governing body?

    Screenshot of the 'Committee Template - Executive Management Committee'.

    Add depth to the committee profiles using the IT Governance Terms of Reference

    Supporting Tool icon 3A.3 Redesign the governance frameworks

    Refer to the sections outlined below to build a committee charter for your governance committees. Four examples are provided in the tool and can be edited for your convenience. They are: Executive Management Committee, IT Steering Committee, Portfolio Review Board, and Risk and Compliance Committee.

    1. Purpose
    2. Goals
    3. Responsibilities
    4. Committee Members
    5. RACI
    6. Procedures
    7. Agenda

    Be sure to embed the domains of governance in the charters so that committees focus on the appropriate elements of benefits realization, risk optimization, and resource optimization.

    Download the IT Governance Terms of Reference for more in-depth committee charters.

    Three pillars of planning effective governance meetings

    The effectiveness of the governance is reliant on the ability to work within operational dependencies that will exist in the governance framework. Consider these questions to guide the duration, frequency, and sequencing of your governing body meetings.

    Frequency

    • What is the quantity of decisions that must be made?
    • Is a rapid or urgent response typically required?

    Duration

    • How long should your meeting run based on your meeting frequency and the volume of work to be accomplished?

    Sequencing

    • Are there other decisions that rely on the outcomes of this meeting?
    • Are there any decisions that must be made first for others to occur?
    A venn diagram of the three pillars of planning effective governance meetings, 'Frequency', 'Duration', and 'Sequencing'.

    Leverage process-specific governance blueprints

    Associated Activity icon 3.3

    If there are specific areas of IT governance that you require further support on, refer to Info-Tech’s library of DIY blueprints, Guided Implementations, and workshops for further support. We cover IT governance in the following areas:

    Enterprise Architecture Governance

    Service Portfolio Governance

    Security Governance

    Titlecard of 'Create a Right-Sized Enterprise Architecture Governance Framework' blueprint. Titlecard of 'Lead Strategic Decision Making With Service Portfolio Management' blueprint. Titlecard of 'Build a Security Governance and Management Plan' blueprint.

    Consider the challenges and solutions when identifying a multi-state reality for your business state

    A multi-state business will face unique challenges in navigating the redesign process with the goal of combining all related business states in governance.

    1. Divergent Governance Models
      Separate the governance groups that need to function differently, and bring them back together at the highest level.
    2. Reflecting the Organizational Structure
      Unlike single-state governance, multi-state organizations should model the governance framework in reflection of the organizational structure.
    3. Combining Implications
      Prioritize which implications are the most important and make sure they work first, then see what else fits (e.g. start with regulation, then insert lean guidelines).

    The multi-state business will not fit into one “box” – consider implications from the overlapping business states.

    As business needs change, ensure that you establish triggers to reassess the design of your governance framework.

    Leverage the outcomes of the Current State Assessment and Statement of Business Context to build the future state

    CASE STUDY

    Industry: Healthcare
    Source: Info-Tech

    Challenge

    Identifying the committees and processes that should be in place in the target state required a lot of different inputs.

    A number of high-profile senior management team members were still resistant to the overall idea of applying governance to their initiatives since they were clinician driven.

    The approach and target state, including the implementation plan, had to be approved and built out.

    Solution

    The information pulled together from the current state assessment, including best practices and jurisdictional scans, were tied together with the updated mandate and future state, and a list of recommended improvements were documented.

    The improvements were presented to the optimization committee and the governance committee members to ensure agreement on the approach and confirm the timeline for agreed improvements.

    Results

    A future state mapping of the new committee structure was created, as well as the revised membership requirements, responsibilities, and terms of reference.

    The approved recommendations were prioritized and turned into an implementation plan, with each improvement being assigned an owner who would be responsible for driving the effort to completion.

    Integration points in other processes, like SDLC, where change would be required were highlighted and included in the implementation plan.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.1

    Sample of activity 3.1 'Maintain as much of the existing framework as possible in the redesign'. Redesign the Governance Structure

    Identify committees that need to be added, ones that must be changed, and the no-longer-needed governing bodies in an optimized and streamlined structure. Draw it out in the governance structure map.

    3.2

    Sample of activity 3.2 'Utilize the IT Governance Terms of Reference to establish operational procedures for governing bodies'. Redesign the Governing Bodies

    Use the IT Governance Terms of Reference and the Committee Template to build a committee profile for each governing body identified. Use these activities to build out and establish the processes of the modified governing groups.

    Improve IT Governance to Drive Business Results

    PHASE 4

    Implement Governance Redesign

    Phase 4 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 4: Implement Governance Redesign

    Proposed Time to Completion: 2-3 weeks
    Step 4.1: Identify Steps for Implementation Step 4.2: Finalized Implementation Plan
    Start with an analyst kick-off call:
    • Identify major steps required to implement the governance redesign.
    • Outline the components and milestones of the implementation plan.
    • Review materials needed for the executive presentation.
    Review findings with analyst:
    • Review the major milestones identified in the implementation plan.
    • Discuss potential challenges and stakeholder objections.
    • Strategize for the executive presentation.
    Then complete these activities…
    • Then complete these activities…
    • Identify next steps for the redesign.
    • Establish a communication plan.
    Then complete these activities…
    • Review the implementation plan.
    • Assess any challenging milestones and build implementation strategies.
    • Finalize the executive presentation.
    With these tools & templates:
    • IT Governance Implementation Plan
    • Redesign IT Governance to Drive Optimal Business Results Executive Presentation Template
    With these tools & templates:
    • IT Governance Implementation Plan
    • Redesign IT Governance to Drive Optimal Business Results Executive Presentation Template

    Phase 4: Implement Governance Redesign

    1 2 3 4
    Align IT With the Business Context Assess the Current Governance Framework Redesign the Governance Framework Implement Governance Redesign

    Activities:

    • 4.1 Identify Next Steps for the Redesign
    • 4.2 Establish a Communication Plan
    • 4.3 Lead the Executive Presentation

    Outcomes:

    • Rationalize steps in the Implementation Plan tool.
    • Construct an executive presentation to facilitate transparency for the governing framework.

    Anticipate and overcome implementation obstacles for the redesign

    Often high-level organizational changes create challenges. We will help you break down the barriers to optimal IT governance by addressing key obstacles.

    Key Obstacles

    Solutions

    Identifying Steps The prioritization must be driven by the common view of what is important for the organization to succeed. Prioritize the IT governance next steps according to the value they are anticipated to provide to the business.
    Communicating the Redesign The redesign of IT governance will bring impactful changes to diverse stakeholders across the organization. This phase will help you plan communication strategies for the different stakeholders.

    Info-Tech Insight

    Don’t overlook the politics and culture of your organization while redesigning your governance framework.

    Create an implementation roadmap to organize a plan for the redesign

    Supporting Tool icon 4A Create an implementation and communication plan

    INSTRUCTIONS

    1. Identify Tasks
      Decide on the order of tasks for your implementation plan. Consider the dependencies of actions and plan the sequence accordingly.
    2. Determine Communication Method
      Identify the most appropriate and impactful method of communicating at each milestone identified in step 1.

    Download the IT Governance Implementation Plan to organize your customized implementation and communication plan.

    Screenshot of a table in the 'IT Governance Implementation Plan'.

    Outline next steps for governance redesign

    Associated Activity icon 4.1

    INPUT: Tasks Identified in the Future State Design

    OUTPUT: Identified Tasks for Implementation as Well as the Audience

    Materials: N/A

    Participants: IT Governance Redesign Owner

    INSTRUCTIONS

    Keep these questions in mind as you analyze and assess what steps to take first in the redesign implementation.

    1. What needs to happen?
      Use the identified changes from the redesign as your guiding list of tasks that need to occur. If they are larger tasks, break them down into smaller parts to make the milestones more achievable.
    2. What are the dependencies?
      Throughout the implementation of the redesign, certain tasks will need to occur to enable other tasks to be performed. Make sure to clearly identify what dependencies exist in the implementation process and clearly identify the order of the tasks.
    3. Who do the changes impact?
      Consider the groups and individuals that will be impacted by changes to the governance framework. This includes key business stakeholders, IT leaders, members of governing boards, and anyone who provides an input or requires an output from one of the committees.

    Use a big-bang approach to implement the IT governance redesign

    While there are other methods to implementing change, the big-bang approach is the most effective for governance redesign and will maintain the momentum of the change as well as the support needed to make it successful.

    Phased

    Parallel

    Big Bang

    Implementation of redesign occurs in steps over a significant period of time.

    Three arrows, each beginning where the previous one ends, separated.

    Components of the redesign are brought into the governance framework, while maintaining some of the old components.

    Three arrows, each beginning slightly after the previous one begins, overlapping.

    Implementation of redesign occurs all at once. This requires significant preparation.

    One large arrow, spanning the length of the other grouped arrows, circled to emphasize.
    • Some committees will be operating under a new structure while others are not, which will undermine the changes being made.
    • This method proliferates a lack of transparency and trust.
    • Releasing IT governance in parallel leads to members sitting on too many boards and spending too much time on governance.
    • There will be a lack of clarity on a committee’s authority.
    • This approach will lead to consistency and transparency in the new process.
    • The change will be clear and fully embedded in the organization with stronger boundaries and well-defined expectations.

    Determine the most effective and impactful communication mediums for relevant stakeholders

    Associated Activity icon 4.2 1 hour

    INSTRUCTIONS

    1. Consider the Individual or Group
      Consider the group and individuals identified in step 4.1. Determine the most appropriate mechanism for communicating with that person or group. Keep in mind: If they are local, how much influence they have and if they are already engaged in the redesign process.
    2. Consider the Message
      The type of message that you are communicating will vary in impact and importance depending on the task. Make sure that the communication medium reflects your message. Keep in mind: If the you are communicating an important or more personal issue, the medium should be more personal as well.

    Screenshot of the same table in the 'IT Governance Implementation Plan'.

    Communicate the changes that result from the redesign

    Plan the message first, then deliver it to your stakeholders through the most appropriate medium to avoid message avoidance or confusion.

    Communication Medium

    Face-to-Face Communication

    Face-to-face communication helps to ensure that the audience is receiving and understanding a clear message, and allows them to voice their concerns and clarify any confusion or questions.

    • Use one-on-one meetings for key stakeholders and large organizational meetings to introduce large changes in the redesign.
    Emails

    Use email to communicate information to broad audiences. In addition, use email as the mass feedback mechanism.

    • Use email to follow up on meetings, or to invite people to next ones, but not as the sole medium of communication.
    Internal Website or Drive

    Use an internal website or drive as an information repository.

    • Store meeting minutes, policies, procedures, terms of reference, and feedback online to ensure transparency.

    Message Delivery

    1. Plan Your Message
      Emphasize what the audience really needs to know and how the change will impact them.
    2. Test Your Message
      If possible, test your communications with a small audience (2-3 people) first to get feedback and adjust messages before delivering them more broadly.
    3. Deliver and Repeat Your Message
      “Tell them what you’re going to tell them, then tell them, then tell them what you told them.”
    4. Gather Feedback and Evaluate Communications
      Evaluate the effectiveness of the communications (through surveys, stakeholder interviews, or metrics) to ensure the message was delivered and received successfully and communication goals were met.

    Construct an executive presentation to facilitate transparency for the governing framework

    Supporting Tool icon 4B Present the redesign to the key business stakeholders

    INSTRUCTIONS

    1. Identify Stakeholders
      Determine which business stakeholders have been the most involved in the redesign process.
    2. Customize Presentation
      Use the deliverables that you have built throughout this redesign to communicate the changes to the structure, authority, processes, and memberships in the governance framework.
    3. Present to Executives
      Present the executive presentation to the key business stakeholders who have been involved in the redesign process.

    Info-Tech best Practice

    Use the Executive Presentation customizable deliverable to lead a boardroom-quality presentation outlining the process and outcomes of the IT governance redesign.

    Present the executive presentation

    Associated Activity icon 4.3 1 hour

    INSTRUCTIONS

    1. Input SoBC Outcomes
      Input the outcomes of the SoBC. Specify the state of the business you have identified through the process of Phase 1.
    2. Input Current State Framework and Guidelines
      Input the outcomes of the current state assessment. Explain the process you used to identify the current governance framework and how you determined the strengths, weaknesses, and guidelines.
    3. Input Redesigned Governance Framework
      Input the governance redesign outcomes. Explain the process you used to modify and reconstruct the governance framework to drive optimal business results. Show the new structure and committee profiles.

    Use the Redesign IT Governance to Drive Optimal Business Results Executive Presentation Template for more information.

    Implement the governance redesign to optimize governance and, in turn, business results

    CASE STUDY

    Industry: Healthcare
    Source: Info-Tech

    Challenge

    Members of the project management group and in the larger SDLC process identified a lack of clarity on how to best govern active projects and initiatives that were moving through the governance process during the changes to the governance framework.

    These projects had already begun under the old frameworks and applying the redesigned governance framework would lead to work duplication and wasted time.

    Solution

    The organization decided that instead of applying the redesign to all initiatives across the organization, it would only be applied to new initiatives and ones that were still working within the first part of the “gating” process, where revised intake information could still be provided.

    Active initiatives that fell into the grandfathered category were identified and could proceed based on the old process. Yet, those that did not receive this status were provided carry-over lead time to revise their documentation during the changes.

    Results

    The implementation plan and timeframes were approved and an official change-over date identified.

    A communication plan was provided, including the grandfathered approach to be used with in-flight initiatives.

    A review cycle was also established for three months after launch to ensure the process was working as expected and would be repeated annually.

    The revised process improved the cycle time by 30% and improved the ability of the organization to govern high-speed requests and decisions.

    Summary of accomplishment

    Insights

    • IT governance requires business leadership.
      Instead of IT managing and governing IT, engage business leaders to take responsibility for governing IT.
    • With great governance comes great responsibility.
      Involve relevant business leaders, who will be impacted by IT outcomes, to share governing authority of IT.
    • Establish IT-business fusion.
      In governance, alignment is not enough. Merge IT and the business through governance to ensure business success.

    Knowledge Gained

    • There must be an active understanding of the current and future state of the business for governance to address the changing needs of the business.
    • Take a proactive approach to revising your governance framework. Understand why you are making decisions before actually making them.
    • Keep the current and future goals in sight to build an optimized governance framework that maintains the minimum bar of oversight required.

    Processes Optimized

    • EDM01 – Establishing a Governance Framework
    • Understanding the four elements of governance:
      • Structure
      • Authority
      • Process
      • Members
    • Embedding the benefits realization criteria, risk optimization, and resource optimization in governance.

    Deliverables Completed

    • Statement of Business Context
    • Current State Assessment of IT Governance
    • Future State Design for IT Governance
    • IT Governance Implementation Plan

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    4.1

    Sample of activity 4.1 'Outline next steps for governance redesign'. Build and Deploy the Implementation Plan

    Construct a list of tasks and consider the individuals or groups that those tasks will impact when implementing the governance redesign. Ensure consistent and transparent communication for successful outcomes.

    4.3

    Sample of activity 4.3 'Present the Executive Presentation'. Build the Executive Presentation

    Insert the state of business, current state, and future state design outcomes into a presentation to inform the key business stakeholders on the process and outcomes of the governance redesign.

    Research contributors and experts

    Deborah Eyzaguirre, IT Business Relationship Manager, UNT System

    Herbert Kraft, MIS Manager, Prairie Knights Casino

    Roslyn Kaman, CFO, Miles Nadal JCC

    Nicole Haggerty, Associate Professor of Information Systems, Ivey Business School

    Chris Austin, CTO, Ivey Business School

    Adriana Callerio, IT Director Performance Management, Molina Healthcare Inc.

    Joe Evers, Consulting Principal, JcEvers Consulting Corp

    Huw Morgan, IT Research Executive

    Joy Thiele, Special Projects Manager, Dunns Creek Baptist Church

    Rick Daoust, CIO, Cambrian College

    Related Info-Tech Research

    Bibliography

    A.T. Kearney. “The 7 Habits of Highly Effective Governance.” A.T. Kearney, 2008. Web. Nov. 2016.

    Bertolini, Phil. “The Transformational Effect of IT Governance.” Government Finance Review, Dec. 2012. Web. Nov. 2016.

    CGI. “IT Governance and Managed Services – Creative a win-win relationship” CGI Group Inc., 2015. Web. Dec. 2016.

    De Haes, Steven, and Wim Van Grembergen. “An Exploratory Study into the Design of an IT Governance Minimum Baseline through Delphi Research.” Communications of the Association for Information Systems: Vol. 22 , Article 24. 2008. Web. Nov. 2016.

    Deloitte LLP. “The Role of Senior Leaders in IT Governance.” The Wall Street Journal, 22 Jun. 2015. Web. Oct. 2016.

    Dragoon, Alice. “Four Governance Best Practices.” CIO From IDG, 15 Aug. 2003. Web. Dec. 2016.

    du Preez, Gert. “Company Size Matters: Perspectives on IT Governance.” PricewaterhouseCoopers, Aug. 2011. Web. Nov. 2016.

    Hagen, Christian, et. al. “Building a Capability-Driven IT Organization.” A.T. Kearney, Jun. 2011. Web. Nov. 2016.

    Heller, Martha. “Five Best Practices for IT Governance.” CFO.com, 27 Aug. 2012. Web. Oct. 2016.

    Hoch, Detlev, and Payan, Miguel. “Establishing Good IT Governance in the Public Sector.” McKinsey Dusseldorf, Mar. 2008. Web. Oct. 2016.

    Horne, Andrew, and Brian Foster. “IT Governance Is Killing Innovation.” Harvard Business Review, 22 Aug. 2013. Web. Dec. 2016.

    ISACA. “COBIT 5: Enabling Processes.” ISACA, 2012. Web. Oct. 2016.

    IT Governance Institute. “An Executive View of IT Governance.” IT Governance Institute, in association with PricewaterhouseCoopers. 2009. Web. Nov. 2016.

    Bibliography continued

    IT Governance Institute. “IT Governance Roundtable: Defining IT Governance.” IT Governance Institute, 2009. Web. Nov. 2016.

    Macgregor, Stuart. “The linchpin between Corporate Governance and IT Governance.” The Open Group’s EA Forum Johannesburg and Cape Town, Nov. 2013. Web. Nov. 2016.

    Mallette, Debra. “Implementing IT Governance An Introduction.” ISACA San Francisco Chapter, 23 Sep. 2009. Web. Oct. 2016.

    Massachusetts Institute of Technology. “IT Governance Introduction.” MIT Centre for Information System Research, 2016. Web. Nov. 2016.

    Mueller, Lynn, et. al. “IBM IT Governance Approach – Business Performance through IT Execution.” IBM Redbooks, Feb. 2008. Web. Nov. 2016.

    National Computing Centre. “IT Governance: Developing a successful governance strategy.” The National Computing Centre, Nov. 2005. Web. Oct. 2016.

    Pittsburgh ISACA Chapter. “Practical Approach to COBIT 5.0.” Pittsburgh ISACA Chapter, 17 Sep. 2012. Web. Nov. 2016.

    PricewaterhouseCoopers. “Great by governance: Improve IT performance and Value While Managing Risks.” PricewaterhouseCoopers, Nov. 2014. Web. Dec. 2016.

    PricewaterhouseCoopers. “IT Governance in Practice: Insights from leading CIOs.” PricewaterhouseCoopers, 2006. Web. Nov. 2016.

    Routh, Richard L. “IT Governance Part 1 of 2.” Online video clip. YouTube. The Institute of CIO Excellence, 01 Aug. 2012. Web. Nov. 2016.

    Salleh, Noor Akma Mohd, et. al. “IT Governance in Airline Industry: A Multiple Case Study.” International Journal of Digital Society, Dec. 2010. Web. Nov. 2016.

    Bibliography continued

    Speckert, Thomas, et. al. “IT Governance in Organizations Facing Decentralization – Case Study in Higher Education.” Department of Computer and Systems Sciences. Stockholm University, 2014. Web. Nov. 2016.

    Thorp, John. The Information Paradox—Realizing the Business Benefits of Information Technology. Revised Edition, McGraw Hill, 2003 (written jointly with Fujitsu).

    Vandervost, Guido, et. al. “IT Governance for the CxO.” Deloitte, Nov. 2013. Web. Nov. 2016.

    Weill, Peter, and Jeanne W. Ross. “IT Governance: How Top Performers Manage IT Decision Rights for Superior Results.” Boston: Harvard Business School, 2004. Print. Oct. 2016.

    Wong, Daron, et. al. “IT Governance in Oil and Gas: CIO Roundtable, Priorities for Surviving and Thriving in Lean Times.” Online video clip. YouTube. IT Media Group, Jun. 2016. Web. Nov. 2016.

    Business Intelligence and Reporting

    • Buy Link or Shortcode: {j2store}6|cart{/j2store}
    • Related Products: {j2store}6|crosssells{/j2store}
    • member rating overall impact (scale of 10): 8.9/10
    • member rating average dollars saved: $45,792
    • member rating average days saved: 29
    • Parent Category Name: Data and Business Intelligence
    • Parent Category Link: /improve-your-core-processes/data-and-business-intelligence

    The challenge

    • Your business partners need an environment that facilitates flexible data delivery.
    • Your data and BI strategy must continuously adapt to new business realities and data sources to stay relevant.
    • The pressure to go directly to the solution design is high.  

    Our advice

    Insight

    • A BI initiative is not static. It must be treated as a living platform to adhere to changing business goals and objectives. Only then will it support effective decision-making.
    • Hear the voice of the business; that is the "B" in BI.
    • Boys and their toys... The solution to better intelligence often lies not in the tool but the BI practices.
    • Build a roadmap that starts with quick-wins to establish base support for your initiative.

    Impact and results 

    • Use the business goals and objectives to drive your BI initiatives.
    • Focus first on what you already have in your company's business intelligence landscape before investing in a new tool that will only complicate things.
    • Understand the core of what your users need by leveraging different approaches to pinpointing BI capabilities.
    • Create a roadmap that details the iterative deliveries of your business intelligence initiative. Show both the short and long term.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief shows why you should create or refresh your business intelligence (BI) strategy. We'll show you our methodology and the ways we can help you in handling this.

    Upon ordering you receive the complete guide with all files zipped.

    Understand your business context and BI landscape

    Understand critical business information and analyze your current business intelligence landscape.

    • Build a Next-Generation BI with a Game-Changing BI Strategy – Phase 1: Understand the Business Context and BI Landscape (ppt)
    • BI Strategy and Roadmap Template (doc)
    • BI End-User Satisfaction Survey Framework (ppt)

    Evaluate your current business intelligence practices

    Assess your current maturity level and define the future state.

    • Build a Next-Generation BI with a Game-Changing BI Strategy – Phase 2: Evaluate the Current BI Practice (ppt)
    • BI Practice Assessment Tool – Example 1 (xls)
    • BI Practice Assessment Tool – Example 2 (xls)

    Create your BI roadmap

    Create business intelligence focused initiatives for continuous improvement.

    • Build a Next-Generation BI with a Game-Changing BI Strategy – Phase 3: Create a BI Roadmap for Continuous Improvement (ppt)
    • BI Initiatives and Roadmap Tool (xls)
    • BI Strategy and Roadmap Executive Presentation Template (ppt)

     

    External audit company

    External IT audit of your company

    Based on experience
    Implementable advice
    human-based and people-oriented

    Do you seek an external expert to help you prepare for a thorough IT audit of your company? Tymans Group serves as a consulting company with extensive expertise in helping small and medium enterprises. Read on and learn more about how our consulting firm can help your company with an external IT audit.

    Why should you organize an external IT audit of your company?

    Regularly preparing for an IT audit of your company with the help of of an experienced consultancy company like Tymans Group is a great way to discover any weaknesses within your IT and data security management systems, as well as your applications and data architecture, before the real audits by your regulator happen After all, you can only tackle any possible issues when you know their exact nature and origin. Additionally, the sooner you are aware of any security threats in your company thanks to an external audit, the smaller the chances outside forces will be able to take advantage of these threats to harm your business.

    Security and risk management

    Our security and risk services

    Security strategy

    Security Strategy

    Embed security thinking through aligning your security strategy to business goals and values

    Read more

    Disaster Recovery Planning

    Disaster Recovery Planning

    Create a disaster recovey plan that is right for your company

    Read more

    Risk Management

    Risk Management

    Build your right-sized IT Risk Management Program

    Read more

    Check out all our services

    Receive practical solutions when using our guides to prepare you for an external audit.

    If you hire our consultancy firm to prepare for an external IT audit in your firm, our guides will allow you to thoroughly analyze your systems and protocols to discover flaws and threats. Based on this analysis, your firm will receive concrete advice and practical solutions on dealing with the findings of in advance of an external audit. Besides identifying threats, the findings of will also offer your business insights in possible optimizations and processes which could benefit from automation. As such, you benefit from our consultancy company’s extensive experience in corporate security management and IT.

    Book an appointment with our consultancy company to get ahead of an external audit.

    If you hire our consulting company to help you prepare for an IT audit of your firm, you will receive guides that enable you to make a critical analysis of your IT security, as well as practical solutions based on our holistic approach. We are happy to tell you more about our services for small and medium business and to offer insights into any issues you may be facing. Our help is available offline and online, through one-hour talks with our expert Gert Taeymans. Contact us to set up an appointment online or on-site now.

    Continue reading

    Mitigate the Risk of Cloud Downtime and Data Loss

    • Buy Link or Shortcode: {j2store}412|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity
    • Senior leadership is asking difficult questions about the organization’s dependency on third-party cloud services and the risk that poses.
    • IT leaders have limited control over third-party incidents and that includes cloud services. Yet they are on the hot seat when cloud services go down.
    • While vendors have swooped in to provide resilience options for the more-common SaaS solutions, it is not the case for all cloud services.

    Our Advice

    Critical Insight

    • No control over the software does not mean no recovery options. Solutions range from designing an IT workaround using alternate technologies to pre-defined third-party service continuity options (e.g. see options for O365) to business workarounds.
    • Even where there is limited control, you can at least define an incident response plan to streamline notification, assessment, and implementation of workarounds. Leadership wants more options than simply waiting for the service to come back online.
    • At a minimum, IT’s responsibility is to identify and communicate risk to senior leadership. That starts with a vendor review to identify SLA issues and overall resilience gaps.

    Impact and Result

    • Follow a structured process to assess cloud resilience risk.
    • Identify opportunities to mitigate risk – at the very least, ensure critical data is protected.
    • Summarize cloud services risk, mitigation options, and incident response for senior leadership.

    Mitigate the Risk of Cloud Downtime and Data Loss Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Mitigate the Risk of Cloud Downtime and Data Loss – Step-by-step guide to assess risk, identify risk mitigation options, and create an incident response plan.

    Even where there is limited control, you can define an incident response plan to streamline notification, assessment, and implementation of workarounds.

    • Mitigate the Risk of Cloud Downtime and Data Loss Storyboard

    2. Cloud Services Incident Risk and Mitigation Review – Review your key cloud vendors’ SLAs, incident preparedness, and data protection strategy.

    At a minimum, IT’s responsibility is to identify and communicate risk to senior leadership. That starts with a vendor review to identify SLA and overall resilience gaps.

    • Cloud Services Incident Risk and Mitigation Review Tool

    3. SaaS Incident Response Workflows – Use these examples to guide your efforts to create cloud incident response workflows.

    The examples illustrate different approaches to incident response depending on the criticality of the service and options available.

    • SaaS Incident Response Workflows (Visio)
    • SaaS Incident Response Workflows (PDF)

    4. Cloud Services Resilience Summary – Use this template to capture your results.

    Summarize cloud services risk, mitigation options, and incident response for senior leadership.

    • Cloud Services Resilience Summary
    [infographic]

    Further reading

    Mitigate the Risk of Cloud Downtime and Data Loss

    Resilience and disaster recovery in an increasingly Cloudy and SaaSy world.

    Analyst Perspective

    If you think cloud means you don’t need a response plan, then get your resume ready.

    Frank Trovato

    Most organizations are now recognizing that they can’t ignore the risk of a cloud outage or data loss, and the challenge is “what can I do about it?” since there is limited control.

    If you still think “it’s in the cloud, so I don’t need to worry about it,” then get your resume ready. When O365 goes down, your executives are calling IT, not Microsoft, for an answer of what’s being done and what can they do in the meantime to get the business up and running again.

    The key is to recognize what you can control and what actions you can take to evaluate and mitigate risk. At a minimum, you can ensure senior leadership is aware of the risk and define a plan for how you will respond to an incident, even if that is limited to monitoring and communicating status.

    Often you can do more, including defining IT workarounds, backing up your SaaS data for additional protection, and using business process workarounds to bridge the gap, as illustrated in the case studies in this blueprint.

    Frank Trovato
    Research Director, Infrastructure & Operations

    Info-Tech Research Group

    Use this blueprint to expand your DRP and BCP to account for cloud services

    As more applications are migrated to cloud-based services, disaster recovery (DR) and business continuity plans (BCP) must include an understanding of cloud risks and actions to mitigate those risks. This includes evaluating vendor and service reliability and resilience, security measures, data protection capabilities, and technology and business workarounds if there is a cloud outage or incident.

    Use the risk assessments and cloud service incident response plans developed through this blueprint to supplement your DRP and BCP as well as further inform your crisis management plans (e.g. account for cloud risks in your crisis communication planning).

    Overall Business Continuity Plan

    IT Disaster Recovery Plan

    A plan to restore IT application and infrastructure services following a disruption.

    Info-Tech’s Disaster Recovery Planning blueprint provides a methodology for creating the IT DRP. Leverage this blueprint to validate and provide inputs for your IT DRP.

    BCP for Each Business Unit

    A set of plans to resume business processes for each business unit.

    Info-Tech’s Develop a Business Continuity Plan blueprint provides a methodology for creating business unit BCPs as part of an overall BCP for the organization.

    Crisis Management Plan

    A plan to manage a wide range of crises, from health and safety incidents to business disruptions to reputational damage.

    Info-Tech’s Implement Crisis Management Best Practices blueprint provides a framework for planning a response to any crisis, from health and safety incidents to reputational damage.

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    • Senior leadership is asking difficult questions about the organization’s dependency on third-party cloud services and the risk that poses.
    • Migrating to cloud services transfers much of the responsibility for day-to-day platform maintenance but not accountability for resilience.
    • IT leaders are often responsible for not just the organization’s IT DRP but also BCP and other elements of overall resilience. Cloud risk adds another element IT leaders need to consider.
    • IT leaders have limited control over third-party incidents and that includes cloud services. With SaaS services in particular, recovery or continuity options may be limited.
    • While vendors have swooped in to provide resilience options for the more common SaaS solutions, that is not the case for all cloud services.
    • Part of the solution is defining business process workarounds and that depends on cooperation from business leaders.
    • At a minimum, IT’s responsibility is to identify and communicate risk to senior leadership. That starts with a vendor review to identify SLA and overall resilience gaps.
    • Adapt how you approach downtime and data loss risk, particularly for SaaS solutions where there is limited or no control over the system.
    • Even where there is limited control, you can define an incident response plan to streamline notification, assessment, and implementation of workarounds. Leadership wants more options than simply waiting for the service to come back online.

    Info-Tech Insight

    Asking vendors about their DRP, BCP, and overall resilience has become commonplace. Expect your vendors to provide answers so you can assess risk. Furthermore, your vendor may have additional offerings to increase resilience or recommendations for third parties who can further assist your goals of improving cloud service resilience.

    Key deliverable

    Cloud Services Resilience Summary

    Provide leadership with a summary of cloud risk, downtime workarounds implemented, and additional data protection.

    The image contains a screenshot of the Cloud Services Resilience Summary.

    Additional tools and templates in this blueprint

    Cloud Services Incident Risk and Mitigation Review Tool

    Use this tool to gather vendor input, evaluate vendor SLAs and overall resilience, and track your own risk mitigation efforts.

    The image contains a screenshot of the Cloud Services Incident Risk and Mitigation Review Tool.

    SaaS Incident Response Workflows

    Use the examples in this document as a model to develop your own incident response workflows for cloud outages or data loss.

    The image contains a screenshot of the SaaS Incident Response Workflows.

    This blueprint will step you through the following actions to evaluate and mitigate cloud services risk

    1. Assess your cloud risk
    • Review your cloud services to determine potential impact of downtime/data loss, vendor SLA gaps, and vendor’s current resilience.
  • Identify options to mitigate risk
    • Explore your cloud vendor’s resilience offerings, third-party solutions, DIY recovery options, and business workarounds.
  • Create an incident response plan
    • Document your cloud risk mitigation strategy and incident response plan, which might include a failover strategy, data protection, and/or business continuity.

    Cloud Risk Mitigation

    Identify options to mitigate risk

    Create an incident response plan

    Assess risk

    Phase 1: Assess your cloud risk

    Phase 1

    Phase 2

    Phase 3

    Assess your cloud risk

    Identify options to mitigate risk

    Create an incident response plan

    Cloud does not guarantee uptime

    Public cloud services (e.g. Azure, GCP, AWS) and popular SaaS solutions experience downtime every year.

    A few cloud outage examples:

    • Microsoft Azure AD outage, March 15, 2022:
      Many users could not log into O365, Dynamics, or the Azure Portal.
      Cause: software change.
    • Three AWS outages in December 2021: December 7 (Netflix and others impacted), December 15 (Duo, Zoom, Slack, others), December 20 (Slack, Epic Games, others). Cause: network issues, power outage.
    • Salesforce outage, May 12, 2022: Users could not access the Lightning platform. Cause: expired certificate.

    Cloud availability

    • Migrating to cloud services can improve availability, as they typically offer more resilience than most organizations can afford to implement themselves.
    • However, having multiple data centers, zones, and regions doesn’t prevent all outages, as we see every year with even the largest cloud vendors.

    DR challenges for IaaS, PaaS, and cloud-native

    While there are limits to what you control, often traditional “failover” DR strategy can apply.

    High-level challenges and resilience options:

    • IaaS: No control over the hardware, but you can failover to another region. This is fairly similar to traditional DR.
    • PaaS: No control over the software platform (e.g. SQL server as a service), but you can back up your data and explore vendor options to replicate your environment.
    • Cloud-native applications: As with PaaS, you can back up your data and explore vendor options to replicate your environment.

    Plan for resilience

    • Include DR requirements when designing cloud service implementation. For example, for IaaS solutions, identify what data would need to be replicated and what services may need to be “always on” (e.g. database services where high-availability is demanded).
    • Similarly, for PaaS and cloud-native solutions, consult your vendor regarding options to build in resilience options (e.g. ability to failover to another environment).

    DR challenges for SaaS solutions

    SaaS is the biggest challenge because you have no control over any part of the base application stack.

    High-level challenges and resilience options:

    • No control over the hardware (or the facility, maintenance processes, and so on).
    • No control over the base application (control is limited to configuration settings and add-on customizations or integrations).
    • Options to back up your data will depend on the service.

    Note: The rest of this blueprint is focused primarily on SaaS resilience due to the challenges listed here. For other cloud services, leverage traditional DR strategies and vendor management to mitigate risk (as summarized on the previous slides).

    Focus on what you can control

    • For SaaS solutions in particular, you must toss out traditional DR. If Salesforce has an outage, you won’t be involved in recovering the system.
    • Instead, DR for SaaS needs to focus on improving resilience where you do have control and implementing business workarounds to bridge the gap.

    Evaluate your cloud services to clarify your specific risks

    Time and money is limited, so focus first on cloud services that are most critical and evaluate the vendors’ SLA and existing resilience capabilities.

    The activities on the next two slides will evaluate risk through two approaches:

    Activity 1: Estimate potential impact of downtime and data loss to quantify the risk and determine which cloud services are most critical and need to be prioritized. This is done through a business impact analysis that assesses:

    • Impact on revenue or costs (if applicable).
    • Impact on reputation (e.g. customer impact).
    • Impact on regulatory compliance and health and safety (if applicable).

    Activity 2: Review the vendor to identify risks and gaps. Specifically, evaluate the following:

    • Incident Management SLAs (e.g. does the SLA include RTO/RPO commitments? Do they meet your requirements?)
    • Incident Response Preparedness (e.g. does the vendor have a DRP, BCP, and security incident response plan?)
    • Data Protection (e.g. does their backup strategy and data security meet your standards?)

    Activity 1: Quantify potential impact and prioritize cloud services using a business impact analysis (BIA)

    1-3 hours

    1. Download the latest version of our DRP BIA: DRP Business Impact Analysis Tool. The tool includes instructions.
    2. Include the cloud services you want to assess in the list of applications/systems (see the tool excerpt below), and follow the BIA methodology outlined in the Create a Right-Sized Disaster Recovery Plan blueprint.
    3. Use the results to quantify potential impact and prioritize your efforts on the most-critical cloud services.

    The image contains a screenshot of the DRP Business Impact Analysis Tool.

    Materials
    • DRP BIA Tool
    Participants
    • Core group of IT management and staff who can provide a well-rounded perspective on potential impact. They will create the first draft of the BIA.
    • Review the draft BIA with relevant business leaders to refine and validate the results.

    Activity 2: Review your key cloud vendors’ SLAs, incident preparedness, and data protection strategy

    1-3 hours

    Use the Cloud Services Incident Risk and Mitigation Review Tool as follows:

    1. Send the Vendor Questionnaire tab to your cloud vendors to gather input, and review your existing agreements.
    2. Copy the vendor responses into the tool (see the instructions in the tool) and evaluate. See the example excerpt below.
    3. Identify action items to clarify gaps or address risks. Some action items might not be defined yet and will need to wait until you have had a chance to further explore risk mitigation options.

    The image contains a screenshot of the Cloud Services Incident Risk and Mitigation Review Tool.

    Materials
    • Cloud Services Incident Risk and Mitigation Review Tool
    Participants
    • Core group of IT management and staff tasked with evaluating and improving cloud services’ resilience.

    Phase 2: Identify options to mitigate risk

    Phase 1

    Phase 2

    Phase 3

    Assess your cloud risk

    Identify options to mitigate risk

    Create an incident response plan

    Consult your vendor to identify options to improve resilience, as a starting point

    Your vendor might also be able to suggest third parties that offer additional support, backup, or service continuity options.

    • The Vendor Questionnaire tab in the Cloud Services Incident Risk and Mitigation Review Tool includes a section at the bottom where your vendor can name additional options to improve resilience (e.g. premium support packages, potentially their own DR services).
    • If your vendor has not completed that part of the questionnaire, meet with them to discuss this. Asking service vendors about resilience has become commonplace, so they should be prepared to answer questions about their own offerings and potentially can name trusted third-party vendors who can further assist you.
    • Leverage Info-Tech’s advisory services to evaluate options outlined by your vendor and potential third-party options (e.g. enterprise backup solutions that support backing up SaaS data).

    Some SaaS solutions have plenty of resilience options; others not so much

    • The pervasiveness of O365 has led vendors to close the service continuity gap, with options to send and receive email during an outage and back up your data.
    • With many SaaS solutions, there isn’t going to be a third-party service continuity option, but you might still be able to at least back up your data and implement business process workarounds to close the service gap.

    Example SaaS risk and mitigation: O365

    Risk

    • Several outages every year (e.g. MS Teams July 20, 2022).
    • SLA exceptions include “Scheduled Downtime,” which can occur with just five days’ notice.
    • The Recycling Bin is your data backup, depending on your setup.

    Options to mitigate risk (not an exhaustive list):

    • Third-party solutions for email service continuity.
    • Several backup vendors (e.g. Veeam, Rubrik) can protect most of your O365 suite.
    • Business continuity workarounds leveraging synced OneDrive, SharePoint, and Outlook (access to calendar invites).

    Example SaaS risk and mitigation: Salesforce

    Risk

    • Downtime has been infrequent, but Salesforce did have a major outage in May 2021 (DNS issue) and May 2022 (expired certificate).
    • At the time of this writing, the Main Services Agreement does not commit to a specific uptime value and specifies the usual exclusions.
    • Similarly, there are limited commitments regarding data protection.

    Options to mitigate risk (not an exhaustive list):

    • Salesforce provides a backup and restore service offering.
    • In addition, some third-party vendors support backing up Salesforce data for additional protection against data corruption or data loss.
    • Business continuity workarounds can further reduce the impact of downtime (e.g. record updates in MS Word and leverage Outlook for contact info until Salesforce is recovered).

    Establish a baseline standard for risk mitigation, regardless of cloud service

    At a minimum, set a goal to review vendor risk at least annually, define standard processes for monitoring outages, and review options to back up your SaaS data.

    Example baseline standard for cloud risk mitigation

    • Review vendor risk at least annually. This includes reviewing SLAs, vendor’s incident preparedness (e.g. do they have a current DRP, BCP, and Security IRP?), and the vendor’s data protection strategy.
    • Incident response plans must include, at a minimum, steps to monitor vendor outage and communicate status to relevant stakeholders. Where possible, business process workarounds are defined to bridge the service gap.
    • For critical data (based on your BIA and an evaluation of risk), maintain your own backups of SaaS data for additional protection.

    Embed risk mitigation standards into existing IT operations

    • Include specific SLA requirements, including incident management processes, in your RFP process and annual vendor review.
    • Define cloud incident response in your incident management procedures.
    • Include cloud data considerations in your backup strategy reviews.

    Phase 3: Create an incident response plan

    Phase 1

    Phase 2

    Phase 3

    Assess your cloud risk

    Identify options to mitigate risk

    Create an incident response plan

    Activity 1: Review the example incident response workflows and case studies as a starting point

    1-3 hours

    1. Review the SaaS Incident Response Workflows examples. The examples illustrate different approaches to incident response depending on the criticality of the service and options available.
    2. Review the case studies on the next few slides, which further illustrate the resilience and incident response solutions implemented.
    3. Note the key elements:
    • Detection
    • Assessment
    • Monitoring status / contacting the vendor
    • Communication with key stakeholders
    • Invoking workarounds, if applicable

    Example SaaS Incident Response Workflow Excerpt

    The image contains a screenshot of an example of the SaaS Incident Response Workflow Excerpt.
    Materials
    • SaaS Incident Response Workflows examples
    Participants
    • Core group of IT management and staff tasked with evaluating and improving cloud services’ resilience.
    • Relevant business process owners to provide input and define business workarounds, where applicable.

    Case Study 1: Recovery plan for critical fundraising event

    If either critical SaaS dependency fails, the following plan is executed:

    1. Donors are redirected to a predefined alternate donation page hosted by a different service. The alternate page connects to the backup payment processing service (with predefined integrations).
    2. Marketing communications support the redirect.
    3. While the backup solution doesn’t gather as much data, the payment details provide enough information to follow up with donors where necessary.

    Criticality justified a failover option

    The Annual Day of Giving generates over 50% of fundraising for the year. It’s critically dependent on two SaaS solutions that host the donation page and payment processing.

    To mitigate the risk, the organization implemented the ability to failover to an alternate “environment” – much like a traditional DR solution – supported by workarounds to manage data collection.

    Case Study 2: Protecting customer data

    Daily exports from a SaaS-hosted donations site reduce potential data loss:

    1. Daily exports to a CRM support donor profile updates and follow-ups (tax receipts, thank-you letters, etc.).
    2. The exports also mitigate the risk of data loss due to an incident with the SaaS-hosted donation site.
    3. This company is exploring more-frequent exports to further reduce the risk of data loss.

    Protecting your data gives you options

    For critical data, do you want to rely solely on the vendor’s default backup strategy?

    If your SaaS vendor is hit by ransomware or if their backup frequency doesn’t meet your needs, having your own data backup gives you options.

    It can also support business process workarounds that need to access that data while waiting for SaaS recovery.

    Case Study 3: Recovery plan for payroll

    To enable a more accurate payroll workaround, the following is done:

    1. After each payroll run, export the payroll data from the SaaS solution to a secure location.
    2. If there is a SaaS outage when payroll must be submitted, the exported data can be modified and converted to an ACH file.
    3. The ACH file is submitted to the bank, which has preapproved this workaround.

    BCP can bridge the gap

    When leadership looks to IT to mitigate cloud risk, include BCP in the discussion.

    Payroll is a good example where the best recovery option might be a business continuity workaround.

    IT often still has a role in business continuity workarounds, as in this case study: specifically, providing a solution to modify and convert the payroll data to an ACH file.

    Activity 2: Run tabletop planning exercises as a starting point to build your incident response plan

    1-3 hours

    1. Follow the tabletop planning instructions provided in the Create a Right-Sized Disaster Recovery Plan blueprint.
    2. Run the exercise for each cloud service. Keep the scenario generic at first (e.g. cloud service is down with no reported root cause) so you can focus on your response. Capture response steps and gaps.
    3. Add complexity in subsequent exercises (e.g. data loss plus downtime), and use that to expand and refine the workflow as needed.
    4. Use the resulting workflows as the core piece of your incident response plan.
    5. Supplement the workflow with relevant checklists or procedures. At this point you can choose to incorporate this into your DRP or BCP or maintain these documents as supplements to those plans.
      See the DRP Case Study and BCP Case Study for an example of DRP-BCP documentation.

    Example tabletop planning results excerpt with gaps identified

    The image contains an example tabletop planning results excerpt with gaps identified.

    Materials
    • SaaS Incident Response Workflows examples
    Participants
    • Core group of IT management and staff tasked with evaluating and improving cloud services’ resilience.
    • Review results with relevant business process owners to provide input and define business workarounds where applicable.

    Activity 3: Summarize cloud services resilience to inform senior leadership of current risks and mitigation efforts

    1-3 hours

    1. Use the Cloud Services Resilience Summary example as a template to capture the following:
    • The results of your vendor review (i.e. incident management SLAs, incident response preparedness, data protections strategy).
    • The current state of your downtime workarounds and additional data loss protection.
    • Your baseline standard for cloud services risk mitigation.
    • Summary of resilience, risks, workarounds, and data loss protection for each individual cloud service that you have reviewed.
  • Present the results to senior leadership to:
    • Highlight risks to inform business decisions to mitigate or accept those risks.
    • Summarize actions already taken to mitigate risks.
    • Communicate next steps (e.g. action items to address remaining risks).

    Cloud Services Resilience Summary – Table of Contents

    The image contains a screenshot of Cloud Services Resilience Summary – Table of Contents.
    Materials
    • Cloud Services Resilience Summary
    Participants
    • Core group of IT management and staff tasked with evaluating and improving cloud services’ resilience.
    • Review results with relevant business process owners to provide input and define business workarounds where applicable.

    Summary: For cloud services, after evaluating risk, IT must adapt how they approach risk mitigation

    1. Identify failover options where possible
    • A failover strategy is possible for many cloud services (e.g. IaaS replication to another region, or failing over SaaS to an alternate solution as in case study 1).
  • At least protect your data
    • Explore supplementary backup options to protect against ransomware, data corruption, or data loss and support business continuity workarounds (see case study 2).
  • Leverage BCP to close the gap
    • This doesn’t absolve IT of its role in mitigating cloud incident risk, but business process workarounds can bridge the gap where IT options are limited (see case study 3).

    Related Info-Tech Research

    IT DRP Maturity Assessment

    Get an objective assessment of your DRP program and recommendations for improvement.

    Create a Right-Sized Disaster Recovery Plan

    Close the gap between your DR capabilities and service continuity requirements.

    Develop a Business Continuity Plan

    Streamline the traditional approach to make BCP development manageable and repeatable.

    Implement Crisis Management Best Practices

    Don’t be another example of what not to do. Implement an effective crisis response plan to minimize the impact on business continuity, reputation, and profitability.

    Select an Enterprise Application

    • Buy Link or Shortcode: {j2store}588|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $10,000 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Enterprise Applications
    • Parent Category Link: /enterprise-applications
    • Organizations rarely have both the sufficient knowledge and resources to properly evaluate, select, and implement an enterprise application software (EAS), forcing them to turn to external partnerships.
    • Inadequate and incomplete requirements skew the EAS selection in one direction or another. Many EAS projects fail due to a lack of clear description and specification of functional requirements.
    • The EAS technology market is so vast that it becomes nearly impossible to know where to start or how to differentiate between vendors and products.

    Our Advice

    Critical Insight

    • Accountability for EAS success is shared between IT and the business. There is no single owner of an EAS. A unified approach to building your strategy promotes an integrated roadmap so all stakeholders have clear direction on the future state.
    • While technology is the key enabler of building strong customer experiences, there are many other drivers of dissatisfaction. IT must stand shoulder-to-shoulder with the business to develop a technology framework for enterprise applications.
    • EAS projects are more successful when the management team understands the strategic importance and the criticality of alignment. Time needs to be spent upfront aligning business strategies with EAS capabilities. Effective alignment between IT and the business should happen daily. Alignment doesn’t just occur at the executive level but at each level of the organization.

    Impact and Result

    • Conduct an EAS project preparedness assessment as a means to ensure you maximize the value of your time, effort, and spending.
    • Gather the necessary resources to form the team to conduct the EAS selection.
    • Gett the proper EAS requirement landscape by mapping out business capabilities and processes, translating into prioritized EAS requirements.
    • Review SoftwareReviews vendor reports to shortlist vendors for your RFP process.
    • Use Info-Tech’s templates and tools to gather your EAS requirements, build your RFP and evaluation scorecard, and build a foundational EAS selection framework.

    Select an Enterprise Application Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Select an Enterprise Application Software Storyboard - A blueprint which prepares you for a proper and better enterprise application selection outcome.

    Properly selecting and implementing an enterprise application requires a proper structure. This blueprint guides you with a framework to help in such project, including steps such as assessing readiness, plan for the right resources, requirements gathering, shortlisting, obtaining and evaluating vendor responses, and preparing for implementation.

    • Select an Enterprise Application Software Storyboard

    2. Select an Enterprise Application Readiness Assessment Checklist – a checklist to assess your readiness towards moving ahead with the selection process.

    The EAS Readiness Checklist includes a list of essential tasks to be completed prior to the enterprise application selection and implementation project.

    • EAS Readiness Assessment Checklist

    3. ERP/HRIS/CRM Requirements Templates – a set of templates to help build a list of requirements and features for the selection process.

    These templates are specific to either ERP, HRIS, or CRM. Each template lists out a set of modules and features allowing you to easily build your requirements.

    • ERP Requirements Template
    • HRIS Requirements Template
    • CRM Requirements Template

    4. Vendor Solicitation (RFP) to Evaluation Suite of Tools – Use Info-Tech’s RFP, vendor response and evaluation tools and templates to increase your efficiency in your RFP and evaluation process.

    Configure this time-saving suite of tools to your organizational culture, needs, and most importantly the desired outcome of your RFP initiative.

    • EAS Request for Proposal Template
    • EAS Vendor Response Template
    • ERP Vendor Demonstration Script Template
    • HRIS Vendor Demonstration Script Template
    • CRM Vendor Demonstration Script Template
    • EAS RFP and Demonstration Scoring Tool
    [infographic]

    Workshop: Select an Enterprise Application

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Workshop debrief – Prepare for implementation

    The Purpose

    Review evaluation framework.

    Prepare for implementation.

    Key Benefits Achieved

    Activities

    1.1 Support the project team in establishing the evaluation framework.

    1.2 Discuss demo scripts scenarios.

    1.3 Discuss next steps and key items in preparation for the implementation.

    Outputs

    Evaluation framework considerations.

    Demo script considerations.

    RFP considerations.

    2 Workshop Preparation

    The Purpose

    The facilitator works with the team to verify organizational readiness for EAS project and form the EAS project team.

    Key Benefits Achieved

    Level-set on organizational readiness for EAS

    Organizational project alignment

    Activities

    2.1 Introduce the workshop and complete an overview of activities.

    2.2 Complete organizational context assessment to level-set understanding.

    2.3 Complete EAS readiness assessment.

    2.4 Form EAS selection team.

    Outputs

    EAS readiness assessment

    Structured EAS selection team

    3 Mapping Capabilities to Prioritizing Requirements

    The Purpose

    Determine the business capabilities and process impacted by the EAS.

    Determine what the business needs to get out of the EAS solution.

    Build the selection roadmap and project plan.

    Key Benefits Achieved

    Business and ERP solution alignment

    Activities

    3.1 Map business capabilities/processes.

    3.2 Inventory application and data flow.

    3.3 List EAS requirements.

    3.4 Prioritize EAS requirements.

    Outputs

    Business capability/process map

    List or map of application + data flow

    Prioritized EAS requirements

    4 Vendor Landscape and your RFP

    The Purpose

    Understand EAS market product offerings.

    Readying key RFP aspects and expected vendor responses.

    Key Benefits Achieved

    Shortlist of vendors to elicit RFP response.

    Translated EAS requirements into RFP.

    Activities

    4.1 Build RFP.

    4.2 Build vendor response template.

    Outputs

    Draft of RFP template.

    Draft of vendor response template.

    5 How to Evaluate Vendors

    The Purpose

    Prepare for demonstration and evaluation.

    Establish evaluation criteria.

    Key Benefits Achieved

    Narrow your options for ERP selection to best-fit vendors.

    Activities

    5.1 Run an RFP evaluation simulation.

    5.2 Establish evaluation criteria.

    5.3 Customize the RFP and Demonstration and Scoring Tool.

    Outputs

    Draft of demo script template.

    Draft of evaluation criteria.

    Draft of RFP and Demonstration and Scoring Tool.

    Further reading

    Select an Enterprise Application

    Selecting a best-fit solution requires balancing needs, cost, and vendor capability.

    Analyst Perspective

    A foundational EAS strategy is critical to decision-making.

    Enterprise application software (EAS) is a core tool that a business leverages to accomplish its goals. An EAS that is doing its job well is invisible to the business. The challenges come when the tool is no longer invisible. It has become a source of friction in the functioning of the business.

    EAS systems are expensive, their benefits are difficult to quantify, and they often suffer from poor user satisfaction. Post-implementation, technology evolves, organizational goals change, and the health of the system is not monitored. This is complicated in today’s digital landscape with multiple integration points, siloed data, and competing priorities.

    Too often organizations jump into selecting replacement systems without understanding the needs of the organization. Alignment between business and IT is just one part of the overall strategy. Identifying key pain points and opportunities, assessed in the light of organizational strategy, will provide a strong foundation to the transformation of the EAS system. Learning about different vendor product offerings with a rigorous approach and evaluation framework will pave way for a better selection outcome.

    Hong Kwok, Research Director

    Hong Kwok
    Research Director
    Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Info-Tech’s Approach
    Selecting and implementing an EAS is one of the most expensive and time-consuming technology transformations an organization can undertake. EAS projects are notorious for time and budget overruns, with only a margin of the anticipated benefits being realized. Making the wrong technology selection or failing to plan for an EAS implementation has significant – and possibly career-ending – implications.

    The EAS technology market is so vast that it is nearly impossible to know where to start or how to differentiate between vendors and products.

    Inadequate and incomplete requirements skew the EAS selection in one direction to another. Many EAS projects fail due to a lack of clear description and specification of functional requirements.

    Organizations rarely have both the sufficient knowledge and resources to properly evaluate, select, and implement an EAS, forcing them to turn to external partnerships.

    EAS selection must be driven by your organization’s overall strategy. Ensure you are ready to embark on this journey with the right resources.

    Determine what EAS solution fits your organization through a structured requirement gathering process to a vendor evaluation framework.

    Ensure strong points of integration between EAS and other software such as ERP to HRIS. No EAS should live in isolation.

    Info-Tech Insight
    Accountability for EAS success is shared between IT and the business. There is no single owner of an EAS. A unified approach to building your strategy promotes an integrated roadmap so all stakeholders have clear direction on the future state.

    You are not just picking a piece of software, you are choosing a long-term technology partner

    Reasons for Selectin Chosen Software

    Decision making in selection often stands on functional fit; don’t forget to consider vendor fit.

    As the ERP technology market becomes increasingly saturated and difficult to decode, vendors are trying to get ahead by focusing on building a partnership, not just making a sale.

    68 % of organizations are satisfied with the overall ERP vendor experience, up from 54% in 2017.

    Panorama Consulting Solutions, “Report,” 2018

    What is an Enterprise Application?

    Our Definition: Enterprise Application Software (EAS) is a large software system that provides a broad and integrated set of features which supports a range of business operations and processes across an organization. The system is broadly deployed, provides a unified interface and data structure, allowing for higher business productivity and reporting efficiencies. Best known EAS solutions include Enterprise Resource Planning (ERP), Human Resource Information System (HRIS), and Customer Relationship Management (CRM).

    More focused EAS solutions may also bring benefits to your organization, depending on the scale of operations, complexity of operations, and functions. Here are some examples:

    PSA: Professional Services Automation
    SCMS: Supply Chain Management System
    WMS: Warehouse Management System
    EAM: Enterprise Asset Management
    PIMS: Product Information Management System
    MES: Manufacturing Execution System
    MA: Marketing Automation

    Our other Selection Framework

    When selecting personal or commodity applications, or mid-tier applications with spend below $100,000, use our Rapid Application Selection Framework.

    Download this tool

    Enterprise Applications Lifecycle Advisory Services

    Enterprise Resource Planning (ERP)

    Enterprise Resource Planning (ERP)

    What is EPR

    Enterprise resource planning (ERP) systems facilitate the flow of information across business units. They allow for the seamless integration of systems and create a holistic view of the enterprise to support decision making.

    In many organizations, the ERP system is considered the lifeblood of the enterprise. Problems with this key operational system will have a dramatic impact on the ability of the enterprise to survive and grow.

    An ERP system:

    • Automates processes, reducing the amount of manual, routine work.
    • Integrates with core modules, eliminating the fragmentation of systems.
    • Centralizes information for reporting from multiple parts of the value chain to a single point.
    ERP use cases: Product-centric
    Suitable for organizations that manufacture, assemble, distribute, or manage material goods.
    Service-centric
    Suitable for organizations that provide and manage field services and/or professional services.

    Human Resource Information System (HRIS)

    What is HRIS?

    An HRIS is used to acquire, store, manipulate, analyze, retrieve, and distribute information regarding an organization’s human resources. HRIS covers the entire employee lifecycle from recruit to retire.

    An HRIS:

    • Retains employee data in a single repository.
    • Enhances employee engagement through self-service and visibility into their records.
    • Enhances data security through role-based access control.
    • Eliminates manual processes and enables workflow automation.
    • Reduces transaction processing time and HR administrative tasks.
    • Presents an end-to-end, comprehensive view of all HR processes.
    • Reduces exposure to risk with compliance to rules and regulations.
    • Enhances the business’s reporting capability on various aspects of human capital.

    Human Resource Information System

    Customer relationship management (CRM)

    What is CRM?

    A CRM platform (or suite) is a core enterprise application that provides a broad feature set for supporting customer interaction processes, typically across marketing, sales and customer service. These suites supplant more basic applications for customer interaction management (such as the contact management module of an ERP or office productivity suite).

    A CRM suite provides many key capabilities, including but not limited to:

    • Account management
    • Order history tracking
    • Pipeline management
    • Case management
    • Campaign management
    • Reports and analytics
    • Customer journey execution

    A CRM provides a host of native capabilities, but many organizations elect to tightly integrate their CRM solution with other parts of their customer experience ecosystem to provide a 360-degree view of their customers.

    Customer relationship management

    The good EAS numbers

    There are many good reasons to support EAS implementation and use.

    92% of organizations report that CRM use is important for accomplishing revenue objectives.
    Source: Validity, 2020

    Almost 26% of companies implement HRIS is to obtain greater functionalities, while other main reasons are to increase efficiencies, support growth, and consolidate systems.
    Source: SoftwarePath, 2022

    Functionality of an ERP is believed to be the most important aspect by almost 40% of companies.
    Source: SelectHub, 2022

    The ugly EAS numbers

    Risks are high in EAS projects.

    Statistical analysis of ERP projects indicates rates of failure vary from 50 to 70 percent. Taking the low end of those analyst reports, one in two ERP projects is considered a failure.
    Source: Electric Journal of Information Systems Evaluation.

    46% of HR technology projects exceed their planned timelines.
    Source: Unleash, 2020

    Almost 70% of all CRM implementation projects do not meet expected objectives.
    Source: Future Computing and Informatics Journal

    Enterprise Application dissatisfaction

    Finance, IT, Sales, HR, and other users of the Enterprise Application system can only optimize with the full support of each other. Cooperation between departments is crucial when trying to improve the technology capabilities and customer interaction.

    Drivers of Dissatisfaction
    Business Data People and teams Technology
    • Misaligned objectives
    • Product fit
    • Changing priorities
    • Lack of metrics
    • Access to data
    • Data hygiene
    • Data literacy
    • One view of the customer
    • User adoption
    • Lack of IT support
    • Training (use of data and system)
    • Vendor relations
    • Systems integration
    • Multi-channel complexity
    • Capability shortfall
    • Lack of product support

    Info-Tech Insight
    While technology is the key enabler of building strong customer experiences, there are many other drivers of dissatisfaction. IT must stand shoulder-to-shoulder with the business to develop a technology framework for Enterprise Applications.

    Case Study

    Align strategy and technology to meet consumer demand.

    NETFLIX

    INDUSTRY
    Entertainment

    SOURCE
    Forbes, 2017

    Challenge
    Beginning as a mail-out service, Netflix offered subscribers a catalog of videos to select from and have mailed to them directly. Customers no longer had to go to a retail store to rent a video. However, the lack of immediacy of direct mail as the distribution channel resulted in slow adoption.

    Blockbuster was the industry leader in video retail but was lagging in its response to industry, consumer, and technology trends around customer experience.

    Solution
    In response to the increasing presence of tech-savvy consumers on the internet, Netflix invested in developing an online platform as its primary distribution channel. The benefit of doing so was two-fold: passive brand advertising (by being present on the internet) and meeting customer demands for immediacy and convenience. Netflix also recognized the rising demand for personalized service and created an unprecedented, tailored customer experience.

    Results
    Netflix’s disruptive innovation is built on the foundation of great customer experience management. Netflix is now a $28 billion company, which is ten times what Blockbuster was worth.

    Netflix used disruptive technologies to innovatively build a customer experience that put it ahead of the long-time video rental industry leader, Blockbuster.

    Info-Tech’s methodology for selecting an Enterprise Application

    1. Build alignment and assemble the team 2. Define your EAS 3. Engage, evaluate, and select 4. Next steps
    Phase steps
    1. Aligning business and IT
    2. Readiness and resourcing
    1. Map capabilities
    2. List Requirements
    3. Prioritize requirements
    1. Know the products
    2. Engage the vendors
    3. Select properly
    1. Plan for implementation
    Phase outcomes Discuss organizational goals and how to advance those using the EA system. Identify gaps and remediation steps in preparation of the selection. Assemble the EA selection team. List and review business capabilities and translate into EAS requirements. Prioritize requirements for selection. Gain an understanding of the product offerings on the market. Engage the vendors through RFPs and conduct a proper evaluation with an objective evaluation criteria and framework. Review and discuss the different elements required in preparation for the implementation project.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    ERP/HRIS/CRM Requirements Template

    ERP Requirements Template

    Accelerate your requirement gathering with a pre-compiled list of common requirements.

    RFx Demo Scoring Tool

    RFx Demo Scoring Tool

    Quickly compare the vendors who respond to the RFx to identify the best fit for your needs.

    Key deliverable:

    RFx templates

    Use one of our templates to build a ready-for-distribution implementation partner RFx tailored to the unique success factors of your implementation.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit Guided Implementation Workshop Consulting
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to his the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between six to ten calls over the course of four to six months.

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3 Phase 4

    Call #1: Scoping call to understand the current situation.

    Call #2: Discuss readiness and resourcing needs.

    Call #3: Discuss the capabilities and application inventory.

    Call #4: Discuss requirement gathering and prioritization.

    Call #5: Go over SoftwareReviews and review draft RFx.

    Call #6: Discuss evaluation tool and evaluation process.

    Call #7: Discuss preparation for implementation.

    Workshop Overview

    Day 1 Day 2 Day 3 Day 4 Day 5
    Activities

    Organizational Strategic Needs

    1.1 Review the business context.

    1.2 Overview of the EAS Landscape

    1.2 Assess EAS project readiness

    1.3 Determine the members of the EAS selection team

    From Capabilities to Requirements

    2.1 Map business capabilities

    2.2 Inventory application and interactions

    2.3 Gather requirements

    2.4 Prioritize requirements

    Vendor Landscape and Your RFP

    3.1 Understanding product offerings

    3.2 Build a list of targeted vendors

    3.3 Build RFP

    3.4 Build vendor response template

    How to Evaluate Vendors

    4.1 Run a RFP evaluation simulation

    4.2 Build demo script

    4.3 Establish evaluation criteria

    Next Steps and Wrap-Up (offsite)

    5.1 Clean up in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables
    1. EAS Readiness Checklist and remediation plan
    2. List of members in EAS selection team
    1. List of key business processes
    2. Inventory application and data flow map
    3. Prioritized EAS requirements
    1. Draft RFP template
    2. Draft vendor response template
    1. Draft demo script template
    2. Draft vendor evaluation tool
    1. Completed RFP template
    2. Completed vendor response template
    3. Completed demo script template
    4. Vendor evaluation plan

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phase 1

    Build alignment and assemble the Team

    Phase 1
    1.1 Enterprise Application Landscape
    1.2 Validate Readiness
    1.3 Determine Resourcing

    Phase 2
    1.1 Capability Mapping
    1.2 Requirements Gathering Data Mapping
    1.3 Requirements Prioritizing

    Phase 3
    3.1 Understanding Product Offerings
    3.2 RFP & Demo Scripts
    3.3 Evaluation
    Select and Negotiate

    Phase 4
    4.1 Prepare for Implementation

    This phase will walk you through the following activities:

    Gain an understanding of recent EAS technology.

    Validate readiness before starting EAS selection.

    Assemble EAS selection team through identification of key players.

    This phase involves the following participants:

    Key stakeholders from the various areas of the business that will support the project, including:

    • CxO (e.g. CIO, CFO)
    • Departmental leaders
    • Project management team
    • Subject matter experts

    Select an Enterprise Application

    Create a compelling case that addresses strategic business objectives

    When someone at the organization asks you WHY, you need to deliver a compelling case. The ERP project will receive pushback, doubt, and resistance; if you can’t answer the question WHY, you will be left back-peddling.

    When faced with a challenge, prepare for the WHY.

    • Why do we need this?
    • Why are we spending all this money?
    • Why are we bothering?
    • Why is this important?
    • Why did we do it this way?
    • Why did we choose this vendor?

    Most organizations can answer “What?”

    Some organizations can answer “How?”

    Very few organizations have an answer for “Why?”

    Each stage of the project will be difficult and present its own unique challenges and failure points. Re-evaluate if you lose sight of WHY at any stage in the project.

    Ensure you have completed the necessary prerequisites for EAS selection

    Prior to embarking on selection, ensure you have set the right building blocks and completed the necessary prerequisites: your strategy and roadmap, and business case.

    STRATEGY & ROADMAP
    Whatever EAS is required, take the time to align your strategy and roadmap to business priorities. Right-size a technology strategy by assessing deployment model alternatives and future-state options with your EAS vision, operating model, and current-state assessment as inputs. Put your strategy to action with a living roadmap by following Info-Tech’s blueprint, Develop an Actionable Strategy and Roadmap.

    EAS BUSINESS CASE
    Use a business case to justify the business need for your EAS project and secure funding for moving forward with the proposal. A business case will further provide executive decision makers with the tools to compare and prioritize initiatives. Drive a consistent approach to promoting successful initiatives and holding the organization accountable to the projected benefits with Info-Tech’s blueprint, Reduce Time to Consensus With an Accelerated Business Case.

    Align the EAS strategy with the corporate strategy

    Corporate strategy Unified strategy EAS strategy
    • Conveys the current state of the organization and the path it wants to take.
    • Identifies future goals and business aspirations.
    • Communicates the initiatives that are critical for getting the organization from its current state to the future state.
    • EAS optimization can be and should be linked, with metrics, to the corporate strategy and ultimate business objectives.
    • Communicates the organization’s budget and spending on EAS.
    • Identifies IT initiatives that will support the business and key EAS objectives.
    • Outlines staffing and resourcing for EAS initiatives.

    Info-Tech Insight
    EAS projects are more successful when the management team understands the strategic importance and the criticality of alignment. Time needs to be spent upfront aligning business strategies with EAS capabilities. Effective alignment between IT and the business should happen daily. Alignment doesn’t just to occur at the executive level alone, but at each level of the organization.

    Understand how EAS fits into your wider IT organization

    Identify the IT drivers and opportunities to take advantage of when embarking on your EAS project.

    Greenfield or brownfield: Do you currently have an EAS? Do you have multiple EASs? What is the history of your EAS deployment? How customized is it?

    End of life: What lifecycle stage is it in?

    Utilization: Are there point solutions in your application portfolio that support some EAS capabilities? Is functionality duplicated and/or underutilized?

    Reason for change: What are your organizational drivers for this EAS project (e.g. acquisition/merger)?

    APPLICATION PORTFOLIO STRATEGY

    Business leaders need application managers to do more than support business operations. Applications must drive business growth, and application managers need their portfolios to be current and effective and to evolve continuously to support the business or risk being marginalized. Rationalize your applications with a roadmap that propels the business forward.

    Go to this link

    Before switching vendors, evaluate your existing EAS to see if it’s being underutilized or could use an upgrade

    The cost of switching vendors can be challenging, but it will depend entirely on the quality of data and whether it makes sense to keep it.

    • Achieving success when switching vendors first requires reflection. We need to ask why we are dissatisfied with our incumbent software.
    • If the product is old and inflexible, the answer may be obvious, but don’t be afraid to include your incumbent in your evaluation if your issues might be solved with an upgrade.
    • Look at your use-case requirements to see where you want to take the EAS solution and compare them to your incumbent’s roadmap. If they don’t match, switching vendors may be the only solution. If your roadmaps align, see if you’re fully leveraging the solution or will be able to start working through process improvements

    Fully leveraging your current software now will have two benefits:

    1 It may turn out that poor leveraging of your incumbent software was the problem all along; switching vendors won’t solve the problem by itself. As the data to the right shows, a fifth of SMEs and a quarter of large enterprises do not fully leverage their incumbent software.
    2 If you still decide to switch, you’ll be in a good negotiating position. If vendors can see you are engaged and fully leveraging your software, they will be less complacent during negotiations to win you over.
    20%
    Small/Medium
    Enterprises
    25%
    Large
    Enterprises
    only occasionally or rarely/never use their software

    Source: SoftwareReviews, 2020; N=45,027

    Info-Tech Insight
    Switching vendors won’t improve poor internal processes. To be fully successful and meet the goals of the business case, new software implementations must be accompanied by process review and improvement.

    Familiarize yourself with the EAS market

    How it got here Where it’s going
    • Acquisition and consolidation: The major vendors in the industry have grown over time through acquisition, particularly focusing on expanding products in industrial verticals.
    • Product stack: What it means is having to navigate complexity related to the product stack when thinking about EAS, which turns the conversation from EAS as a single product to EAS as a package of multiple products.
    • Modularity and interoperability: The benefit of the stack is that it often means modularity and the ability to implement parts of a solution or in an order that aligns to the customer’s needs. On the other hand, the stack is not always understood by or well communicated to the customer, and the interdependence of components often means they must be licensed together.
    • Customizable cloud: Software-as-a-Service in multitenant environments offers a hands-off value proposition, but increasingly customers are looking to customize their instances beyond the capability offered through configurability.
    • Best-of-breed consolidation: EAS vendors are continuing to consolidate functionality to increase interoperability and increase ease of integration. The market is rife with acquisitions and mergers, making the strong players even stronger.
    • Client experience: While most vendors now offer products that will meet the wide gamut of EAS business requirements, vendors are now paying extra attention to the client experience from partnership perspective.

    Info-Tech Insight
    Evaluating the EAS vendor landscape is becoming increasingly difficult as the playing field evens out in terms of functionality offerings. As such, it is becoming increasingly important to more meticulously evaluate vendors themselves as part of the selection process. This is especially important in EAS projects, as they tend to be multi-year in nature and result in long-term vendor partnerships.

    What types of Enterprise solutions are at my disposal?

    IT leaders typically compare EAS on-premises with SaaS options, but there are actually four different deployment scenarios.

    1. On Premises 3. Proprietary Cloud 4. White-Label Cloud 2. SaaS
    • The traditional model for EAS deployment.
    • Upfront licensing term plus annual maintenance/ support fee.
    • Requires local server, database, and authentication.
    • Good support for industry modules.
    • Customizable.
    • EAS vendor hosts an instance of the EAS system in its own data center.
    • Patches may or may not be applied automatically.
    • Monthly per-user or traditional billing.
    • Otherwise, as with on premises.
    • EAS VAR or reseller hosts an instance of the EAS system in its own data center or in a public IaaS provider’s (e.g. Rackspace, Amazon EC2).
    • Otherwise, as with proprietary cloud.
    • Common model for cloud EAS.
    • All users share a single instance.
    • Patches and updates are applied automatically.
    • Monthly per-user fee.
    • Poor industry support.
    • Configurable but not customizable.

    Info-Tech Insight
    Cloud may apply in other ways to the EAS implementation. Most vendors offer particular EAS services delivered via the cloud. For example, some vendors offers CRM, project management, and payroll self-service as cloud-based options to augment on-premises ERP solutions.

    Know when to adopt and when to bypass cloud EAS

    Use the following guidelines to determine if your organization will benefit from the cloud, or if you should stick to a more traditional delivery model.

    Adopt a cloud-based EAS platform if you have: Do not adopt a cloud-based EAS platform if you have:
    Standard processes – Businesses that have standard, repeatable processes can benefit greatly from the cost savings that cloud provides, as the need for expensive customizations is greatly minimized. Highly regulated industry – Although there is no hard evidence that says cloud-based solutions are not able to support security or compliance needs, in certain industries such as banking or insurance, cloud is not the norm and may be a tough sell for IT.
    Lean IT operations – Organizations with lean IT or no formal IT departments supporting them will find SaaS EAS particularly appealing. Those with IT that can support day-to-day operations but are not prepared for disaster recovery should also consider cloud EAS, either hosted or SaaS-based. Unreliable network – If the business regularly faces network outages or remote employees have unreliable internet connections, a cloud-based solution may not be the best option. IT would face many complaints from disgruntled workers unable to access data.
    Mobile workforce – Telecommuting is becoming more common, as is the requirement for data to be readily available for those on the road. Using cloud is a good way to provide this functionality. Unsavvy workforce – Organizations that prefer to be late adopters of technology may face strong resistance to taking their software to the cloud. Some employees may not like the idea of using a browser to connect to the system.

    Info-Tech Insight
    Knowing when to choose a cloud EAS deployment comes down to two main factors: knowing the level of complexity required by the business, and knowing the available IT resources that can be dedicated to support and manage EAS.

    Consider 3 classic scenarios when evaluating cloud EAS

    Cloud EAS should be considered by all organizations, but these scenarios present the strongest opportunity.

    The Startup The Spinoff The Modernizer
    • There is no greenfield in ERP, but if you’re a startup, you’re quite close.
    • Given the virtually nonexistent IT department in startups, having an on-premises ERP can be daunting. A SaaS delivery model is usually the best choice in these scenarios. Even if the resources are available, they are better spent driving business growth.
    • Startups typically have less stringent industry requirements, making SaaS a more attractive option.
    • Though not entirely new companies, spinoffs or subsidiaries often have needs similar to those of startups but with an added integration requirement.
    • When it comes to ERP, the deployment type will depend on how resources are split with the parent company. If there is little to no IT support, then SaaS is ideal.
    • If the parent company is already using cloud ERP, whether SaaS, hosted, or an internal cloud, then it is often easy for the spinoff to gain access as well.
    • Companies with legacy systems that are not salvageable, or out-of-date point solutions that do not scale, have the opportunity to start from scratch.
    • Those looking at reducing capital expenses should consider SaaS and hosted ERP deployments.
    • Those looking at having state-of-the-art technology in-house should consider building an internal private cloud that supports their ERP deployment.

    Make sure you are ready to proceed with selection

    Organizational readiness is essential for maximizing the benefits realized from your ERP. Cover all critical elements of pre-work, resources, buy-in, and strategy and planning before embarking on ERP selection and/or implementation.

    Pre-work
    Current State Understanding
    Business Process Improvement
    Future State Vision

    Resources
    Project Team
    Governance Structures
    Third-Party Partners
    Cost and Budget

    Buy-in
    Goals and Objectives
    Exec Business Sponsorship
    Stakeholder Engagement
    Change Management

    STRATEGY and PLANNING
    ERP Strategy & Roadmap
    Risk Management
    Project Metrics

    Without a preparedness assessment, organizations end up wasting a lot of time on resolving gaps in planning that could have been mitigated upfront, which ultimately makes the implementation project more challenging.
    – Suanne McGrath-Kelly, President & Principal Consultant, Plan in Motion Inc., interviewed by Info-Tech, 2019.

    Assess your EAS readiness before moving forward

    To avoid common project pitfalls, complete the necessary prerequisites before proceeding with EAS. Consider whether the risks of proceeding unprepared fall within your organization’s risk tolerance. If they do not, pivot back to strategy.

    Preceding tasks Risks of proceeding unprepared
    Project Vision
    Project Scope
    EAS Business Case
    Current State Map
    Improvement Opportunity Analysis
    Future State Considerations
    Strategic Requirements
    Project Metrics and Benchmarks
    Risk Assessment
    EAS Strategic Roadmap
    EAS Project Work Initiatives
    Misalignment of project objectives
    Time and cost overruns
    Lack of executive buy-in or support
    Over- or under-investment in systems
    Unknown and unmet system requirements
    Product selection misfit
    Misalignment of requirements to needs
    Inability to measure project success
    Inability to proactively mitigate risk impact
    Lack of decision-making traceability
    Unclear expectations of tasks and roles

    1.2.1 Assess EAS selection readiness

    1 – 2 hours

    1. As a group, review Section 1 of the EAS Readiness Assessment Checklist with the core project team and/or project sponsor, item by item. For completed items, tick the corresponding checkbox. Document all incomplete items in the Readiness Remediation Plan table in the first column (“Incomplete Readiness Item”).
    2. For each incomplete item, use your discretion to determine whether the completion is critical in preparation for EAS selection and implementation. This may vary given the complexity of your EAS project. If the item is critical to the project, indicate this with “Y” in the second column (“Criticality (Y/N)”).
    3. For each critical item, reflect on the barriers that have prevented or are preventing its completion. Possible barriers include incomplete task dependencies, low value to effort determination, lack of organizational knowledge or resources, pressure of deadlines, etc. Document these barriers in the third column (“Barriers to Completion”).
    4. Determine a remediation approach for each barrier identified. Document the approach in the fourth column (“Remediation Approach”).
      1. For each remediation activity, designate a due date and remediation owner. Document this in the fifth column (“Due Date and Owner”).
      2. Carry out the remediation of critical tasks and return to this blueprint to kick-start your selection and implementation project.
    Input Output
    • EAS Foundation
    • EAS Strategy
    • Readiness remediation approach
    • Validation of ERP project readiness
    Materials Participants
    • EAS Readiness Assessment Checklist
    • Project sponsor
    • Core project team

    Download the EAS Readiness Assessment Checklist

    Build a well-balanced core team to see the project through

    Have a cross-departmental team define goals and objectives in order to significantly increase EAS success and improve communication.

    • Hold a meeting with Finance, Operations, and IT stakeholders. The overall objective of the meeting is to confirm that all parties agree on the goals and metrics that gauge success of the EAS project.
    • The kick-off process will significantly improve internal communications. Invite all impacted internal groups to work as a team to address any significant issues before the application process is formally activated.
    • Set up a quarterly review process to understand changing needs. This will change the way the EAS system will be utilized.

    “Each individual should understand at least one business area and have a hand in another.”
    – Mark Earley
    Senior Research Director,
    Info-Tech Research Group

    Info-Tech Insight
    An EAS selection and implementation requires more than just a procurement team. The core EAS project team should be cross-functional. .

    Be ready with a resourcing strategy for your EAS project

    EAS selection and implementation is a giant undertaking that can rarely be supported by internal resources alone.

    It is important to understand where your organization’s resourcing gaps are when embarking on a selection and implementation project. Once gaps are identified, the amount of external support needed from vendor(s), consultants, or system integrators can be determined.

    Select from the three most commonly used resourcing strategies for EAS selection and implementation projects:

    • Implement in-house using your own staff.
    • Implement using a combination of your own staff and professional services from the vendor(s) and/or system integrator (SI).
    • Implement using professional services.

    Build your implementation team

    Prioritize members from your core selection team. They will have strong insight into the tool and its envisioned position in the organization.

    General Roles

    1. Integration Specialists
    2. Solution or Enterprise Architects
    3. QA Engineer
    4. IT Service Management Team

    External Roles

    1. Vendor’s Implementation Team or Professional Services
    2. Systems Integrator (SI)

    Right-size the EAS selection team to ensure you get the right information but are still able to move ahead quickly

    Full-Time Resourcing: At least one member of these five team members must be allocated to the selection initiative as a full-time resource.

    IT Leader Technical Lead Business Analyst/
    Project Manager
    Business Lead Process Expert(s)
    This team member is an IT director or CIO who will provide sponsorship and oversight from the IT perspective. This team member will focus on application security, integration, and enterprise architecture. This team member elicits business needs and translates them into technology requirements. This team member will provide sponsorship from the business needs perspective. Typically, a CXO or SVP of a business function. These team members are the business process owners who will help steer the requirements and direction.

    Info-Tech Insight
    It is critical for the selection team to determine who has decision rights. Organizational culture will play the largest role in dictating which team member holds the final say for selection decisions. For more information on stakeholder management and involvement, see this guide.

    Complete the project timeline required during your selection phase

    Include as many steps as necessary to understand, validate, and compare vendor solutions so you can make a confident, well-informed decision.

    Use Info-Tech’s 15-Step Selection Process:

    1. Initiate procurement.
    2. Select procurement manager.
    3. Prepare for procurement; check that prerequisites are met.
    4. Select appropriate procurement vehicle (RFI, RFP, RFQ, etc.).
    5. Assemble procurement teams.
    6. Create procurement project plan.
    7. Identify and notify vendors about procurement.
    8. Configure procurement process.
    9. Gather requirements.
    10. Prioritize requirements.
    11. Build the procurement documentation package.
    12. Issue the procurement.
    13. Evaluate proposals.
    14. Evaluate vendor demos and reference checks.
    15. Recommend a vendor.

    Strengthen your procurement. If your organization lacks a clear selection process, refer to Info-Tech's Implement a Proactive and Consistent Vendor Selection Process research to help construct a formal process for procuring application technology.

    Download the Implement a Proactive and Consistent Vendor Selection Process

    Visualize what success looks like

    Understand how success metrics are relevant at each stage of strategy formation by keeping the end in mind. Apply a similar thought model to your other success metrics for a holistic evaluation of your strategy.

    Implementation
    Pre-Implementation Post-Implementation
    Baseline measure Strategic insight Strategic action Success measure End result
    Use data you already have. Any given pain point can act as your pre-implementation baseline. Previously, this measure may have been evaluated by asking “what?” or “how much?” Move away from looking at your baseline measure as transactional data, and incorporate the ability to generate strategic insight with your EAS. Change the questions you are asking to drive insights: “who?” “why?” and “how does it affect the business?” Support the business by putting your strategic analytics into action. Ensure there are capabilities built into your ERP to strategically address your baseline measure. Leverage these functions to act on your strategic insights. In the interest of IT and business alignment, speak the same language when measuring success. Use a business success measurement to determine the contribution made by your EAS strategy. Visualize your success in the context of the business as a whole. Projecting success in the interest of your stakeholders will gain and maintain buy-in, allowing you to leverage the strategic functionality of your new EAS.
    Example Time to Procure Delay in time to procure caused by bottleneck in requisition processing ERP used to create advanced workflows to streamline requisition approval process Time efficiencies gained free up employee time to focus on more strategic efforts Contributed to strategic operational innovation

    Prove the value of your EAS through metrics

    Establish baseline metrics early and measure throughout the project can iteratively prove the value of your EAS.

    Functional processes IT resource efficiency
    Functional benefits and efficiencies gained through effectively diagnosing and meeting business needs. Benefits enabled through reductions in IT system, network, and resource usage.
    Example metrics Record to report
    • Days to close month-end
    • Time to produce statements
    Market to order
    • Customer retention rate
    • Conversion/Cost per lead
    • Number of help desk requests
    • Number of active users
    • Time to resolution
    Quote to cash
    • Sales cycle duration
    • Cash conversion cycle
    Issue to resolution
    • # of returns
    • # of customer complaints
    • Time to resolve complaints
    Procure to pay
    • Average time to procure
    • Cycle time of purchase order
    Forecast to delivery
    • Variance of demand plan
    • Time to replenish inventory
    Plan to perform
    • Time to complete plan
    • Variance of plan to actual
    Hire to retire
    • Training $ per employee
    • Total overtime cost

    Improve baseline metrics through…

    1. Increased help desk efficiency. Through training of personnel and increased efficiency of processes.
    2. Increased level of self-service for end users. Implementation of functionality that matches business needs will increase the efficiency of functional business tasks.
    3. Decreased time to escalation. Knowing when to escalate tasks sooner can decrease wasted effort by tier-one workers.
    4. Automation of simple, repetitive tasks. Automation frees time for more important tasks.

    1.3.1 Assemble EAS selection team

    1 hour

    1. Working as a group, list key players in the organization that should be in EAS selection team.
    2. Determine the role of each member.
    3. Define the level of commitment each member can have on the EAS selection team. Keep in mind their availabilities during the selection process.
    4. Determine who has decision rights.
    Input Output
    • Knowledge of the team, governance structure, and organizational culture
    • List members in EAS selection team
    Materials Participants
    • Sticky notes
    • Markers
    • Executive sponsor
    • Core project team

    Phase 2

    Define your EAS

    Phase 1
    1.1 Enterprise Application Landscape
    1.2 Validate Readiness
    1.3 Determine Resourcing

    Phase 2
    2.1 Capability Mapping
    2.2 Requirements Gathering Data Mapping
    2.3 Requirements Prioritizing

    Phase 3
    3.1 Understanding Product Offerings
    3.2 RFP & Demo Scripts
    3.3 Evaluation
    Select and Negotiate

    Phase 4
    4.1 Prepare for
    Implementation

    This phase will walk you through the following activities:

    Identifying business processes , inventory applications and data flows, gathering requirements and prioritizing them.

    This phase involves the following participants:

    Key stakeholders from the various areas of the business that will support the project including:

    • CxO (e.g. CIO, CFO)
    • Departmental leaders
    • Project management team
    • Subject matter experts
    • Core project team

    Select an Enterprise Application

    Leverage Info-Tech’s requirements gathering framework to serve as the basis for capturing your CRM requirements

    Requirements Gathering Framework

    Info-Tech’s Requirements Gathering Framework is a comprehensive approach to requirements management that can be scaled to any size of project or organization. This framework ensures that the application created will capture the needs of all stakeholders and deliver business value. Don’t treat elicitation, analysis, and validation in isolation: planning, monitoring, communicating, and managing must permeate all three stages in order to avoid makeshift solutions.

    Capability vs. process vs. feature

    Understanding the difference

    When examining HRMS optimization it is important to approach it from the appropriate layer.

    Capability:

    • The ability of an entity (e.g. organization or department) to achieve its objectives (APQC, 2017).
    • An ability that an organization, person, or system possesses. They are typically expressed in general and high-level terms and typically require a combination of organization, people, processes, and technology to achieve (TOGAF).

    Process:

    • Processes can be manual or technology enabled. A process is a series of interrelated activities that convert inputs into results (outputs).
    • Processes consume resources, require standards for repeatable performance, and respond to control systems that direct the quality, rate, and cost of performance. The same process can be highly effective in one circumstance and poorly effective in another with different systems, tools, knowledge, and people (APQC, 2017).

    Feature:

    • A distinguishing characteristic of a software item (e.g. performance, portability, or functionality) (IEEE, 2005).

    In today’s complex organizations, it can be difficult to understand where inefficiencies stem from and how performance can be enhanced.

    To fix problems and maximize efficiencies, organizations must examine business capabilities and processes to determine gaps and areas of lagging performance.

    Info-Tech’s HRIS framework and industry tools such as the APQC’s Process Classification Framework can help make sense of this.

    Process inventory

    Business capability map (Level 0)

    Business Capability Map

    If you do not have a documented process model, you can use the APQC Framework to help define your inventory of business processes.
    APQC’s Process Classification Framework is a taxonomy of cross-functional business processes intended to allow the objective comparison of organizational performance within and among organizations.

    In business architecture, the primary view of an organization is known as a business capability map.

    A business capability defines what a business does to enable value creation rather than how.

    Business capabilities:

    • Represent stable business functions.
    • Are unique and independent of each other.
    • Will typically have a defined business outcome.

    A business capability map provides details that help the business architecture practitioner direct attention to a specific area of the business for further assessment.

    EAS process mapping

    Objectives The organization’s objectives are typically outcomes that the organization is looking to achieve as a result of the business strategy.
    Value Streams Value streams are external/internal processes that help the organization realize its goals.
    Capabilities The what: Business capabilities support value streams in the creation and capture of value.
    Processes The how: Business processes define how they will fulfill a given capability.

    The operating model

    An operating model is a framework that drives operating decisions. It helps to set the parameters for the scope of EAS and the processes that will be supported. The operating model will serve to group core operational processes. These groupings represent a set of interrelated, consecutive processes aimed at generating a common output.

    The value stream

    Value stream defined:

    Value Streams Design Product Produce Product Sell Product Customer Service
    • Manufacturers work proactively to design products and services that will meet consumer demand.
    • Products are driven by consumer demand and governmental regulations.
    • Production processes and labor costs are constantly analyzed for efficiencies and accuracies.
    • Quality of product and services are highly regulated through all levels of the supply chain.
    • Sales networks and sales staff deliver the product from the organization to the end consumer.
    • Marketing plays a key role throughout the value stream, connecting consumers’ wants and needs to the products and services offered.
    • Relationships with consumers continue after the sale of products and services.
    • Continued customer support and data mining is important to revenue streams.

    Value streams connect business goals to the organization’s value realization activities in the marketplace. Those activities are dependent on the specific industry segment in which an organization operates.

    There are two types of value streams: core and support.

    • Core value streams are mostly external-facing. They deliver value to either external or internal customers and they tie to the customer perspective of the strategy map.
    • Support value streams are internal-facing and provide the foundational support for an organization to operate.

    An effective method for ensuring all value streams have been considered is to understand that there can be different end-value receivers.

    2.1.1 List your key processes

    1-3 hours

    1. As a group, discuss the business capabilities, value streams, and business processes.
    2. For each capability determine the following:
      1. Is this capability applicable to our organization?
      2. What application, if any, supports this capability?
    3. Are there any missing capabilities to add?
    Input Output
    • Current systems
    • Key processes
    • APQC Framework
    • Organizational process map
    • List of key business processes
    Materials Participants
    • APQC Framework
    • Whiteboard, PowerPoint, or flip charts and markers
    • Primary stakeholders in each value stream supported by the EAS
    • Core project team

    Activity 2.1.1 – Process inventory

    Core finance Core HR Workforce management Talent Management Warehouse management Enterprise asset management
    Process Technology Process Technology Process Technology Process Technology Process Technology Process Technology
    • General ledger
    • Accounts payable
    • Accounts receivable
    • GL consolidation
    • Cash management
    • Billing and invoicing
    • Expenses
    • Payroll accounting
    • Tax management
    • Reporting
    • Payroll administration
    • Benefits administration
    • Position management
    • Organizational structure
    • Core HR records
    • Time and attendance
    • Leave management
    • Scheduling
    • Performance management
    • Talent acquisition
    • Offboarding & onboarding
    • Plan layout
    • Manage inventory
    • Manage loading docks
    • Pick, pack, ship
    • Plan and manage workforce
    • Manage returns
    • Transfer product cross-dock
    • Asset lifecycle management
    • Supply chain management
    • Maintenance planning and scheduling
    Planning and budgeting Strategic HR Procurement Customer relationship management Facilities management Project management
    Process Technology Process Technology Process Technology Process Technology Process Technology Process Technology
    • Budget reporting
    • Variance analysis
    • Multi-year operating plan
    • Monthly forecasting
    • Annual operating plan
    • Compensation planning
    • Workforce planning
    • Succession planning
    • Supplier management
    • Purchase order management
    • Workflow approvals
    • Contract / tender management
    • Contact management
    • Activity management
    • Analytics
    • Plan and acquire
    • Asset maintenance
    • Disposal
    • Project management
    • Project costing
    • Budget control
    • Document management

    Gaining Enterprise Architecture Oversight during application selection yields better user satisfaction results

    Procurement/Legal Oversight and
    Low satisfaction with software selection High satisfaction with software selection
    Process % Used % Used Process
    Used ROI/Cost Benefit Analysis 42% 43% Used ROI/Cost-Benefit Analysis
    Used Formal Decision Criteria 39% 41% Used Formal Decision Criteria
    Approval 33% 37% Enterprise Architecture Oversight and Approval
    Security Oversight and Approval 27% 36% Security Oversight and Approval
    Used Third-Party Data Reports 26% 28% Procurement/Legal Oversight and Approval
    Enterprise Architecture Oversight and Approval 26% 28% Used Third-Party Data Reports
    Used a Consultant 21% 17% Used a Consultant

    High satisfaction was defined as a response of 8, 9, or 10 from the overall recommendation question. Low satisfaction was 7 or less.

    Source: SoftwareReviews, 2018

    Map data flow

    Example ERP data flow

    Example ERP data flow

    When assessing the current application portfolio that supports your EAS, the tendency will be to focus on the applications under the EAS umbrella. These relate mostly to marketing, sales, and customer service. Be sure to include systems that act as input to, or benefit due to outputs from EAS or similar applications.

    Be sure to include enterprise applications that are not included in the EAS application portfolio. Popular systems to consider for POIs include billing, directory services, content management, and collaboration tools.

    Integration is paramount: your EAS application often integrates with other applications within the organization. Create an integration map to reflect a system of record and the exchange of data. To increase customer engagement, channel integration is a must (i.e. with robust links to unified communications solutions, email, and VoIP telephony systems).

    Enterprise application landscape

    Enterprise application landscape

    2.1.2 Inventory applications and interactions

    1-3 hours

    1. Individually list all electronic systems involved in the EAS function of the organization.
    2. Document data flows into and out of each system to the EAS. Refer to the example on the previous slides (ERP data flow) and sample Enterprise Application map.
    3. Review the processes in place (look at each functional area, including data moving into and out of systems.) Document manual processes. Identify integration points. If flow charts exist for these processes, it may be useful to provide these to the participants.
    4. If possible, diagram the system. Include information direction flow.
    Input Output
    • Business process inventory
    • List of applications (if available)
    • Current systems
    • Data flow map
    Materials Participants
    • Whiteboard, markers
    • Internal requirements documentation tools (if available)
    • Business analyst(s)
    • Subject matter experts
    • Core project team (optional)

    Understand how to navigate the complex web of stakeholders in ERP requirements gathering

    Identify which stakeholders to include and what their level of involvement should be during requirements elicitation based on relevant topic expertise.

    Sponsor End user IT Business
    Description An internal stakeholder who has final sign-off on the ERP project. Frontline users of the ERP technology. Back-end support staff who are tasked with project planning, execution, and eventual system maintenance. Additional stakeholders who will be impacted by any ERP technology changes.
    Examples
    • CEO
    • CIO/CTO
    • COO
    • CFO
    • Warehouse personnel
    • Sales teams
    • HR admins
    • Applications manager
    • Vendor relationship manager(s)
    • Director, Procurement
    • VP, Marketing
    • Manager, HR
    Value Executive buy-in and support is essential to the success of the project. Often, the sponsor controls funding and resource allocation. End users determine the success of the system through user adoption. If the end user does not adopt the system, the system is deemed useless and benefits realization is poor. IT is likely to be responsible for more in-depth requirements gathering. IT possesses critical knowledge concerning system compatibility, integration, and data. Involving business stakeholders in the requirements gathering will ensure alignment between HR and organizational objectives.

    Stakeholder influence vs. interest

    Large-scale EAS projects require the involvement of many stakeholders from all corners and levels of the organization, including project sponsors, IT, end users, and business stakeholders. Consider the influence and interest of stakeholders in contributing to the requirements elicitation process and involve them accordingly.

    Chart of Stakeholder Involvement during selection

    Extract functional and non-functional requirements from the customer interaction business process diagrams

    Once the most significant processes have been mapped, the business requirements must be extracted from the maps and transformed into functional and non-functional requirements. The example below illustrates how to extract requirements from an insurance claim process for the Record Claim step.

    Task Input Output Risks Opportunities Condition Sample requirements
    Record customer service claim Customer email Case record
    • Agent accidentally misses the email and case is not submitted
    • Reduce time to populate customer’s claim information into the case
    • Automation of data capture and routing
    • Pre-population of the case with the email contents
    • Suggested routing based on nature of case
    • Multi-language support

    Business:

    • System requires email-to-case functionality

    Non-functional:

    • The cases must be supported in multiple languages

    Functional:

    • The case must support the following information:
      • Title
      • Customer
      • Subject
      • Case origin
      • Case type

    Example claims process

    2.2.1 Capture your EAS requirements

    Time required varies

    1. Focus groups of 10-20 individuals may be the best way to ensure complete coverage of business requirements for EAS. This group should be cross-functional, with manager- or director-level representation from the departments that have a vested interest in the EAS project.
    2. Use your organization’s standard internal tools or download Info-Tech’s ERP Requirements Template, HRIS Requirements Template, or CRM Requirements Template.
    3. Document the requirements from the elicitation sessions.
    • The core team of business analysts should be present throughout, and the sessions should be led by an experienced facilitator (such as a senior business analyst).
    • Requirements for EAS should focus on achieving the future state rather than replicating the current state.
    • The facilitator should steer the team toward requirements that are solution-agnostic (i.e. not coached in terms of a particular vendor or product). Focus on customer and internal personas to help drive requirements.
    Input Output
    • Business unit functional requirements
    • Business process inventory
    • Data flow map
    • Inventory of business requirements
    Materials Participants
    • Whiteboard, markers
    • Internal requirements documentation tools (if available)
    • Info-Tech’s ERP Requirements Template, HRIS Requirements Template, or CRM Requirements Template (optional)
    • Business analyst(s)
    • Project manager
    • Subject matter experts
    • Core project team (optional)

    Prioritize your EAS requirements to assist with the selection

    Requirements prioritization ensures that the ERP selection project team focuses on the right requirements when putting together the RFP.

    Prioritization is the process of ranking each requirement based on its importance to project success. Hold a meeting for the domain SMEs, implementation SMEs, project managers, and project sponsors to prioritize the requirements list. At the conclusion of the meeting, each requirement should be assigned a priority level. The implementation SMEs will use these priority levels to ensure efforts are targeted toward the proper requirements and to plan features available on each release.

    Use the MoSCoW Model of Prioritization to effectively order requirements.

    The MoSCoW Model of Prioritization
    Must have Requirements must be implemented for the solution to be considered successful.
    Should have Requirements that are high priority should be included in the solution if possible.
    Could have Requirements are desirable but not necessary and could be included if resources are available.
    Won't have Requirements won’t be in the next release, but will be considered for the future releases.

    The MoSCoW model was introduced by Dai Clegg of Oracle UK in 1994. MindTools.

    Base your prioritization on the right set of criteria

    Effective prioritization criteria

    Criteria Description
    Regulatory and legal compliance These requirements will be considered mandatory.
    Policy compliance Unless an internal policy can be altered or an exception can be made, these requirements will be considered mandatory.
    Business value significance Give a higher priority to high-value requirements.
    Business risk Any requirement with the potential to jeopardize the entire project should be given a high priority and implemented early.
    Likelihood of success Especially in “proof of concept” projects, it is recommended that requirements have good odds.
    Implementation complexity Give a higher priority to low implementation difficulty requirements.
    Alignment with strategy Give a higher priority to requirements that enable the corporate strategy.
    Urgency Prioritize requirements based on time sensitivity.
    Dependencies A requirement on its own may be low priority, but if it supports a high-priority requirement, then its priority must match it.

    2.3.1 Prioritize your solution requirements

    Time required varies

    1. Consolidate all duplicate requirements to form a mutually exclusive and collectively exhaustive list of functional and non-functional requirements.
    2. Identify the significance of each requirement for your solution evaluation according to the MoSCoW model. Control the number of mandatory requirements you document. Too many mandatory requirements could create an unrealistic framework for evaluating solutions.
    3. Categorize your requirements and delineate between functional (i.e. capabilities the system will be able to perform) and non-functional (i.e. environmental conditions of the system, such as technical and security requirements).
    InputOutput
    • Inventory of business requirements
    • Inventory of business requirements with priorities
    MaterialsParticipants
    • Whiteboard, markers
    • Internal requirements documentation tools (if available)
    • Info-Tech’s ERP Requirements Template, HRIS Requirements Template, or CRM Requirements Template (optional)
    • Business analyst(s)
    • Project manager
    • Subject matter experts
    • Core project team

    Identify which vendors’ product and capabilities meet your must-have requirements

    Highlight must-haves in the RFP

    • Once you have prioritized your business requirements for the EAS initiative, it is time to package them into an RFP.
    • It is critical to highlight must-have requirements in the RFP document. Doing so immediately eliminates vendors who do not feel that their products are suitable for your needs.

    WATCH OUT!

    Many vendors will try to stretch their capabilities to fit your must-have requirements. Leverage vendor demos in the next stage of selection to quickly rule out products that do not cover your critical requirements.

    Identify key process areas where you require vendor knowledge

    Example of Key process areas

    Completing a process inventory and a list of EAS requirements often shows process areas that need updates and improvement. Take this opportunity to highlight areas where you would benefit from knowing about most recent best practices and technologies.

    Inquire about these when engaging the vendor to know their level of knowledge and how their products work best in your industry.

    General product knowledge requests are not enough. Be specific.

    Determine the product knowledge areas that are specific to your implementation.

    Product Knowledge Proof of Concept Development Customer Service Warehousing Core HR Other Overall
    Data Security *
    Process Improvements * *
    Configuration
    Data Architecture *
    Integration
    On premise Infrastructure
    Cloud Infrastructure *
    Other

    Identify the product knowledge that is required in relation to your implementation. This can include core product knowledge and should be related to larger infrastructure and organizational requirements.

    More than just functional requirements

    What to include What to look at What is differentiating
    • Remember to include must-have conditions that do not directly relate to the behavior or functionality of the EAS product, but rather describe environmental conditions under which the solution must remain effective or qualities that the systems must have.
    • These can include requirements related to capacity, speed, security, availability, and the information architecture and presentation of the user interface.
    • Consider the vendor’s overall ability to execute.
      • Are they financially stable?
      • Do they have the resources to execute?
      • Do they have the skills to execute?
      • Are they able to provide post-implementation support?
    • Vendors understand that SaaS isn’t for everyone. Deployment models are one way they will continue to differentiate themselves.
    • Some vendors choose to compete on breadth and others on depth of expertise in public, private, and hosted cloud offerings.

    Info-Tech Insight
    Be wary of sunsetting products! Selecting the EAS based on a good knowledge of the vendor’s roadmap allows for business operations to continue without having to repeat a selection and implementation project in the near future.

    Dominant use-case scenarios for potential ERP solutions

    While an organization may be both product- and service-centric, most organizations fall into one of the two categories.

    Use case: Public sector

    The service-centric ERP use case is suitable for most organizations in the public sector. With that in mind, consider ERP solutions that offer grant disbursements, fleet management, and staffing/resourcing capabilities.

    Product-centric ERP Service-centric ERP
    What it is The product-centric ERP is suitable for organizations that manufacture, assemble, distribute, or manage material goods throughout a product lifecycle. ERP vendors and/or products that align to this use case usually cater to industries such as manufacturing, retail, aerospace and defense, distribution, and food and beverage. The service-centric ERP use case is suitable for organizations that provide and manage field services and/or professional services throughout a project lifecycle. ERP vendors and/or products that align to this use case usually cater to industries such as utilities, maintenance and repair, government, education, and professional services (i.e. consulting, legal).
    How it works Product-centric ERP has strong functionality in supply chain management, manufacturing, procurement management, and material job and project management. Service-centric ERP has strong functionality in resource job and project management, service management, and customer relationship management.

    EAS table stakes vs differentiating features

    Make sure features align with your objectives first.

    What are table stakes / standard features?

    • For every type of EAS, such as ERP, HRIS, and CRM, certain features are standard, but that doesn’t mean they are all equal.
    • The existence of features doesn’t guarantee quality or functionality to the standards you need. Never assume that yes in a features list means you don’t need to ask for a demo.

    What is differentiating/additional feature?

    • Differentiating features take two forms:
      • Some platforms offer differentiating features that are vertical specific.
      • Other platforms offer differentiating features that are considered cutting edge. These cutting-edge features may become table stakes over time.
    • These features may increase productivity but also require process changes.

    Info-Tech Insight
    If table stakes are all you need from your EAS solution, the only true differentiator for the organization is price. Otherwise, dig deeper to find the best price to value for your needs. Remove the product from your shortlist if table stakes are not met!

    Reign-In Ballooning Scope for EAS Selection Projects

    Stretching the EAS beyond its core capabilities is a short-term solution for a long-term problem. Educate stakeholders about the limits of EAS technology.

    Common pitfalls for EAS selection

    • Tangential capabilities may require separate solutions. It is common for stakeholders to list features such as content management as part of the new EAS platform. While content management goes hand in hand with the EAS’s ability to manage customer interactions, document management is best handled by a standalone platform.

    Keeping stakeholders engaged and in line

    • Ballooning scope leads to stakeholder dissatisfaction. Appeasing stakeholders by over customizing the platform will lead to integration and headaches down the road.
    • Make sure stakeholders feel heard. Do not turn down ideas in the midst of an elicitation session. Once the requirements gathering sessions are completed, the project team has the opportunity to mark requirements as “out of scope”, and communicate the reasoning behind the decision.
    • Educate stakeholders on the core functionality of EAS. Many stakeholders do not know the best-fit use cases for EAS platforms. Help end users understand what EAS is good at, and where additional technologies will be needed.

    Phase 3

    Engage, Evaluate, and Finalize Selection

    Phase 1
    1.1 Enterprise Application Landscape
    1.2 Validate Readiness
    1.3 Determine Resourcing

    Phase 2
    2.1 Capability Mapping
    2.2 Requirements Gathering Data Mapping
    2.3 Requirements Prioritizing

    Phase 3
    3.1 Understanding Product Offerings
    3.2 RFP & Demo Scripts
    3.3 Evaluation Select and Negotiate

    Phase 4
    4.1 Prepare for Implementation

    This phase will walk you through the following activities:

    In this phase of the project, you will review your RFx and build an initial list of vendors/implementors to reach out to. The final step is to build your evaluation checklist for rating the incoming responses.

    This phase involves the following participants:

    Key stakeholders from the various areas of the business that will support the project including:

    • Evaluation team
    • Vendor management team
    • Project management team
    • Core project team

    Select an Enterprise Application

    Products and vendors demystified

    Knowing who can provide the solution will shorten the selection process and provide the most suitable set of features.

    The Product The Vendor The VAR
    A product is the software, hardware, add-ins, and any value-added services or tools that are bundled together, e.g. SAP Rise (see What is RISE with SAP), SAP S4/HANA, etc. A vendor can carry and sell multiple products or lines of products (e.g. Oracle sells Oracle Fusion and NetSuite, etc.). The Value-added reseller (VAR) can sell a pre-packaged / pre-configured product. VARs are usually partners of the vendor and typically provide other packaged services including system hosting, customization, implementation, and integrations.

    Info-Tech Insight
    Selecting an Enterprise Application is much more than just selecting a software or product; it is selecting a long-term platform and partner to help achieve long-term strategic goals. Refer to our blueprint Select an ERP Implementation Partner.

    Consolidating the vendor shortlist up-front reduces downstream effort

    Put the “short” back in shortlist!

    • Radically reduce effort by narrowing the field of potential vendors earlier in the selection process. Too many organizations don’t funnel their vendor shortlist until near the end of the selection process. The result is wasted time and effort evaluating options that are patently not a good fit.
    • Leverage external data (such as SoftwareReviews) and expert opinion to consolidate your shortlist into a smaller number of viable vendors before the investigative interview stage, and eliminate time spent evaluating dozens of RFP responses.
    • Having fewer RFP responses to evaluate means you will have more time to do greater due diligence.

    Review your use cases to start your shortlist

    Your Info-Tech analysts can help you narrow down the list of vendors that will meet your requirements.

    Next steps will include:

    1. Reviewing your requirements.
    2. Checking out SoftwareReviews.
    3. Creating the RFP.
    4. Conducting demos and detailed proposal reviews.
    5. Selecting and contracting with a finalist!

    Evaluate software category leaders through vendor rankings and awards

    SoftwareReviews

    The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

    Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

    The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

    Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

    Speak with category experts to dive deeper into the vendor landscape

    Fact-based reviews of business software from IT professionals.

    Product and category reports with state-of-the-art data visualization.

    Top-tier data quality backed by a rigorous quality assurance process.

    User-experience insight that reveals the intangibles of working with a vendor.

    SoftwareReviews is powered by Info-Tech.

    Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive unbiased data on today’s technology. The insights of our expert analysts provide unparalleled support to our members at every step of their buying journey.

    CLICK HERE to access SoftwareReviews

    Comprehensive software reviews to make better IT decisions.

    We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

    Case Study

    Manufacturer and retailer utilizes Info-Tech for goal of unifying four separate ERP systems

    INDUSTRY
    Manufacturing

    SOURCE
    Info-Tech Consulting

    Challenge Solution Results

    An amalgamation of eight different manufacturing, retail, and supply brands that operated four separate ERP systems and processes across the United States had poor visibility into operations.

    The organization had plans to unify the brands from a systems perspective and accommodate the company’s growth in a scalable and repeatable way.

    Info-Tech was previously engaged to perform an Establish a Concrete ERP Foundation workshop to set the groundwork for the eventual ERP selection.

    The organization engaged Info-Tech’s consulting group to assist in requirements gathering and RFP development.

    Info-Tech consultants traveled to five different states to gather ERP requirements from stakeholders and identify solution requirements.

    Info-Tech developed an ERP requirements matrix from the organization’s processes, including technical requirements and operations/support services.

    Info-Tech matched the organization with a use case and weighted requirements to assist in future scoring.

    An RFP was constructed using the organization’s requirements. and distributed to 10 qualified vendors for completion.

    Strengthen your RFP process with a thorough review

    Drive better sourcing outcomes.

    A quality SOW is the result of a quality RFI/RFP (RFx).

    Use Info-Tech’s RFP Review as a Service to review key items and ensure your RFP will generate quality responses and SOWs.

    • Is it well structured, with a consistent use of fonts and bullets?
    • Is it laid out in sections that are easily identifiable and that progress from high-level to more detailed information?
    • Can a vendor quickly identify the ten (or fewer) things that are most important to you?

    Contact Us

    3.2.1 Prepare the RFP

    1-2 hours

    1. Download Info-Tech’s ERP Request for Proposal Template or prepare internal best-practice RFP tools.
    2. Build your RFP.
      1. Complete the statement of work and general information sections to provide organizational context to your long-listed vendors.
      2. Outline the organization’s procurement instructions for vendors, including due diligence, assessment criteria, and dates.
      3. Input the business requirements document as created in Activity 1.3.1.
      4. Create a scenario overview to provide vendors with an opportunity to give an estimated price.
    3. Obtain approval for your RFP. Each organization has a unique procurement process; follow your own organization’s process as you submit your RFPs to vendors. Ensure compliance with your organization’s standard and gain approval for submitting your RFP.
    Input Output
    • Business requirements document
    • Procurement procedures
    • EAS RFP
    Materials Participants
    • Internal RFP tools/ templates (if available)
    • Info-Tech’s ERP RFP Template (optional)
    • Procurement SMEs
    • Project manager
    • Core project team (optional)

    Download the ERP Request for Proposal Template

    Streamline your evaluation of vendor responses

    Use Info-Tech’s ERP Vendor Response Template to standardize vendor responses.

    • Vendors tend to use their own standard templates when responding, which complicates evaluations.
    • Customize Info-Tech’s ERP Vendor Response Template to adjust for the scope and content of your project; input your organization’s procurement process and ERP requirements.
    • The template is meant to streamline the evaluation of vendor responses by ensuring you achieve comprehensiveness and consistency across all vendor responses. The template requires vendors to prove their organizational viability, understanding of the problem, and tested technology and implementation methodologies.

    Sections of the tool:

    1 Executive Summary

    2 About the Vendor

    3 Understanding of the Challenge

    4 Methodology

    5 Proposed Solution

    6 Project Plan and Timeline

    7 Vendor Qualifications

    8 References

    9 Additional Value-Added Services

    10 Additional Value-Added Goods

    For an explanation of how advanced features are determined, see Information Presentation – Feature Ranks (Stoplights) in the Appendix.

    What to look in vendor responses

    Vendor responses to an RFP can be very revealing about whether their product offering aligns with your EAS roadmap.

    Validate the vendor responses so that there are no misunderstandings with their offer. Here are key items to validate.

    Key items Why is this important?
    About the Vendor This is where the vendor will describe itself and prove its organizational viability.
    Understanding of the Challenge Demonstrating understanding of the problem is the first step in being able to provide a solution.
    Methodology Shows the vendor has a proven methodology to approach and solve the challenge.
    Proposed Solution Describes how the vendor will address the challenge. This is a very important section as it will articulate what you will receive from the vendor as a solution.
    Project Plan and Timeline Provides an overview of the project management methodology, phases of the project, and what will be delivered and when.
    Vendor Qualifications Provides evidence of prior experience with delivering similar projects for similar clients.
    References Provides contact information for individuals or organizations for which the vendor has worked and who can vouch for the experience and success of working with this vendor.
    Value-Added Services and Goods Allows vendors an opportunity to set themselves apart from the competition with additional services and/or goods applicable to your project but not covered elsewhere in the template.

    3.2.2 Build a vendor response template

    1-2 hours

    1. Download Info-Tech’s ERP Vendor Response Template.
    2. Validate that the provided template is comprehensive and will collect the information necessary for your organization to effectively evaluate the product and vendor and will inform a decision to invite the vendor in for a demonstration.
    3. Make the small customizations necessary to tailor the template to your organization (i.e. swap out “[Company X]” for your organization’s name).

    Download the ERP Vendor Response Template

    InputOutput
    • EAS RFP
    • ERP Vendor Response Template
    MaterialsParticipants
    • Info-Tech’s ERP Vendor Response Template
    • Procurement SMEs
    • Project manager
    • Core project team

    3.2.3 Evaluate RFP responses

    Varies

    1. Customize Info-Tech’s EAS RFP and Demonstration Scoring Tool to build a vendor and product evaluation framework for your EAS selection team.
    2. Review all RFP responses together with the core project team and stakeholders from procurement (if necessary).
    3. Input vendor solution information into the EAS RFP and Demonstration Scoring Tool.
    4. Analyze the vendors against your evaluation framework by paying specific attention to costing, overall score, and evaluation notes and comments.
    5. Identify vendors with whom you wish to arrange vendor demonstration.
    6. Contact vendors and arrange briefings.
    InputOutput
    • EAS RFP
    • ERP Vendor Response Template
    MaterialsParticipants
    • Info-Tech’s ERP Vendor Response Template
    • Procurement SMEs
    • Project manager
    • Core project team

    Download the EAS RFP and Demonstration Scoring Tool

    Identify specific use cases and develop demonstration scenarios

    These techniques can be used to gather requirements now and for vendor demos during the evaluation stage.

    Describe use cases to indicate how the various processes will operate. This technique can help end-users describe what the solution must do without needing to know how to describe requirements. Outline scenarios based on these use cases for vendors to demonstrate how their solution can fulfill business requirements.

    Define
    Define objectives for each specific use case.

    Explore
    Explore the various process paths and alternate outcomes for each use case.

    Build
    Build the details of the scenarios to describe the roles of the people involved and the detailed process steps to be accomplished.

    Use
    For each scenario, outline the expected outputs and variations.

    Info-Tech Insight
    Do not exceed three vendors when selecting participants for a product demonstration. Each vendor demonstration should last between one day and one week, depending on the scope of the project. Exceeding the threshold of three vendors can be massively time consuming and yield diminishing returns.

    Conduct vendor demos that extend beyond baseline requirements

    • Demo scripts should focus on differentiating vendor processes and capabilities that contribute to achieving your business’ strategic objectives.
    • You want vendors to show you what differentiates them and what can they do that is specific to your industry.
    • Avoid focusing on baseline EAS capabilities. While this may drive consistency across demonstrations, you will not get a clear picture of how one vendor may align with your unique business needs.
    • Ask the vendor questions pertaining to the differentiating factors listed below. Consider if the differentiating factors are worthwhile over the baseline capabilities shown.
    Adhere to this framework when crafting your scenarios:
    Simple and straightforward Series of steps
    • A straightforward narrative of what you need the product to do.
    • Once written, scenarios should be circulated to key stakeholders in the organization for validation.
    • Demonstrate how a user would interact with the system.
    • Should not be an explanation of specific features/functions.
    Specific Suitable for your business
    • Demonstrate exactly what you need the system to do, but don’t get into implementation details – don’t go too far into the how.
    • Select only critical functions that must be demonstrated.
    • Scenarios should reflect current realities within the organization, while still allowing processes to be improved.

    Add your scenarios to Info-Tech’s sample EAS demo script

    Take a holistic approach to vendor and product evaluation

    Almost – or equally – as important as evaluating vendor feature capabilities is the need to evaluate vendor viability and non-functional aspects of the EAS solution. Include an evaluation of the following criteria in your vendor scoring methodology.

    Vendor capability Description
    Usability and Intuitiveness The degree to which the system interface is easy to use and intuitive to end users.
    Ease of IT Administration The degree to which the IT administrative interface is easy to use and intuitive to IT administrators.
    Ease of Data Integration The relative ease with which the system can be integrated with an organization’s existing application environment including legacy systems, point solutions, and other large enterprise applications.
    Ease of Customization The relative ease with which a system can be customized to accommodate niche or industry-specific business or functional needs.
    Vendor Support Options The availability of vendor support options including selection consulting, application development resources, implementation assistance, and ongoing support resources.
    Availability and Quality of Training The availability of quality training services and materials that will enable users to get the most out of the product selected.
    Product Strategy, Direction, and Rate of Improvement The vendor’s proven ability for constant product improvement, deliberate strategic direction, and overall commitment to research and development efforts in responding to emerging trends.

    Info-Tech Insight
    Evaluating the vendor capabilities, not just product capabilities, is particularly important with EAS solutions. EAS solutions are typically long-term commitments; ensure that your organization is teaming up with a vendor or provider that you feel you can work well with and depend on.

    Case Study

    Structured RFP and demo processes ease the pain of vendor evaluations during the selection phase.

    INDUSTRY
    Automotive

    SOURCE
    Research Interview

    Challenge Solution Results

    This company is one of the largest automotive manufacturers worldwide and has various manufacturing facilities and distribution centers across Canada.

    With over 8,000 employees, the company has a multifaceted health and safety program. While head office enabled and used the health and safety module within the existing HRIS, some divisions within the company found the system complex and were still relying heavily on manual entry spreadsheets for incident investigations. As a result, the company decided to explore other options.

    A project team was created, led by a project manager from head office’s IT department. The team also included health and safety specialists from across the organization, who served as subject matter experts.

    The team put together a project outline, a roadmap for required functionality, and a business case to present to senior leadership, highlighting benefits and potential payback.

    After acquiring executive sponsorship, the team developed a Request for Proposal that was sent to 11 vendors.

    Among the evaluation criteria set in the RFP, injury cost analysis and analytics on safety were identified as the most critical requirements. Based on this criteria, the team narrowed down the options to four RFP responses, which were opened to 16 different sites to ensure consensus across the company.

    The team developed demo scripts to guide the product demonstrations. They also built evaluation scorecards that were used to narrow down the selection to two vendors. Ultimately, the final selection decision came down to how well the vendors’ teams knew the business, and the vendor that demonstrated greater industry expertise was selected.

    3.2.4 Build a demo script for product demonstration evaluation

    1-2 hours

    1. With the EAS selection team, use Info-Tech’s ERP Vendor Demonstration Script, HRIS Vendor Demonstration Script, or CRM Vendor Demonstration Script to write a demo script that reflects your organization’s EAS needs.
    2. Outline the logistics of the demonstration in the Introduction section of the template. Be sure to outline the total length of the demo and the amount of time that should be dedicated to the following:
      1. Product demonstration in response to the demo script.
      2. Showcase of unique product elements, not reflective of the demo script.
      3. Question and answer session.
      4. Breaks and other potential interruptions.
    3. Provide prompts for the vendor to display the capabilities by listing and describing usage scenarios by functional area. For example, when asking a vendor to demonstrate financial and accounting management capabilities, you may break scenarios out by task (e.g. general ledger, accounts payable) or user role (e.g. finance manager, administrator).

    Info-Tech Insight
    Challenge vendor project teams during product demonstrations. Asking the vendor to make adjustments or customizations on the fly will allow you to get an authentic feel for product capability and flexibility and for the degree of adaptability of the vendor project team. Ask the vendor to demonstrate how to do things not listed in your user scenarios, such as change system visualizations or design, change underlying data, add additional data sets, demonstrate collaboration capabilities, or trace an audit trail.

    3.2.4 Build a demo script for product demonstration evaluation

    Before the actual demonstrations, remember to communicate to the team the scenarios to be covered. Distribute the scripts ahead of the demonstrations so that the evaluation team know what is expected from the vendors.

    Input Output
    • Business requirements document
    • Logistical considerations
    • Usage scenarios by functional area
    • EAS demo script
    Materials Participants
    • Info-Tech’s ERP Vendor Demonstration Script, HRIS Vendor Demonstration Script, or CRM Vendor Demonstration Script
    • Business analyst(s)
    • Core project team

    A vendor scoring model provides a clear anchor point for your evaluation of EAS vendors based on a variety of inputs

    A vendor scoring model is a systematic method for effectively assessing competing vendors. A weighted-average scoring model is an approach that strikes a strong balance between rigor and evaluation speed.

    How do I build a scoring model? What are some of the best practices?
    • Start by shortlisting the key criteria you will use to evaluate your vendors. Functional capabilities should always be a critical category, but you’ll also want to look at criteria such as affordability, architectural fit, and vendor viability.
    • Depending on the complexity of the project, you may break down some criteria into sub-categories to assist with evaluation (for example, breaking down functional capabilities into constituent use cases so you can score each one).
    • One you’ve developed the key criteria for your project, the next step is weighting each criteria. Your weightings should reflect the priorities for the project at hand. For example, some projects may put more emphasis on affordability, others on vendor partnership.
    • Using the information collected in the subsequent phases of this blueprint, score each criteria from 1-100, then multiply by the weighting factor. Add up the weighted scores to arrive at the aggregate evaluation score for each vendor on your shortlist.
    • While the criteria for each project may vary, it’s helpful to have an inventory of repeatable criteria that can be used across application selection projects. The next slide contains an example that you can add or subtract from.
    • Don’t go overboard on the number of criteria: five to ten weighted criteria should be the norm for most projects. The more criteria (and sub-criteria) you must score against, the longer it will take to conduct your evaluation. Always remember – link the level of rigor to the size and complexity of your project! It’s possible to create a convoluted scoring model that takes significant time to fill out but yields little additional value.
    • Creation of the scoring model should be a consensus-driven activity between IT, procurement, and the key business stakeholders – it should not be built in isolation. Everyone should agree on the fundamental criteria and weights that are employed.
    • Consider using not just the outputs of investigative interviews and RFP responses to score vendors, but also third-party review services like SoftwareReviews.

    Info-Tech Insight
    Even the best scoring model will still involve some “art” rather than science – scoring categories such as vendor viability always entail a degree of subjective interpretation.

    Establish vendor evaluation criteria

    Vendor demonstrations are an integral part of the selection process. Having clearly defined selection criteria will help with setting up relevant demos and informing the vendor scorecards.

    Vendor evaluation criteria (weight)

    Functionality (30%) Ease of Use (25%)
    • Breadth of capability
    • Tactical capability
    • Operational capability
    • End-user usability
    • Administrative usability
    • UI attractiveness
    • Self-service options
    Cost (15%) Vendor (15%)
    • Maintenance
    • Support
    • Licensing
    • Implementation (internal and external costs)
    • Support model
    • Customer base
    • Sustainability
    • Product roadmap
    • Proof of concept
    • Implementation model
    Technology (15%)
    • Configurability options
    • Customization requirements
    • Deployment options
    • Security and authentication
    • Integration environment
    • Ubiquity of access (mobile)

    Info-Tech Insight
    Do not buy something that does not fit your functional needs just because it is the cheapest. ERP is a massive, long-term investment. If you purchase a system that does not contain the functionality that meets the organization’s business needs, not only will you face issues with user adoption, but you may also face having to revisit your ERP project down the road. In the end, this will cost you more than it will save you.

    Conduct client reference interviews to identify how other organizations have successfully used the vendor’s solution

    Request references from the vendors. Make sure the vendors deliver what they promise.

    Vendors are inevitably going to provide references that will give positive feedback, but don’t be afraid to dig into the interviews to understand some of the limitations related to the solution.

    • Even if a vendor is great for one client doesn’t necessarily mean it will fit for you. Ask the vendor to provide references from organizations in your own or a similar industry or from someone who has automated similar business processes or outlined similar expectations.
    • Use these reference calls as an opportunity to gain a more accurate understanding of the quality of the vendor’s service support and professional services.
    • If you are looking to include a high level of customization in your EAS solution, pay particular attention to this step and the client responses, as these will help you understand how easy a vendor is to work with.
    • Make the most of your client reference interviews by preparing your questions in advance and following a specific script.

    Sample Reference Check Questions

    Use Info-Tech’s Sample Reference Check Questions to provide a framework and starting point for your interviews with a vendor’s previous clients. Review the questions and customize to fit your needs.

    Determine costs of the solution

    Ensure the business case includes both internal and external costs related to the new EAS platform, allocating costs of project managers to improve accuracy of overall costs and level of success.

    EAS solutions include application costs and costs to design processes, install, and configure. These start-up costs can be a significant factor in whether the initial purchase is feasible.

    EAS vendor costs Internal costs
    • Application licensing
    • Implementation and configuration
    • Professional services
    • Maintenance and support
    • Training
    • Third-party add-ons
    • Data transformation
    • Integration
    • Project management
    • Business readiness
    • Change management
    • Resourcing (user groups, design/consulting, testing)
    • Training
    • Auditors (if regulatory requirements need vetting)
    When thinking about vendor costs, also consider the matching internal cost associated with the vendor activity (e.g. data cleansing, internal support). Project management is a top-five critical success factor at all stages of an enterprise application initiative from planning to post-implementation (Information Systems Frontiers). Ensuring that costs for such critical areas are accurately represented will contribute to success.

    Bring in the right resources to guarantee success. Work with the PMO or project manager to get creating the SOW.

    60% of IT projects are not finished “mostly or always” on time (Wellingtone, 2018).

    55% of IT personnel feel that the business objectives of their software projects are clear to them (Geneca, 2017).

    Download the blueprint Improve Your Statements of Work to Hold Your Vendors Accountable to define requirements for installation and configuration.

    3.3.1 Establish your evaluation criteria

    Time required varies

    Customize Info-Tech’s RFP and Demonstration Scoring Tool to build an evaluation framework for vendor responses based on set criteria rather than relative comparisons.

    This tool allows you to evaluate whether your organization’s requirements have been met by the vendor RFP response and provides a location for comprehensive documentation of the RFP response and demonstration details, including costing and availability/quality of product features, architecture, and vendor support.

    Finally, the tool gives you the ability to evaluate your shortlisted vendors’ demonstrations.

    InputOutput
    • Business requirements document
    • Logistical considerations
    • Usage scenarios by functional area
    • EAS evaluation criteria
    MaterialsParticipants
    • Info-Tech’s EAS RFP and Demonstration Scoring Tool
    • Procurement SMEs
    • Core project team

    3.3.1 Establish your evaluation criteria

    Time required varies

    1. With the EAS selection team, brainstorm a list of criteria against which you are going to evaluate each vendor and product.
    2. Categorize each criteria into four to eight groups.
    3. Assign ranked weightings to each category of evaluation criteria. The weightings should add up to 100%. Be sure to identify which criteria are most important to your team by assigning higher weightings to those criteria. If you are having trouble assigning ranked weightings to criteria, take your team through an exercise of ranking pairs. For example, if deciding on the ranked importance of cost, ease of use, and vendor support, break down the discussion by addressing just two criteria at a time: “Between cost and ease of use, which is more important?” If cost is selected… “Between cost and vendor support, which is more important?” If cost is selected again, decide on your second and third rankings by addressing the remaining two criteria… “Between vendor support and ease of use, which is more important?”
    4. Document the final output from this activity as an input to your EAS selection. Optionally, record it in Info-Tech’s EAS RFP and Demonstration Scoring Tool.

    Download the EAS RFP and Demonstration Scoring Tool

    Info-Tech Insight
    Do not reveal your evaluation criteria to vendors. Allowing vendors to see what matters most to your organization may sway their response and/or demo. Avoid this by keeping your decided evaluation criteria and weightings among your selection team only.

    3.3.2 Evaluate vendor product demonstrations

    Time required varies

    1. Using the demonstration script and vendor criteria previously established, customize Info-Tech’s EAS RFP and Demonstration Scoring Tool to build a scorecard that quickly evaluates vendor product demonstrations.
    2. Distribute the scorecard to every member of the team who is evaluating a particular demonstration.
    3. Evaluate each vendor product demonstration using the tool.
    4. Average all scores from each vendor demonstration to inform your selection decision. Note that the vendor with the highest overall score may not necessarily be the best fit for your organization.
    Input Output
    • Demonstration script
    • Evaluation criteria
    • ERP demonstration vendor scores
    Materials Participants
    • Info-Tech’s EAS RFP and Demonstration Scoring Tool
    • Core project team

    Download the EAS RFP and Demonstration Scoring Tool

    Decision Point: Select the Finalist

    After reviewing all vendor responses to your RFP, conducting vendor demos, and running a pilot project (if applicable) – the time has arrived to select your finalist.

    All core selection team members should hold a session to score each shortlisted vendor against the criteria enumerated on the previous slide, based on an in-depth review of proposals, the demo sessions, and any pilots or technical assessments.

    The vendor that scores the highest in aggregate is your finalist.

    Congratulations – you are now ready to proceed to final negotiation and inking a contract. This blueprint provides a detailed approach on the mechanics of a major vendor negotiation.

    Get the best value out from your EAS vendor. Negotiate on your own terms.

    Here are a few tips common to EAS vendors and its offerings.

    Vendors will give time-limited discounts to obtain your buy-in.

    • Depending on your procurement process, it is good practice to have at least two competing vendors in the running to obtain the best value.
    • Make sure that the package offered is coherent – that there are no gaps in the product offering.
    • Ask for access to a higher level of customer care or even developers to obtain quicker, specific support
    • Inquire about specific support and patching service, especially if you have customizations.
    • Ask for additional hours for training and support, pre- and post- implementation.
    • Think long-term – you want to have a good working relationship over the long haul, with a vendor that fits with your overall strategy, and not have to repeat and negotiate often.

    Use Info-Tech’s vendor services

    Info-Tech’s vendor management services has price benchmarks as well knowledgeable advisors who can help evaluate proposals to obtain the best value

    Speak to a vendor management services’ advisor today.

    Contact Us

    Communicate to the vendor whether they were accepted or rejected

    Communicate with each vendor following the demonstration and product evaluation. Ask follow-up questions, highlight areas of concern, and inform them of their status in the selection process.

    The RFP process is a standard business practice. As a customer, you are not under any obligation to educate the vendor as to the details of acceptance or rejection. However, consider every point of contact as an opportunity to build a strong network of potential vendors to help you acquire the best products for your organization.

    Use Info-Tech’s Vendor Communication Set template to communicate with the vendor following the demonstration and product evaluations. This set includes:

    Rejection Notice: Inform the vendor that they are no longer under consideration and highlight opportunities for future debrief.

    Approval Notice: Inform the vendor of its progress to the next stage of selection and identify next steps.

    Go to this link

    Phase 4

    Prepare for Implementation

    Phase 1
    1.1 Enterprise Application Landscape
    1.2 Validate Readiness
    1.3 Determine Resourcing

    Phase 2
    2.1 Capability Mapping
    2.2 Requirements Gathering Data Mapping
    2.3 Requirements Prioritizing

    Phase 3
    3.1 Understanding Product Offerings
    3.2 RFP & Demo Scripts
    3.3 Evaluation Select and Negotiate

    Phase 4
    4.1 Prepare for Implementation

    This phase will walk you through the following activities:

    Discussion on what it takes to transition to a proper implementation.

    Key stakeholders from the various areas of the business that will support the project including:

    • Project management team
    • Core project team

    Select an Enterprise Application

    Leverage Info-Tech’s research to plan and execute your EAS implementation

    Use Info-Tech Research Group’s three-phase implementation process to guide your own planning.

    Assess

    Prepare

    Govern and course correct

    Establish and execute an end-to-end, agile framework to succeed with the implementation of a major enterprise application.

    Visit this link

    External resources are available for implementations

    Organizations rarely have sufficient internal staffing to resource an EAS project on their own. Consider the options for closing the gap in internal resource availability.

    The most common project resourcing structures for enterprise projects are:

    Your own staff +

    1 Management Consultant

    2 Vendor Consultant

    3 System Integrator

    Consider the following:

    Internal vs. External Roles and Responsibilities

    Clearly delineate between internal and external team responsibilities and accountabilities, and communicate this to your technology partner upfront.

    Internal vs. External Accountabilities

    Accountability is different than responsibility. Your vendor or SI partner may be responsible for completing certain tasks, but be careful not to outsource accountability for the implementation – ultimately, the internal team will be accountable.

    Partner Implementation Methodologies

    Often vendors and/or SIs will have their own preferred implementation methodology. Consider the use of your partner's implementation methodology; however, you know what will work for your organization.

    Info-Tech Insight
    When contemplating a resourcing structure, consider:

    • Availability of in-house implementation competencies and resources.
    • Timeline and constraints.
    • Integration environment complexity.

    Review your options for external resources

    Narrow your search for a management consultant, vendor consultant, or system integrator partner by understanding under which circumstances each would be most appropriate.

    When to choose… Management consultant Vendor consultant System integrators
    • There is an existing and trusted relationship.
    • Scope of work includes consideration of internal IT operations, costing, etc.
    • Organization requires external industry expertise for strategy formulation.
    • They will have a role in overall change management within the enterprise.
    • There are no concerns with overall IT processes or capabilities.
    • The project scope is restricted to a single technology or application.
    • There is minimal integration with other systems.
    • The consultant has no role in business process change.
    • They will be a specialist reporting to other consultants.
    • Project includes products from different vendors or multiple add-ons.
    • Extensive integration is required with legacy or other applications.
    • They will be responsible for outsourced operational support or development following implementation.

    Info-Tech Insight
    Depending on your internal resourcing constraints and IT maturity, you may need to work with multiple partners. If this is the case, just be aware that working with multiple partners can complicate vendor relationship management and makes having a dedicated vendor or partner relationship manager even more important.

    4.1.1 Establish team composition

    1 – 2 hours

    Utilize Info-Tech’s Governance and Management of Enterprise Software Implementation to establish your team composition. Within that blueprint:

    1. Assess the skills necessary for an implementation. Inventory the competencies required for the implementation project team. Map your internal resources to each competency as applicable.
    2. Select your internal implementation team. Determine who needs to be involved closely with the implementation. Key stakeholders should also be considered as members of your implementation team.
    3. Identify the number of external consultants/support required for implementation. Consider your in-house skills, timeline considerations, integration environment complexity, and cost constraints as you make your team composition plan. Be sure to dedicate an internal resource to managing the vendor and partner relationships.
    4. Document the roles and responsibilities, accountabilities, and other expectations of your team as they relate to each step of the implementation.
    Input Output
    • Skills assessment
    • Stakeholder analysis
    • Vendor partner selection
    • Team composition
    Materials Participants
    • Sticky notes
    • Whiteboard
    • Markers
    • Project Team

    Governance and Management of Enterprise Software Implementation

    Follow our iterative methodology with a task list focused on the business must-have functionality to achieve rapid execution and to allow staff to return to their daily work sooner.

    Visit this link

    Ensure your implementation team has a high degree of trust and communication

    If external partners are needed, dedicate an internal resource to managing the vendor and partner relationships.

    Communication Proximity Trust
    Teams must have some type of communication strategy. This can be broken into:
    • Regularity: Having a set time each day to communicate progress and a set day to conduct retrospectives.
    • Ceremonies: Injecting awards and continually emphasizing delivery of value can encourage relationship building and constructive motivation.
    • Escalation: Voicing any concerns and having someone responsible for addressing those concerns.
    Distributed teams create complexity as communication can break down. This can be mitigated by:
    • Location: Placing teams in proximity can close the barrier of geographical distance and time zone differences.
    • Inclusion: Making a deliberate attempt to pull remote team members into discussions and ceremonies.
    • Communication tools: Having the right technology (e.g. video conference) can help bring teams closer together virtually.
    Members should trust that other members are contributing to the project and completing their required tasks on time. Trust can be developed and maintained by:
    • Accountability: Having frequent quality reviews and feedback sessions. As work becomes more transparent, people become more accountable.
    • Role clarity: Having a clear definition of what everyone’s role is.

    Create a formal communication process throughout the EAS implementation

    Establish a comprehensive communication process around the EAS enterprise roll-out to ensure that end users stay informed.

    The EAS kick-off meeting(s) should encompass:

    • Target business-user requirements
    • Target quality of service (QoS) metrics
    • Other IT department needs
    • Special consideration needs
    • Tangible business benefits of application
    • The high-level application overview

    The overall objective for inter-departmental EAS kick-off meetings is to confirm that all parties agree on certain key points and understand platform rationale and functionality.

    The kick-off process will significantly improve internal communications by inviting all affected internal IT groups, including business units, to work together to address significant issues before the application process is formally activated.

    Department groups or designated trainers should take the lead and implement a process for:

    • Scheduling EAS platform roll-out/kick-off meetings.
    • Soliciting preliminary input from the attending groups to develop further training plans.
    • Establishing communication paths and the key communication agents from each department who are responsible for keeping lines open moving forward.

    Plan for your implementation of EAS based on deployment model

    Place your EAS solution into your IT landscape by configuring and adjusting the tool based on your specific deployment method.

    On-Premises SaaS-based
    1. Identify custom features and configuration items
    2. Train developers and IT staff on new software investment
    3. Install software
    4. Configure software
    5. Test installation and configuration
    6. Test functionality
    1. Train developers and IT staff on new software investment
    2. Set up connectivity
    3. Identify VPN or internal solution
    4. Check firewalls
    5. Validate bandwidth regulations

    Integration is a top IT challenge and critical to the success of the EAS solution

    EAS solutions are most effective when they are integrated with ERP, HRIS, and CRM solutions.

    Data interchange between the EAS solution and other data sources is necessary Formulate a comprehensive map of the systems, hardware, and software with which the EAS solution must be able to integrate. Master data needs to constantly be synchronized; without this, you lose out on one of the primary benefits of integration. These connections should be bidirectional for maximum value (i.e. marketing data to the CRM, customer data to MMS).
    Specialized projects that include an intricate prospect or customer list and complex rules may need to be built by IT The more custom fields you have in your EAS and point solutions, the more schema mapping you will have to do. Include this information in the RFP to receive guidance from vendors regarding the ease with which integration can be achieved.
    Pay attention to legacy apps and databases If you have a legacy EAS and databases, more custom code will be required. Many vendors claim that custom integrations can be performed for most systems, but custom comes at a cost. Don’t just ask if they can integrate; ask how long it will take and for references from organizations which have been successful in this.

    Scenario: Failure to address EAS data integration will cost you in the long run

    A company spent $15 million implementing a new CRM system in the cloud and decided NOT to spend an additional $1.5 million to do a proper cloud DI tool procurement. The mounting costs followed.

    Cost element – Custom Data Integration $
    2 FTEs for double entry of sales order data $ 100,000/year
    One-time migration of product data to CRM $ 240,000 otc
    Product data maintenance $ 60,000/year
    Customer data synchronization interface build $ 60,000 otc
    Customer data interface maintenance $ 10,000/year
    Data quality issues $ 100,000/year
    New SaaS integration built in year 3 $ 300,000 otc
    New SaaS integration maintenance $ 150,000/year
    Cost element – Data Integration Tool $
    DI strategy and platform implementation $1,500,000 otc
    DI tool maintenance $ 15,000/year
    New SaaS integration point in year 3 $ 300,000 otc

    Comparison of Solution TCOs Chart

    Custom integration is costing this organization $300,000/year for one SaaS solution.

    The proposed integration solution would have paid for itself in 3-4 years and saved exponential costs in the long run.

    Proactively address data quality in the EAS during implementation

    Data quality is a make-or-break issue in an EAS platform; garbage in is garbage out.

    • EAS solutions are one of the leading offenders for generating poor quality data. As such, it’s important to have a plan in place for structuring your data architecture in such a way that poor data quality is minimized from the get-go.
    • Having a plan for data quality should precede data migration efforts; some types of poor data quality can be mitigated prior to migration.
    • There are five main types of poor-quality data found in EAS platforms.
      • Duplicate data: Duplicate records can be a major issue. Leverage dedicated de-dupe tools to eliminate them.
      • Stale data: Out-of-date customer information can reduce the usefulness of the platform. Use automated social listening tools to help keep data fresh.
      • Incomplete data: Records with missing info limit platform value. Specify data validation parameters to mandate that all fields are filled in.
      • Invalid and conflicting data: Can create cascading errors. Establishing conflict resolution rules in ETL tools for data integration can reduce issues.

    Info-Tech Insight
    If you have a complex EAS environment, appoint data stewards for each major domain and procure a de-dupe tool. As the complexity of EAS system-to-system integrations increase, so will the chance that data quality errors will crop up – for example, bi-directional POI with other sources of customer information dramatically increase the chances of conflicting/duplicate data.

    Profile data, eliminate dead weight, and enforce standards to protect data

    Identify and eliminate dead weight Poor data can originate in the firm’s EAS system. Custom queries, stored procedures, or profiling tools can be used to assess the key problem areas.
    Loose rules in the EAS system lead to records of no significant value in the database. Those rules need to be fixed, but if changes are made before the data is fixed, users could encounter database or application errors, which will reduce user confidence in the system.
    • Conduct a data flow analysis: map the path that data takes through the organization.
    • Use a mass cleanup to identify and destroy dead weight data. Merge duplicates either manually or with the aid of software tools. Delete incomplete data, taking care to reassign related data.
    • COTS packages typically allow power users to merge records without creating orphaned records in related tables, but custom-built applications typically require IT expertise.
    Create and enforce standards and policies Now that the data has been cleaned, it’s important to protect the system from relapsing.
    Work with business users to find out what types of data require validation and which fields should have changes audited. Whenever possible, implement drop-down lists to standardize values and make programming changes to ensure that truncation ceases.
    • Truncated data is usually caused by mismatches in data structures during either one-time data loads or ongoing data integrations.
    • Don’t go overboard on assigning required fields; users will just put key data in note fields.
    • Discourage the use of unstructured note fields: the data is effectively lost except if it gets subpoenaed.

    Info-Tech Insight
    Data quality concerns proliferate with the customization level of your platform. The more extensive the custom integration points and module/database extensions that you have made, the more you will need to have a plan in place for managing data quality from a reactive and proactive standpoint.

    Ensure requirements are met with robust user acceptance testing

    User acceptance testing (UAT) is a test procedure that helps to ensure end-user requirements are met. Test cases can reveal bugs before the suite is implemented.

    Five secrets of UAT success

    1 Create the plan With the information collected from requirements gathering, create the plan. Make sure this information is added to the main project plan documentation.
    2 Set the agenda The time allotted will vary depending on the functionality being tested. Ensure that the test schedule allows for the resolution of issues and discussion.
    3 Determine who will participate Work with relevant stakeholders to identify the people who can best contribute to system testing. Look for experienced power users who have been involved in earlier decision making about the system.
    4 Highlight acceptance criteria With the UAT group, pinpoint the criteria to determine system acceptability. Refer to requirements specified in use cases in the initial requirements-gathering stages of the project.
    5 Collect end user feedback Weaknesses in resolution workflow design, technical architecture, and existing customer service processes can be highlighted and improved with ongoing surveys and targeted interviews.

    Calculate post-deployment metrics to assess measurable value of the project

    Track the post-deployment results from the project and compare the metrics to the current state and target state.

    EAS selection and implementation metrics
    Description Formula Current or estimated Target Post-deployment
    End-user satisfaction # of satisfied users
    # of end users
    70% 90% 85%
    Percentage over/under estimated budget Amount spent – 100%
    Budget
    5% 0% 2%
    Percentage over/under estimated timeline Project length – 100%
    Estimated timeline
    10% -5% -10%
    EAS strategy metrics
    Description Formula Current or estimated Target Post-deployment
    Number of leads generated (per month) # of leads generated 150 200 250
    Average time to resolution (in minutes) Time spent on resolution
    # of resolutions
    30 minutes 10 minutes 15 minutes
    Cost per interaction by campaign Total campaign spending
    # of customer interactions
    $17.00 $12.00 $12.00

    Continue to adapt your governance model

    Your EAS and applications environment will continue to evolve. Make sure your governance model is always ready to capture the everchanging needs.

    Business needs will not stop changing whether you have an ongoing EAS or other application project. It is thus important to keep your governance efficient and streamlined to capture these needs to then make the EAS continue deliver value and remain aligned to long-term corporate objectives.

    Visit this link

    Summary of Accomplishment

    Select an Enterprise Application

    EAS technology is critical to facilitating an organization’s flow of information across business units. It allows for seamless integration of systems and creates a holistic view of the enterprise to support decision making. Having a structured approach to gathering the necessary resources, defining key requirements, and engaging with the right shortlist of vendors to pick the best finalist is crucial.

    This selection guide allows organizations to execute a structured methodology for picking an EAS that aligns with their needs. This includes:

    • Alignment and prioritization of key business and technology drivers for an EAS selection.
    • Identification and prioritization of the EAS requirements.
    • Construction of a robust EAS RFP.
    • A strong market scan of key players.
    • A survey of crucial implementation considerations.

    This formal EAS selection initiative will drive business-IT alignment, identify data and integration priorities, and allow for the rollout of a platform that’s highly likely to satisfy all stakeholder needs.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.
    workshops@infotech.com
    1-888-670-8889

    Research Contributors

    Name Title Organization
    Anonymous Anonymous Telecommunications industry
    Anonymous Anonymous Construction material industry
    Anonymous Anonymous Automotive industry
    Corey Tenenbaum Head of IT Taiga Motors
    Mark Earley Director, Consulting Info-Tech Research Group
    Ricardo di Olivera Research Director, Enterprise Applications Info-Tech Research Group

    Bibliography

    “2016 Report on ERP Systems and Enterprise Software.” Panorama Consulting Solutions, 2016. Web.

    “2018 Report on ERP Systems and Enterprise Software.” Panorama Consulting Solutions, 2018. Web.

    “2022 HRIS Software Report.” SoftwarePath, 2022 . Web

    Cross-Industry Process Classification Framework (PCF) Version 7.2.1. APQC, 26 Sept. 2019. Web.

    “Doomed From the Start? Why a Majority of Business and IT Teams Anticipate Their Software Development Projects Will Fail.” Geneca, 25 Jan. 2017. Web.

    Farhan, Marwa Salah, et al. “A Systematic Review for the Determination and Classification of the CRM Critical Success Factors Supporting with Their Metrics.” Future Computing and Informatics Journal, vol. 3, no. 2, Dec. 2018, pp. 398–416.

    Gheorghiu, Gabriel. “ERP Buyer’s Profile for Growing Companies.” SelectHub, 23 Sept. 2022. Web

    “Process Frameworks.” APQC, 4 Nov. 2020. Web.

    “Process vs. Capability: Understanding the Difference.” APCQ, 2017. Web.

    Savolainen, Juha, et al. “Transitioning from Product Line Requirements to Product Line Architecture.” 29th Annual International Computer Software and Applications Conference (COMPSAC'05), IEEE, vol. 1, 2005, pp. 186-195, doi: 10.1109/COMPSAC.2005.160

    Saxena, Deepak, and Joe McDonagh. "Evaluating ERP Implementations: The Case for a Lifecycle based Interpretive Approach." Electronic Journal of Information Systems Evaluation 22.1 (2019): pp29-37.

    “SOA Reference Architecture – Capabilities and the SOA RA.” The Open Group, TOGAF, n.d. Web.

    Smith, Anthony. “How To Create A Customer-Obsessed Company Like Netflix.” Forbes, 12 Dec. 2017. Web.

    "The Moscow Method", MindTools. Web.

    “The State of CRM Data Management 2020.” Validity, 2020. Web.

    “The State of Project Management Annual Survey 2018.” Wellingtone, 2018. Web.

    “Why HR Projects Fail.” Unleash, 2021. Web

    Integrate IT Risk Into Enterprise Risk

    • Buy Link or Shortcode: {j2store}195|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $12,599 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: IT Governance, Risk & Compliance
    • Parent Category Link: /it-governance-risk-and-compliance
    • IT risks, when considered, are identified and classified separately from the enterprise-wide perspective.
    • IT is expected to own risks over which they have no authority or oversight.
    • Poor behaviors, such as only considering IT risks when conducting compliance or project due diligence, have been normalized.

    Our Advice

    Critical Insight

    • Stop avoiding risk – integrate it. This provides a holistic view of uncertainty for the organization to drive innovative new approaches to optimize the organization’s ability to respond to risk.

    Impact and Result

    • Understand gaps in the organization’s current approach to risk management practices.
    • Establish a standardized approach for how IT risks impact the enterprise as a whole.
    • Drive a risk-aware organization toward innovation and consider alternative options for how to move forward.
    • Integrate IT risks into the foundational risk practice.

    Integrate IT Risk Into Enterprise Risk Research & Tools

    Integrated Risk Management Capstone – A framework for how IT risks can be integrated into your organization’s enterprise risk management program to enable strategic risk-informed decisions.

    This is a capstone blueprint highlighting the benefits of an integrated risk management program that uses risk information and data to inform strategic decision making. Throughout this research you will gain insight into the five core elements of integrating risk through assessing, governing, defining the program, defining the process, and implementing.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Integrate IT Risk Into Enterprise Risk Capstone
    • Integrated Risk Maturity Assessment
    • Risk Register Tool

    Infographic

    Further reading

    Integrate IT Risk Into Enterprise Risk

    Don’t fear IT risks, integrate them.

    EXECUTIVE BRIEF

    Analyst Perspective

    Having siloed risks is risky business for any enterprise.

    Photo of Valence Howden, Principal Research Director, CIO Practice.
    Valence Howden
    Principal Research Director, CIO Practice
    Photo of Petar Hristov Research Director, Security, Privacy, Risk & Compliance.
    Petar Hristov
    Research Director, Security, Privacy, Risk & Compliance
    Photo of Ian Mulholland Research Director, Security, Risk & Compliance.
    Ian Mulholland
    Research Director, Security, Risk & Compliance
    Photo of Brittany Lutes, Senior Research Analyst, CIO Practice.
    Brittany Lutes
    Senior Research Analyst, CIO Practice
    Photo of Ibrahim Abdel-Kader, Research Analyst, CIO Practice
    Ibrahim Abdel-Kader
    Research Analyst, CIO Practice

    Every organization has a threshold for risk that should not be exceeded, whether that threshold is defined or not.

    In the age of digital, information and technology will undoubtedly continue to expand beyond the confines of the IT department. As such, different areas of the organization cannot address these risks in silos. A siloed approach will produce different ways of identifying, assessing, responding to, and reporting on risk events. Integrated risk management is about embedding IT uncertainty to inform good decision making across the organization.

    When risk is integrated into the organization's enterprise risk management program, it enables a single view of all risks and the potential impact of each risk event. More importantly, it provides a consistent view of the risk event in relation to uncertainty that might have once been seemingly unrelated to IT.

    And all this can be achieved while remaining within the enterprise’s clearly defined risk appetite.

    Executive Summary

    Your Challenge

    Most organizations fail to integrate IT risks into enterprise risks:

    • IT risks, when considered, are identified and classified separately from the enterprise-wide perspective.
    • IT is expected to own risks over which they have no authority or oversight.
    • Poor behaviors, such as only considering IT risks when conducting compliance or project due diligence, have been normalized.

    Common Obstacles

    IT leaders have to overcome these obstacles when it comes to integrating risk:

    • Making business leaders aware of, involved in, and able to respond to all enterprise risks.
    • A lack of data or information being used to support a holistic risk management process.
    • A low level of enterprise risk maturity.
    • A lack of risk management capabilities.

    Info-Tech’s Approach

    By leveraging the Info-Tech Integrated Risk approach, your business can better address and embed risk by:

    • Understanding gaps in the organization’s current approach to risk management practices.
    • Establishing a standardized approach for how IT risks impact the enterprise as a whole.
    • Driving a risk-aware organization toward innovation and considering alternative options for how to move forward.
    • Helping integrate IT risks into the foundational risk practice.

    Info-Tech Insight

    Stop avoiding risk – integrate it. This provides a holistic view of uncertainty for the organization to drive innovative new approaches to optimize its ability to respond to risk.

    What is integrated risk management?

    • Integrated risk management is the process of ensuring all forms of risk information, including information and technology, are considered and included in the enterprise’s risk management strategy.
    • It removes the siloed approach to classifying risks related to specific departments or areas of the organization, recognizing that each of those risks is a threat to the overarching enterprise.
    • Aggregating the different threats or uncertainty that might exist within an organization allows for informed decisions to be made that align to strategic goals and continue to drive value back to the business.
    • By holistically considering the different risks, the organization can make informed decisions on the best course of action that will reduce any negative impacts associated with the uncertainty and increase the overall value.

    Enterprise Risk Management (ERM)

    • IT
    • Security
    • Digital
    • Vendor/Third Party
    • Other

    Enterprise risk management is the practice of identifying and addressing risks to your organization and using risk information to drive better decisions and better opportunities.

    IT risk is enterprise risk

    Multiple types of risk, 'Finance', 'IT', 'People', and 'Digital', funneling into 'ENTERPRISE RISKS'. IT risks have a direct and often aggregated impact on enterprise risks and opportunities in the same way other business risks can. This relationship must be understood and addressed through integrated risk management to ensure a consistent approach to risk.

    Your challenge

    Embedding IT risks into the enterprise risk management program is challenging because:

    • Most organizations classify risks based on the departments or areas of the business where the uncertainty is likely to happen.
    • Unnecessary expectations are placed on the IT department to own risks over which they have no authority or oversight.
    • Risks are often only identified when conducting due diligence for a project or ensuring compliance with regulations and standards.

    Risk-mature organizations have a unique benefit in that they often have established an overarching governance framework and embedded risk awareness into the culture.

    35% — Only 35% of organizations had embraced ERM in 2020. (Source: AICPA and NC State Poole College of Management)

    12% — Only 12% of organizations are leveraging risk as a tool to their strategic advantage. (Source: AICPA and NC State Poole College of Management)

    Common obstacles

    These barriers make integrating IT risks difficult to address for many organizations:

    • IT risks are not seen as enterprise risks.
    • The organization’s culture toward risk is not defined.
    • The organization’s appetite and threshold for risk are not defined.
    • Each area of the organization has a different method of identifying, assessing, and responding to risk events.
    • Access to reliable and informative data to support risk management is difficult to obtain.
    • Leadership does not see the business value of integrating risk into a single management program.
    • The organization’s attitudes and behaviors toward risk contradict the desired and defined risk culture.
    • Skills, training, and resources to support risk management are lacking, let alone those to support integrated risk management.

    Integrating risks has its challenges

    62% — Accessing and disseminating information is the main challenge for 62% of organizations maturing their organizational risk management. (Source: OECD)

    20-28% — Organizations with access to machine learning and analytics to address future risk events have 20 to 28% more satisfaction. (Source: Accenture)

    Integrate Risk and Use It to Your Advantage

    Accelerate and optimize your organization by leveraging meaningful risk data to make intelligent enterprise risk decisions.

    Risk management is more than checking an audit box or demonstrating project due diligence.

    Risk Drivers
    • Audit & compliance
    • Preserve value & avoid loss
    • Previous risk impact driver
    • Major transformation
    • Strategic opportunities
    Arrow pointing right. Only 7% of organizations are in a “leading” or “aspirational” level of risk maturity. (OECD, 2021) 63% of organizations struggle when it comes to defining their appetite toward strategy related risks. (“Global Risk Management Survey,” Deloitte, 2021) Late adopters of risk management were 70% more likely to use instinct over data or facts to inform an efficient process. (Clear Risk, 2020) 55% of organizations have little to no training on ERM to properly implement such practices. (AICPA, NC State Poole College of Management, 2021)
    1. Assess Enterprise Risk Maturity 3. Build a Risk Management Program Plan 4. Establish Risk Management Processes 5. Implement a Risk Management Program
    2. Determine Authority with Governance
    Unfortunately, less than 50% of those in risk focused roles are also in a governance role where they have the authority to provide risk oversight. (Governance Institute of Australia, 2020)
    IT can improve the maturity of the organization’s risk governance and help identify risk owners who have authority and accountability.

    Governance and related decision making is optimized with integrated and aligned risk data.

    List of 'Integrated Risk Maturity Categories': '1. Context & Strategic Direction', '2. Risk Culture and Authority', '3. Risk Management Process', and '4. Risk Program Optimization'. The five types of a risk in Enterprise Risk Management.

    ERM incorporates the different types of risk, including IT, security, digital, vendor, and other risk types.

    The program plan is meant to consider all the major risk types in a unified approach.

    The 'Risk Process' cycle starting with '1. Identify', '2. Assess', '3. Respond', '4. Monitor', '5. Report', and back to the beginning. Implementation of an integrated risk management program requires ongoing access to risk data by those with decision making authority who can take action.

    Integrated Risk Mapping — Downside Risk Focus

    A diagram titled 'Risk and Controls' beginning with 'Possible Sources' and a list of sources, 'Control Activities' to prevent, the 'RISK EVENT', 'Recovery Activities' to recover, and 'Possible Repercussions' with a list of ramifications.

    Integrated Risk Mapping — Downside and Upside Risk

    Third-Party Risk Example

    Example of a third-party risk mapped onto the diagram on the previous slide, but with potential upsides mapped out as well. The central risk event is 'Vendor exposes private customer data'. Possible Sources of the downside are 'External Attack' with likelihood prevention method 'Define security standard requirements for vendor assessment' and 'Exfiltration of data through fourth-party staff' with likelihood prevention method 'Ensure data is properly classified'. Possible Sources of the upside are 'Application rationalization' with likelihood optimization method 'Reduce number of applications in environment' and 'Review vendor assessment practices' with likelihood optimization method 'Improve vendor onboarding'. Possible Repercussions on the downside are 'Organization unable to operate in jurisdiction' with impact minimization method 'Engage in-house risk mitigation responses' and 'Fines levied against organization' with impact minimization method 'Report incident to any regulators'. Possible Repercussions on the upside are 'Easier vendor integration and management' with impact utilization method 'Improved vendor onboarding practices' and 'Able to bid on contracts with these requirements' with impact utilization method 'Vendors must provide attestations (e.g. SOC or CMMC)'.

    Insight Summary

    Overarching insight

    Stop fearing risk – integrate it. Integration leads to opportunities for organizations to embrace innovation and new digital technologies as well as reducing operational costs and simplifying reporting.

    Govern risk strategically

    Governance of risk management for information- and technology-related events is often misplaced. Just because it's classified as an IT risk does not mean it shouldn’t be owned by the board or business executive.

    Assess risk maturity

    Integrating risk requires a baseline of risk maturity at the enterprise level. IT can push integrating risks, but only if the enterprise is willing to adopt the attitudes and behaviors that will drive the integrated risk approach.

    Manage risk

    It is not a strategic decision to have different areas of the organization manage the risks perceived to be in their department. It’s the easy choice, but not the strategic one.

    Implement risk management

    Different areas of an enterprise apply risk management processes differently. Determining a single method for identification, assessment, response, and monitoring can ensure successful implementation of enterprise risk management.

    Tactical insight

    Good risk management will consider both the positives and negatives associated with a risk management program by recognizing both the upside and downside of risk event impact and likelihood.

    Integrated risk benefits

    IT Benefits

    • IT executives have a responsibility but not accountability when it comes to risk. Ensure the right business stakeholders have awareness and ability to make informed risk decisions.
    • Controls and responses to risks that are within the “IT” realm will be funded and provided with sufficient support from the business.
    • The business respects and values the role of IT in supporting the enterprise risk program, elevating its role into business partner.

    Business Benefits

    • Business executives and boards can make informed responses to the various forms of risk, including those often categorized as “IT risks.”
    • The compounding severity of risks can be formally assessed and ideally quantified to provide insight into how risks’ ramifications can change based on scenarios.
    • Risk-informed decisions can be used to optimize the business and drive it toward adopting innovation as a response to risk events.
    • Get your organization insured against cybersecurity threats at the lowest premiums possible.

    Measure the value of integrating risk

    • Reduce Operating Costs

      • Organizations can reduce their risk operating costs by 20 to 30% by adopting enterprise-wide digital risk initiatives (McKinsey & Company).
    • Increase Cybersecurity Threat Preparedness

      • Increase the organization’s preparedness for cybersecurity threats. 79% of organizations that were impacted by email threats in 2020 were not prepared for the hit (Diligent)
    • Increase Risk Management’s Impact to Drive Strategic Value

      • Currently, only 3% of organizations are extensively using risk management to drive their unique competitive advantage, compared to 35% of companies who do not use it at all (AICPA & NC State Poole College of Management).
    • Reduce Lost Productivity for the Enterprise

      • Among small businesses, 76% are still not considering purchasing cyberinsurance in 2021, despite the fact that ransomware attacks alone cost Canadian businesses $5.1 billion in productivity in 2020 (Insurance Bureau of Canada, 2021).

    “31% of CIO’s expected their role to expand and include risk management responsibilities.” (IDG “2021 State of the CIO,” 2021)

    Make integrated risk management sustainable

    58%

    Focus not just on the preventive risk management but also the value-creating opportunities. With 58% of organizations concerned about disruptive technology, it’s an opportunity to take the concern and transform it into innovation. (Accenture)

    70%

    Invest in tools that have data and analytics features. Currently, “gut feelings” or “experience” inform the risk management decisions for 70% of late adopters. (Clear Risk)

    54%

    Align to the strategic vision of the board and CEO, given that these two roles account for 54% of the accountability associated with extended enterprise risk management. (Extended Enterprise Risk Management Survey, 2020,” Deloitte)

    63%

    Include IT leaders in the risk committee to help informed decision making. Currently 63% of chief technology officers are included in the C‑suite risk committee. (AICPA & NC State Poole College of Management)

    Successful adoption of integrated risk management is often associated with these key elements.

    Assessment

    Assess your organization’s method of addressing risk management to determine if integrated risk is possible

    Assessing the organization’s risk maturity

    Mature or not, integrated risk management should be a consideration for all organizations

    The first step to integrating risk management within the enterprise is to understand the organization’s readiness to adopt practices that will enable it to successfully integrate information.

    In 2021, we saw enterprise risk management assessments become one of the most common trends, particularly as a method by which the organization can consolidate the potential impacts of uncertainties or threats (Lawton, 2021). A major driver for this initiative was the recognition that information and technology not only have enterprise-wide impacts on the organization’s risk management but that IT has a critical role in supporting processes that enable effective access to data/information.

    A maturity assessment has several benefits for an organization: It ensures there is alignment throughout the organization on why integrated risk is the right approach to take, it recognizes the organization’s current risk maturity, and it supports the organization in defining where it would like to go.

    Pie chart titled 'Organizational Risk Management Maturity Assessment Results' showing just under half 'Progressing', a third 'Established', a seventh 'Emerging', and a very small portion 'Leading or Aspirational'.

    Integrated Risk Maturity Categories

    Semi-circle with colored points indicating four categories.

    1

    Context & Strategic Direction Understand the organization’s main objectives and how risk can support or enhance those objectives.

    2

    Risk Culture and Authority Examine if risk-based decisions are being made by those with the right level of authority and if the organization’s risk appetite is embedded in the culture.

    3

    Risk Management Process Determine if the current process to identify, assess, respond to, monitor, and report on risks is benefitting the organization.

    4

    Risk Program Optimization Consider opportunities where risk-related data is being gathered, reported, and used to make informed decisions across the enterprise.

    Maturity should inform your approach to risk management

    The outcome of the risk maturity assessment should inform how risk management is approached within the organization.

    A row of waves starting light and small and becoming taller and darker in steps. The levels are 'Non-existent', 'Basic', 'Partially Integrated', 'Mostly Integrated', 'Fully Integrated', and 'Optimized'.

    For organizations with a low maturity, remaining superficial with risk will offer more benefits and align to the enterprise’s risk tolerance and appetite. This might mean no integrated risk is taking place.

    However, organizations that have higher risk maturity should begin to integrate risk information. These organizations can identify the nuances that would affect the severity and impact of risk events.

    Integrated Risk Maturity Assessment

    The purpose of the Integrated Risk Maturity Assessment is to assess the organization's current maturity and readiness for integrated risk management (IRM).

    Frequently and continually assessing your organization’s maturity toward integrated risk ensures the right risk management program can be adopted by your organization.

    Integrated Risk Maturity Assessment

    A simple tool to understand if your organization is ready to embrace integrated risk management by measuring maturity across four key categories: Context & Strategic Direction, Risk Culture & Authority, Risk Management Process, and Risk Program Optimization

    Sample of the Integrated Risk Maturity Assessment deliverable.

    Use the results from this integrated risk maturity assessment to determine the type of risk management program that can and should be adopted by your organization.

    Some organizations will need to remain siloed and focused on IT risk management only, while others will be able to integrate risk-related information to start enabling automatic controls that respond to this data.

    Integrate Threat Intelligence Into Your Security Operations

    • Buy Link or Shortcode: {j2store}320|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: 2 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: Threat Intelligence & Incident Response
    • Parent Category Link: /threat-intelligence-incident-response
    • Organizations have limited visibility into their threat landscape, and as such are vulnerable to the latest attacks, hindering business practices, workflow, revenue generation, and damaging their public image.
    • Organizations are developing ad hoc intelligence capabilities that result in operational inefficiencies, the misalignment of resources, and the misuse of their security technology investments.
    • It is difficult to communicate the value of a threat intelligence solution when trying to secure organizational buy-in and the appropriate resourcing.
    • There is a vast array of “intelligence” in varying formats, often resulting in information overload.

    Our Advice

    Critical Insight

    1. Information alone is not actionable. A successful threat intelligence program contextualizes threat data, aligns intelligence with business objectives, and then builds processes to satisfy those objectives.
    2. Your security controls are diminishing in value (if they haven’t already). As technology in the industry evolves, threat actors will inevitably adopt new tools, tactics, and procedures; a threat intelligence program can provide relevant situational awareness to stay on top of the rapidly-evolving threat landscape.
    3. Your organization might not be the final target, but it could be a primary path for attackers. If you exist as a third-party partner to another organization, your responsibility in your technology ecosystem extends beyond your own product/service offerings. Threat intelligence provides visibility into the latest threats, which can help you avoid becoming a backdoor in the next big data breach.

    Impact and Result

    • Assess the needs and intelligence requirements of key stakeholders.
    • Garner organizational buy-in from senior management.
    • Identify organizational intelligence gaps and structure your efforts accordingly.
    • Understand the different collection solutions to identify which best supports your needs.
    • Optimize the analysis process by leveraging automation and industry best practices.
    • Establish a comprehensive threat knowledge portal.
    • Define critical threat escalation protocol.
    • Produce and share actionable intelligence with your constituency.
    • Create a deployment strategy to roll out the threat intelligence program.
    • Integrate threat intelligence within your security operations.

    Integrate Threat Intelligence Into Your Security Operations Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement a threat intelligence program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Plan for a threat intelligence program

    Assess current capabilities and define an ideal target state.

    • Integrate Threat Intelligence Into Your Security Operations – Phase 1: Plan for a Threat Intelligence Program
    • Security Pressure Posture Analysis Tool
    • Threat Intelligence Maturity Assessment Tool
    • Threat Intelligence Project Charter Template
    • Threat Intelligence RACI Tool
    • Threat Intelligence Management Plan Template
    • Threat Intelligence Policy Template

    2. Design an intelligence collection strategy

    Understand the different collection solutions to identify which best supports needs.

    • Integrate Threat Intelligence Into Your Security Operations – Phase 2: Design an Intelligence Collection Strategy
    • Threat Intelligence Prioritization Tool
    • Threat Intelligence RFP MSSP Template

    3. Optimize the intelligence analysis process

    Begin analyzing and acting on gathered intelligence.

    • Integrate Threat Intelligence Into Your Security Operations – Phase 3: Optimize the Intelligence Analysis Process
    • Threat Intelligence Malware Runbook Template

    4. Design a collaboration and feedback program

    Stand up an intelligence dissemination program.

    • Integrate Threat Intelligence Into Your Security Operations – Phase 4: Design a Collaboration and Feedback Program
    • Threat Intelligence Alert Template
    • Threat Intelligence Alert and Briefing Cadence Schedule Template
    [infographic]

    Take Control of Infrastructure and Operations Metrics

    • Buy Link or Shortcode: {j2store}460|cart{/j2store}
    • member rating overall impact (scale of 10): 8.5/10 Overall Impact
    • member rating average dollars saved: $7,199 Average $ Saved
    • member rating average days saved: 11 Average Days Saved
    • Parent Category Name: Operations Management
    • Parent Category Link: /i-and-o-process-management
    • Measuring the business value provided by IT is very challenging.
    • You have a number of metrics, but they may not be truly meaningful, contextual, or actionable.
    • You know you need more than a single metric to tell the whole story. You also suspect that metrics from different systems combined will tell an even fuller story.
    • You are being asked to provide information from different levels of management, for different audiences, conveying different information.

    Our Advice

    Critical Insight

    • Many organizations collect metrics to validate they are keeping the lights on. But the Infrastructure and Operations managers who are benefitting the most are taking steps to ensure they are getting the right metrics to help them make decisions, manage costs, and plan for change.
    • Complaints about metrics are often rooted in managers wading through too many individual metrics, wrong metrics, or data that they simply can’t trust.
    • Info-Tech surveyed and interviewed a number of Infrastructure managers, CIOs, and IT leaders to understand how they are leveraging metrics. Successful organizations are using metrics for everything from capacity planning to solving customer service issues to troubleshooting system failures.

    Impact and Result

    • Manage metrics so they don’t become time wasters and instead provide real value.
    • Identify the types of metrics you need to focus on.
    • Build a metrics process to ensure you are collecting the right metrics and getting data you can use to save time and make better decisions.

    Take Control of Infrastructure and Operations Metrics Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement a metrics program in your Infrastructure and Operations practice, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Gap analysis

    This phase will help you identify challenges that you want to avoid by implementing a metrics program, discover the main IT goals, and determine your core metrics.

    • Take Control of Infrastructure and Operations Metrics – Phase 1: Gap Analysis
    • Infra & Ops Metrics Executive Presentation

    2. Build strategy

    This phase will help you make an actionable plan to implement your metrics program, define roles and responsibilities, and communicate your metrics project across your organization and with the business division.

    • Take Control of Infrastructure and Operations Metrics – Phase 2: Build Strategy
    • Infra & Ops Metrics Definition Template
    • Infra & Ops Metrics Tracking and Reporting Tool
    • Infra & Ops Metrics Program Roles & Responsibilities Guide
    • Weekly Metrics Review With Your Staff
    • Quarterly Metrics Review With the CIO
    [infographic]

    Cost and Budget Management

    • Buy Link or Shortcode: {j2store}8|cart{/j2store}
    • Related Products: {j2store}8|crosssells{/j2store}
    • Up-Sell: {j2store}8|upsells{/j2store}
    • member rating overall impact (scale of 10): 9.5/10
    • member rating average dollars saved: $2,000
    • member rating average days saved: 5
    • Parent Category Name: Financial Management
    • Parent Category Link: /financial-management

    The challenge

    • IT is seen as a cost center in most organizations. Your IT spend is fuelled by negative sentiment instead of contributing to business value.

    • Budgetary approval is difficult, and in many cases, the starting point is lowering the cost-income ratio without looking at the benefits.
    • Provide the right amount of detail in your budgets to tell your investment and spending story. Align it with the business story. Too much detail only increases confusion, too little suspicion.

    Our advice

    Insight

    An effective IT budget complements the business story with how you will achieve the expected business targets.

    • Partner with the business to understand the strategic direction of the company and its future needs.
    • Know your costs and the value you will deliver.
    • Present your numbers and story clearly and credibly. Excellent delivery is part of good communication.
    • Guide your company by clearly explaining the implications of different choices they can make.

    Impact and results 

    • Get a head-start on your IT forecasting exercise by knowing the business strategy and what initiatives they will launch.
    • The coffee corner works! Pre-sell your ideas in quick chats.
    • Do not make innovation budgets bigger than they need to be. It undermines your credibility.
    • You must know your history to accurately forecast your IT operations cost and how it will evolve based on expected business changes.
    • Anticipate questions. IT discretionary proposals are often challenged. Think ahead of time about what areas your business partners will focus on and be ready with researched and credible responses.
    • When you have an optimized budget, tie further cost reductions to consequences in service delivery or deferred projects, or a changed operating model.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief shows you why you should develop a budget based on value delivery. We'll show you our methodology and the ways we can help you in completing this.

    Plan for budget success

    • Build an IT Budget That Demonstrates Value Delivery – Phase 1: Plan (ppt)
    • IT Budget Interview Guide (doc)

    Build your budget.

    • Build an IT Budget That Demonstrates Value Delivery – Phase 2: Build (ppt)
    • IT Cost Forecasting Tool (xls)

    Sell your budget

    • Build an IT Budget That Demonstrates Value Delivery – Phase 3: Sell (ppt)
    • IT Budget Presentation (ppt)

     

    Implement an IT Employee Development Plan

    • Buy Link or Shortcode: {j2store}592|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: 5 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: Train & Develop
    • Parent Category Link: /train-and-develop
    • There is a growing gap between the competencies organizations have been focused on developing and what is needed in the future.
    • Employees have been left to drive their own development with little direction or support and without the alignment of development to organizational needs.
    • The pace of change in today’s environment demands new competencies while making others obsolete, and IT is challenged with keeping up with upskilling employees.

    Our Advice

    Critical Insight

    • Organizations position development as employee-owned, yet employees still feel like their needs aren’t being met, and many leave as a result.
    • Development needs to be employee-owned and manager-supported but also organization-informed to ensure that it meets the organization’s needs.
    • Today, operating environments change quickly, and organizations need to develop the competencies employees need both today and in the future.

    Impact and Result

    • Design employee development plans that build the competencies the organization and IT department need both today and in the future.
    • Equip managers and build program support to foster continuous learning and development.
    • Connect the right development opportunity to the right employee through an effective development planning process.

    Implement an IT Employee Development Plan Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement effective development planning, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess employees' development needs

    Assist your employees in setting appropriate development goals.

    • Implement Effective Employee Development Planning – Phase 1: Assess Employees' Development Needs
    • IT Manager Job Aid: Employee Development
    • IT Employee Job Aid: Employee Development
    • IT Employee Career Development Workbook
    • Individual Competency Development Plan
    • IT Competency Library
    • Leadership Competencies Workbook

    2. Select appropriate activities for development

    Review existing and identify new development activities that employees can undertake to achieve their goals.

    • Implement Effective Employee Development Planning – Phase 2: Select Activities for Developing Prioritized Competencies
    • Learning Methods Catalog for IT Employees

    3. Build manager coaching skills

    Establish manager and employee follow-up accountabilities.

    • Implement Effective Employee Development Planning – Phase 3: Build Manager Coaching Skills to Support Employee Development
    • Role Play Coaching Scenarios
    [infographic]

    Cyber Resilience Report 2018

    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A

    "The cyber threat landscape today is highly complex and rapidly changing. Cyber security incidents can have several impacts on organizations and society, both on a physical and non-physical level. Through the use of a computer, criminals can indeed cause IT outages, supply chain disruptions and other physical security incidents"

    -- excerpt from the foreword of the BCI Cyber resilience report 2018 by David Thorp, Executive Director, BCI

    There are a number of things you can do to protect yourself. And they range, as usual, from the fairly simple to the more elaborate and esoteric. Most companies can, with some common sense, if not close the door on most of these issues, at least prepare themselves to limit the consequences.

    Register to read more …

    Build Resilience Against Ransomware Attacks

    • Buy Link or Shortcode: {j2store}317|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $68,467 Average $ Saved
    • member rating average days saved: 21 Average Days Saved
    • Parent Category Name: Threat Intelligence & Incident Response
    • Parent Category Link: /threat-intelligence-incident-response
    • Sophisticated ransomware attacks are on the rise and evolving quickly.
    • Executives want reassurance but are not ready to write a blank check. We need to provide targeted and justified improvements.
    • Emerging strains can exfiltrate sensitive data, encrypt systems, and destroy backups in hours, which makes recovery a grueling challenge.

    Our Advice

    Critical Insight

    • Malicious agents design progressive, disruptive attacks to pressure organizations to pay a ransom.
    • Organizations misunderstand ransomware risk scenarios, which obscures the likelihood and impact of an attack.
    • Conventional approaches focus on response and recovery, which do nothing to prevent an attack and are often ineffective against sophisticated attacks.

    Impact and Result

    • Conduct a thorough assessment of your current state; identify potential gaps and assess the possible outcomes of an attack.
    • Analyze attack vectors and prioritize controls that prevent ransomware attacks, and implement ransomware protections and detection to reduce your attack surface.
    • Visualize, plan, and practice your response and recovery to reduce the potential impact of an attack.

    Build Resilience Against Ransomware Attacks Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build Resilience Against Ransomware Attacks

    Use this step-by-step guide to assess your ransomware readiness and implement controls that will improve your ability to prevent incursions and defend against attacks.

    • Build Resilience Against Ransomware Attacks – Phases 1-4

    2. Ransomware Resilience Assessment – Complete the ransomware resilience assessment and establish metrics.

    Use this assessment tool to assess existing protection, detection, response, and recovery capabilities and identify potential improvements.

    • Ransomware Resilience Assessment

    3. Threat Preparedness Workbook – Improve protection and detection capabilities.

    Use this threat preparedness workbook to evaluate the threats and tactics in the ransomware kill chain using the MITRE framework and device appropriate countermeasures.

    • Enterprise Threat Preparedness Workbook

    4. Tabletop Planning Exercise and Example Results – Improve response and recovery capabilities with a tabletop exercise for your internal IT team.

    Adapt this tabletop planning session template to plan and practice the response of your internal IT team to a ransomware scenario.

    • Tabletop Exercise – Internal (Ransomware Template)
    • Ransomware Tabletop Planning Results – Example (Visio)
    • Ransomware Tabletop Planning Results – Example (PDF)

    5. Ransomware Response Runbook and Workflow – Document ransomware response steps and key stakeholders.

    Adapt these workflow and runbook templates to coordinate the actions of different stakeholders through each stage of the ransomware incident response process.

    • Ransomware Response Runbook Template
    • Ransomware Response Workflow Template (Visio)
    • Ransomware Response Workflow Template (PDF)

    6. Extended Tabletop Exercise and Leadership Guide – Run a tabletop test to plan and practice the response of your leadership team.

    Adapt this tabletop planning session template to plan leadership contributions to the ransomware response workflow. This second tabletop planning session will focus on communication strategy, business continuity plan, and deciding whether the organization should pay a ransom.

    • Tabletop Exercise – Extended (Ransomware Template)
    • Leadership Guide for Extended Ransomware

    7. Ransomware Resilience Summary Presentation – Summarize status and next steps in an executive presentation.

    Summarize your current state and present a prioritized project roadmap to improve ransomware resilience over time.

    • Ransomware Resilience Summary Presentation

    Infographic

    Workshop: Build Resilience Against Ransomware Attacks

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Ransomware Resilience

    The Purpose

    Set workshop goals, review ransomware trends and risk scenarios, and assess the organization’s resilience to ransomware attacks.

    Key Benefits Achieved

    Develop a solid understanding of the likelihood and impact of a ransomware attack on your organization.

    Complete a current state assessment of key security controls in a ransomware context.

    Activities

    1.1 Review incidents, challenges, and project drivers.

    1.2 Diagram critical systems and dependencies and build risk scenario.

    1.3 Assess ransomware resilience.

    Outputs

    Workshop goals

    Ransomware Risk Scenario

    Ransomware Resilience Assessment

    2 Protect and Detect

    The Purpose

    Improve your capacity to protect your organization from ransomware and detect attacks along common vectors.

    Key Benefits Achieved

    Identify targeted countermeasures that improve protection and detection capabilities.

    Activities

    2.1 Assess ransomware threat preparedness.

    2.2 Determine the impact of ransomware techniques on your environment.

    2.3 Identify countermeasures to improve protection and detection capabilities.

    Outputs

    Targeted ransomware countermeasures to improve protection and detection capabilities.

    Targeted ransomware countermeasures to improve protection and detection capabilities.

    Targeted ransomware countermeasures to improve protection and detection capabilities.

    3 Respond and Recover

    The Purpose

    · Improve your organization’s capacity to respond to ransomware attacks and recover effectively.

    Key Benefits Achieved

    Build response and recovery capabilities that reduce the potential business disruption of successful ransomware attacks.

    Activities

    3.1 Review the workflow and runbook templates.

    3.2 Update/define your threat escalation protocol.

    3.3 Define scenarios for a range of incidents.

    3.4 Run a tabletop planning exercise (IT).

    3.5 Update your ransomware response runbook.

    Outputs

    Security Incident Response Plan Assessment.

    Tabletop Planning Session (IT)

    Ransomware Workflow and Runbook.

    4 Improve Ransomware Resilience.

    The Purpose

    Identify prioritized initiatives to improve ransomware resilience.

    Key Benefits Achieved

    Identify the role of leadership in ransomware response and recovery.

    Communicate workshop outcomes and recommend initiatives to improve ransomware resilience.

    Activities

    4.1 Run a tabletop planning exercise (Leadership).

    4.2 Identify initiatives to close gaps and improve resilience.

    4.3 Review broader strategies to improve your overall security program.

    4.4 Prioritize initiatives based on factors such as effort, cost, and risk.

    4.5 Review the dashboard to fine tune your roadmap.

    4.6 Summarize status and next steps in an executive presentation.

    Outputs

    Tabletop Planning Session (Leadership)

    Ransomware Resilience Roadmap and Metrics

    Ransomware Workflow and Runbook

    Further reading

    Build Ransomware Resilience

    Prevent ransomware incursions and defend against ransomware attacks

    EXECUTIVE BRIEF

    Executive Summary

    Your Challenge

    Ransomware is a high-profile threat that demands immediate attention:

    • Sophisticated ransomware attacks are on the rise and evolving quickly.
    • Emerging strains can exfiltrate sensitive data, encrypt systems, and destroy backups in only a few hours, which makes recovery a grueling challenge.
    • Executives want reassurance but aren't ready to write a blank check. Improvements must be targeted and justified.

    Common Obstacles

    Ransomware is more complex than other security threats:

    • Malicious agents design progressive, disruptive attacks to pressure organizations to pay a ransom.
    • Organizations misunderstand ransomware risk scenarios, which obscures the likelihood and impact of an attack.
    • Conventional approaches focus on response and recovery, which do nothing to prevent an attack and are often ineffective against sophisticated attacks.

    Info-Tech's Approach

    To prevent a ransomware attack:

    • Conduct a through assessment of your current state, identify potential gaps, and assess the possible outcomes of an attack.
    • Analyze attack vectors and prioritize controls that prevent ransomware attacks, and implement ransomware protection and detection to reduce your attack surface.
    • Visualize, plan, and practice your response and recovery to reduce the potential impact of an attack.

    Info-Tech Insight

    Resilience is not a trampoline, where you're down one moment and up the next. It's more like climbing a mountain. It takes time, planning, and help from people around you to work through challenges. Focus on what is in your organization's control, and cultivate strengths that allow you to protect assets, detect incursions, respond effectively, and recovery quickly.

    Analyst Perspective

    Ransomware is an opportunity and a challenge.

    As I write, the frequency and impact of ransomware attacks continue to increase, with no end in sight. Most organizations will experience ransomware in the next 24 months, some more than once, and business leaders know it. You will never have a better chance to implement best practice security controls as you do now.

    The opportunity comes with important challenges. Hackers need to spend less time in discovery before they deploy an attack, which have become much more effective. You can't afford to rely solely on your ability to respond and recover. You need to build a resilient organization that can withstand a ransomware event and recover quickly.

    Resilient organizations are not impervious to attack, but they have tools to protect assets, detect incursions, and respond effectively. Resilience is not a trampoline, where you're down one moment and up the next. It's more like climbing a mountain. It takes time, planning, and help from people around you to overcome challenges and work through problems. But eventually you reach the top and look back at how far you've come.

    This is an image of Michael Hébert

    Michel Hébert
    Research Director, Security and Privacy
    Info-Tech Research Group

    Ransomware attacks are on the rise and evolving quickly.

    Three factors contribute to the threat:

    • The rise of ransomware-as-a-service, which facilitates attacks.
    • The rise of crypto-currency, which facilitates anonymous payment.
    • State sponsorship of cybercrime.

    Elementus maps ransomware payments made through bitcoin. Since 2019, victims made at least $2B in payments.

    A handful of criminal organizations, many of whom operate out of cybercrime hotbeds in Russia, are responsible for most of the damage. The numbers capture only the ransom paid, not the clean-up cost and economic fallout over attacks during this period.

    Total ransom money collected (2015 – 2021): USD 2,592,889,121

    This image contains a bubble plot graph showing the total ransom money collected between the years 2015 - 2021.

    The frequency and impact of ransomware attacks are increasing

    Emerging strains can exfiltrate sensitive data, encrypt systems and destroy backups in only a few hours, which makes recovery a grueling challenge.

    Sophos commissioned a vendor agnostic study of the real-world experience of 5,600 IT professionals in mid-sized organizations across 31 countries and 15 industries.

    The survey was conducted in Jan – Feb 2022 and asked about the experience of respondents over the previous year.

    66%
    Hit by ransomware in 2021
    (up from 37% in 2020)

    90%
    Ransomware attack affected their ability to operate

    $812,360 USD
    Average ransom payment

    $4.54M
    Average remediation cost (not including ransom)

    ONE MONTH
    Average recovery time

    Meanwhile, organizations continue to put their faith in ineffective ransomware defenses.

    Of the respondents whose organizations weren't hit by ransomware in 2021 and don't expect to be hit in the future, 72% cited either backups or cyberinsurance as reasons why they anticipated an attack.

    While these elements can help recover from an attack, they don't prevent it in the first place.

    Source: Sophos, State of Ransomware (2022)
    IBM, Cost of A Data Breach (2022)

    The 3-step ransomware attack playbook

    • Get in
    • Spread
    • Profit

    At each point of the playbook, malicious agents need to achieve something before they can move to the next step.

    Resilient organizations look for opportunities to:

    • Learn from incursions
    • Disrupt the playbook
    • Measure effectiveness

    Initial access

    Execution

    Privilege Escalation

    Credential Access

    Lateral Movement

    Collection

    Data Exfiltration

    Data encryption

    Deliver phishing email designed to avoid spam filter.

    Launch malware undetected.

    Identify user accounts.

    Target an admin account.

    Use brute force tactics to crack it.

    Move through the network and collect data.

    Infect as many critical systems and backups as possible to limit recovery options.

    Exfiltrate data to gain leverage.

    Encrypt data, which triggers alert.

    Deliver ransom note.

    Ransomware is more complex than other security threats

    Ransomware groups thrive through extortion tactics.

    • Traditionally, ransomware attacks focused on encrypting files as an incentive for organizations to pay up.
    • As organizations improved backup and recovery strategies, gangs began targeting, encrypting, and destroying back ups.
    • Since 2019, gangs have focused on a double-extortion strategy: exfiltrate sensitive or protected data before encrypting systems and threaten to publish them.

    Organizations misunderstand ransomware risk scenarios, which obscures the potential impact of an attack.

    Ransom is only a small part of the equation. Four process-related activities drive ransomware recovery costs:

    • Detection and Response – Activities that enable detection, containment, eradication and recovery.
    • Notification – Activities that enable reporting to data subjects, regulators, law enforcement, and third parties.
    • Lost Business – Activities that attempt to minimize the loss of customers, business disruption, and revenue.
    • Post Breach Response – Redress activities to victims and regulators, and the implementation of additional controls.

    Source: IBM, Cost of a Data Breach (2022)

    Disrupt the attack each stage of the attack workflow.

    An effective response with strong, available backups will reduce the operational impact of an attack, but it won't spare you from its reputational and regulatory impact.

    Put controls in place to disrupt each stage of the attack workflow to protect the organization from intrusion, enhance detection, respond quickly, and recover effectively.

    Shortening dwell time requires better protection and detection

    Ransomware dwell times and average encryption rates are improving dramatically.

    Hackers spend less time in your network before they attack, and their attacks are much more effective.

    Avg dwell time
    3-5 Days

    Avg encryption rate
    70 GB/h

    Avg detection time
    11 Days

    What is dwell time and why does it matter?

    Dwell time is the time between when a malicious agent gains access to your environment and when they are detected. In a ransomware attack, most organizations don't detect malicious agents until they deploy ransomware, encrypt their files, and lock them out until they pay the ransom.

    Effective time is a measure of the effectiveness of the encryption algorithm. Encryption rates vary by ransomware family. Lockbit has the fastest encryption rate, clocking in at 628 GB/h.

    Dwell times are dropping, and encryption rates are increasing.

    It's more critical than ever to build ransomware resilience. Most organizations do not detect ransomware incursions in time to prevent serious business disruption.

    References: Bleeping Computers (2022), VentureBeat, Dark Reading, ZDNet.

    Resilience depends in part on response and recovery capabilities

    This blueprint will focus on improving your ransomware resilience to:

    • Protect against ransomware.
    • Detect incursions.
    • Respond and recovery effectively.

    Response

    Recovery

    This image depicts the pathway for response and recovery from a ransomware event.

    For in-depth assistance with disaster recovery planning, refer to Info-Tech's Create a Right-Sized Disaster Recovery.

    Info-Tech's ransomware resilience framework

    Disrupt the playbooks of ransomware gangs. Put controls in place to protect, detect, respond and recover effectively.

    Prioritize protection

    Put controls in place to harden your environment, train savvy end users, and prevent incursions.

    Support recovery

    Build and test a backup strategy that meets business requirements to accelerate recovery and minimize disruption.

    Protect Detect Respond

    Recover

    Threat preparedness

    Review ransomware threat techniques and prioritize detective and mitigation measures for initial and credential access, privilege escalation, and data exfiltration.

    Awareness and training

    Develop security awareness content and provide cybersecurity and resilience training to employees, contractors and third parties.

    Perimeter security

    Identify and implement network security solutions including analytics, network and email traffic monitoring, and intrusion detection and prevention.

    Respond and recover

    Identify disruption scenarios and develop incident response, business continuity, and disaster recovery strategies.

    Access management

    Review the user access management program, policies and procedures to ensure they are ransomware-ready.

    Vulnerability management

    Develop proactive vulnerability and patch management programs that mitigate ransomware techniques and tactics.

    This image contains the thought map for Info-Tech's Blueprint: Build Resilience Against Ransomware Attacks.

    Info-Tech's ransomware resilience methodology

    Assess resilience Protect and detect Respond and recover Improve resilience
    Phase steps
    1. Build ransomware risk scenario
    2. Conduct resilience assessment
    1. Assess attack vectors
    2. Identify countermeasures
    1. Review Security Incident Management Plan
    2. Run Tabletop Test (IT)
    3. Document Workflow and Runbook
    1. Run Tabletop Test (Leadership)
    2. Prioritize Resilience Initiatives
    Phase outcomes
    • Ransomware Resilience Assessment
    • Risk Scenario
    • Targeted ransomware countermeasures to improve protection and detection capabilities
    • Security Incident Response Plan Assessment
    • Tabletop Test (IT)
    • Ransomware Workflow and Runbook
    • Tabletop Test (Leadership)
    • Ransomware Resilience Roadmap & Metrics

    Insight Summary

    Shift to a ransomware resilience model

    Resilience is not a trampoline, where you're down one moment and up the next. It's more like climbing a mountain. It takes time, planning, and help from people around you to work through challenges.

    Focus on what is in your organization's control, and cultivate strengths that allow you to protect assets, detect incursions, and respond and recover quickly

    Visualize challenges

    Build risk scenarios that describe how a ransomware attack would impact organizational goals.

    Understand possible outcomes to motivate initiatives, protect your organization, plan your response, and practice recovery.

    Prioritize protection

    Dwell times and effective times are dropping dramatically. Malicious agents spend less time in your network before they deploy an attack, and their attacks are much more effective. You can't afford to rely on your ability to respond and recover alone.

    Seize the moment

    The frequency and impact of ransomware attacks continue to increase, and business leaders know it. You will never have a better chance to implement best practice security controls than you do now.

    Measure ransomware resilience

    The anatomy of ransomware attack is relatively simple: malicious agents get in, spread, and profit. Deploy ransomware protection metrics to measure ransomware resilience at each stage.

    Key deliverable

    Ransomware resilience roadmap

    The resilience roadmap captures the key insights your work will generate, including:

    • An assessment of your current state and a list of initiatives you need to improve your ransomware resilience.
    • The lessons learned from building and testing the ransomware response workflow and runbook.
    • The controls you need to implement to measure and improve your ransomware resilience over time.

    Project deliverables

    Info-Tech supports project and workshop activities with deliverables to help you accomplish your goals and accelerate your success.

    Ransomware Resilience Assessment

    Measure ransomware resilience, identify gaps, and draft initiatives.

    Enterprise Threat Preparedness Workbook

    Analyze common ransomware techniques and develop countermeasures.

    Ransomware Response Workflow & Runbook

    Capture key process steps for ransomware response and recovery.

    Ransomware Tabletop Tests

    Run tabletops for your IT team and your leadership team to gather lessons learned.

    Ransomware Resilience Roadmap

    Capture project insights and measure resilience over time.

    Plan now or pay later

    Organizations worldwide spent on average USD 4.62M in 2021 to rectify a ransomware attack. These costs include escalation, notification, lost business and response costs, but did not include the cost of the ransom. Malicious ransomware attacks that destroyed data in destructive wiper-style attacks cost an average of USD 4.69M.

    Building better now is less expensive than incurring the same costs in addition to the clean-up and regulatory and business disruption costs associated with successful ransomware attacks.

    After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research and advisory services helped them achieve.

    Source: IBM, Cost of a Data Breach (2022)

    See what members have to say about the ransomware resilience blueprint:

    • Overall Impact: 9.8 / 10
    • Average $ Saved: $98,796
    • Average Days Saved: 17

    "Our advisor was well-versed and very polished. While the blueprint alone was a good tool to give us direction, his guidance made it significantly faster and easier to accomplish than if we had tried to tackle it on our own."

    CIO, Global Manufacturing Organization

    Blueprint benefits

    IT benefits

    Business benefits

    • Provide a structured approach for your organization to identify gaps, quantify the risk, and communicate status to drive executive buy-in.
    • Create a practical ransomware incident response plan that combines a high-level workflow with a detailed runbook to coordinate response and recovery.
    • Present an executive-friendly project roadmap with resilience metrics that summarizes your plan to address gaps and improve your security posture.
    • Enable leadership to make risk-based, informed decisions on resourcing and investments to improve ransomware readiness.
    • Quantify the potential impact of a ransomware attack on your organization to drive risk awareness.
    • Identify existing gaps so they can be addressed, whether by policy, response plans, technology, or a combination of these.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Executive brief case study

    SOURCE: Interview with CIO of large enterprise

    Organizations who "build back better" after a ransomware attack often wish they had used relevant controls sooner.

    Challenge

    In February 2020, a large organization found a ransomware note on an admin's workstation. They had downloaded a local copy of the organization's identity management database for testing and left a port open on their workstation. Hackers exfiltrated it and encrypted the data on the workstation. They demanded a ransom payment to decrypt the data.

    Complication

    Because private information was breached, the organization informed the state-level regulator. With 250,000 accounts affected, plans were made to require password changes en masse. A public announcement was made two days after the breach to ensure that everyone affected could be reached.

    The organization decided not to pay the ransom because it had a copy on an unaffected server.

    Resolution

    The organization was praised for its timely and transparent response.

    The breach motivated the organization to put more protections in place, including:

    • The implementation of a deny-by-default network.
    • The elimination of remote desktop protocol and secure shell.
    • IT mandating MFA.
    • New endpoint-detection and response systems.

    Executive brief case study

    SOURCE: Info-Tech Workshop Results
    iNDUSTRY: Government

    Regional government runs an Info-Tech workshop to fast-track its ransomware incident response planning

    The organization was in the middle of developing its security program, rolling out security awareness training for end users, and investing in security solutions to protect the environment and detect incursions. Still, the staff knew they still had holes to fill. They had not yet fully configured and deployed security solutions, key security policies were missing, and they had didn't have a documented ransomware incident response plan.

    Workshop results

    Info-Tech advisors helped the organization conduct a systematic review of existing processes, policies, and technology, with an eye to identify key gaps in the organization's ransomware readiness. The impact analysis quantified the potential impact of a ransomware attack on critical systems to improve the organizational awareness ransomware risks and improve buy-in for investment in the security program.

    Info-Tech's tabletop planning exercise provided a foundation for the organization's actual response plan. The organization used the results to build a ransomware response workflow and the framework for a more detailed runbook. The workshop also helped staff identifies ways to improve the backup strategy and bridge further gaps in their ability to recover.

    The net result was a current-state response plan, appropriate capability targets aligned with business requirements, and a project roadmap to achieve the organization's desired state of ransomware readiness.

    Guided implementation

    What kind of analyst experiences do clients have when working through this blueprint?

    Scoping Call Phase 1 Phase 2 Phase 3 Phase 4

    Call #1:

    Discuss context, identify challenges, and scope project requirements.

    Identify ransomware resilience metrics.

    Call #2:

    Build ransomware risk scenario.

    Call #4:

    Review common ransomware attack vectors.

    Identify and assess mitigation controls.

    Call #5:

    Document ransomware workflow and runbook.

    Call #7:

    Run tabletop test with leadership.

    Call #3:

    Assess ransomware resilience.

    Call #6:

    Run tabletop test with IT.

    Call #8:

    Build ransomware roadmap.

    Measure ransomware resilience metrics.

    A guided implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 6 to 8 calls over the course of 4 to 6 months.

    Workshop overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    Activities

    Assess ransomware resilience

    Protect and detect

    Respond and recover

    Improve ransomware resilience

    Wrap-up (offsite and offline)

    1.1 1 Review incidents, challenges, and project drivers.

    1.1.2 Diagram critical systems and dependencies.

    1.1.3 Build ransomware risk scenario.

    2.1 1. Assess ransomware threat preparedness.

    2.2 2. Determine the impact of ransomware techniques on your environment.

    2.3 3. Identify countermeasures to improve protection and detection capabilities.

    3.1.1 Review the workflow and runbook templates.

    3.1.2 Update/define your threat escalation protocol.

    3.2.1 Define scenarios for a range of incidents.

    3.2.2 Run a tabletop planning exercise (IT).

    3.3.1 Update your ransomware response workflow.

    4.1.1 Run a tabletop planning exercise (leadership).

    4.1.2 Identify initiatives to close gaps and improve resilience.

    4.1.3 Review broader strategies to improve your overall security program.

    4.2.1 Prioritize initiatives based on factors such as effort, cost, and risk.

    4.2.2 Review the dashboard to fine tune your roadmap.

    4.3.1 Summarize status and next steps in an executive presentation.

    5.1 Complete in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    5.3 Revisit ransomware resilience metrics in three months.

    Deliverables
    1. Workshop goals
    2. Ransomware Risk Scenario
    3. Ransomware Resilience Assessment
    1. Targeted ransomware countermeasures to improve protection and detection capabilities.
    1. Security Incident Response Plan Assessment
    2. Tabletop Planning Session (IT)
    3. Ransomware Workflow and Runbook
    1. Tabletop Planning Session (Leadership)
    2. Ransomware Resilience Roadmap and Metrics
    3. Ransomware Summary Presentation
    1. Completed Ransomware Resilience Roadmap
    2. Ransomware Resilience Assessment
    3. Ransomware Resilience Summary Presentation

    Phase 1

    Assess ransomware resilience

    Phase 1 Phase 2 Phase 3 Phase 4

    1.1 Build ransomware risk scenario

    1.2 Conduct resilience assessment

    2.1 Assess attack vectors

    2.2 Identify countermeasures

    3.1 Review Security Incident Management Plan

    3.2 Run Tabletop Test (IT)

    3.3 Document Workflow and Runbook

    4.1 Run Tabletop Test (Leadership)

    4.2 Prioritize resilience initiatives

    4.3 Measure resilience metrics

    This phase will walk you through the following activities:

    • Conducting a maturity assessment.
    • Reviewing selected systems and dependencies.
    • Assessing a ransomware risk scenario.

    This phase involves the following participants:

    • Security Incident Response Team (SIRT)
    • System subject-matter experts (SMEs)

    Build Ransomware Resilience

    Step 1.1

    Build ransomware risk scenario

    Activities

    1.1.1 Review incidents, challenges and project drivers

    1.1.2 Diagram critical systems and dependencies

    1.1.3 Build ransomware risk scenario

    Assess ransomware resilience

    This step will guide you through the following activities:

    • Reviewing incidents, challenges, and drivers.
    • Diagraming critical systems and dependencies.
    • Building a ransomware risk scenario.

    This step involves the following participants:

    • Security Incident Response Team (SIRT)
    • Subject-Matter Experts

    Outcomes of this step

    • Establish a repeatable process to evaluate and improve ransomware readiness across your environment.
    • Build a ransomware risk scenario to assess the likelihood and impact of an attack.

    1.1.1 Review incidents, challenges, and project drivers

    1 hour

    Brainstorm the challenges you need to address in the project. Avoid producing solutions at this stage, but certainly record suggestions for later. Use the categories below to get the brainstorming session started.

    Past incidents and other drivers

    • Past incidents (be specific):
      • Past security incidents (ransomware and other)
      • Close calls (e.g. partial breach detected before damage done)
    • Audit findings
    • Events in the news
    • Other?

    Security challenges

    • Absent or weak policies
    • Lack of security awareness
    • Budget limitations
    • Other?

    Input

    • Understanding of existing security capability and past incidents.

    Output

    • Documentation of past incidents and challenges.
    • Level-setting across the team regarding challenges and drivers.

    Materials

    • Whiteboard or flip chart (or a shared screen if staff are remote)

    Participants

    • Security Incident Response Team (SIRT)

    1.1.2 Diagram critical systems and dependencies (1)

    1 hour

    Brainstorm critical systems and their dependencies to build a ransomware risk scenario. The scenario will help you socialize ransomware risks with key stakeholders and discuss the importance of ransomware resilience.

    Focus on a few key critical systems.

    1. On a whiteboard or flip chart paper, make a list of systems to potentially include in scope. Consider:
      1. Key applications that support critical business operations.
      2. Databases that support multiple key applications.
      3. Systems that hold sensitive data (e.g. data with personally identifiable information [PII]).
    2. Select five to ten systems from the list.
      1. Select systems that support different business operations to provide a broader sampling of potential impacts and recovery challenges.
      2. Include one or two non-critical systems to show how the methodology addresses a range of criticality and context.

    Input

    • High-level understanding of critical business operations and data sets.

    Output

    • Clarify context, dependencies, and security and recovery challenges for some critical systems.

    Materials

    • Whiteboard or flip chart (or a shared screen if staff are remote)

    Participants

    • Security Incident Response Team (SIRT)
    • System SMEs (if not covered by SIRT members)

    1.1.2 Diagram critical systems and dependencies (2)

    1 hour

    1. A high-level topology or architectural diagram is an effective way to identify dependencies and communicate risks to stakeholders.

    Start with a WAN diagram, then your production data center, and then each critical
    system. Use the next three slides as your guide.

    Notes:

    • If you have existing diagrams, you can review those instead. However, if they are too detailed, draw a higher-level diagram to provide context. Even a rough sketch is a useful reference tool for participants.
    • Keep the drawings tidy and high level. Visualize the final diagram before you start to draw on the whiteboard to help with spacing and placement.
    • Collaborate with relevant SMEs to identify dependencies.

    Input

    • High-level understanding of critical business operations and data sets.

    Output

    • Clarify context, dependencies, and security and recovery challenges for some critical systems.

    Materials

    • Whiteboard or flip chart (or a shared screen if staff are remote)

    Participants

    • Security Incident Response Team (SIRT)
    • System SMEs (if not covered by SIRT members)

    For your WAN diagram, focus on data center and business locations

    Start with a high-level network diagram like this one, and then dig deeper (see following slides) to provide more context. Below is an example; of course, your sketched diagrams may be rougher.

    This image contains a nexample of a High level Network Diagram.

    Diagram your production data center to provide context for the systems in scope

    Creating a high-level diagram provides context across different IT disciplines involved in creating your DRP. If you have multiple production data centers, focus on the data center(s) relevant to the selected systems. Below is an example.

    This image contains a nexample of a high level diagram which focuses on the data centers relevent to the selected system.

    Diagram each selected system to identify specific dependencies and redundancies

    Diagram the "ecosystem" for each system, identifying server, storage, and network dependencies. There may be overlap with the production data center diagram – but aim to be specific here. Below is an example that illustrates front-end and back-end components.

    When you get to this level of detail, use this opportunity to level-set with the team. Consider the following:

    • Existing security (Are these systems protected by your existing security monitoring and threat detection tools?).
    • Security challenges (e.g. public-facing systems).
    • Recovery challenges (e.g. limited or infrequent backups).
    This is an example of a diagram of a system ecosystem.

    Note the limitations of your security, backup, and DR solutions

    Use the diagrams to assess limitations. Gaps you identify here will often apply to other aspects of your environment.

    1. Security limitations
    • Are there any known security vulnerabilities or risks, such as external access (e.g. for a customer portal)? If so, are those risks mitigated? Are existing security solutions being fully used?
  • Backup limitations
    • What steps are taken to ensure the integrity of your backups (e.g. through inline or post-backup scanning, or the use of immutable backups)? Are there multiple restore points to provide more granularity when determining how far back you need to go for a clean backup?
  • Disaster recovery limitations
    • Does your DR solution account for ransomware attacks or is it designed only for one-way failover (i.e. for a smoking hole scenario)?
  • We will review the gaps we identify through the project in phase 4.

    For now, make a note of these gaps and continue with the next step.

    Draft risk scenarios to illustrate ransomware risk

    Risk scenarios help decision-makers understand how adverse events affect business goals.

    • Risk-scenario building is the process of identifying the critical factors that contribute to an adverse event and crafting a narrative that describes the circumstances and consequences if it were to happen.
    • Risk scenarios set up the risk analysis stage of the risk assessment process. They are narratives that describe in detail:
      • The asset at risk.
      • The threat that can act against the asset.
      • Their intent or motivation.
      • The circumstances and threat actor model associated with the threat event.
      • The potential effect on the organization.
      • When or how often the event might occur.

    Risk scenarios are further distilled into a single sentence or risk statement that communicates the essential elements from the scenario.

    Risk identification → Risk scenario → Risk statement

    Well-crafted risk scenarios have four components

    The slides walk through how to build a ransomware risk scenario

    THREAT Exploits an ASSET Using a METHOD Creating an EFFECT.

    An actor capable of harming an asset

    Anything of value that can be affected and results in loss

    Technique an actor uses to affect an asset

    How loss materializes

    Examples: Malicious or untrained employees, cybercriminal groups, malicious state actors

    Examples: Systems, regulated data, intellectual property, people

    Examples: Credential compromise, privilege escalation, data exfiltration

    Examples: Loss of data confidentiality, integrity, or availability; impact on staff health and safety

    Risk scenarios are concise, four to six sentence narratives that describe the core elements of forecasted adverse events.

    Use them to engage stakeholders with the right questions and guide them to make informed decisions about how to address ransomware risks.

    1.1.3 Build ransomware risk scenario (1)

    2 hours

    In a ransomware risk scenario, the threat, their motivations, and their methods are known. Malicious agents are motivated to compromise critical systems, sabotage recovery, and exfiltrate data for financial gain.

    The purpose of building the risk scenario is to highlight the assets at risk and the potential effect of a ransomware attack.

    As a group, consider critical or mission-essential systems identified in step 1.1.2. On a whiteboard, brainstorm the potential adverse effect of a loss of system availability, confidentiality or integrity.

    Consider the impact on:

    • Information systems.
    • Sensitive or regulated data.
    • Staff health and safety.
    • Critical operations and objectives.
    • Organizational finances.
    • Reputation and brand loyalty.

    Input

    • Understanding of critical systems and dependencies.

    Output

    • Ransomware risk scenario to engage guide stakeholders to make informed decisions about addressing risks.

    Materials

    • Whiteboard or flip chart (or a shared screen if staff are remote)

    Participants

    • Security Incident Response Team (SIRT)

    1.1.3 Build ransomware risk scenario (2)

    2 hours

    1. On a whiteboard, brainstorm how threat agents will exploit vulnerabilities in critical assets to reach their goal. Redefine attack vectors to capture what could result from a successful initial attack.
    2. Bring together the critical risk elements into a single risk scenario.
    3. Distill the risk scenario into a single risk statement that captures the threat, the asset it will exploit, the method it will use, and the impact it will have on the organization.
    4. You can find a sample risk scenario and risk statement on the next slide.

    THREAT Exploits an ASSET Using a METHOD Creating an EFFECT.

    Inputs for risk scenario identification

    Risk analysis

    Critical assets

    ERP, CRM, FMS, LMS

    Operational technology

    Sensitive or regulated data

    Threat agents

    Cybercriminals

    Methods

    Compromise end user devices through social engineering attacks,. Compromise networks through external exposures and software vulnerabilities.

    Identify and crack administrative account. Escalate privileges. Move laterally.

    Collect data, destroy backups, exfiltrate data for leverage, encrypt systems,.

    Threaten to publish exfiltrated data and demand ransom.

    Adverse effect

    Serious business disruption

    Financial damage

    Reputational damage

    Potential litigation

    Average downtime: 30 Days

    Average clean-up costs: USD 1.4M

    Sample ransomware risk scenario

    Likelihood: Medium
    Impact: High

    Risk scenario

    Cyber-criminals penetrate the network, exfiltrate critical or sensitive data, encrypt critical systems, and demand a ransom to restore access.

    They threaten to publish sensitive data online to pressure the organization to pay the ransom, and reach out to partners, staff, and students directly to increase the pressure on the organization.

    Network access likely occurs through a phishing attack, credential compromise, or remote desktop protocol session.

    Risk statement

    Cybercriminals penetrate the network, compromise backups, exfiltrate and encrypt data, and disrupt computer systems for financial gain.

    Threat Actor:

    • Cybercriminals

    Assets:

    • Critical systems (ERP, FMS, CRM, LMS)
    • HRIS and payroll
    • Data warehouse
    • Office 365 ecosystem (email, Teams)

    Effect:

    • Loss of system availability
    • Lost of data confidentiality

    Methods:

    • Phishing
    • Credential compromise
    • Compromised remote desktop protocol
    • Privilege escalation
    • Lateral movement
    • Data collection
    • Data exfiltration
    • Data encryption

    Step 1.2

    Conduct resilience assessment

    Activities

    1.2.1 Complete resilience assessment

    1.2.2 Establish resilience metrics

    This step will guide you through the following activities :

    • Completing a ransomware resilience assessment
    • Establishing baseline metrics to measure ransomware resilience.

    This step involves the following participants:

    • Security Incident Response Team (SIRT)
    • Subject-matter experts

    .Outcomes of this step

    • Current maturity, targets, and initial gap analysis

    Maturity levels in this blueprint draw on the CMMI framework

    The maturity levels are based on the Capability Maturity Model Integration framework. We outline our modifications below.

    CMMI Maturity Level – Default Descriptions:

    CMMI Maturity Level – Modified for This Assessment:

    • Level 1 – Initial: Unpredictable and reactive. Work gets completed but is often delayed and over budget.
    • Level 2 – Managed: Managed on the project level. Projects are planned, performed, measured, and controlled.
    • Level 3 – Defined: Proactive rather than reactive. Organization-wide standards provide guidance across projects, programs, and portfolios.
    • Level 4 – Quantitatively managed: Measured and controlled. Organization is data-driven, with quantitative performance improvement objectives that are predictable and align to meet the needs of internal and external stakeholders.
    • Level 5 – Optimizing: Stable and flexible. Organization is focused on continuous improvement and is built to pivot and respond to opportunity and change. The organization's stability provides a platform for agility and innovation.
    • Level 1 – Initial/ad hoc: Not well defined and ad hoc in nature.
    • Level 2 – Developing: Established but inconsistent and incomplete.
    • Level 3 – Defined: Formally established, documented, and repeatable.
    • Level 4 – Managed and measurable: Managed using qualitative and quantitative data to ensure alignment with business requirements.
    • Level 5 – Optimizing: Qualitative and quantitative data is used to continually improve.

    (Source: CMMI Institute, CMMI Levels of Capability and Performance)

    Info-Tech's ransomware resilience framework

    Disrupt the playbooks of ransomware gangs. Put controls in place to protect, detect, respond and recover effectively.

    Prioritize protection

    Put controls in place to harden your environment, train savvy end users, and prevent incursions.

    Support recovery

    Build and test a backup strategy that meets business requirements to accelerate recovery and minimize disruption.

    Protect Detect Respond

    Recover

    Threat preparedness

    Review ransomware threat techniques and prioritize detective and mitigation measures for initial and credential access, privilege escalation, and data exfiltration.

    Awareness and training

    Develop security awareness content and provide cybersecurity and resilience training to employees, contractors and third parties.

    Perimeter security

    Identify and implement network security solutions including analytics, network and email traffic monitoring, and intrusion detection and prevention.

    Respond and recover

    Identify disruption scenarios and develop incident response, business continuity, and disaster recovery strategies.

    Access management

    Review the user access management program, policies and procedures to ensure they are ransomware-ready.

    Vulnerability management

    Develop proactive vulnerability and patch management programs that mitigate ransomware techniques and tactics.

    1.2.1 Complete the resilience assessment

    2-3 hours

    Use the Ransomware Resilience Assessment Tool to assess maturity of existing controls, establish a target state, and identify an initial set of initiatives to improve ransomware resilience.

    Keep the assessment tool on hand to add gap closure initiatives as you proceed through the project.

    Download the Ransomware Resilience Assessment

    Outcomes:

    • Capture baseline resilience metrics to measure progress over time.
      • Low scores are common. Use them to make the case for security investment.
      • Clarify the breadth of security controls.
      • Security controls intersect with a number of key processes and technologies, each of which are critical to ransomware resilience.
    • Key gaps identified.
      • Allocate more time to subsections with lower scores.
      • Repeat the scorecard at least annually to clarify remaining areas to address.

    Input

    • Understanding of current security controls

    Output

    • Current maturity, targets, and gaps

    Materials

    • Ransomware Resilience Assessment Tool

    Participants

    • Security Incident Response Team (SIRT)

    This is an image of the Ransomeware Resilience Assessment Table from Info-Tech's Ransomware Resilience Assessment Blueprint.

    1.2.2 Establish resilience metrics

    Ransomware resilience metrics track your ability to disrupt a ransomware attack at each stage of its workflow.

    Measure metrics at the start of the project to establish a baseline, as the project nears completion to measure progress.

    Attack workflow Process Metric Target trend Current Goal
    GET IN Vulnerability Management % Critical patches applied Higher is better
    Vulnerability Management # of external exposures Fewer is better
    Security Awareness Training % of users tested for phishing Higher is better
    SPREAD Identity and Access Management Adm accounts / 1000 users Lower is better
    Identity and Access Management % of users enrolled for MFA Higher is better
    Security Incident Management Avg time to detect Lower is better
    PROFIT Security Incident Management Avg time to resolve Lower is better
    Backup and Disaster Recovery % critical assets with recovery test Higher is better
    Backup and Disaster Recovery % backup to immutable storage Higher is better

    Phase 2

    Improve protection and detection capabilities

    Phase 1Phase 2Phase 3Phase 4

    1.1 Build ransomware risk scenario

    1.2 Conduct resilience assessment

    2.1 Assess attack vectors

    2.2 Identify countermeasures

    3.1 Review Security Incident Management Plan

    3.2 Run Tabletop Test (IT)

    3.3 Document Workflow and Runbook

    4.1 Run Tabletop Test (Leadership)

    4.2 Prioritize resilience initiatives

    4.3 Measure resilience metrics

    This phase will walk you through the following activities:

    • Assessing common ransomware attack vectors.
    • Identifying countermeasures to improve protection and detection capabilities.

    This phase involves the following participants:

    • Security Incident Response Team (SIRT)
    • System subject-matter experts (SMEs)

    Build Ransomware Resilience

    Step 2.1

    Assess attack vectors

    Activities

    2.1.1 Assess ransomware threat preparedness

    2.1.2 Determine the impact of ransomware techniques on your environment

    This step involves the following activities:

    • Assessing ransomware threat preparedness.
    • Configuring the threat preparedness tool.

    This step involves the following participants:

    • Security Incident Response Team (SIRT)
    • System subject-matter experts (SMEs)

    Outcomes of this step

    Assess risks associated with common ransomware attack vectors.

    Improve protection and detection capabilities

    Use the MITRE attack framework to prepare

    This phase draws on MITRE to improve ransomware protection and detection capabilities

    • The activities in this phase provide guidance on how to use the MITRE attack framework to protect your organizations against common ransomware techniques and tactics, and detect incursions.
    • You will:
      • Review common ransomware tactics and techniques.
      • Assess their impact on your environment.
      • Identify relevant countermeasures.
    • The Enterprise Threat Preparedness Workbook included with the project blueprint will be set up to deal with common ransomware threats and tactics.

    Download the Enterprise Threat Preparedness Workbook

    Review ransomware tactics and techniques

    Ransomware attack workflow

    Deliver phishing email designed to avoid spam filter.

    Launch malware undetected.

    Identify user accounts.

    Target an admin account.

    Use brute force tactics to crack it.

    Move through the network. Collect data.

    Infect critical systems and backups to limit recovery options.

    Exfiltrate data to gain leverage.

    Encrypt data, which triggers alert.

    Deliver ransom note.

    Associated MITRE tactics and techniques

    • Initial access
    • Execution
    • Privilege escalation
    • Credential access
    • Lateral movement
    • Collection
    • Data Exfiltration
    • Data encryption

    Most common ransomware attack vectors

    • Phishing and social engineering
    • Exploitation of software vulnerabilities
    • Unsecured external exposures
      • e.g. remote desktop protocols
    • Malware infections
      • Email attachments
      • Web pages
      • Pop-ups
      • Removable media

    2.1.1 Assess ransomware threat preparedness

    Estimated Time: 1-4 hours

    1. Read through the instructions in the Enterprise Threat Preparedness Workbook.
    2. Select ransomware attack tactics to analyze. Use the workbook to understand:
      1. Risks associated with each attack vector.
      2. Existing controls that can help you protect the organization and detect an incursion.
    3. This initial analysis is meant to help you understand your risk before you apply additional controls.

    Once you're comfortable, follow the instructions on the following pages to configure the MITRE ransomware analysis and identify how to improve your protection and detection capabilities.

    Download the Enterprise Threat Preparedness Workbook

    Input

    • Knowledge about existing infrastructure.
    • Security protocols.
    • Information about ransomware attack tactics, techniques, and mitigation protocols.

    Output

    • Structured understanding of the risks facing the enterprise based on your current preparedness and security protocols.
    • Protective and detective measures to improve ransomware resilience.

    Materials

    • Enterprise Threat Preparedness Workbook

    Participants

    • Security Incident Response Team (SIRT)
    • System subject-matter experts (SMEs)

    2.1.2 Determine the impact of techniques

    Estimated Time: 1-4 hours

    1. The Enterprise Threat Preparedness Workbook included with the project blueprint is set up to deal with common ransomware use cases.

    If you would like to change the set-up, go through the following steps.

    • Review the enterprise matrix. Select the right level of granularity for your analysis. If you are new to threat preparedness exercises, the Technique Level is a good starting point.
    • As you move through each tactic, align each sheet to your chosen technique domain to ensure the granularity of your analysis is consistent.
    • Read the tactics sheet from left to right. Determine the impact of the technique on your environment. For each control, indicate current mitigation levels using the dropdown list.

    The following slides walk you through the process with screenshots from the workbook.

    Download the Enterprise Threat Preparedness Workbook

    Input

    • Knowledge about existing infrastructure.
    • Security protocols.
    • Information about ransomware attack tactics, techniques, and mitigation protocols.

    Output

    • Structured understanding of the risks facing the enterprise based on your current preparedness and security protocols.
    • Protective and detective measures to improve ransomware resilience.

    Materials

    • Enterprise Threat Preparedness Workbook

    Participants

    • Security Incident Response Team (SIRT)
    • System subject-matter experts (SMEs)

    Select the domain for the analysis

    • The Tactics Dashboard is a live feed of your overall preparedness for the potential attack vectors that your organization may face. These 14 tactics correspond to the Enterprise Matrix used by the MITRE ATT&CK® framework.
    • The technique domain on the right side of the sheet is split in two main groups:
    • The Technique Level
      • - High-level techniques that an attacker may use to gain entry to your network.
      • - The Technique Level is a great starting point if you are new to threat preparedness.
    • The Sub-Technique Level
      • - Individual sub-techniques found throughout the MITRE ATT&CK® Framework.
      • - More mature organizations will find the Sub-Technique Level generates a deeper and more precise understanding of their current preparedness.

    Info-Tech Insight

    Dwell times and effective times are dropping dramatically. Malicious agents spend less time in your network before they deploy an attack, and their attacks are much more effective. You can't afford to rely on your ability to respond and recover alone.

    This is the first screenshot from Info-Tech's Tactic Preparedness Assessment Dashboard.

    Keep an eye on the enterprise matrix

    As you fill out the Tactic tabs with your evaluation, the overall reading will display the average of your overall preparedness for that tactic.

    Choosing the Technique Domain level will increase the accuracy of the reporting at the cost of speed.

    The Technique level is faster but provides less specifics for each control and analyzes them as a group.

    The Sub-Technique level is much more granular, but each tactic and technique has several sub-techniques that you will need to account for.

    Check with the dashboard to see the associated risk level for each of the tactics based on the legend. Tactics that appear white have not yet been assessed or are rated as "N/A" (not applicable).

    This is the second screenshot from Info-Tech's Tactic Preparedness Assessment Dashboard.

    When you select your Technique Domain, you cannot change it again. Changing the domain mid-analysis will introduce inaccuracies in your security preparedness.

    Configure the tactics tabs

    • Each tactic has a corresponding tab at the bottom of the Excel workbook.
      Adjusting the Technique Domain level will change the number of controls shown.
    • Next, align the sheet to the domain you selected on Tab 2 before you continue. As shown in the example to the right,
      • Select "1" for Technique Level.
      • Select "2" for Sub-Technique Level.
    • This will collapse the controls to your chosen level of granularity.

    This is a screenshot showing how you can configure the tactics tab of the Ransomware Threat Preparedness Workbook

    Read tactic sheets from left to right

    This is a screenshot of the tactics tab of the Ransomware Threat Preparedness Workbook

    Technique:

    How an attacker will attempt to achieve their goals through a specific action.

    ID:

    The corresponding ID number on the MITRE ATT&CK® Matrix for quick reference.

    Impact of the Technique(s):

    If an attack of this type is successful on your network, how deep does the damage run?

    Current Mitigations:

    What security protocols do you have in place right now that can help prevent an attacker from successfully executing this attack technique? The rating is based on the CMMI scale.

    Determine the impact of the technique

    • For each control, indicate the current mitigation level using the dropdown list.
    • Only use "N/A" if you are confident that the control is not required in your organization.

    Info-Tech Insight

    We highly recommend that you write comments about your current-state security protocols. First, it's great to have documented your thought processes in the event of a threat modeling session. Second, you can speak to deficits clearly, when asked.

    This is the second screenshot from Info-Tech's Reconnaissance Tactic Analysis

    Review technique preparedness

    • If you have chosen the Technique level, the tool should resemble this image:
      • High-level controls are analyzed, and sub-controls hidden.
      • The sub-techniques under the broader technique show how a successful attack from this vector would impact your network.
    • Each sub-technique has a note for additional context:
      • Under Impact, select the overall impact for the listed controls to represent how damaging you believe the controls to be.
      • Next select your current preparedness maturity in terms of preparedness for the same techniques. Ask yourself "What do I have that contributes to blocking this technique?"

    This is the third screenshot from Info-Tech's Reconnaissance Tactic Analysis

    Info-Tech Insight

    You may discover that you have little to no mitigation actions in place to deal with one or many of these techniques. However, look at this discovery as a positive: You've learned more about the potential vectors and can actively work toward remediating them rather than hoping that a breach never happens through one of these avenues.

    Review sub-technique preparedness

    If you have chosen the Sub-Technique level, the tool should resemble this image.

    • The granular controls are being analyzed. However, the grouped controls will still appear. It is important to not fill the grouped sections, to make sure the calculations run properly.
    • The average of your sub-techniques will be calculated to show your overall preparedness level.
    • Look at the sub-techniques under the broader technique and consider how a successful attack from this vector would impact your network.

    Each sub-technique has a note for additional context and understanding about what the techniques are seeking to do and how they may impact your enterprise.

    • Because of the enhanced granularity, the final risk score is more representative of an enterprise's current mitigation capabilities.
    This is the fourth screenshot from Info-Tech's Reconnaissance Tactic Analysis

    Step 2.2

    Identify countermeasures

    Activities

    2.2.1 Identify countermeasures

    This step involves the following activities:

    • Identifying countermeasures

    This step involves the following participants:

    • Security Incident Response Team (SIRT)
    • System subject-matter experts (SMEs)

    Outcomes of this step

    Identification of countermeasures to common ransomware techniques, and tactics to improve protection and detection capabilities.

    Improve Protection and Detection Capabilities

    Review technique countermeasures

    As you work through the tool, your dashboard will prioritize your threat preparedness for each of the various attack techniques to give you an overall impression of your preparedness.

    For each action, the tool includes detection and remediation actions for you to consider either for implementation or as table stakes for your next threat modeling sessions.

    Note: Some sheets will have the same controls. However, the context of the attack technique may change your answers. Be sure to read the tactic and technique that you are on when responding to the controls.

    This is an image of the Privilege Escalation Tactic Analysis Table

    This is an image of the Defense Evasion Tactic Analysis Table

    Prioritize the analysis of ransomware tactics and sub-techniques identified on slide 45. If your initial analysis in Activity 2.2.1 determined that you have robust security protocols for some of the attack vectors, set these domains aside.

    2.2.1 Identify countermeasures

    Estimated Time: 1-4 hours

    1. Review the output of the Enterprise Threat Preparedness Workbook. Remediation efforts are on the right side of the sheet. These are categorized as either detection actions or mitigation actions.
      1. Detection actions:
      • What can you do before an attack occurs, and how can you block attacks? Detection actions may thwart an attack before it ever occurs.
    2. Mitigation actions:
      • If an attacker is successful through one of the attack methods, how do you lessen the impact of the technique? Mitigation actions address this function to slow and hinder the potential spread or damage of a successful attack.
  • Detection and mitigation measures are associated with each technique and sub-technique. Not all techniques will be able to be detected properly or mitigated. However, understanding their relationships can better prepare your defensive protocols.
  • Add relevant control actions to the initiative list in the Ransomware Resilience Assessment.
  • Input

    • Knowledge about existing infrastructure.
    • Security protocols.
    • Information about ransomware attack tactics, techniques, and mitigation protocols.
    • Outputs from the Threat Preparedness Workbook.

    Output

    • Structured understanding of the risks facing the enterprise based on your current preparedness and security protocols.
    • Protective and detective measures to improve ransomware resilience.

    Materials

    • Enterprise Threat Preparedness Workbook
    • Ransomware Resilience Assessment

    Participants

    • Security Incident Response Team (SIRT)
    • System subject-matter experts (SMEs)

    Phase 3

    Improve response and recovery capabilities

    Phase 1Phase 2Phase 3Phase 4

    1.1 Build ransomware risk scenario

    1.2 Conduct resilience assessment

    2.1 Assess attack vectors

    2.2 Identify countermeasures

    3.1 Review Security Incident Management Plan

    3.2 Run Tabletop Test (IT)

    3.3 Document Workflow and Runbook

    4.1 Run Tabletop Test (Leadership)

    4.2 Prioritize resilience initiatives

    4.3 Measure resilience metrics

    This phase will guide you through the following steps:

    • Documenting your threat escalation protocol.
    • Identify response steps and gaps.
    • Update your response workflow and runbook.

    This phase involves the following participants:

    • Security Incident Response Team (SIRT)

    Build Ransomware Resilience

    Step 3.1

    Review security incident management plan

    Activities

    3.1.1 Review the workflow and runbook templates

    3.1.2 Update/define your threat escalation protocol

    This step will walk you through the following activities:

    • Reviewing the example Workflow and Runbook
    • Updating and defining your threat escalation protocol.

    This step involves the following participants:

    • Security Incident Response Team (SIRT)

    Outcomes of this step

    • Clear escalation path for critical incidents.
    • Common understanding of incident severity that will drive escalation.

    Improve response and recovery capabilities

    3.1.1 Review the workflow and runbook templates

    30 minutes

    This blueprint includes sample information in the Ransomware Response Workflow Template and Ransomware Response Runbook Template to use as a starting points for the steps in Phase 3, including documenting your threat escalation protocol.

    • The Ransomware Response Workflow Template contains an example of a high-level security incident management workflow for a ransomware attack. This provides a structure to follow for the tabletop planning exercise and a starting point for your ransomware response workflow.
      The Workflow is aimed at incident commanders and team leads. It provides an at-a-glance view of the high-level steps and interactions between stakeholders to help leaders coordinate response.
    • The Ransomware Response Runbook Template is an example of a security incident management runbook for a ransomware attack. This includes a section for a threat escalation protocol that you can use as a starting point.
      The Runbook is aimed at the teams executing the response. It provides more specific actions that need to be executed at each phase of the incident response.

    Download the Ransomware Response Workflow Template

    Download the Ransomware Response Runbook Template

    Input

    • No Input Required

    Output

    • Visualize the end goal

    Materials

    • Example workflow and runbook in this blueprint

    Participants

    • Security Incident Response Team (SIRT)

    Two overlapping screenshots are depicted, including the table of contents from the Ransomware Response Runbook.

    3.1.2 Update/define your threat escalation protocol

    1-2 hours

    Document the Threat Escalation Protocol sections in the Ransomware Response Workflow Template or review/update your existing runbook. The threat escalation protocol defines which stakeholders to involve in the incident management process, depending on impact and scope. Specifically, you will need to define the following:

    Impact and scope criteria: Impact considers factors such as the criticality of the system/data, whether PII is at risk, and whether public notification is required. Scope considers how many systems or users are impacted.

    Severity assessment: Define the severity levels based on impact and scope criteria.

    Relevant stakeholders: Identify stakeholders to notify for each severity level, which can include external stakeholders.

    If you need additional guidance, see Info-Tech's Develop and Implement a Security Incident Management Program blueprint, which takes a broader look at security incidents.

    Input

    • Current escalation process (formal or informal).

    Output

    • Define criteria for severity levels and relevant stakeholders.

    Materials

    • Ransomware Response Workflow Template

    Participants

    • Security Incident Response Team (SIRT)

    This is an image of the Threat Escalation Protocol Criteria and Stakeholders.

    Step 3.2

    Run Tabletop Test (IT)

    Activities

    3.2.1 Define scenarios for a range of incidents

    3.2.2 Run a tabletop planning exercise

    This step will guide you through the following activities:

    • Defining scenarios for a range of incidents.
    • Running a tabletop planning exercise.

    This step involves the following participants:

    • Security Incident Response Team (SIRT)
    • Other stakeholders (as relevant)

    Outcomes of this step

    • Current-state incident response workflow, including stakeholders, steps, timeline.
    • Process and technology gaps to be addressed.

    Improve response and recovery capabilities

    3.2.1 Define scenarios for a range of incidents

    30 minutes

    As a group, collaborate to define scenarios that enable you to develop incident response details for a wide range of potential incidents. Below are example scenarios:

    • Scenario 1: An isolated attack on one key system. The database for a critical application is compromised. Assume the attack was not detected until files were encrypted, but that you can carry out a repair-in-place by wiping the server and restoring from backups.
    • Scenario 2: A site-wide impact that warrants broader disaster recovery. Several critical systems are compromised. It would take too long to repair in-place, so you need to failover to your DR environment, in addition to executing security response steps. (Note: If you don't have a DRP, see Info-Tech's Create a Right-Sized Disaster Recovery Plan.)
    • Scenario 3: A critical outsourced service or cloud service is compromised. You need to work with the vendor to determine the scope of impact and execute a response. This includes determining if your on-prem systems were also compromised.
    • Scenario 4: One or multiple end-user devices are compromised. Your response to the above scenarios would include assessing end-user devices as a possible source or secondary attack, but this scenario would provide more focus on the containing an attack on end-user devices.

    Note: The above is too much to execute in one 30-minute session, so plan a series of exercises as outlined on the next slide.

    Input

    • No input required

    Output

    • Determine the scope of your tabletop planning exercises

    Materials

    • Whiteboard or flip chart (or a shared screen if staff are remote)

    Participants

    • Security Incident Response Team (SIRT)

    Optimize the time spent by participants by running a series of focused exercises

    Not all stakeholders need to be present at every tabletop planning exercise. First, run an exercise with IT that focuses on the technical response. Run a second tabletop for non-IT stakeholders that focuses on the non-IT response, such as crisis communications, working with external stakeholders (e.g. law enforcement, cyberinsurance).

    Sample schedule:

    • Q1: Hold two sessions that run Scenarios 1 and 2 with relevant IT participants (see Activity 3.2.1). The focus for these sessions will be primarily on the technical response. For example, include notifying leadership and their role in decision making, but don't expand further on the details of their process. Similarly, don't invite non-IT participants to these sessions so you can focus first on understanding the IT response. Invite executives to the Q2 exercise, where they will have more opportunity to be involved.
    • Q2: Hold one session with the SIRT and non-IT stakeholders. Use the results of the Q1 exercises as a starting point and expand on the non-IT response steps (e.g. notifying external parties, executive decisions on response options).
    • Q3 and Q4: Run other sessions (e.g. for Scenarios 3 and 4) with relevant stakeholders. Ensure your ransomware incident response plan covers a wide range of possible scenarios.
    • Run ongoing exercises at least annually. Once you have a solid ransomware incident response plan, incorporate ransomware-based tabletop planning exercises into your overall security incident management testing and maintenance schedule.

    Info-Tech Insight

    Schedule these sessions well in advance to ensure appropriate resources are available. Document this in an annual test plan summary that outlines the scope, participants, and dates and times for the planned sessions.

    3.2.2 Run a tabletop planning exercise

    1-2 hours

    Remember that the goal is a deeper dive into how you would respond to an attack so you can clarify steps and gaps. This is not meant to just be a read-through of your plan. Follow the guidelines below:

    1. Select your scenario and invite relevant participants (see the previous slides).
    2. Guide participants through the incident and capture the steps and gaps along the way. Focus on one stakeholder at a time through each phase but be sure to get input from everyone. For example, focus on the Service Desk's steps for detection, then do the same as relevant to other stakeholders. Move on to analysis and do the same. (Tip: The distinction between phases is not always clear, and that's okay. Similarly, eradication and recovery might be the same set of steps. Focus on capturing the detail; you can clarify the relevant phase later.)
    3. Record the results (e.g. capture it in Visio) for reference purposes. (Tip: You can run the exercise directly in Visio. However, there's a risk that the tool may become a distraction. Enlist a scribe who is proficient with Visio so you don't need to wait for information to be captured and plan to save the detailed formatting and revising for later. )

    Refer to the Ransomware Tabletop Planning Results – Example as a guide for what to capture. Aim for more detail than found in your Ransomware Response Workflow (but not runbook-level detail).

    Download the Ransomware Tabletop Planning Results – Example

    Input

    • Baseline ransomware response workflow

    Output

    • Clarify your response workflow, capabilities, and gaps

    Materials

    • Whiteboard or sticky notes or index cards, or a shared screen

    Participants

    • Security Incident Response Team (SIRT)

    This is an example of a Ransomware Response Tabletop Planning Results Page.

    Step 3.3

    Document Workflow and Runbook

    Activities

    3.3.1 Update your ransomware response workflow

    3.3.2 Update your ransomware response runbook

    This step will guide you through the following activities:

    • Updating your ransomware response workflow.
    • Updating your ransomware response runbook.

    This step involves the following participants:

    • Security Incident Response Team (SIRT)

    Outcomes of this step

    • An updated incident response workflow and runbook based on current capabilities.

    Improve response and recovery capabilities

    3.3.1 Update your ransomware response workflow

    1 hour

    Use the results from your tabletop planning exercises (Activity 3.2.2) to update and clarify your ransomware response workflow. For example:

    • Update stakeholder swim-lanes: Clarify which stakeholders need a swim lane (e.g. where interactions between groups needs to be clarified). For example, consider an SIRT swim-lane that combines the relevant technical response roles, but have separate swim-lanes for other groups that the SIRT interacts with (e.g. Service Desk, the Executive Team).
    • Update workflow steps: Use the detail from the tabletop exercises to clarify and/or add steps, as well as further define the interactions between swim-lanes.(Tip: Your workflow needs to account for a range of scenarios. It typically won't be as specific as the tabletop planning results, which focus on only one scenario.)
    • Clarify the overall the workflow: Look for and correct any remaining areas of confusion and clutter. For example, consider adding "Go To" connectors to minimize lines crossing each other, adding color-coding to highlight key related steps (e.g. any communication steps), and/or resizing swim-lanes to reduce the overall size of the workflow to make it easier to read.
    • Repeat the above after each exercise: Continue to refine the workflow as needed until you reach the stage where you just need to validate that your workflow is still accurate.

    Input

    • Results from tabletop planning exercises (Activity 3.2.2)

    Output

    • Clarify your response workflow

    Materials

    • Ransomware Response Workflow

    Participants

    • Security Incident Response Team (SIRT)

    This is a screenshot from the ransomeware response tabletop planning

    3.3.2 Update your ransomware response runbook

    1 hour

    Use the results from your tabletop planning exercises (Activity 3.2.2) to update your ransomware response runbook. For example:

    • Align stakeholder sections with the workflow: Each stakeholder swim-lane in the workflow needs its own section in the runbook.
    • Update incident response steps: Use the detail from the tabletop exercise to clarify instructions for each stakeholder. This can include outlining specific actions, defining which stakeholders to work with, and referencing relevant documentation (e.g. vendor documentation, step-by-step restore procedures). (Tip: As with the workflow, the runbook needs to account for a range of scenarios, so it will include a list of actions that might need to be taken depending on the incident, as illustrated in the example runbook.)
    • Review and update your threat escalation protocol: It's best to define your threat escalation protocol before the tabletop planning exercise to help identify participants and avoid confusion. Now use the exercise results to validate or update that documentation.
    • Repeat the above after each exercise. Continue to refine your runbook as needed until you reach the stage where you just need to validate that your runbook is still accurate.

    Input

    • Results from tabletop planning exercises (Activity 3.2.2)

    Output

    • Clarified response runbook

    Materials

    • Ransomware Response Workflow

    Participants

    • Security Incident Response Team (SIRT)

    This is a screenshot of the Ransomware Response Runbook

    Phase 4

    Improve ransomware resilience

    Phase 1Phase 2Phase 3Phase 4

    1.1 Build ransomware risk scenario

    1.2 Conduct resilience assessment

    2.1 Assess attack vectors

    2.2 Identify countermeasures

    3.1 Review Security Incident Management Plan

    3.2 Run Tabletop Test (IT)

    3.3 Document Workflow and Runbook

    4.1 Run Tabletop Test (Leadership)

    4.2 Prioritize resilience initiatives

    4.3 Measure resilience metrics

    This phase will guide you through the following steps:

    • Identifying initiatives to improve ransomware resilience.
    • Prioritizing initiatives in a project roadmap.
    • Communicating status and recommendations.

    This phase involves the following participants:

    • Security Incident Response Team (SIRT)

    Build Ransomware Resilience

    Step 4.1

    Run Tabletop Test (leadership)

    Activities

    • 4.1.1 Identify initiatives to close gaps and improve resilience
    • 4.1.2 Review broader strategies to improve your overall security program

    This step will walk you through the following activities:

    • Identifying initiatives to close gaps and improve resilience.
    • Reviewing broader strategies to improve your overall security program.

    This step involves the following participants:

    • Security Incident Response Team (SIRT)

    Outcomes of this step

    • Specific potential initiatives based on a review of the gaps.
    • Broader potential initiatives to improve your overall security program.

    Improve ransomware resilience

    4.1.1 Identify initiatives to close gaps and improve resilience

    1 hour

    1. Use the results from the activities you have completed to identify initiatives to improve your ransomware readiness.
    2. Set up a blank spreadsheet with two columns and label them "Gaps" and "Initiatives." (It will be easier to copy the gaps and initiatives from this spreadsheet to you project roadmap, rather than use the Gap Initiative column in the Ransomware Readiness Maturity Assessment Tool.)
    3. Review your tabletop planning results:
      1. Summarize the gaps in the "Gaps" column in your spreadsheet created for this activity.
      2. For each gap, write down potential initiatives to address the gap.
      3. Where possible, combine similar gaps and initiatives. Similarly, the same initiative might address multiple gaps, so you don't need to identify a distinct initiative for every gap.
    4. Review the results of your maturity assessment completed in Phase 1 to identify additional gaps and initiatives in the spreadsheet created for this activity.

    Input

    • Tabletop planning results
    • Maturity assessment

    Output

    • Identify initiatives to improve ransomware readiness

    Materials

    • Blank spreadsheet

    Participants

    • Security Incident Response Team (SIRT)

    4.1.2 Review broader strategies to improve your overall security program

    1 hour

    1. Review the following considerations as outlined on the next few slides:
      • Implement core elements of an effective security program – strategy, operations, and policies. Leverage the work completed in this blueprint to provide context and address your immediate gaps while developing an overarching security strategy based on business requirements, risk tolerance, and overall security considerations. Security operations and policies are key to executing your overall security strategy and day to day incident management.
      • Update your backup strategy to account for ransomware attacks. Consider what your options would be today if your primary backups were infected? If those options aren't very good, your backup strategy needs a refresh.
      • Consider a zero-trust strategy. Zero trust reduces your reliance on perimeter security and moves controls to where the user accesses resources. However, it takes time to implement. Evaluate your readiness for this approach.
    2. As a team, discuss the merits of these strategies in your organization and identify potential initiatives. Depending on what you already have in place, the project may be to evaluate options (e.g. if you have not already initiated zero trust, assign a project to evaluate your options and readiness).

    Input

    • An understanding of your existing security practices and backup strategy.

    Output

    • Broader initiatives to improve ransomware readiness.

    Materials

    • Whiteboard or flip chart (or a shared screen if staff are remote)

    Participants

    • Security Incident Response Team (SIRT)

    Implement core elements of an effective security program

    There is no silver bullet. Ransomware readiness depends on foundational security best practices. Where budget allows, support that foundation with more advanced AI-based tools that identify abnormal behavior to detect an attack in progress.

    Leverage the following blueprints to implement the foundational elements of an effective security program:

    • Build an Information Security Strategy: Consider the full spectrum of information security, including people, processes, and technologies. Then base your security strategy on the risks facing your organization – not just on best practices – to ensure alignment with business goals and requirements.
    • Develop a Security Operations Strategy: Establish unified security operations that actively monitor security events and threat information, and turn that into appropriate security prevention, detection, analysis, and response processes.
    • Develop and Deploy Security Policies: Improve cybersecurity through effective policies, from acceptable use policies aimed at your end users to system configuration management policies aimed at your IT operations.

    Supplement foundational best practices with AI-based tools to counteract more sophisticated security attacks:

    • The evolution of ransomware gangs and ransomware as a service means the most sophisticated tools designed to bypass perimeter security and endpoint protection are available to a growing number of hackers.
    • Rather than activate the ransomware virus immediately, attackers will traverse the network using legitimate commands to infect as many systems as possible and exfiltrate data without generating alerts, then finally encrypt infected systems.
    • AI-based tools learn what is normal behavior and therefore can recognize unusual traffic (which could be an attack in progress) before it's too late. For example, a "user" accessing a server they've never accessed before.
    • Engage an Info-Tech analyst or consult SoftwareReviews to review products that will add this extra layer of AI-based security.

    Update your backup strategy to account for ransomware attacks

    Apply a defense-in-depth strategy. A daily disk backup that goes offsite once a week isn't good enough.

    In addition to applying your existing security practices to your backup solution (e.g. anti-malware, restricted access), consider:

    • Creating multiple restore points. Your most recent backup might be infected. Frequent backups allow you to be more granular when determining how far you need to roll back.
    • Having offsite backups and using different storage media. Reduce the risk of infected backups by using different storage media (e.g. disk, NAS, tape) and backup locations (e.g. offsite). If you can make the attackers jump through more hoops, you have a greater chance of detecting the attack before all backups are infected.
    • Investing in immutable backups. Most leading backup solutions offer options to ensure backups are immutable (cannot be altered after they are written).
    • Using the BIA you completed in Phase 2 to help decide where to prioritize investments. All the above strategies add to your backup costs and might not be feasible for all data. Use your BIA results to decide which data sets require higher levels of protection.

    This example strategy combines multiple restore points, offsite backup, different storage media, and immutable backups.

    This is an example of a backup strategy to account for ransomware attacks.

    Refer to Info-Tech's Establish an Effective Data Protection Plan blueprint for additional guidance.

    Explore zero-trust initiatives

    Zero trust is a set of principles, not a set of controls.

    Reduces reliance on perimeter security.

    Zero trust is a strategy that reduces reliance on perimeter security and moves controls to where your user accesses resources. It often consolidates security solutions, reduces operating costs, and enables business mobility.

    Zero trust must benefit the business first.

    IT security needs to determine how zero trust initiatives will affect core business processes. It's not a one-size-fits-all approach to IT security. Zero trust is the goal – but some organizations can only get so close to that ideal.

    For more information, see Build a Zero-Trust Roadmap.

    Info-Tech Insight

    A successful zero-trust strategy should evolve. Use an iterative and repeatable process to assess available zero-trust technologies and principles and secure the most relevant protect surfaces. Collaborate with stakeholders to develop a roadmap with targeted solutions and enforceable policies.

    Step 4.2

    Prioritize resilience initiatives

    Activities

    • 4.2.1 Prioritize initiatives based on factors such as effort, cost, and risk
    • 4.2.2 Review the dashboard to fine tune your roadmap

    This step will guide you through the following activities:

    • Prioritizing initiatives based on factors such as effort, cost, and risk.
    • Reviewing the dashboard to fine-tune your roadmap.

    This step involves the following participants:

    • Security Incident Response Team (SIRT)

    Outcomes of this step

    • An executive-friendly project roadmap dashboard summarizing your initiatives.
    • A visual representation of the priority, effort, and timeline required for suggested initiatives.

    Review the Ransomware Resilience Assessment

    Tabs 2 and 3 list initiatives relevant to your ransomware readiness improvement efforts.

    • At this point in the project, the Ransomware Resilience Assessment should contain a number of initiatives to improve ransomware resilience.
    • Tab 2 is prepopulated with examples of gap closure actions to consider, which are categorized into initiatives listed on Tab 3.
    • Follow the instructions in the Ransomware Resilience Assessment to:
      • Categorize gap control actions into initiatives.
      • Prioritize initiatives based on cost, effort, and benefit.
      • Construct a roadmap for consideration.

    Download the Ransomware Resilience Assessment

    4.2.1 Prioritize initiatives based on factors such as effort, cost, and risk

    1 hour

    Prioritize initiatives in the Ransomware Resilience Assessment.

    1. The initiatives listed on Tab 3 Initiative List will be copied automatically on Tab 5 Prioritization.
    2. On Tab 1 Setup:
      1. Review the weight you want to assign to the cost and effort criteria.
      2. Update the default values for FTE and Roadmap Start as needed.
    3. Go back to Tab 5 Prioritization:
      1. Fill in the cost, effort, and benefit evaluation criteria for each initiative. Hide optional columns you don't plan to use, to avoid confusion.
      2. Use the cost and benefit scores to prioritize waves and schedule initiatives on Tab 6 Gantt Chart.

    Input

    • Gaps and initiatives identified in Step 4.1

    Output

    • Project roadmap dashboard

    Materials

    • Ransomware Resilience Assessment

    Participants

    • Security Incident Response Team (SIRT)

    4.2.2 Review the dashboard to fine-tune the roadmap

    1 hour

    Review and update the roadmap dashboard in your Ransomware Resilience Assessment.

    1. Review the Gantt chart to ensure:
      1. The timeline is realistic. Avoid scheduling many high-effort projects at the same time.
      2. Higher-priority items are scheduled sooner than low-priority items.
      3. Short-term projects include quick wins (e.g. high-priority, low-effort items).
      4. It supports the story you wish to communicate (e.g. a plan to address gaps, along with the required effort and timeline).
    2. Update the values on the 5 Prioritization and 6 Gantt Chart tabs based on your review.

    Input

    • Gaps and initiatives identified in Step 4.1

    Output

    • Project roadmap dashboard

    Materials

    • Ransomware Resilience Assessment

    Participants

    • Security Incident Response Team (SIRT)

    This is an image of a sample roadmap for the years 2022-2023

    Step 4.3

    Measure resilience metrics

    Activities

    4.3.1 Summarize status and next steps in an executive presentation

    This step will guide you through the following activities:

    • Summarizing status and next steps in an executive presentation.

    This step involves the following participants:

    • Security Incident Response Team (SIRT)

    Outcomes of this step

    • Gain stakeholder buy-in by communicating the risk of the status quo and achievable next steps to improve your organization's ransomware readiness.

    Improve ransomware resilience

    4.3.1 Summarize status and next steps in an executive presentation

    1 hour

    Gain stakeholder buy-in by communicating the risk of the status quo and recommendations to reduce that risk. Specifically, capture and present the following from this blueprint:

    • Phase 1: Maturity assessment results, indicating your organization's overall readiness as well as specific areas that need to improve.
    • Phase 2: Business impact results, which objectively quantify the potential impact of downtime and data loss.
    • Phase 3: Current incident response capabilities including steps, timeline, and gaps.
    • Phase 4: Recommended projects to close specific gaps and improve overall ransomware readiness.

    Overall key findings and next steps.

    Download the Ransomware Readiness Summary Presentation Template

    Input

    • Results of all activities in Phases 1-4

    Output

    • Executive presentation

    Materials

    • Ransomware Readiness Summary Presentation Template

    Participants

    • Security Incident Response Team (SIRT)

    This is a screenshot of level 2 of the ransomware readiness maturity tool.

    Revisit metrics

    Ransomware resilience metrics track your ability to disrupt a ransomware attack at each stage of its workflow.

    Revisit metrics as the project nears completion and compare them against your baseline to measure progress.

    Attack workflow Process Metric Target trend Current Goal
    GET IN Vulnerability Management % Critical patches applied Higher is better
    Vulnerability Management # of external exposures Fewer is better
    Security Awareness Training % of users tested for phishing Higher is better
    SPREAD Identity and Access Management Adm accounts / 1000 users Lower is better
    Identity and Access Management % of users enrolled for MFA Higher is better
    Security Incident Management Avg time to detect Lower is better
    PROFIT Security Incident Management Avg time to resolve Lower is better
    Backup and Disaster Recovery % critical assets with recovery test Higher is better
    Backup and Disaster Recovery % backup to immutable storage Higher is better

    Summary of accomplishments

    Project overview

    Project deliverables

    This blueprint helped you create a ransomware incident response plan for your organization, as well as identify ransomware prevention strategies and ransomware prevention best practices.

    • Ransomware Resilience Assessment: Measure your current readiness, then identify people, policy, and technology gaps to address.
    • Ransomware Response Workflow: An at-a-glance summary of the key incident response steps across all relevant stakeholders through each phase of incident management.
    • Ransomware Response Runbook: Includes your threat escalation protocol and detailed response steps to be executed by each stakeholder.
    • Ransomware Tabletop Planning : This deep dive into a ransomware scenario will help you develop a more accurate incident management workflow and runbook, as well as identify gaps to address.
    • Ransomware Project Roadmap: This prioritized list of initiatives will address specific gaps and improve overall ransomware readiness.
    • Ransomware Readiness Summary Presentation: Your executive presentation will communicate the risk of the status quo, present recommended next steps, and drive stakeholder buy-in.

    Project phases

    Phase 1: Assess ransomware resilience

    Phase 2: Protect and detect

    Phase 3: Respond and recover

    Phase 4: Improve ransomware resilience

    Related Info-Tech Research

    Tab 3. Initiative List in the Ransomware Resilience Assessment identifies relevant Info-Tech Research to support common ransomware resilience initiatives.

    Related security blueprints:

    Related disaster recovery blueprints:

    Research Contributors and Experts

    This is an image of Jimmy Tom

    Jimmy Tom
    AVP of Information Technology and Infrastructure
    Financial Horizons

    This is an image of Dan Reisig

    Dan Reisig
    Vice President of Technology
    UV&S

    This is an image of Samuel Sutto

    Samuel Sutton
    Computer Scientist (Retired)
    FBI

    This is an image of Ali Dehghantanha

    Ali Dehghantanha
    Canada Research Chair in Cybersecurity and Threat Intelligence,
    University of Guelph

    This is an image of Gary Rietz

    Gary Rietz
    CIO
    Blommer Chocolate Company

    This is an image of Mark Roman

    Mark Roman
    CIO
    Simon Fraser University

    This is an image of Derrick Whalen

    Derrick Whalen
    Director, IT Services
    Halifax Port Authority

    This is an image of Stuart Gaslonde

    Stuart Gaslonde
    Director of IT & Digital Services
    Falmouth-Exeter Plus

    This is an image of Deborah Curtis

    Deborah Curtis
    CISO
    Placer County

    This is an image of Deuce Sapp

    Deuce Sapp
    VP of IT
    ISCO Industries

    This is an image of Trevor Ward

    Trevor Ward
    Information Security Assurance Manager
    Falmouth-Exeter Plus

    This is an image of Brian Murphy

    Brian Murphy
    IT Manager
    Placer County

    This is an image of Arturo Montalvo

    Arturo Montalvo
    CISO
    Texas General Land Office and Veterans Land Board

    No Image Available

    Mduduzi Dlamini
    IT Systems Manager
    Eswatini Railway

    No Image Available

    Mike Hare
    System Administrator
    18th Circuit Florida Courts

    No Image Available

    Linda Barratt
    Director of Enterprise architecture, IT Security, and Data Analytics, Toronto Community Housing Corporation

    This is an image of Josh Lazar

    Josh Lazar
    CIO
    18th Circuit Florida Courts

    This is an image of Douglas Williamson

    Douglas Williamson
    Director of IT
    Jamaica Civil Aviation Authority

    This is an image of Ira Goldstein

    Ira Goldstein
    Chief Operating Officer
    Herjavec Group

    This is an image of Celine Gravelines

    Celine Gravelines
    Senior Cybersecurity Analyst
    Encryptics

    This is an image of Dan Mathieson

    Dan Mathieson
    Mayor
    City of Stratford

    This is an image of Jacopo Fumagalli

    Jacopo Fumagalli
    CISO
    Omya

    This is an image of Matthew Parker

    Matthew Parker
    Program Manager
    Utah Transit Authority

    Two Additional Anonymous Contributors

    Bibliography

    2019-Data-Breach-Investigations-Report.-Verizon,-May-2019.
    2019-Midyear-Security-Roundup:-Evasive-Threats,-Persistent-Effects.-Trend-Micro,-2019.
    Abrams,-Lawrence.-"Ryuk-Ransomware-Uses-Wake-on-Lan-to-Encrypt-Offline-Devices."-Bleeping-Computer,-14-Jan.-2020.
    Abrams,-Lawrence.-"Sodinokibi-Ransomware-Publishes-Stolen-Data-for-the-First-Time."-Bleeping-Computer,-11-Jan.-2020.
    Canadian-Center-for-Cyber-Security,-"Ransomware-Playbook,"-30-November-2021.-Accessed-21-May-2022.-
    Carnegie-Endowment-for-International-Peace.-"Ransomware:-Prevention-and-Protection."-Accessed-May-2022.-
    Cawthra,-Jennifer,-Michael-Ekstrom,-Lauren-Lusty,-Julian-Sexton,-John-Sweetnam.-Special-Publication-1800-26-Data-Integrity:-Detecting-and-Responding-to-Ransomware-and-Other-Destructive-Events.-NIST,-Jan.-2020.
    Cawthra,-Jennifer,-Michael-Ekstrom,-Lauren-Lusty,-Julian-Sexton,-John-Sweetnam.-Special-Publication-1800-25-Data-Integrity:-Identifying-and-Protecting-Assets-Against-Ransomware-and-Other-Destructive-Events.-NIST,-Jan.-2020.-
    Cichonski,-P.,-T.-Millar,-T.-Grance,-and-K.-Scarfone.-"Computer-Security-Incident-Handling-Guide."-SP-800-61-Rev.-2.-NIST,-Aug.-2012.
    Cimpanu,-Catalin.-"Company-shuts-down-because-of-ransomware,-leaves-300-without-jobs-just-before-holidays."-ZDNet,-3-Jan.-2020.
    Cimpanu,-Catalin.-"Ransomware-attack-hits-major-US-data-center-provider."-ZDNet,-5-Dec.-2019.
    CISA,-"Stop-Ransomware,"-Accessed-12-May-2022.
    "CMMI-Levels-of-Capability-and-Performance."-CMMI-Institute.-Accessed-May-2022.-
    Connolly,-Lena-Yuryna,-"An-empirical-study-of-ransomware-attacks-on-organizations:-an-assessment-of-severity-and-salient-factors-affecting-vulnerability."-Journal-of-Cybersecurity,-2020,.-1-18.
    "Definitions:-Backup-vs.-Disaster-Recovery-vs.-High-Availability."-CVM-IT-&-Cloud-Services,-12-Jan.-2017.
    "Don't-Become-a-Ransomware-Target-–-Secure-Your-RDP-Access-Responsibly."-Coveware,-2019.-
    Elementus,-"Rise-of-the-Ransomware-Cartels-"(2022).-YouTube.-Accessed-May-2022.-
    Global-Security-Attitude-Survey.-CrowdStrike,-2019.
    Graham,-Andrew.-"September-Cyberattack-cost-Woodstock-nearly-$670,00:-report."-
    Global-News,-10-Dec.-2019.
    Harris,-K.-"California-2016-Data-Breach-Report."-California-Department-of-Justice,-Feb.-2016.
    Hiscox-Cyber-Readiness-Report-2019.-Hiscox-UK,-2019.
    Cost-of-A-Data-Breach-(2022).-IBM.-Accessed-June-2022.--
    Ikeda,-Scott.-"LifeLabs-Data-Breach,-the-Largest-Ever-in-Canada,-May-Cost-the-Company-Over-$1-Billion-in-Class-Action-Lawsuit."-CPO-Magazine,-2020.
    Kessem,-Limor-and-Mitch-Mayne.-"Definitive-Guide-to-Ransomware."-IBM,-May-2022.
    Krebs,-Brian.-"Ransomware-Gangs-Now-Outing-Victim-Businesses-That-Don't-Pay-Up."-Krebson-Security,-16-Dec.-2019.
    Jaquith,-Andrew-and-Barnaby-Clarke,-"Security-metrics-to-help-protect-against-ransomware."-Panaseer,-July-29,-2021,-Accessed-3-June-2022.
    "LifeLabs-pays-ransom-after-cyberattack-exposes-information-of-15-million-customers-in-B.C.-and-Ontario."-CBC-News,-17-Dec.-2019.
    Matthews,-Lee.-"Louisiana-Suffers-Another-Major-Ransomware-Attack."-Forbes,-20-Nov.-2019.
    NISTIR-8374,-"Ransomware-Risk-Management:-A-Cybersecurity-Framework-Profile."-NIST-Computer-Security-Resource-Center.-February-2022.-Accessed-May-2022.-
    "Ransomware-attack-hits-school-district-twice-in-4-months."-Associated-Press,-10-Sept.-2019.
    "Ransomware-Costs-Double-in-Q4-as-Ryuk,-Sodinokibi-Proliferate."-Coveware,-2019.
    Ransomware-Payments-Rise-as-Public-Sector-is-Targeted,-New-Variants-Enter-the-Market."-Coveware,-2019.
    Rector,-Kevin.-"Baltimore-to-purchase-$20M-in-cyber-insurance-as-it-pays-off-contractors-who-helped-city-recover-from-ransomware."-The-Baltimore-Sun,-16-Oct.-2019.
    "Report:-Average-time-to-detect-and-contain-a-breach-is-287-days."-VentureBeat,-May-25,-2022.-Accessed-June-2022.-
    "Five-Lessons-Learned-from-over-600-Ransomware-Attacks."-Riskrecon.-Mar-2022.-Accessed-May-2022.-
    Rosenberg,-Matthew,-Nicole-Perlroth,-and-David-E.-Sanger.-"-'Chaos-is-the-Point':-Russian-Hackers-and-Trolls-Grow-Stealthier-in-2020."-The-New-York-Times,-10-Jan.-2020.
    Rouse,-Margaret.-"Data-Archiving."-TechTarget,-2018.
    Siegel,-Rachel.-"Florida-city-will-pay-hackers-$600,000-to-get-its-computer-systems-back."-The-Washington-Post,-20-June-2019.
    Sheridan,-Kelly.-"Global-Dwell-Time-Drops-as-Ransomware-Attacks-Accelerate."-DarkReading,-13-April-2021.-Accessed-May-2022.-
    Smith,-Elliot.-"British-Banks-hit-by-hacking-of-foreign-exchange-firm-Travelex."-CNBC,-9-Jan.-2020.
    "The-State-of-Ransomware-2022."-Sophos.-Feb-2022.-Accessed-May-2022.-
    "The-State-of-Ransomware-in-the-U.S.:-2019-Report-for-Q1-to-Q3."-Emsisoft-Malware-Lab,-1-Oct.2019.
    "The-State-of-Ransomware-in-the-U.S.:-Report-and-Statistics-2019."-Emsisoft-Lab,-12-Dec.-2019.
    "The-State-of-Ransomware-in-2020."-Black-Fog,-Dec.-2020.
    Toulas,-Bill.-"Ten-notorious-ransomware-strains-put-to-the-encryption-speed-test."-Bleeping-Computers,-23-Mar-2022.-Accessed-May-2022.
    Tung,-Liam-"This-is-how-long-hackers-will-hide-in-your-network-before-deploying-ransomware-or-being-spotted."-zdnet.-May-19,-2021.-Accessed-June-2022.-

    IT Management and Policies

    • Buy Link or Shortcode: {j2store}23|cart{/j2store}
    • Related Products: {j2store}23|crosssells{/j2store}
    • InfoTech Academy Title: IT management and policies videos
    • InfoTech Academy Excerpt: More videos are available once you join. Contact us for more information.
    • Teaser Video: Visit Website
    • Teaser Video Title: Policies Academy Overview
    • member rating overall impact (scale of 10): 9.5/10
    • member rating average dollars saved: $23101
    • member rating average days saved: 11
    • Parent Category Name: Strategy and Governance
    • InfotechAcademy-Executivebrief: Visit Website
    • Parent Category Link: /strategy-and-governance
    Create policies that matter most to your organization.

    Management, policy, policies

    Improve Service Desk Ticket Intake

    • Buy Link or Shortcode: {j2store}481|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk

    • Customers expect a consumer experience with IT. It won’t be long until this expectation expands to IT service support.
    • Messaging and threads are becoming central to how businesses organize information and conversations, but voice isn’t going away. It is still by far people’s favorite channel.
    • Tickets are becoming more complicated. BYOD, telework, and SaaS products present a perfect storm.
    • Traditional service metrics are not made for self service. Your mean-time-to-resolve will increase and first-contact resolution will decrease.

    Our Advice

    Critical Insight

    • Bring the service desk to the people. Select channels that are most familiar to your users, and make it as easy possible to talk to a human.
    • Integrate channels. Users should have a consistent experience, and technicians should know user history.
    • Don’t forget the human aspect. People aren’t always good with technology. Allow them to contact a person if they are struggling.

    Impact and Result

    • Define which channels will be prioritized.
    • Identify improvements to these channels based on best practices and our members’ experiences.
    • Streamline your ticket intake process to remove unnecessary steps.
    • Prioritize improvements based on their value. Implement a set of improvements every quarter.

    Improve Service Desk Ticket Intake Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should improve your ticket intake, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define and prioritize ticket channels

    Align your improvements with business goals and the shift-left strategy.

    • Improve Service Desk Ticket Intake – Phase 1: Define and Prioritize Ticket Channels
    • Service Desk Maturity Assessment
    • Service Desk Improvement Presentation Template

    2. Improve ticket channels

    Record potential improvements in your CSI Register, as you review best practices for each channel.

    • Improve Service Desk Ticket Intake – Phase 2: Improve Ticket Channels
    • Service Desk Continual Improvement Roadmap
    • Service Desk Ticket Intake Workflow Samples (Visio)
    • Service Desk Ticket Intake Workflow Samples (PDF)
    • Service Definition Checklist
    • Service Desk Site Visit Checklist Template

    3. Define next steps

    Streamline your ticket intake process and prioritize opportunities for improvement.

    • Improve Service Desk Ticket Intake – Phase 3: Define Next Steps
    [infographic]

    Workshop: Improve Service Desk Ticket Intake

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Optimize Ticket Channels

    The Purpose

    Brainstorm improvements to your systems and processes that will help you optimize.

    Key Benefits Achieved

    Develop a single point of contact.

    Reduce the time before a technician can start productively working on a ticket.

    Enable Tier 1 and end users to complete more tickets.

    Activities

    1.1 Prioritize channels for improvement.

    1.2 Optimize the voice channel.

    1.3 Identify improvements for self service.

    1.4 Improve Tier 1 agents’ access to information.

    1.5 Optimize supplementary ticket channels.

    Outputs

    Action items to improve the voice channel.

    Populated CSI Register for self-service channels.

    Identified action items for the knowledgebase.

    Populated CSI Register for additional ticket channels.

    2 Streamline Ticket Intake

    The Purpose

    Create long-term growth by taking a sustainable approach to improvements.

    Key Benefits Achieved

    Streamline your overall ticket intake process for incidents and service requests.

    Activities

    2.1 Map out the incident intake processes.

    2.2 Identify opportunities to streamline the incident workflow.

    2.3 Map out the request processes.

    2.4 Identify opportunities to streamline the request workflow.

    Outputs

    Streamlined incident intake process.

    Streamlined request intake process.

    Populated CSI Register for request intake.

    Automate Work Faster and More Easily With Robotic Process Automation

    • Buy Link or Shortcode: {j2store}237|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Optimization
    • Parent Category Link: /optimization
    • Your organization has many business processes that rely on repetitive, routine manual data collection and processing work, and there is high stakeholder interest in automating them.
    • You’re investigating whether robotic process automation (RPA) is a suitable technological enabler for automating such processes.
    • Being a trending technology, especially with its association with artificial intelligence (AI), there is much marketing fluff, hype, and misunderstanding about RPA.
    • Estimating the potential impact of RPA on business is difficult, as the relevant industry statistics often conflict each other and you aren’t sure how applicable it is to your business.

    Our Advice

    Critical Insight

    • There are no physical robots in RPA. RPA is about software “bots” that interact with applications as if they were human users to perform routine, repetitive work in your place. It’s for any business in any industry, not just for manufacturing.
    • RPA is lightweight IT; it reduces the cost of entry, maintenance, and teardown of automation as well as the technological requirement of resources that maintain it, as it complements existing automation solutions in your toolkit.
    • RPA is rules-based. While AI promises to relax the rigidity of rules, it adds business risks that are poorly understood by both businesses and subject-matter experts. Rules-based “RPA 1.0” is mature and may pose a stronger business case than AI-enabled RPA.
    • RPA’s sweet spot is “swivel chair automation”: processes that require human workers to act as a conduit between several systems, moving between applications, manually keying, re-keying, copying, and pasting information. A bot can take their place.

    Impact and Result

    • Discover RPA and how it differentiates from other automation solutions.
    • Understand the benefits and risks of complementing RPA with AI.
    • Identify existing business processes best suited for automation with RPA.
    • Communicate RPA’s potential business benefits to stakeholders.

    Automate Work Faster and More Easily With Robotic Process Automation Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should use RPA to automate routine, repetitive data collection and processing work, review Info-Tech’s methodology, and understand the ways we can support you.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Discover robotic process automation

    Learn about RPA, including how it compares to IT-led automation rooted in business process management practices and the role of AI.

    • Automate Work Faster and More Easily With Robotic Process Automation – Phase 1: Discover Robotic Process Automation
    • Robotic Process Automation Communication Template

    2. Identify processes best suited for robotic process automation

    Identify and prioritize candidate processes for RPA.

    • Automate Work Faster and More Easily With Robotic Process Automation – Phase 2: Identify Processes Best Suited for Robotic Process Automation
    • Process Evaluation Tool for Robotic Process Automation
    • Minimum Viable Business Case Document
    [infographic]

    Adapt Your Onboarding Process to a Virtual Environment

    • Buy Link or Shortcode: {j2store}577|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Attract & Select
    • Parent Category Link: /attract-and-select
    • For many, the WFH arrangement will be temporary, however, the uncertainty around the length of the pandemic makes it hard for organizations to plan long term.
    • As onboarding plans traditionally carry a six- to twelve-month outlook, the uncertainty around how long employees will be working remotely makes it challenging to determine how much of the current onboarding program needs to change. In addition, introducing new technologies to a remote workforce and planning training on how to access and effectively use these technologies is difficult.

    Our Advice

    Critical Insight

    • The COVID-19 pandemic has led to a virtual environment many organizations were not prepared for.
    • Focusing on critical parts of the onboarding process and leveraging current technology allows organizations to quickly adapt to the uncertainty and constant change.

    Impact and Result

    • Organizations need to assess their existing onboarding process and identify the parts that are critical.
    • Using the technology currently available, organizations must adapt onboarding to a virtual environment.
    • Develop a plan to re-assess and update the onboarding program according to the duration of the situation.

    Adapt Your Onboarding Process to a Virtual Environment Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess current onboarding processes

    Map the current onboarding process and identify the challenges to a virtual approach.

    • Adapt Your Onboarding Process to a Virtual Environment Storyboard
    • Virtual Onboarding Workbook
    • Process Mapping Guide

    2. Modify onboarding activities

    Determine how existing onboarding activities can be modified for a virtual environment.

    • Virtual Onboarding Ideas Catalog
    • Performance Management for Emergency Work-From-Home

    3. Launch the virtual onboarding process and plan to re-assess

    Finalize the virtual onboarding process and create an action plan. Continue to re-assess and iterate over time.

    • Virtual Onboarding Guide for HR
    • Virtual Onboarding Guide for Managers
    • HR Action and Communication Plan
    • Virtual Onboarding Schedule
    [infographic]

    Develop Your Agile Approach for a Successful Transformation

    • Buy Link or Shortcode: {j2store}163|cart{/j2store}
    • member rating overall impact (scale of 10): 9.2/10 Overall Impact
    • member rating average dollars saved: $86,469 Average $ Saved
    • member rating average days saved: 16 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • Your organization wants to shorten delivery time and improve quality by adopting Agile delivery methods.
    • You know that Agile transformations are complex and difficult to implement.
    • Your organization may have started using Agile, but with only limited success.
    • You want to maximize your Agile transformation’s chances of success.

    Our Advice

    Critical Insight

    • Agile transformations are more likely to be successful when the entire organization understands Agile fundamentals, principles, and practices; the “different way of working” that Agile requires; and the role each person plays in its success.

    Impact and Result

    • Understand the “what and why” of Agile.
    • Identify your organization’s biggest Agile pain points.
    • Gain a deeper understanding of Agile principles and practices, and apply these to your Agile pain points.
    • Create a list of action items to address your organization’s Agile challenges.

    Develop Your Agile Approach for a Successful Transformation Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify common Agile challenges

    Identify your organization's biggest Agile pain points so you can focus attention on those topics that are impacting your Agile capabilities the most.

    • Develop Your Agile Approach for a Successful Transformation – Phases 1-2

    2. Establish a solid foundation for Agile delivery

    Ensure that your organization has a solid understanding of Agile principles and practices to help ensure your Agile transformation is successful. Understand Agile's different way of working and identify the steps your organization will need to take to move from traditional Waterfall delivery to Agile.

    • Roadmap for Transition to Agile

    3. Backlog Management Module: Manage your backlog effectively

    The Backlog Management Module helps teams develop a better understanding of backlog management and user story decomposition. Improve your backlog quality by implementing a three-tiered backlog with quality filters.

    4. Scrum Simulation Module: Simulate effective Scrum practices

    The Scrum Simulation Module helps teams develop a better understanding of Scrum practices and the behavioral blockers affecting Agile teams and organizational culture. This module features two interactive simulations to encourage a deeper understanding of good Scrum practices and Agile principles.

    • Scrum Simulation Exercise (Online Banking App)

    5. Estimation Module: Improve product backlog item estimation

    The Estimation Module helps teams develop a better understanding of Agile estimation practices and how to apply them. Teams learn how Agile estimation and reconciliation provide reliable planning estimates.

    6. Product Owner Module: Establish an Effective Product Owner Role

    The Product Owner Module helps teams understand product management fundamentals and a deeper understanding of the product owner role. Teams define their product management terminology, create quality filters for PBIs moving through the backlog, and develop their product roadmap approach for key audiences.

    7. Product Roadmapping Module: Create effective product roadmaps

    The Product Roadmapping Module helps teams understand product road mapping fundamentals. Teams learn to effectively use the six tools of Product Roadmapping.

    [infographic]

    Further reading

    Develop Your Agile Approach for a Successful Transformation

    Understand Agile fundamentals, principles, and practices so you can apply them effectively in your organization.

    Analyst Perspective

    Understand Agile fundamentals, principles, and practices so you can apply them effectively in your organization.

    Pictures of Alex Ciraco and Hans Eckman

    Alex Ciraco and Hans Eckman
    Application Practice
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Your organization wants to shorten delivery time and improve quality by adopting Agile delivery methods.
    • You know that Agile transformations are complex and difficult to implement.
    • Your organization may have started using Agile, but with only limited success.
    • You want to maximize your Agile transformation's chances of success.

    Common Obstacles

    • People seem to have different, conflicting, or inadequate knowledge of Agile principles and practices.
    • Your organization is not seeing the full benefits that Agile promises, and project teams aren't sure they are "doing Agile right."
    • Confusion and misinformation about Agile is commonplace in your organization.

    Info-Tech's Approach

    • Use our Common Agile Challenges Survey to identify your organization's Agile pain points.
    • Leverage this blueprint to level-set the organization on Agile fundamentals.
    • Address your survey's biggest Agile pain points to see immediate benefits and improvements in the way you practice Agile in your organization.

    Info-Tech Insight

    Agile transformations are more likely to be successful when the entire organization genuinely understands Agile fundamentals, principles and practices, as well as the role each person plays in its success. Focus on developing a solid understanding of Agile practices so your organization can "Be Agile", not just "Do Agile".

    Info-Tech's methodology

    1. Identify Common Agile Challenges

    2. Establish a Solid Foundation for Agile Delivery

    3. Agile Modules

    Phase Steps

    1.1 Identify common agile challenges

    2.1 Align teams with Agile fundamentals

    2.2 Interpret your common Agile challenges survey results

    2.3 (Optional) Move stepwise to iterative Agile delivery

    2.4 Identify insights and team feedback

    • Backlog Management Module:
      Manage Your Backlog Effectively
    • Scrum Simulation Module:
      Simulate Effective Scrum Practices
    • Estimation Module:
      Improve Product Backlog Item Estimation
    • Product Owner Module:
      Establish an Effective Product Owner Role
    • Product Roadmapping Module: Create Effective Product Roadmaps
    Phase Outcomes

    Understand common challenges associated with Agile transformations and identify your organization's struggles.

    Establish and apply a uniform understanding of Agile fundamentals and principles.

    Create a roadmap for your transition to Agile delivery and prioritized challenges.

    Foster deeper understanding of Agile principles and practices to resolve pain points.

    Develop your agile approach for a successful transformation

    Everyone's Agile journey is not the same.

    agile journey for a successful transformation

    Application delivery continues to fall short

    78% of IT professionals believe the business is "usually" or "always" out of sync with project requirements.
    Source: "10 Ways Requirements Can Sabotage Your Projects Right From the Start"

    Only 34% of software is rated as both important and effective by users.

    Source: Info-Tech's CIO Business Vision Diagnostic

    Agile DevOps is a progression of cultural, behavioral, and process changes. It takes time.

    An image of the trail to climb Mount Everest, with the camps replaced by the main steps of the agile approach to reaching Nirvana.

    Enhancements and maintenance are misunderstood

    an image showing the relationship between enhancements and maintenance.

    Source: "IEEE Transactions on Software Engineering"

    Why Agile/DevOps? It's about time to value

    Leaders and stakeholders are frustrated with long lead times to implement changes. Agile/DevOps promotes smaller, more frequent releases to start earning value sooner.

    A frequency graph showing the Time to delivering value depends on Frequency of Releases

    Time to delivering value depends on Frequency of Releases

    Embrace change, don't "scope creep" it

    64% of IT professionals adopt Agile to enhance their ability to manage changing priorities.

    71% of IT professionals found their ability to manage changing priorities improved after implementing Agile.

    Info-Tech Insight

    Traditional delivery processes work on the assumption that product requirements will remain constant throughout the SDLC. This results in delayed delivery of product enhancements which are critical to maintaining a positive customer experience.

    Adapted from: "12th Annual State of Agile Report"

    Agile's four core values

    "…while there is value in the items on the right, we value the items on the left more."
    – Source: "The Agile Manifesto"

    We value. . .

    Individuals and Interactions

    OVER

    Processes and Tools

    Working Software

    OVER

    Comprehensive Documentation

    Customer Collaboration

    OVER

    Contract Negotiation

    Responding to Change

    OVER

    Following a Plan

    Being Agile

    OVER

    Being Prescriptive

    Harness Agile's cultural advantages

    Collaboration

    • Team members leverage all their experience working toward a common goal.

    Iterations

    • Cycles provide opportunities for more product feedback.

    Continual Improvement

    • Self-managing teams continually improve their approach for the next iteration.

    Prioritization

    • The most important needs are addressed in the current iteration.

    Compare Waterfall and Agile – the "what" (how are they different?)

    This is an example of the Waterfall Approach.

    A "One and Done" Approach (Planning & Documentation Based)
    Elapsed time to deliver any value: Months to years

    This is an example of the Agile Approach

    An "Iterative" Approach (Empirical/Evidence Based)
    Elapsed time to deliver any value: Weeks

    Be aware of common myths around Agile

    1. … solve development and communication issues.
    2. … ensure you will finish requirements faster.
    3. … mean you don't need planning and documentation.

    "Although Agile methods are increasingly being adopted in globally distributed settings, there is no panacea for success."
    – "Negotiating Common Ground in Distributed Agile Development: A Case Study Perspective."

    "Without proper planning, organizations can start throwing more resources at the work which spirals into the classic Waterfall issues of managing by schedule."
    – Kristen Morton, Associate Implementation Architect,
    OneShield Inc., Info-Tech Interview

    Agile* SDLC

    With shared ownership instead of silos, we can deliver value at the end of every iteration (aka sprint)

    An image of the Agile SDLC Approach.

    * There are many Agile methodologies to choose from, but Scrum is by far the most widely used (and is shown above).

    Key Elements of the Agile SDLC

    • You are not "one-and-done." There are many short iterations with constant feedback.
    • There is an empowered product owner. This is a single authoritative voice that represents stakeholders.
    • There is a fluid product backlog. This enables prioritization of requirements "just-in-time."
    • Cross-functional, self-managing team. This team makes commitments and is empowered by the organization to do so.
    • Working, tested code at the end of each sprint. Value becomes more deterministic along sprint boundaries.
    • Demonstrate to stakeholders. Allow them to see and use the functionality and provide necessary feedback.
    • Feedback is being continuously injected back into the product backlog. This shapes the future of the solution.
    • Continuous improvement through sprint retrospectives.
    • "Internally Governed" when done right (the virtuous cycle of sprint-demo-feedback).

    A backlog stores and organizes PBIs at various stages of readiness

    A well-formed backlog can be thought of as a DEEP backlog:

    • Detailed Appropriately: Product backlog items (PBIs) are broken down and refined as necessary.
    • Emergent: The backlog grows and evolves over time as PBIs are added and removed.
    • Estimated: The effort a PBI requires is estimated at each tier.
    • Prioritized: The PBIs value and priority are determined at each tier.

    (Perforce, 2018)

    An image showing the Ideas; Qualified; Ready; funnel leading to the sprint approach.

    Outline the criteria to proceed to the next tier via quality filters

    Expand the concepts of defining "ready" and "done" to include the other stages of a PBIs journey through product planning.

    An image showing the approach you will use to Outline the criteria to proceed to the next tier via quality filters

    Info-Tech Insight: A quality filter ensures quality is met and teams are armed with the right information to work more efficiently and improve throughput.

    Deliverables

    Many steps in this blueprint are accompanied by supporting deliverables to help you accomplish your goals.

    Common Agile Challenges Survey
    Survey the organization to understand which of the common Agile challenges the organization is experiencing

    A screenshot from Common Agile Challenges Survey

    Roadmap for Transition to Agile
    Identify steps you will take to move your organization toward Agile delivery

    A screenshot from Roadmap for Transition to Agile

    Blueprint benefits

    IT Benefits

    Business Benefits

    • Consistent Agile delivery teams.
    • Delivery prioritized with business needs and committed work is achievable.
    • Improved ability to adjust future delivery cycles to meet changing business, market, and end-user needs.
    • Increased alignment and stability of resources with products and technology areas.
    • Reduction in the mean time to delivery of product backlog items.
    • Reduction in technical debt.
    • Better delivery alignment with enterprise goals, vision, and outcomes.
    • Improved coordination with product owners and stakeholders.
    • Quantifiable value realization following each release.
    • Product decisions made at the right time and with the right input.
    • Improved team morale and productivity.
    • Improved operational efficiency and process automation.
    • Increased employee retention and quality of new hires.
    • Reduction in accumulated project risk.

    Measure the value of this blueprint

    Implementing quality and consistent Agile practices improves SDLC metrics and reduces time to value.

    • Use Select and Use SDLC Metrics Effectivelyto track and measure the impact of Agile delivery. For example:
      • Reduction in PBI wait time
      • Improve throughput
      • Reduction in defects and defect severity
    • Phase 1 helps you prepare and send your Common Agile Challenges Survey.
    • Phase 2 builds a transformation plan aligned with your top pain points.

    Align Agile coaching and practices to address your key pain points identified in the Common Agile Challenges Survey.

    A screenshot from Common Agile Challenges Survey

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    This is an image of the eight calls which will take place over phases 1-3.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 6 to 8 calls over the course of 1 to 2 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phases 1-2
    1.5 - 3.0 days estimated

    Backlog Management
    0.5 - 1.0 days estimated

    Scrum Simulation
    1.25 - 2.25 days estimated

    Estimation
    1.0 - 1.25 days estimated

    Product Owner
    1.0 - 1.75 days estimated

    Product Roadmapping
    0.5 - 1.0 days estimated

    Establish a Solid Foundation for Agile Delivery

    Define the
    IT Target State

    Assess the IT
    Current State

    Bridge the Gap and
    Create the Strategy

    Establish an Effective Product Owner Role

    Create Effective Product Roadmaps

    Activities

    1.1 Gather Agile challenges and gaps
    2.1 Align teams with Agile fundamentals
    2.2 Interpret your common Agile challenges survey results
    2.3 (Optional) Move stepwise to iterative Agile delivery
    2.4 Identify insights and team feedback

    1. User stories and the art of decomposition
    2. Effective backlog management and refinement
    3. Identify insights and team feedback
    1. Scrum sprint planning and retrospective simulation
    2. Pass the balls – sprint velocity game
    1. Improve product backlog item estimation
    2. Agile estimation fundamentals
    3. Understand the wisdom of crowds
    4. Identify insights and team feedback
    1. Understand product management fundamentals
    2. The critical role of the product owner
    3. Manage effective product backlogs and roadmaps
    4. Identify insights and team feedback
    1. Identify your product roadmapping pains
    2. The six "tools" of product roadmapping
    3. Product roadmapping exercise

    Deliverables

    1. Identify your organization's biggest Agile pain points.
    2. Establish common Agile foundations.
    3. Prioritize support for a better Agile delivery approach.
    4. Plan to move stepwise to iterative Agile delivery.
    1. A better understanding of backlog management and user story decomposition.
    1. Scrum sprint planning and retrospective simulation
    2. Pass the balls – sprint velocity game
    1. Improve product backlog item estimation
    2. Agile estimation fundamentals
    3. Understand the wisdom of crowds
    4. Identify insights and team feedback
    1. Understand product management fundamentals
    2. The critical role of the product owner
    3. Manage effective product backlogs and roadmaps
    4. Identify insights and team feedback
    1. Understand product vs. project orientation.
    2. Understand product roadmapping fundamentals.

    Agile Modules

    For additional assistance planning your workshop, please refer to the facilitation planning tool in the appendix.

    Related Info-Tech Research

    Mentoring for Agile Teams
    Get practical help and guidance on your Agile transformation journey.

    Implement DevOps Practices That Work
    Streamline business value delivery through the strategic adoption of DevOps practices.

    Deliver on Your Digital Product Vision
    Build a product vision your organization can take from strategy through execution.

    Deliver Digital Products at Scale
    Deliver value at the scale of your organization through defining enterprise product families.

    Phase 1

    Phase 1

    Phase 2

    Agile Modules

    1.1 Identify common Agile challenges

    2.1 Align teams with Agile fundamentals

    2.2 Interpret your common Agile challenges survey results

    2.3 (Optional) Move stepwise to iterative Agile delivery

    2.4 Identify insights and team feedback

    • Backlog Management Module: Manage Your Backlog Effectively
    • Scrum Simulation Module: Simulate Effective Scrum Practices
    • Estimation Module: Improve Product Backlog Item Estimation
    • Product Owner Module: Establish an Effective Product Owner Role
    • Product Roadmapping: Create Effective Product Roadmaps

    This phase will walk you through the following activities:

    • Decide who will participate in the Common Agile Challenges Survey
    • Compile the results of the survey to identify your organization's biggest pain points with Agile

    This phase involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Develop Your Agile Approach for a Successful Transformation

    Step 1.1

    Identify common Agile challenges

    Activities

    1.1 Distribute Common Agile Challenges Survey and collect results

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • A better understanding of your organization's Agile pain points.

    Focus Agile support where it is most needed

    A screenshot from Common Agile Challenges Survey

    Info-Tech Insight

    There isn't one approach that cures all the problems your Agile teams are facing. First, understand these common challenges, then develop a plan to address the root causes.

    Use Info-Tech's Common Agile Challenges Survey to determine common issues and what problems individual teams are facing. Use the Agile modules and supporting guides in this blueprint to provide targeted support on what matters most.

    Exercise 1.1.1 Distribute Common Agile Challenges Survey

    30 minutes

    1. Download Survey Template: Info-Tech Common Agile Challenges Survey template.
    2. Create your own local copy of the Common Agile Challenges Survey by using the template. The Common Agile Challenges Survey will help you to identify which of the many common Agile-related challenges your organization may be facing.
    3. Decide on the teams/participants who will be completing the survey. It is best to distribute the survey broadly across the organization and include participants from several teams and roles.
    4. Copy the link for your local survey and distribute it for participants to complete (we suggest giving them one week to complete it).
    5. Collect the consolidated survey results in preparation for the next phase.
    6. NOTE: Using this survey template requires having access to Microsoft Forms. If you do not have access to Microsoft Forms, an Info-Tech analyst can perform the survey for you.

    Output

    • Your organization's biggest Agile pain points

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Record the results in the Roadmap for Transition to Agile Template

    Phase 2

    Establish a Solid Foundation for Agile Delivery

    Phase 1

    Phase 2

    Agile Modules

    1.1 Identify common Agile challenges

    2.1 Align teams with Agile fundamentals

    2.2 Interpret your common Agile challenges survey results

    2.3 (Optional) Move stepwise to iterative Agile delivery

    2.4 Identify insights and team feedback

    • Backlog Management Module: Manage Your Backlog Effectively
    • Scrum Simulation Module: Simulate Effective Scrum Practices
    • Estimation Module: Improve Product Backlog Item Estimation
    • Product Owner Module: Establish an Effective Product Owner Role
    • Product Roadmapping: Create Effective Product Roadmaps

    This phase will walk you through the following activities:

    • Gain a fundamental understanding of Agile
    • Understand why becoming Agile is hard
    • Identify steps needed to become more Agile
    • Understand your biggest Agile pain points

    This phase involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Step 2.1

    Align teams with Agile fundamentals

    Activities

    2.1.1 Share what Agile means to you
    2.1.2 (Optional) Contrast two delivery teams
    2.1.3 (Optional) Dissect the Agilist's Oath
    2.1.4 (Optional) Create your prototype definitions of ready
    2.1.5 (Optional) Create your prototype definitions of done
    2.1.6 Identify the challenges of implementing agile in your organization

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • A better understanding of what Agile is and why we do it.

    Exercise 2.1.1 Share what Agile means to you

    30-60 minutes

    1. What is Agile? Why do we do it?
    2. As a group, discuss and capture your thoughts on:
      1. What is Agile (its characteristics, practices, differences from alternatives, etc.)?
      2. Why do we do it (its drivers, benefits, advantages, etc.)?
    3. Capture your findings in the table below:

    What is Agile?

    Why do we do it?

    (e.g. Agile mindset, principles, and practices)

    (e.g. benefits)

    Output

    • Your current understanding of Agile and its benefits

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Why Agile/DevOps? It's about time to value

    Leaders and stakeholders are frustrated with long lead times to implement changes. Agile/DevOps promotes smaller, more frequent releases to start earning value sooner.

    A graph demonstrating the increased frequency of release expected over time, from 1960 - present

    Time to delivering value depends on frequency of releases.
    Source: 5Q Partners

    The pandemic accelerated the speed of digital transformation

    With the massive disruption preventing people from gathering, businesses shifted to digital interactions with customers.

    December 2019 - 36%; acceleration of 3 years; July 2020 - 58%.

    Companies also accelerated the pace of creating digital or digitally enhanced products and services.

    December 2019 - 35%; acceleration of 3 years; July 2020 - 55%.

    (McKinsey, 2020 )

    "The Digital Economy incorporates all economic activity reliant on or significantly enhanced by the use of digital inputs, including digital technologies, digital infrastructure, digital services and data."
    (OECD Definition)

    What does "elite" DevOps look like?

    This is an image of an annotated table showing what elite devops looks like.

    Where are you now?
    Where do You Want to Be?

    * Google Cloud/Accelerate State of DevOps 2021

    Realize and sustain value with DevOps

    Businesses with elite DevOps practices…

    973x more frequent faster lead time code deployments from commit to deploy, 3x 6570x lower change failure rate faster time to recover.

    Waterfall vs. Agile – the "what" (How are they different?)

    This is an example of the Waterfall Approach.

    A "One and Done" Approach (Planning & Documentation Based)
    Elapsed time to deliver any value: Months to years

    This is an example of the Agile Approach

    An "Iterative" Approach (Empirical/Evidence Based)
    Elapsed time to deliver any value: Weeks

    (Optional) Exercise 2.1.2 A tale of two teams

    Discussion (5-10 minutes)

    As a group, discuss how these teams differ

    Team 1:
    An image of the business analyst passing the requirements baton to the architect runner.

    Team 2:
    An image of team of soldiers carrying a heavy log up a beach

    Image Credit: DVIDS

    Discuss differences between these teams:
    • How are they different?
    • How would you coach/train/manage/lead?
    • How does team members' behavior differ?
    • How would you measure each team?
    What would have to happen at your organization to make working like this possible?

    Output

    • How your organization can support Agile behavior and mindset

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Dissect the Agilist's Oath

    Read and consider each element of the oath.

    • As a member of this Scrum team, I recognize that we are all equally and collectively responsible for the success of this project.
    • Success is defined as achieving the best possible outcome for our stakeholders given the constraints of time, money, and circumstances we will face.
    • We will achieve this by working collaboratively with our product owner to regularly deliver high-quality, working, tested code that can be demonstrated, and we will adjust our path forward based on the feedback we receive.
    • I will holistically embrace the concept of "good enough for now" into my work practices, because I know that waiting for the best/perfect solution does not yield optimal results.
    • Collectively, we will work to holistically minimize risk for the project across all phases and disciplines.
    • My primary role will be _____ [PO, SM, BA, Dev, Arch, Test, Ops, etc.], but I will contribute wherever and however best serves the current needs of the project.
    • I recognize that working in Agile/Scrum is not an excuse to ignore important things like adequate design and documentation. Collectively, we will ensure that these things are completed incrementally to a level of detail and quality which adequately serves the organization and stakeholders.
    • We are a team, and we will succeed or fail as one.

    Exercise 2.1.3 (Optional) Dissect the Agilist's Oath

    30 minutes

    1. Each bullet point in the Agilist's Oath is chosen to convey one of eight key messages about Agile practices and the mindset change that's required by everyone involved.
    2. As a group, discuss the "message" for each bullet point in the Agilist's Oath. Then identify which of them would be "easy" and "hard" to achieve in your organization.
    • As a member of this Scrum team, I recognize that we are all equally and collectively responsible for the success of this project.
    • Success is defined as achieving the best possible outcome for our stakeholders given the constraints of time, money, and circumstances we will face.
    • We will achieve this by working collaboratively with our product owner to regularly deliver high-quality, working, tested code that can be demonstrated, and we will adjust our path forward based on the feedback we receive.
    • I will holistically embrace the concept of "good enough for now" into my work practices, because I know that waiting for the best/perfect solution does not yield optimal results.
    • Collectively, we will work to holistically minimize risk for the project across all phases and disciplines.
    • My primary role will be _____ [PO, SM, BA, Dev, Arch, Test, Ops, etc.], but I will contribute wherever and however best serves the current needs of the project.
    • I recognize that working in Agile/Scrum is not an excuse to ignore important things like adequate design and documentation. Collectively, we will ensure that these things are completed incrementally to a level of detail and quality which adequately serves the organization and stakeholders.
    • We are a team, and we will succeed or fail as one.

    Which aspects of the Agilist's Oath are "easy" in your org?

    Which aspects of the Agilist's Oath are "hard" in your org?

    Output

    • How your organization can support Agile behavior and mindset

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Be aware of common myths around Agile

    Agile does not . . . .

    1. … solve development and communication issues.
    2. … ensure you will finish requirements faster.
    3. … mean you don't need planning and documentation.

    "Although Agile methods are increasingly being adopted in globally distributed settings, there is no panacea for success."
    – "Negotiating Common Ground in Distributed Agile Development: A Case Study Perspective."

    "Without proper planning, organizations can start throwing more resources at the work which spirals into the classic Waterfall issues of managing by schedule."
    – Kristen Morton, Associate Implementation Architect,
    OneShield Inc., Info-Tech Interview

    Agile's four core values

    "…while there is value in the items on the right, we value the items on the left more."
    – Source: "The Agile Manifesto"

    We value. . .

    Individuals and Interactions

    OVER

    Processes and Tools

    Working Software

    OVER

    Comprehensive Documentation

    Customer Collaboration

    OVER

    Contract Negotiation

    Responding to Change

    OVER

    Following a Plan

    Being Agile

    OVER

    Being Prescriptive

    Consider the traditional/Waterfall SDLC

    With siloes and handoffs, valuable product is delivered only at the end of an extended project lifecycle.

    This is an image of the Traditional Waterfall SDLC approach

    View additional transition models in the appendix

    Agile* SDLC

    With shared ownership instead of silos, we can deliver value at the end of every iteration (aka sprint)

    Key Elements of the Agile SDLC

    • You are not "one-and-done". There are many short iterations with constant feedback.
    • There is an empowered product owner. This is a single authoritative voice that represents stakeholders.
    • There is a fluid product backlog. This enables prioritization of requirements "just-in-time"
    • Cross-functional, self-managing team. This team makes commitments and is empowered by the organization to do so.
    • Working, tested code at the end of each sprint. Value becomes more deterministic along sprint boundaries.
    • Demonstrate to stakeholders. Allow them to see and use the functionality and provide necessary feedback.
    • Feedback is being continuously injected back into the product backlog. This shapes the future of the solution.
    • Continuous improvement through sprint retrospectives.
    • "Internally Governed" when done right (the virtuous cycle of sprint-demo-feedback).

    This is a picture of the Agile SDLC approach.

    * There are many Agile methodologies to choose from, but Scrum (shown above) is by far the most widely used.

    Scrum roles and responsibilities

    Product Owner

    Scrum Master

    Team Members

    Responsible

    • For identifying the product features and their importance in the final deliverable.
    • For refining and reprioritizing the backlog that identifies which features will be delivered in the next sprint based on business importance.
    • For clearing blockers and escalations when necessary.
    • For leading scrums, retrospectives, sprint reviews, and demonstrations.
    • For team building and resolving team conflicts.
    • For creating, testing, deploying, and supporting deliverables and valuable features.
    • For self-managing. There is no project manager assigning tasks to each team member.

    Accountable

    • For delivering valuable features to stakeholders.
    • For ensuring communication throughout development.
    • For ensuring high-quality deliverables for the product owner.

    Consulted

    • By the team through collaboration, rather than contract negotiation.
    • By the product owner on resolution of risks.
    • By the team on suggestions for improvement.
    • By the scrum master and product owner during sprint planning to determine level of complexity of tasks.

    Informed

    • On the progress of the current sprint.
    • By the team on work completed during the current sprint.
    • On direction of the business and current priorities.

    Scrum ceremonies

    Are any of these challenges for your organization? Done When:

    Project Backlog Refinement (PO & SM): Prepare user stories to be used in the next two to three future sprints. User stories are broken down into small manageable pieces of work that should not span sprints. If a user story is too big for a sprint, it is broken down further here. The estimation of the user story is examined, as well as the acceptance criteria, and each is adjusted as necessary from the Agile team members' input.

    Regularly over the project's lifespan

    Sprint Planning (PO, SM & Delivery Team): Discuss the work for the upcoming sprint with the business. Establish a clear understanding of the expectations of the team and the sprint. The product owner decides if priority and content of the user stories is still accurate. The development team decides what they believe can be completed in the sprint, using the user stories, in priority order, refined in backlog refinement.

    At/before the start of each sprint

    Daily Stand-Up (SM & Delivery Team): Coordinate the team to communicate progress and identify any roadblocks as quickly as possible. This meeting should be kept to fifteen minutes. Longer conversations are tabled for a separate meeting. These are called "stand-ups" because attendees should stay standing for the duration, which helps keep the meeting short and focused. The questions each team member should answer at each meeting: What did I do since last stand-up? What will I do before the next stand-up? Do I have any roadblocks?

    Every day during the sprint

    Sprint Demo (PO, SM, Delivery Team & Stakeholders): Review and demonstrate the work completed in the sprint with the business (demonstrate working and tested code which was developed during the sprint and gather stakeholder feedback).

    At the end of each sprint

    Sprint Retrospective (SM & Delivery Team & PO): Discuss how the sprint worked to determine if anything can be changed to improve team efficiency. The intent of this meeting is not to find/place blame for things that went wrong, but instead to find ways to avoid/alleviate pain points.

    At the end of each sprint

    Sample delivery sprint calendar

    The following calendar illustrates a two-week Scrum cadence (including ceremonies). This diagram is for illustrative purposes only. The length of the sprint and timing of ceremonies may differ from delivery team to delivery team based on their needs and schedules.

    An image of a sample sprint delivery calendar

    Sample delivery sprint calendar

    The following calendar illustrates a three-week Scrum cadence (including ceremonies). This diagram is for illustrative purposes only. The length of the sprint and timing of ceremonies may differ from delivery team to delivery team based on their needs and schedules.

    An image of a sample sprint delivery calendar

    Ensure your teams have the right information

    Implement and enforce your definition of ready at each stage of planning. Ensure your teams understand the required tasks by clarifying the definition of done.*

    Ready

    Done
    • The request has a defined problem, and the value is understood.
    • The request is documented, and the owner is identified.
    • Business and IT roles are committed to participating in estimation and planning activities.
    • Estimates and plans are made and validated with IT teams and business representatives.
    • Stakeholders and decision makers accept the estimates and plans as well as the related risks.
    • Estimates and plans are documented and slated for future review.

    * Note that your definitions of ready and done may vary from project to project, and they should be decided on collectively by the delivery team at the beginning of the project (part of setting their "norms") and updated if/when needed.

    Exercise 2.1.4 (Optional) Create definition of ready and done for an oil change

    10-15 minutes

    Step 1:

    1. As a group, create a definition of ready and done for doing an oil change (this will help you to understand the nature and value of a definition of ready and done using a relatable example):

    Definition of Ready

    Checklist:

    Definition of Done

    Checklist – For each user story:

    The checklist of things that must be true/done to begin the oil change.

    • We have the customer's car and keys
    • We know which grade of oil the customer wants

    The checklist of things that must be true/done at the end of the oil change.

    • The oil has been changed
    • A reminder sticker has been placed on windshield

    Exercise 2.1.4 (Optional) Create your prototype definitions of ready

    30-60 minutes

    Step 2:

    1. As a group, review the two sample definitions of ready below and select the one you consider to be the best starting point for your prototype definition of ready.

    Definition of Ready SAMPLE 1:

    Checklist – For each user story:

    • Technical and business risks are identified.
    • Resources are available for development.
    • Story has been assigned to a sprint/iteration.
    • Organizational business value is defined.
    • A specific user has been identified.
    • Stakeholders and needs defined.
    • Process impacts are identified.
    • Data needs are defined.
    • Business rules and non-functional requirements are identified.
    • Acceptance criteria are ready.
    • UI design work is ready.
    • Story has been traced to the project, epic, and sprint goal.

    Definition of Ready SAMPLE 2:

    Checklist – For each user story:

    • The value of story to the user is clearly indicated.
    • The acceptance criteria for story have been clearly described.
    • User story dependencies identified.
    • User story sized by delivery team.
    • Scrum team accepts user experience artifacts.
    • Performance criteria identified, where appropriate.
    • Person who will accept the user story is identified.
    • The team knows how to demo the story.

    Output

    • Prototype definitions of ready and done for your organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.1.4 (Optional) Create your prototype definitions of ready

    30-60 minutes

    Step 3:

    1. As a group, using the selected sample as your starting point, decide what changes need to be made (keep/add/delete/modify):

    Definition of Ready Checklist – For each user story:

    Disposition

    The value of story to the user is clearly indicated.

    Keep as is

    The acceptance criteria for story have been clearly described. Keep as is
    User story dependencies identified. Modify to: "Story has been traced to the project, epic, and sprint goal"
    User story sized by delivery team. Modify to: "User Stories have been sized by the Delivery team using Story Points"
    Scrum team accepts user experience artifacts. Keep as is
    Performance criteria identified, where appropriate. Keep as is
    Person who will accept the user story is identified.

    Delete

    The team knows how to demo the story. Keep as is

    Add: "Any performance related criteria have been identified where appropriate"

    Add: "Any data model related changes have been identified where needed"

    Output

    • Prototype definitions of ready and done for your organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.1.4 (Optional) Create your prototype definitions of ready

    30-60 minutes

    Step 4:

    1. As a group, capture and agree on your prototype definition of ready*:

    Definition of Ready

    Checklist – For each user story:

    User stories and related requirements contain clear descriptions of what is expected of a given functionality. Business value is identified.

    • The value of the story to the user is clearly indicated.
    • The acceptance criteria for the story have been clearly described.
    • Story has been traced to the project, epic, and sprint goal.
    • User stories have been sized by the delivery team using story points.
    • Scrum team accepts user experience artifacts.
    • Performance criteria identified, where appropriate.
    • The team knows how to demo the story.
    • Any performance-related criteria have been identified where appropriate.
    • Any data-model-related changes have been identified where needed.

    Record the results in the Roadmap for Transition to Agile Template

    * This checklist helps Agile teams determine if the stories in their backlog are ready for sprint planning. As your team gains experience with Agile, tailor this list to your needs and follow it until the practice becomes second nature.

    Output

    • Prototype definitions of ready and done for your organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.1.5 (Optional) Create your prototype definitions of done

    30-60 minutes

    Step 5:

    1. As a group, review the two sample definitions of ready below and select the one you consider to be the best starting point for your prototype definition of ready:

    SAMPLE 1:

    Definition of Done Checklist – For each user story:

    • Design complete
    • Code compiles
    • Static code analysis has been performed and passed
    • Peer reviewed with coding standards passed
    • Code merging completed
    • Unit tests and smoke tests are done/functional (preferably automated)
    • Meets the steps identified in the user story
    • Unit & QA test passed
    • Usability testing completed
    • Passes functionality testing including security testing
    • Data validation has been completed
    • Ready to be released to the next stage

    SAMPLE 2:

    Definition of Done Checklist – For each user story:

    • Work was completed in a way that a professional would say they are satisfied with their work.
    • Work has been seen by multiple team members.
    • Work meets the criteria of satisfaction described by the customer.
    • The work is part of a package that will be shared with the customer as soon as possible.
    • The work and any learnings from doing the work have been documented.
    • Completion of the work is known by and visible to all team members.
    • The work has passed all quality, security, and completeness checks as defined by the team.

    Output

    • Prototype definitions of ready and done for your organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.1.4 (Optional) Create your prototype definitions of done

    30-60 minutes

    Step 6:

    1. As a group, using the selected sample as your starting point, decide what changes need to be made (keep/add/delete/modify):

    Definition of Ready Checklist – For each user story:

    Disposition

    • Work was completed in a way that a professional would say they are satisfied with their work.
    Keep as is
    • Work has been seen by multiple team members.
    Delete
    • Work meets the criteria of satisfaction described by the customer.
    Modify to: "All acceptance criteria for the user story have been met"
    • The work is a part of a package that will be shared with the customer as soon as possible.
    Modify to: "The user story is ready to be demonstrated to Stakeholders"
    • The work and any learnings from doing the work has been documented.
    Keep as is
    • Completion of the work is known by and visible to all team members.
    Keep as is
    • The work has passed all quality, security, and completeness checks as defined by the team.
    Modify to: "Unit, smoke and regression testing has been performed (preferably automated), all tests were passed"
    Add: "Any performance related criteria associated with the story have been met"

    Output

    • Prototype definitions of ready and done for your organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.1.4 (Optional) Create your prototype definitions of done

    30-60 minutes

    Step 7:

    1. As a group, capture and agree on your prototype Definition of Done*:

    Definition of Done

    Checklist – For each user story:

    When the user story is accepted by the product owner and is ready to be released.

    • Work was completed in a way that a professional would say they are satisfied with their work.
    • All acceptance criteria for the user story have been met.
    • The user story is ready to be demonstrated to stakeholders.
    • The work and any learnings from doing the work have been documented.
    • Completion of the work is known by and visible to all team members.
    • Unit, smoke, and regression testing has been performed (preferably automated), and all tests were passed.
    • Any performance-related criteria associated with the story have been met.

    Record the results in the Roadmap for Transition to Agile Template

    * This checklist helps Agile teams determine if the stories in their backlog are ready for sprint planning. As your team gains experience with Agile, tailor this list to your needs and follow it until the practice becomes second nature.

    Output

    • Prototype definitions of ready and done for your organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Getting to "Agile DevOps Nirvana" is hard, but it's worth it.

    An image of the trail to climb Mount Everest, from camps 1-4

    Agile DevOps is a progression of cultural, behavioral, and process changes.
    It takes time.

    An image of the trail to climb Mount Everest, with the camps replaced by the steps to deploy Agile, to reach Agile/Devops Nirvana

    Agile DevOps may be hard, but it's worth it…

    It turns out Waterfall is not as good at reducing risk and ensuring delivery after all.

    CHAOS RESOLUTION BY AGILE VERSUS WATERFALL
    Size Method Successful Challenged Failed
    All Size Projects Agile 39% 52% 9%
    Waterfall 11% 60% 29%

    Standish Group; CHAOS REPORT 2015

    "I believe in this [Waterfall] concept, but the implementation described above is risky and invites failure."

    – Winston W. Royce

    Compare Waterfall to Agile

    Waterfall

    Agile

    Roles and Responsibilities

    Silo your resources

    Defined/segregated responsibilities

    Handoffs between siloes via documents

    Avoid siloes

    Collective responsibility

    Transitions instead of handoffs

    Belief System

    Trust the process

    Assign tasks to individuals

    Trust the delivery team

    Assign ownership/responsibilities to the team

    Planning Approach

    Create a detailed plan before work begins

    Follow the plan

    High level planning only

    The plan evolves over project lifetime

    Delivery Approach

    One and done (big bang delivery at end of project)

    Iterative delivery (regularly demonstrate working code)

    Governance Approach

    Phases and gates

    Artifacts and approvals

    Demo working tested code and get stakeholder feedback

    Support delivery team and eliminate roadblocks

    Approach to Stakeholders

    Involved at beginning and end of project

    "Arm's length" relationship with delivery team

    Involved throughout project (sprint by sprint)

    Closely involved with delivery team (through full time PO)

    Approach to Requirements/Scope

    One-time requirements gathering at start of project

    Scope is fixed at beginning of project ("carved in stone")

    On going requirements gathering and refinement over time

    Scope is roughly determined at beginning (expect change)

    Approach to Changing Requirements

    Treats change like it is "bad"

    Onerous CM process (discourages change)

    Scope changes "require approval" and are disruptive

    Accepts change as natural part of development.

    Light Change Management process (change is welcome)

    Scope changes are handled like all changes

    Hybrid SDLC: Wagile/Agilfall/WaterScrumFall

    Valuable product delivered in multiple releases

    A picture of a hybrid waterfall - Agile approach.

    If moving directly from Waterfall to Agile is too much for your organization, this can be a valuable interim step (but it won't give you the full benefits of Agile, so be careful about getting stuck here).

    Exercise 2.1.6 Identify the challenges of implementing Agile in your organization

    30-60 minutes

    1. As a group, discuss:
      1. Why being Agile may be difficult in your organization?
      2. What are some of the roadblocks and speed bumps you may face?
      3. What incremental steps might the organization take toward becoming Agile?

    Record the results in the Roadmap for Transition to Agile Template

    Output

    • Why being Agile is hard in your organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Step 2.2

    Align teams with Agile fundamentals

    Activities

    2.2.1 Review the results of your Common Agile Challenges Survey (30-60 minutes)
    2.2.2 Align your support with your top five challenges

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Identify your organization's biggest Agile pain points.

    Be aware of common Agile challenges

    The road to Agile is filled with potholes, speedbumps, roadblocks, and brick walls!

    1. Establish an effective product owner role (PO)
    2. Uncertainty about minimum viable product (MVP)
    3. How non-Agile teams (like architecture, infosec, operations, etc.) work with Agile teams
    4. Project governance/gating process
    5. What is the role of a PM/PMO in Agile?
    6. How to budget/plan Agile projects
    7. How to contract and work with an Agile vendor
    8. An Agile skills deficit (e.g. new-to-Agile teams who have difficulty "doing Agile right")
    9. General resistance to change in the organization
    10. Lack of Agile training, piloting, and coaching
    11. Different Agile approaches are used by different teams
    12. Backlog management and user story decomposition challenges
    13. Quality assurance challenges
    14. Hierarchical management practices and organization boundaries
    15. Difficulty with establishing autonomous Agile teams
    16. Lack of management support for Agile
    17. Poor Agile estimation practices
    18. Difficulty creating effective product roadmaps in Agile
    19. How do we know when an Agile project is ready to go live?
    20. Sprint goals are not being consistently met, or sprint deliverables that are full of bugs

    Exercise 2.2.1 Review the results of your Common Agile Challenges Survey

    30-60 minutes

    1. Using the results of your Common Agile Challenges Survey, fill in the bar chart with your top five pain points:

    A screenshot from Common Agile Challenges Survey

    Output

    • Your organization's biggest Agile pain points identified and prioritized

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.2.2 Align your support with your top five challenges

    30 minutes

    Using the Agile Challenges support mapping on the following slides, build your transformation plan and supporting resources. You can build your plan by individual team results or as an enterprise approach.

    Priority Agile Challenge Module Name and Sequence
    1
    1. Agile Foundations
    2. ?
    2
    1. Agile Foundations
    2. ?
    3
    1. Agile Foundations
    2. ?
    4
    1. Agile Foundations
    2. ?
    5
    1. Agile Foundations
    2. ?

    Output

    • Your organization's Agile Challenges transformation plan

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Map challenges to supporting modules

    Agile Challenges

    Supporting Resources

    Difficulty establishing an effective product owner (PO) or uncertainty about the PO role

    Modules:

    • Agile Foundations
    • Establish an Effective Product Owner Role
    Uncertainty about minimum viable product (MVP) and how to identify your MVP

    Modules:

    • Agile Foundations
    • Simulate Effective Scrum Practices
    How non-Agile teams (like architecture, info sec, operations, etc.) work with Agile teams

    Modules:

    • Agile Foundations
    • Work With Non-Agile Teams (Future)
    Project Governance/Gating processes that are unfriendly to Agile

    Modules:

    • Agile Foundations
    • Establish Agile-Friendly Gating (Future)
    Uncertainty about the role of a PM/PMO in Agile

    Modules:

    • Agile Foundations
    • Understand the role of PM/PMO in Agile Delivery (Future)
    Uncertainty about how to budget/plan Agile projects

    Modules:

    • Agile Foundations
    • Simulate Effective Scrum Practices
    • Understand Budgeting and Funding for Agile Delivery (Future)
    Creating an Agile friendly RFP/Contract (e.g. how to contract and work with an Agile vendor)

    Modules:

    • Agile Foundations
    • Work Effectively with Agile Vendors (Future)

    Note: Modules listed as (Future) are in development and may be available in draft format.

    Map challenges to supporting modules

    Agile Challenges

    Supporting Resources

    An Agile skills deficit (e.g. new-to-Agile teams who have difficulty "doing Agile right")

    Modules:

    • Agile Foundations
    General resistance in the organization to process changes required by Agile

    Modules:

    • Agile Foundations
    • Manage Organizational Change to Support Agile Delivery (Future)
    Lack of Agile training, piloting and coaching being offered by the organization

    Modules:

    • Agile Foundations
    Different Agile approaches are used by different teams, making it difficult to work together

    Modules:

    • Agile Foundations
    • Build Your Scrum Playbook (Future)
    Backlog management challenges (e.g. how to manage a backlog, and make effective use of Epics, Features, User Stories, Tasks and Bugs)

    Modules:

    • Agile Foundations
    • Manage Your Backlog Effectively
    Quality Assurance challenges (testing not being done well on Agile projects)

    Modules:

    • Agile Foundations
    • Establish Effect Quality Assurance for Agile Delivery (Future);
    • Use Test Automation Effectively (Future)
    Hierarchical management practices and organization boundaries make it difficult to be Agile

    Modules:

    • Agile Foundations
    • Manage Organizational Change to Support Agile Delivery (Future)

    Note: Modules listed as (Future) are in development and may be available in draft format.

    Map challenges to supporting modules

    Agile Challenges

    Supporting Resources

    Difficulty with establishing autonomous Agile teams (self managing, cross functional teams that are empowered by the organization to deliver)

    Modules:

    • Agile Foundations
    • Manage Organizational Change to Support Agile Delivery (Future)
    Lack of management support for Agile

    Modules:

    • Agile Foundations
    • Manage Organizational Change to Support Agile Delivery (Future)
    Poor understanding of Agile estimation techniques and how to apply them effectively

    Modules:

    • Agile Foundations
    • Estimation Module
    Difficulty creating effective product roadmaps in Agile

    Modules:

    • Agile Foundations
    • Product Roadmapping Tool
    How do we know when an Agile project is ready to go live

    Modules:

    • Agile Foundations
    • Decide When to Go Live (Future)
    Sprint goals are not being consistently met, or Sprint deliverables that are full of bugs

    Modules:

    • Agile Foundations
    • Establish Effect Quality Assurance for Agile Delivery (Future);
    • Use Test Automation Effectively (Future)

    Note: Modules listed as (Future) are in development and may be available in draft format.

    Map challenges to supporting blueprints

    Agile Challenges

    Supporting Resources

    Difficulty establishing an effective product owner (PO) or uncertainty about the PO role

    Blueprints: Build a Better Product Owner; Managing Requirements in an Agile Environment

    Uncertainty about minimum viable product (MVP) and how to identify your MVP

    Blueprints: Deliver on Your Digital Product Vision; Managing Requirements in an Agile Environment

    How non-Agile teams (like architecture, info sec, operations, etc.) work with Agile teams

    Blueprints: Create a Horizontally Optimized SDLC to Better Meet Business Demands, Extend Agile Practices Beyond IT, Implement DevOps Practices That Work; Build Your BizDevOps Playbook, Embed Security into the DevOps Pipeline

    Project Governance/Gating processes that are unfriendly to Agile

    Blueprints: Streamline Your Management Process to Drive Performance, Drive Business Value With a Right-Sized Project Gating Process

    Uncertainty about the role of a PM/PMO in Agile

    Blueprints: Define the Role of Project Management in Agile and Product-Centric Delivery, Create a Horizontally Optimized SDLC to Better Meet Business Demands

    Uncertainty about how to budget/plan Agile projects

    Blueprints: Identify and Reduce Agile Contract Risk

    Creating an Agile friendly RFP/Contract (e.g. how to contract and work with an Agile vendor)

    Blueprints: Identify and Reduce Agile Contract Risk

    Note: Modules listed as (Future) are in development and may be available in draft format.

    Map challenges to supporting blueprints

    Agile Challenges

    Supporting Resources

    An Agile skills deficit (e.g. new-to-Agile teams who have difficulty "doing Agile right")

    Blueprints: Perform an Agile Skills Assessment; Mentoring for Agile Teams

    General resistance in the organization to process changes required by Agile

    Blueprints: Master Organizational Change Management Practices

    Lack of Agile training, piloting and coaching being offered by the organization

    Blueprints: Perform an Agile Skills Assessment; Mentoring for Agile Teams

    Different Agile approaches are used by different teams, making it difficult to work together

    Blueprints: Create a Horizontally Optimized SDLC to Better Meet Business Demands, Extend Agile Practices Beyond IT

    Backlog management challenges (e.g. how to manage a backlog, and make effective use of epics, features, user stories, tasks and bugs)

    Blueprints: Deliver on Your Digital Product Vision, Managing Requirements in an Agile Environment

    Quality Assurance challenges (testing not being done well on Agile projects)

    Blueprints: Build a Software Quality Assurance Program, Automate Testing to Get More Done

    Hierarchical management practices and organization boundaries make it difficult to be Agile

    Blueprints: Master Organizational Change Management Practices

    Map challenges to supporting blueprints

    Agile Challenges

    Supporting Resources

    Difficulty with establishing autonomous Agile teams (self managing, cross functional teams that are empowered by the organization to deliver)

    Blueprints: Master Organizational Change Management Practices

    Lack of management support for Agile

    Blueprints: Master Organizational Change Management Practices

    Poor understanding of Agile estimation techniques and how to apply them effectively

    Blueprints: Estimate Software Delivery with Confidence, Managing Requirements in an Agile Environment

    Difficulty creating effective product roadmaps in Agile

    Blueprints: Deliver on Your Digital Product Vision

    How do we know when an Agile project is ready to go live

    Blueprints: Optimize Applications Release Management,Drive Business Value With a Right-Sized Project Gating Process, Managing Requirements in an Agile Environment

    Sprint goals are not being consistently met, or sprint deliverables that are full of bugs

    Blueprints: Build a Software Quality Assurance Program, Automate Testing to Get More Done, Managing Requirements in an Agile Environment

    Step 2.3

    Move stepwise to iterative Agile delivery (Optional)

    Activities

    2.3.1 (Optional) Identify a hypothetical project
    2.3.2 (Optional) Capture your traditional delivery approach
    2.3.3 (Optional) Consider what a two-phase delivery looks like
    2.3.4 (Optional) Consider what a four-phase delivery looks like
    2.3.5 (Optional) Consider what a four-phase delivery with monthly sprints looks like
    2.3.6 (Optional) Decide on your target state and the steps required to get there

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Understand the changes that must take place in your organization to support a more Agile delivery approach.

    Moving stepwise from traditional to Agile

    Your transition to Agile and more frequent releases doesn't need to be all at once. Organizations may find it easier to build toward smaller iterations.

    An image of the stepwise approach to adopting Agile.

    Exercise 2.3.1 (Optional) Identify a hypothetical project

    15-30 minutes

    1. As a group, consider some typical, large, mission-critical system deliveries your organization has done in the past (name a few as examples).
    2. Imagine a project like this has been assigned to your team, and the plan calls for delivering the system using your traditional delivery approach and taking two years to complete.
    3. Give this imaginary project a name (e.g. traditional project, our project).

    Name of your imaginary 2-year long project:

    e.g. Big Bang ERP

    Brief Project Description:

    e.g. Replace home-grown legacy ERP with a modern COTS product in a single release scheduled to be delivered in 24 months

    Record this in the Roadmap for Transition to Agile Template

    Info-Tech Best Practice

    For best results, complete these sub-exercises with representatives from as many functional areas as possible
    (e.g. stakeholders, project management, business analysis, development, testing, operations, architecture, infosec)

    Output

    • An imaginary delivery project that is expected to take 2 years to complete

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.3.2 (Optional) Capture your traditional delivery approach

    30 minutes

    1. As a group, discuss and capture the high-level steps followed (after project approval) in your traditional delivery approach using the table below and on the next page.

    Step

    Description

    Who is involved

    1
    • Gather detailed requirements (work with project stakeholders to capture all requirements of the system and produce a Detailed Requirements Document)

    PM, Business Analysts, Stakeholders, etc.

    2
    • Produce a Detailed Design Document (develop a design that will meet all requirements identified in the Detailed Requirements Document)
    • Produce a Detailed Test Plan for acceptance of the system
    • Produce a Detailed Project Plan for the system delivery
    • Perform threat and privacy assessment (using the detailed requirements and design documents, perform a Threat Risk Assessment and Privacy Impact Analysis)
    • Submit detailed design to Architecture Review Board
    • Provide Operations with full infrastructure requirements
    PM, Architects, InfoSec, ARB, Operations, etc.
    3
    • Develop software (follow the Detailed Design Document and develop a system which meets all requirements)
    • Perform Unit Testing on all modules of the system as they are developed
    PM, Developers, etc.
    4
    • Create Production Environment based on project specification
    • Perform Integration testing of all modules to ensure the system works as designed
    • Produce an Integration Test Report capturing the results of testing and any deficiencies
    PM, Testers, etc.
    5
    • Fix all Sev 1 and Sev 2 deficiencies found during Integration Testing
    • Perform regression testing
    • Perform User Acceptance Testing as per the Detailed Test Plan
    PM, Developers, Testers, Stakeholders, etc.
    6
    • Product Deployment Plan
    • Perform User and Operations Training
    • Produce updated Threat Risk Assessment and Privacy Impact Analysis
    • Seek CAB (Change Approval Board) approval to go live
    PM, Developers, Testers, Operations, InfoSec, CAB, etc.
    7
    • Close out and Lessons Learned
    • Verify value delivery
    PM, etc.

    Output

    • The high-level steps in your current (traditional) delivery approach and who is involved in each step

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.3.2 (Optional) Capture your traditional delivery approach

    Step

    Description

    Who is involved

    1
    • Gather detailed requirements (work with project stakeholders to capture all requirements of the system and produce a Detailed Requirements Document)

    PM, Business Analysts, Stakeholders, etc.

    2
    • Produce a Detailed Design Document (develop a design that will meet all requirements identified in the Detailed Requirements Document)
    • Produce a Detailed Test Plan for acceptance of the system
    • Produce a Detailed Project Plan for the system delivery
    • Perform threat and privacy assessment (using the detailed requirements and design documents, perform a Threat Risk Assessment and Privacy Impact Analysis)
    • Submit detailed design to Architecture Review Board
    • Provide Operations with full infrastructure requirements
    PM, Architects, InfoSec, ARB, Operations, etc.
    3
    • Develop software (follow the Detailed Design Document and develop a system which meets all requirements)
    • Perform Unit Testing on all modules of the system as they are developed
    PM, Developers, etc.
    4
    • Create Production Environment based on project specification
    • Perform Integration testing of all modules to ensure the system works as designed
    • Produce an Integration Test Report capturing the results of testing and any deficiencies
    PM, Testers, etc.
    5
    • Fix all Sev 1 and Sev 2 deficiencies found during Integration Testing
    • Perform regression testing
    • Perform User Acceptance Testing as per the Detailed Test Plan
    PM, Developers, Testers, Stakeholders, etc.
    6
    • Product Deployment Plan
    • Perform User and Operations Training
    • Produce updated Threat Risk Assessment and Privacy Impact Analysis
    • Seek CAB (Change Approval Board) approval to go live
    PM, Developers, Testers, Operations, InfoSec, CAB, etc.
    7
    • Close out and Lessons Learned
    • Verify value delivery
    PM, etc.

    Output

    • The high-level steps in your current (traditional) delivery approach and who is involved in each step

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.3.3 (Optional) Consider what a two-phase delivery looks like

    30 minutes

    1. As a group, imagine that project stakeholders tell you two years is too long to wait for the project, and they want to know if they can have something (even if it's not the whole thing) in production sooner.
    2. Now imagine that you are able to convince the stakeholders to work with you to do the following:
      1. Identify their most important project requirements.
      2. Work with you to describe a valuable subset of the project requirements which reflect about ½ of all features they need (call this Phase 1).
      3. Work with you to get this Phase 1 of the project into production in about 1 year.
      4. Agree to leave the remaining requirements (e.g. the less important ones) until Phase 2 (second year of project).
    3. As a group, identify:
      1. How hard this would be for your organization to do, on a scale of 1 to 10.
      2. Identify what changes are needed to make this happen (consider people, processes, and technology).
      3. Capture your results using the table on the following slide.

    Output

    • The high-level steps in your current (traditional) delivery approach and who is involved in each step

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.3.3 (Optional) Consider what a two-phase delivery looks like

    30 minutes

    1. What would be needed to let you deliver a two-year project in two one-year phases considering people, process, and technology?

    People

    Processes

    Technology

    • e.g. Stakeholders would need to make hard decisions about which features are more valuable/important than others (and stick to them)
    • e.g. Delivery team and stakeholders would need to work closely together to determine what is a feasible and valuable set of features which can go live in Phase 1
    • e.g. Operations will need to be prepared to support Phase 1 (earlier than before), and then support an updated system after Phase 2
    • e.g. No significant change to traditional processes other than delivering in two phases
    • e.g. Need to decide whether requirements for the full project need to be gathered up front, or do you just do Phase 1, and then Phase 2
    • e.g. No significant changes other than we need a production environment sooner, and infrastructure requirements for the full project may be different from what is needed just for Phase 1

    How difficult would this be to achieve in your organization? (1-easy, 10-next to impossible)

    e.g. 2

    Output

    • Understand how your organization would deliver a large project in two phases

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.3.4 (Optional) Consider what a four-phase delivery looks like

    30 minutes

    1. Now, imagine that project stakeholders tell you that even one year is still too long to wait for something of value in production, and they want to know if they can have something (even if it's not the whole thing) in production sooner.
    2. Now imagine that you are able to convince the stakeholders to work with you to do the following:
      1. From the "Phase 1" requirements in Exercise 2.3.3, they will identify the most important ones that they need first.
      2. They will work with you to describe a valuable subset of these project requirements which reflect about ½ of all features they need (call this Phase 1A).
      3. They will work with you to get this Phase 1A of the project into production in about six months.
      4. Agree to leave all the remaining requirements (e.g. the less important ones) until later phases.
    1. As a group, identify:
      1. How hard this would be for your organization to do, on a scale of 1 to 10?
      2. Identify what changes are needed to make this happen (consider people, processes, and technology).
      3. Capture your results using the table on the following slide.

    Output

    • Understand how your organization would deliver a large project in two phases

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.3.4 (Optional) Consider what a four-phase delivery looks like

    30 minutes

    1. What more would be needed to let you deliver a two-year project in four, six-month phases considering people, process, and technology?

    People

    Processes

    Technology

    • e.g. Stakeholders would need to make even harder (and faster) decisions about which features are most valuable/important than others.
    • e.g. Because we will be delivering releases so quickly, we'll ask the stakeholders to nominate a "primary contact" who can make decisions on requirements for each phase (also to answer questions from the project team, when needed, so they aren't slowed down).
    • e.g. Delivery team and the "primary contact" would work closely together to determine what is a feasible and valuable set of features to go live within Phase 1A, and then repeat this for the remaining Phases.
    • e.g. Operations will need to be prepared to support Phase 1A (even earlier than before), and then support the remaining phases. Ask them to dedicate someone as primary contact for this series of releases, and who provides guidance/support as needed.

    e.g. Heavy and time-consuming process steps (e.g. architecture reviews, data modelling, infosec approvals, change approval board) will need to be streamlined and made more "iteration-friendly."

    e.g. Gather detailed requirements only for Phase 1A, and leave the rest as high-level requirements to be more fully defined at the beginning of each subsequent phase.

    • e.g. We will need (at a minimum) a Production, and a Pre-production environment set up (and earlier in the project lifecycle) and solid regression testing at the end of each phase to ensure the latest Release doesn't break anything.
    • e.g. Since we will be going into production multiple times over this 2-year project, we should consider using automation (e.g. automated build, automated regression testing, and automated deployment).

    How difficult would this be to achieve in your organization? (1-easy, 10-next to impossible)

    e.g. 5

    Output

    • Understand how your organization would deliver a large project in two phases

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.3.5 (Optional) Consider what a four-phase delivery with monthly sprints looks like

    30 minutes

    1. Now, imagine that project stakeholders tell you that they are happy with the six-month release approach (e.g. expect to go live four times over the two-year project, with each release providing increased functionality), but they want to see your team's progress frequently between releases.
    2. Additionally, stakeholders tell you that instead of asking you to provide the traditional monthly project status reports, they want you to demonstrate whatever features you have built and work for the system on a monthly basis. This will be done in the form of a demonstration to a selected list of stakeholders each month.
    3. Each month, your team must show working, tested code (not prototypes or mockups, unless asked for) and demonstrate how this month's deliverable brings value to the business.
    4. Furthermore, the stakeholders would like to be able to test out the system each month, so they can play with it, test it, and provide feedback to your team about what they like and what they feel needs to change.
    5. To help you to achieve this, the stakeholders designate their primary contact as the "product owner" (PO) who will be dedicated to the project and will help your team to decide what is being delivered each month. The PO will be empowered by the stakeholders to make decisions on scope and priority on an expedited basis and will also answer questions on their behalf when your team needs guidance.
    6. You agree with the stakeholders these one-month deliverables will be called "sprints."

    Output

    • Understand how your organization would deliver a large project in two phases

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.3.5 (Optional) Consider what a four-phase delivery with monthly sprints looks like

    30 minutes

    1. What more would be needed to let you deliver a two-year project in 24 one-month sprints (plus four six-month releases) considering people, process, and technology?

    People

    Processes

    Technology

    • e.g. The team will need to work closely with the product owner (and/or stakeholders) on a continuous basis to understand requirements and their relative priority
    • e.g. Stakeholders will need to be available for demos and testing at the end of each sprint, and provide feedback to the team as quickly as possible
    • e.g. all functional siloes within IT (e.g. analysts, architects, infosec, developers, testers, operations) will need to work hand in hand on a continuous basis to deliver working tested code into a demo/test environment at the end of each sprint
    • e.g. there isn't enough time in each sprint to have team members working in siloes, instead, we will need to work together as a team to ensure that all aspects of the sprint (requirements, design, build, test, etc.) are worked on as needed (team is equally and collectively responsible for delivery of each sprint)
    • e.g. We can't deliver much in 1-month sprints if we work in siloes and are expected to do traditional documentation and handoffs (e.g. requirements document), so we will use a fluid project backlog instead of requirements documents, we will evolve our design iteratively over the course of the many sprints, and we will need to streamline the CAB process to allow for faster (more frequent) deployments
    • e.g. We will need to evolve the system's data model iteratively over the course of many sprints (rather than a one-and-done approach at the beginning of the project)
    • e.g. We will need to quickly decide the scope to be delivered in each sprint (focusing on highest value functionality first). Each sprint should have a well-defined "goal" that the team is trying to achieve
    • We will need any approval processes (e.g. architecture review, infosec review, CAB approval) to be streamlined and simplified in order to support more frequent and iterative deployment of the system
    • e.g. We will need to maximize our use of automation (build, test, and deploy) in order to maximize what we can deliver in each sprint (Note: the ROI on automation is much higher when we deliver in sprints than in a one-and-done delivery because we are iterating repeatedly over the course of the project
    • e.g. We will need to quickly stand-up environments (dev, test, prod, etc.) and to make changes/enhancements to these environments quickly (it makes sense to leverage infrastructure as a service [IaaS] techniques here)
    • e.g. We will need to automate our security related testing (e.g. static and dynamic security testing, penetration testing, etc.) so that it can be run repeatedly before each release moves into production. We may need to evolve this automated testing with each sprint depending on what new features/functions are being delivered in each release

    How difficult would this be to achieve in your organization? (1-easy, 10-next to impossible)

    e.g. 8

    Output

    • Understand how your organization would deliver a large project in two phases

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.3.6 (Optional) Define the steps to reach your target state

    30 minutes

    1. From Exercises 2.3.1-2.3.5, identify your current state on the stepwise transition from traditional to Agile (e.g. one-and-done).
    2. Then, identify your desired future state (e.g. 24 one-month sprints with six-month releases).
    3. Now, review your people, process, and technology changes identified in Exercises 2.3.1-2.3.5 and create a roadmap for this transition using the table on the next slide.

    Identify your current state from Exercises 2.3.1-2.3.5

    e.g. One-and-done

    Identify your desired state from Exercises 2.3.1-2.3.5

    e.g. 24x1 Month Sprints

    Output

    • A roadmap and timeline for adopting a more Agile delivery approach

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.3.6 (Optional) Define the steps to reach your target state

    30 minutes

    1. Fill in the table below with your next steps. Identify who will be responsible for each step along with the timeline for completion: "Now" refers to steps you will take in the immediate future (e.g. days to weeks), "Next" refers to steps you will take in the medium term (e.g. weeks to months), and "Later" refers to long-term items (e.g. months to years).

    Now

    Next Later

    What are you going to do now?

    What are you going to do very soon?

    What are you going to do in the future?

    Roadmap Item

    Who

    Date

    Roadmap Item

    Who

    Date

    Roadmap Item

    Who

    Date

    Work with Stakeholders to identify a product owner for the project.

    AC

    Jan 1

    Break down full deliverable into 4 phases with high level requirements for each phase

    DL

    Feb 15

    Work with operations to set up Dev, Test, Pre-Prod, and Prod environments for first phase (make use of automation/scripting)

    DL

    Apr 15

    Work with PO and stakeholders to help them understand Agile approach

    Jan 15

    Work with PO to create a project backlog for the first phase deliverable

    JK

    Feb 28

    Work with QA group to select and implement test automation for the project (start with smoke and regression tests)

    AC

    Apr 30

    Work with project gating body, architecture, infosec and operations to agree on incremental deliveries for the project and streamlined activities to get there

    AC

    Mar 15

    Record the results in the Roadmap for Transition to Agile Template

    Output

    • A roadmap and timeline for adopting a more Agile delivery approach

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Step 2.4

    Identify insights and team feedback

    Activities

    2.4.1 Identify key insights and takeaways
    2.4.2 Perform an exit survey

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Identify your key insights and takeaways from Phase 2

    Exercise 2.4.1 Identify key insights and takeaways

    30 minutes

    1. As a group, discuss and capture your thoughts on:
      1. What key insights have participants gained from the intro to Agile presentation?
      2. What if any takeaways do participants feel are needed as a result of the presentation?
      3. What changes need to be made in the organization to support/enhance Agile adoption?
    2. Capture your findings in the table below:
    What key insights have you gained? What takeaways have you identified?
    • (e.g. better understanding of Agile mindset, principles, and practices)
    • (e.g. how you can improve/spread Agile practices in the organization)

    Output

    • A better understanding of Agile principles and practices
    • Action items that will help solidify Agile practices in the organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Exercise 2.4.2 Perform an exit survey

    30 minutes

    1. Wrap up this section by addressing any remaining questions participants still have.
    2. Create your local exit survey by copying the template using the link below. Then copy and distribute your local survey link.
    3. Collect the consolidated survey results in preparation for your next steps.
    4. NOTE: Using this survey template requires having access to Microsoft Forms. If you cannot access Microsoft Forms, an Info-Tech analyst can send the survey for you. Alternatively, this survey can be done with sticky notes and a pen and paper to calculate the outcomes.

    Download Survey Template:

    Develop Your Agile Approach Exit Survey Template

    Output

    • A better understanding of Agile principles and practices
    • Action items that will help solidify Agile practices in the organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Agile Modules

    Prioritize Agile support with your top challenges

    Backlog Management

    Scrum Simulation

    Estimation

    Product Owner

    Product Roadmapping

    1: User stories and the art of decomposition

    2: Effective backlog management & refinement

    3: Identify insights and team feedback

    1: Scrum sprint planning and retrospective simulation

    2: Pass the balls – sprint velocity game

    1: Improve product backlog item estimation

    2: Agile estimation fundamentals

    3: Understand the wisdom of crowds

    4: Identify insights and team feedback

    1: Understand product management fundamentals

    2: The critical role of the product owner

    3: Manage effective product backlogs and roadmaps

    4: Identify insights and team feedback

    1: Identify your product roadmapping pains

    2: The six "tools" of product roadmapping

    3: Product roadmapping exercise

    Organizations often struggle with numerous pain points around Agile delivery.
    The Common Agile Challenges Survey results will help you identify and prioritize the organization's biggest (most cited) pain points. Treat these pain points like a backlog and address the biggest ones first.

    Agile modules provide supporting activities:
    Each module provides guidance and supporting activities related to a specific Agile challenge from your survey. These modules can be arranged to meet each organization's or team's needs while providing cohesive and consistent messaging. For additional supporting research, please visit the Agile / DevOps Resource Center.
    This phase involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Backlog Management Module

    Manage your backlog effectively

    Activities

    Backlog 1.1 Identify your backlog and user story decomposition pains
    Backlog 1.2 What are user stories and why do we use them?
    Backlog 1.3 User story decomposition: password reset
    Backlog 1.4 (Optional) Decompose a real epic

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • A better understanding of backlog management and user story decomposition.

    Backlog Exercise 1.1 Identify your backlog and user story decomposition pains

    30-60 minutes

    1. As a group, discuss and capture your thoughts on:
      1. What specific challenges you are facing with backlog management
      2. What specific challenges you are facing with user story decomposition
    1. Capture your findings in the table below:

    What are your specific backlog management and user story decomposition challenges?

    • (e.g. We have trouble telling the difference between epics, features, user stories, and tasks)
    • (e.g. We often don't finish all user stories in a sprint because some of them turn out to be too big to complete in one sprint)

    Output

    • Your specific backlog management and user story decomposition challenges

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    User stories and the art of decomposition

    User stories are core to Agile delivery.

    Good user story decomposition practices are key to doing Agile effectively.

    Agile doesn't use traditional "shoulds" and "shalls" to capture requirements

    Backlog Exercise 1.2 What are user stories and why do we use them?

    30-60 minutes

    1. User stories are a simple way of capturing requirements in Agile and have the form:

    Why do we capture requirements as user stories (what value do they provide)?

    How do they differ from traditional (should/shall) requirements (and are they better)?

    What else stands out to you about user stories?

    as a someone I want something so that achieve something.

    Example:
    As a banking customer, I want to see the current balance of my accounts so that I can know how much money I have in each account.

    Output

    • A better understanding of user stories and why they are used in Agile delivery

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    User stories are "placeholders for conversations"

    User stories enable collaboration and conversations to fully determine actual business requirements over time.

    e.g. As a banking customer, I want to see the current balance of my accounts so that I can know how much money I have in each account.

    Requirements, determined within the iterations, outline the steps to complete the story: how the user will access their account, the types of funds allowed, etc.

    User stories allow the product owners to prioritize and manage the product needs (think of them as "virtual sticky notes").

    User stories come in different "sizes"

    These items form a four-level hierarchy: epics, features, user stories, and tasks.
    They are collectively referred to as product backlog items or (PBIs)

    A table with the following headings: Agile; Waterfall; Relationship; Definition

    The process of taking large PBIs (e.g. epics and features) and breaking them down in to small PBIs (e.g. user stories and tasks) is called user story decomposition and is often challenging for new-to-Agile teams

    Backlog Exercise 1.3 User story decomposition: password reset

    30-60 minutes

    1. As a group, consider the following feature, which describes a high-level requirement from a hypothetical system:
      • FEATURE: As a customer, I want to be able to set and reset my password, so that I can transact with the system securely.
    2. Imagine your delivery team tells you that this is user story is too large to complete in one sprint, so they have asked you to decompose it into smaller pieces. Work together to break this feature down into several smaller user stories:
    User Story 1: User Story 2: User Story 3:
    As A I Want So That. As A I Want So That. As A I Want So That.

    Output

    • An epic which has been decomposed into smaller user stories which can be completed independently

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Backlog Exercise 1.3 User story decomposition: password reset

    Epic: As a customer, I want to be able to set and reset my password, so that I can transact securely.

    A single epic can be broken down into multiple user stories

    User Story 1: User Story 2: User Story 3: User Story 4:
    This is a picture of user story 1 This is a picture of user story 2 This is a picture of user story 3 This is a picture of user story 4

    Acceptance Criteria:
    Given that the customer has a password that they want to change,
    When the administrator clicks reset password on the admin console,
    Then the system will change the password and send it to the user.

    Acceptance Criteria:
    Given that the customer has a password that they want to change,
    When they click reset password in the system,
    Then the system will allow them to choose a new password and will save it the password and send it to the user.

    Acceptance Criteria:
    Given that the customer has not logged onto the system before,
    When they initially log in,
    Then the system will prompt them to change their password.

    Acceptance Criteria:
    Given that a password is stored in the database,
    When anyone looks at the password field in the database,
    Then the actual password will not be visible or easily decrypted.

    Are enablers included in your backlogs? Should they be?

    An enabler is any support activity needed to provide the means for future functionality. Enablers build out the technical foundations (e.g. architecture) of the product and uphold technical quality standards.

    Your audience will dictate the level of detail and granularity you should include in your enabler, but it is a good rule of thumb to stick to the feature level.

    Enablers

    Description

    Enabler Epics

    Non-functional and other technical requirements that support your features (e.g. data and system requirements)

    Enabler Capabilities of Features

    Enabler Stories

    Consider the various types of enabler

    Exploration

    Architectural

    Any efforts toward learning customer or user needs and creation of solutions and alternatives. Exploration enablers are heavily linked to learning milestones.

    Any efforts toward building components of your architecture. These will often be linked to delivery teams other than your pure development team.

    Infrastructure

    Compliance

    Any efforts toward building various development and testing environments. Again, these are artifacts that will relate to other delivery teams.

    Any efforts toward regulatory and compliance requirements in your development activities. These can be both internal and external.

    Source: Scaled Agile, "Enablers."

    Create, split, and bundle your PBIs

    The following questions can be helpful in dissecting an epic down to the user story level. The same line of thinking can also be useful for bundling multiple small PBIs together.

    An image showing how to Create, split, and bundle your PBIs

    Backlog Exercise 1.4 (Optional)
    Decompose a real epic

    30 minutes

    1. As a group, select a real epic or feature from one of your project backlogs which needs to be decomposed:
    2. Work together to decompose this epic down into several smaller features and/or user stories (user stories must be small enough to reasonably be completed within a sprint):

    Epic to be decomposed:

    As a ____ I want _____ so that ______

    User Story 1: User Story 2: User Story 3:
    As A I Want So That. As A I Want So That. As A I Want So That.

    Output

    • A real epic from your project backlog which has been decomposed into smaller features and user stories

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Backlog Management Module

    Manage your backlog effectively

    Activities

    Backlog 2.1 Identify enablers and blockers

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Backlog PBI filters.
    • A better understanding of backlog types and levels.

    Effective backlog management and refinement

    Working with a tiered backlog

    an image showing the backlog tiers: New Idea; Ideas; Qualified; Ready - sprint.

    Use a tiered approach to managing your backlog, and always work on the highest priority items first.

    Distinguish your specific goals for refining in the product backlog vs. planning for a sprint itself

    Often backlog refinement is used interchangeably or considered a part of sprint planning. The reality is they are very similar, as the required participants and objectives are the same however, there are some key differences.

    An image of a Venn diagram comparing Backlog Refinement to sprint Planning.

    A better way to view them is "pre-planning" and "planning."

    A backlog stores and organizes PBIs at various stages of readiness

    A well-formed backlog can be thought of as a DEEP backlog:

    • Detailed Appropriately: Product backlog items (PBIs) are broken down and refined as necessary.
    • Emergent: The backlog grows and evolves over time as PBIs are added and removed.
    • Estimated: The effort a PBI requires is estimated at each tier.
    • Prioritized: The PBIs value and priority are determined at each tier.

    (Perforce, 2018)

    An image showing the Ideas; Qualified; Ready; funnel leading to the sprint approach.

    Backlog tiers facilitate product planning steps

    An image of the product planning steps facilitated by Backlog Tiers

    Each activity is a variation of measuring value and estimating effort to validate and prioritize a PBI.

    A PBI meets our definition of done and passes through to the next backlog tier when it meets the appropriate criteria. Quality filters should exist between each tier.

    Backlog Exercise 2.1 Build a starting checklist of quality filters

    60 minutes

    1. Quality filters provide a checklist to ensure each Product Backlog Item (PBI) meets our definition of Done and is ready to move to the next backlog group (status).
    2. Create a checklist of basic descriptors that must be completed between each backlog level.
    3. If you completed this exercise in a different Module, review and update it here.
    4. Use this information to start your product strategy playbook in Deliver on Your Digital Product Vision.

    An image of the backlog tiers, identifying where product backlog and sprint backlog are

    Output

    • List of enablers and blockers to establishing product owners

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Outline the criteria to proceed to the next tier via quality filters

    Expand the concepts of defining "ready" and "done" to include the other stages of a PBIs journey through product planning.

    An image showing the approach you will use to Outline the criteria to proceed to the next tier via quality filters

    Info-Tech Insight: A quality filter ensures quality is met and teams are armed with the right information to work more efficiently and improve throughput.

    Define product value by aligning backlog delivery with roadmap goals

    In each product plan, the backlogs show what you will deliver. Roadmaps identify when and in what order you will deliver value, capabilities, and goals.

    Facilitator slides: Explaining MVP

    Notes and Instructions

    The primary intent of this exercise is to explain the complex notion of MVP (it is one of the most misunderstood and contentious issues in Agile delivery). The exercise is intended to explain it in a simple and digestible way that will fundamentally change participants' understanding of MVP.

    Note that the slide contains animations.

    Imagine that your stakeholder tells you they want a blue 4-door sedan (consider this our "MVP" at this point), and you decide to build it the traditional way. As you build it (tires, then frame, then body, then joint body with frame and install engine), the stakeholder doesn't have anything they can use, and so they are only happy (and able to get value) at the end when the entire car is finished (point out the stakeholder "faces" go from unhappy to happy in the end).
    Animation 1:
    When we use Agile methods, we don't want to wait until the end before we have something the stakeholders can use. So instead of waiting until the entire car is completed, we decide our first iteration will be to give the stakeholder "a simple (blue) wheeled transportation device"…namely a skateboard that they can use for a little while (it's not a car, but it is something the stakeholder can use to get places).
    Animation 2:
    After the stakeholder has tried out the skateboard, we ask for feedback. They tell us the skateboard helped them to get around faster than walking, but they don't like the fact that it is so hard to maintain your balance on it. So, we add a handle to the skateboard to turn it into a scooter. The stakeholder then uses the scooter for a while. Stakeholder feedback says staying balanced on the scooter is much easier, but they don't have a place to put groceries when they go shopping, so can we do something about that?
    (Continued on next slide…)

    Facilitator slides: Explaining MVP

    Notes and Instructions
    Animation 3:
    Next, we build the stakeholder a bicycle and let them use it for a while before asking for feedback. The stakeholder tells us they love the bicycle, but they admit they get tired on long trips, so is there something we can do about that?
    Animation 4:
    So next we add a motor to the bicycle to turn it into a motorcycle, and again we give it to the stakeholder to use for a while. When we ask the stakeholder for feedback, they tell us that they love the motorcycle so much because they love the feeling of the wind in their hair, they've decided that they no longer want a 4-door sedan, but instead would prefer a blue 2-door convertible.
    Animation 5:
    And so, for our last iteration, we build the stakeholder what they actually wanted (a blue 2-door convertible) instead of what they asked for (a blue 4-door sedan), and we see that they are happier than they would have been if we had delivered the traditional way.

    INSIGHTS:

    • An MVP cannot be fully known at the beginning of a project (it is the "journey" of creating the MVP with stakeholders that defines what it looks like in the end).
    • Sometimes, stakeholders don't (or can't) know what they want until they see it.
    • There is no "straight path" to your MVP, you determine the path forward based on what you learned in the previous iterations.
    • This approach is part of the "power of Agile" and demonstrates why Agile can produce better outcomes and happier stakeholders.

    Understanding minimum viable product

    NOT Like This:

    This is a series of images. The top half of the image, shows building a car by starting with the wheels. The bottom Image shows the progression from skateboard, to scooter, to bike, to motorcycle, to car.

    It's Like This:

    Use iterations to maximize value delivery

    An image showing how to use iterations to maximize value delivery.

    Use iterations to reduce accumulated risk

    An image showing how to use iterations to reduce accumulated risk.

    Understanding MVP
    (always be ready to go live)

    A great and wise pharaoh hires two architects to build his memorial pyramids.

    An image shows two architects contribution to pyramid construction.

    Understanding MVP
    (always be ready to go live)

    Several years go by, and then…

    The pharaoh is on his death bed.

    Backlog Management Module

    Manage your backlog effectively

    Activities

    Backlog 3.1 Identify key insights and takeaways
    Backlog 3.2 Perform exit survey and capture results

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Identify your key insights and takeaways.

    Backlog Exercise 3.1 Identify key insights and takeaways

    30 minutes

    1. As a group, discuss and capture your thoughts on:
      1. What key insights have participants gained from the Intro to Agile presentation?
      2. What if any takeaways do participants feel are needed as a result of the presentation?
      3. What changes need to be made in the organization to support/enhance Agile adoption?
    2. Capture your findings in the table below:

    What key insights have you gained?

    What takeaways have you identified?

    • (e.g. better understanding of Agile mindset, principles, and practices)
    • (e.g. how you can improve/spread Agile practices in the organization)

    Output

    • A better understanding of Agile principles and practices
    • Action items that will help solidify Agile practices in the organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Backlog Exercise 3.2 Perform an exit survey

    30 minutes

    1. Wrap up this section by addressing any remaining questions participants still have.
    2. Create your local exit survey by copying the template using the link below. Then copy and distribute your local survey link.
    3. Collect the consolidated survey results in preparation for your next steps.
    4. NOTE: Using this survey template requires having access to Microsoft Forms. If you cannot access Microsoft Forms, an Info-Tech analyst can send the survey for you. Alternatively, this survey can be done with sticky notes and a pen and paper to calculate the outcomes.

    Output

    • A better understanding of Agile principles and practices
    • Action items that will help solidify Agile practices in the organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Download Survey Template:

    Develop Your Agile Approach Exit Survey Template

    Agile Modules

    Prioritize Agile support with your top challenges

    Backlog Management

    Scrum Simulation

    Estimation

    Product Owner

    Product Roadmapping

    1: User stories and the art of decomposition

    2: Effective backlog management & refinement

    3: Identify insights and team feedback

    1: Scrum sprint planning and retrospective simulation

    2: Pass the balls – sprint velocity game

    1: Improve product backlog item estimation

    2: Agile estimation fundamentals

    3: Understand the wisdom of crowds

    4: Identify insights and team feedback

    1: Understand product management fundamentals

    2: The critical role of the product owner

    3: Manage effective product backlogs and roadmaps

    4: Identify insights and team feedback

    1: Identify your product roadmapping pains

    2: The six "tools" of product roadmapping

    3: Product roadmapping exercise

    Organizations often struggle with numerous pain points around Agile delivery.
    The Common Agile Challenges Survey results will help you identify and prioritize the organization's biggest (most cited) pain points. Treat these pain points like a backlog and address the biggest ones first.

    Agile modules provide supporting activities:
    Each module provides guidance and supporting activities related to a specific Agile challenge from your survey. These modules can be arranged to meet each organization's or team's needs while providing cohesive and consistent messaging. For additional supporting research, please visit the Agile / DevOps Resource Center.
    This phase involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Scrum Simulation Module

    Scrum sprint planning and retrospective simulation

    Activities

    1.1 Identify your scrum pains
    1.2 Review scrum simulation intro
    1.3 Create a mock backlog
    1.4 Review sprint 0
    1.5 Determine a budget and timeline
    1.6 Understand minimum viable product
    1.7 Plan your first sprint
    1.8 Do a sprint retrospective
    1.9 "What if" exercise (understanding what a fluid backlog really means)
    1.10 A sprint 1 example
    1.11 Simulate more sprints

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • A better understanding of Scrum (particularly backlog management and user story decomposition).

    Facilitator slides: Scrum Simulation Introduction

    Introduction Tab

    Talk to the nature of the Scrum team:

    • Collective ownership/responsibility for delivery.
    • The organization has given you great power. With great power comes great responsibility.
    • You may each be specialists in some way, but you need to be prepared to do anything the project requires (no one goes home until everyone can go home).
    • Product owner: Special role, empowered by the organization to act as a single, authoritative voice for stakeholders (again great power/responsibility), determines requirements and priorities, three ears (business/stakeholders/team), holds the vision for the project, answer questions from the team (or finds someone who can answer questions), must balance autonomy with stakeholder needs, is first among equals on the Scrum team, is laser-focused on getting the best possible outcome with the resources, money, and circumstances ← PO acts as the "pathfinder" for the project.
    • Talk about the criticality and qualities of the PO: well-respected, highly collaborative, wise decision maker, a "get it done" type (healthy bias toward immediacy), has a vision for product, understands stakeholders, can get stakeholders' attention when needed, is dedicated full-time to the project, can access help when needed, etc.
    • The rest of you are the delivery team (have avoided singling out an SM for this – not needed for the exercise – but SM is the servant leader/orchestra conductor for the delivery team. The facilitator should act as a pseudo-SM for this exercise).

    Speak about the "bank realizes that the precise scope of the first release can only be fully known at the end of the project" statement and what it means.

    Discuss exercise and everyone's roles (make sure everyone clear), make it as realistic as possible. Your level of participation will determine how much value you get.

    Discuss any questions the participants might have about the background section on the introduction tab. The exercise has been defined in a way that minimizes the scope and complexity of the work to be done by assuming there are existing web-capable services exposed to the bank's legacy system(s) and that the project is mostly about putting a deployable web front end in place.

    Speak about "definition of done": Why was it defined this way? What are the boundaries? What happens if we define it to be only up to unit testing?

    Facilitator slides: Scrum Simulation, Create a Mock Backlog

    Create a Mock Backlog Tab

    This exercise is intended to help participants understand the steps involved in creating an initial backlog and deciding on their MVP.

    Note: The output from this exercise will not be used in the remainder of the simulation (a backlog for the simulation already exists on tab Sprint 0) so don't overdo it on this exercise. Do enough to help the participants understand the basic steps involved (brainstorm features and functions for the app, group them into epics, and decide which will be in- and out-of-scope for MVP). Examples have been provided for all steps of this exercise and are shown in grey to indicate they should be replaced by the participants.

    Step 1: Have all participants brainstorm "features and functions" that they think should be available in the online banking app (stop once you have what feels like a "good enough" list to move on to the next step) – these do not need to be captured as user stories just yet.

    Step 2: Review the list of features and functions with participants and decide on several epics to capture groups of related features and functions (bill payments, etc.). Think of these as forming the high-level structure of your requirements. Now, organize all the features and functions from Step 1, into their appropriate epic (you can identify as many epics as you like, but try to keep them to a minimum).

    Step 3: Point out that on the Introduction tab, you were told the bank wants the first release to go live as soon as possible. So have participants go over the list of features and functions and identify those that they feel are most important (and should therefore go into the first release – that is, the MVP), and which they would leave for future releases. Help participants think critically and in a structured way about how to make these very hard decisions. Point out that the product owner is the ultimate decision maker here, but that the entire team should have input into the decision. Point out that all the features and functions that make up the MVP will be referred to as the "project backlog," and all the rest will be known as the "product backlog" (these are of course, just logical separations, there is only one physical backlog).

    Step 4: This step is optional and involves asking the participants to create user stories (e.g. "As a __, I want ___ so that ___") for all the epics and features and functions that make up their chosen MVP. This step is to get them used to creating user stories, because they will need to get used to doing this. Note that many who are new to Agile often have difficulty writing user stories and end up overdoing it (e.g. providing a long-winded list of things in the "I want ___" part of the user story for an epic) or struggling to come up with something for the "so that ____" part). Help them to get good at quickly capturing the gist of what should be in the user story (the details come later).

    Facilitator slides: Scrum Simulation, Budget and Timeline

    Project Budget and Timeline

    Total Number of Sprints = 305/20 = 15.25 → ROUND UP TO 16 (Why? You can't do a "partial sprint" – plus, give yourself a little breathing room.)

    Cost Per Sprint = 6 x $75 x 8 x 10 = $36,000

    Total Timeline = 16 * 2 = 32 Weeks

    Total Cost of First Release = $36,000 x 16 = $572,000

    Talk about the "commitment" a Scrum delivery team makes to the organization ("We can't tell you exactly what we will deliver, but based on what we know, if you give the team 32 weeks, we will deliver something like what is in the project backlog – subject to any changes our stakeholder tell us are needed"). Most importantly, the team commits to doing the most important backlog items first, so if we run out of time, the unfinished work will be the least valuable user stories. Lastly, to keep to the schedule/timeline, items may move in and out of the project backlog – this is part of the normal and important "horse trading" that takes place on health Agile projects.

    Speak to the fact that this approach allows you to provide a "deterministic" answer about how long a project will take and how much it will cost while keeping the project requirements flexible.

    Facilitator slides: Scrum Simulation, Sprint 0

    Sprint 0 Tab

    This is an unprioritized list, organized to make sense, and includes a user story (plus some stuff), and "good enough estimates" – How good?... Eh! (shoulder shrug)
    Point out the limited ("lazy") investment → Agile principle: simplicity, the art of maximizing the work not done.
    Point out that only way to really understand a requirement is to see a working example (requirements often change once the stakeholders see a working example – the "that's not what I meant" factor).

    Estimates are a balancing act (good enough that we understand the overall approximate size of this, and still acknowledges that more details will have to wait until we decide to put that requirement into a Sprint – remember, no one knows how long this project is going to take (or even what the final deliverable will look like) so don't over invest in estimates here.)

    Sprint velocity calculation is just a best guess → be prepared to find that your initial guess was off (but you will know this early rather than at the end of the project). This should lead to a healthy discussion about why the discrepancy is happening (sprint retrospectives can help here). Note: Sprint velocity doesn't assume working evenings and weekends!

    Speak to the importance of Sprint velocity being based on a "sustainable pace" by the delivery team. Calculations that implicitly expect sustained overtime in order to meet the delivery date must be avoided. Part of the power of Agile comes from this critical insight. Critical → Your project's execution will need to be adjusted to accommodate the actual sprint velocity of the team!

    Point out the "project backlog" and separation from the "product backlog" (and no sprint backlog yet!).

    Point out the function/benefits of the backlog:

    • A single holding place for all the work that needs to be done (so you don't forget/ignore anything).
    • Can calculate how much work is left to do.
    • A mechanism for prioritizing deliverables.
    • A list of placeholders for further discussion.
    • An evolving list that will grow and shrink over time.
    • A "living document" that must be maintained over the course of the project.

    Talk about large items in backlog (>20 pts) and how to deal with them (do we need to break them up now?).

    Give participants time to review the backlog: Questions/What would you be doing if this were real/We're going to collectively work through this backlog.
    Sprint 0 is your opportunity to: get organized as a team, do high level design, strategize on approach, think about test data, environments, etc. – it is the "Ready-Set" in "Ready-Set-Go."
    Think about doing a High/Med/Low value determination for each user story.

    Simulation Exercise 1.1 Identify your Scrum pains

    30 minutes

    1. As a group, discuss and capture your thoughts on:
      • What specific challenges are you facing with your Scrum practices?
    2. Capture your findings in the table below:

    What are your specific Scrum challenges?

    • (e.g. We don't know how to decide on our minimum viable product (MVP), or what to start working on first)
    • (e.g. We don't have a product owner assigned to the project)
    • (e.g. Our daily standups often take 30-60 minutes to complete)
    • (e.g. We heard Scrum was supposed to reduce the number of meetings we have, but instead, meetings have increased)
    • (e.g. We don't know how to determine the budget for an Agile project)

    Output

    • Your specific Scrum related challenges

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Simulation Exercise 1.2 Review Scrum Simulation intro

    30 minutes

    1. Ask participants to read the Introduction tab in the Scrum Simulation Exercise(5 minutes)
    2. Discuss and answer any questions the participants may have about the introduction (5 minutes)
    3. Discuss the approach your org would use to deliver this using their traditional approach (5 minutes)

    This is an image of the Introduction tab in the Scrum Simulation Exercise

    How would your organization deliver this using their traditional approach?

    1. Capture all requirements in a document and get signoff from stakeholders
    2. Create a detailed design for the entire system
    3. Build and test the system
    4. Deploy it into production

    Note: Refer to the facilitator slides for more guidance on how to deliver this exercise

    Simulation Exercise 1.3 Create a mock backlog

    30-60 minutes

    Step 1: Brainstorm "Features and Functions" that the group feels would be needed for this app

    Capture anything that you feel might be needed in the Online Banking Application:

    • See account balances
    • Pay a bill online
    • Set up payees for online bill payments
    • Make a deposit online
    • See a history of account transactions
    • Logon and logoff
    • Make an e-transfer
    • Schedule a bill payment for the future
    • Search for a transaction by payee/date/amount/etc.
    • Register for app
    • Reset password

    Note: Refer to the facilitator slides for more guidance on how to deliver this exercise

    Output

    • Create a mock initial backlog for the simulated project

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Simulation Exercise 1.3 Create a mock backlog

    30-60 minutes

    Step 2: Identify your epics

    1. Categorize your "Features and Functions" list into several epics for the application:

    Epics

    "Features and Functions" in This Epic

    Administration

    - Logon and logoff
    - Register for app
    - Reset password

    Accounts

    - See account balances
    - See a history of account transactions
    - Search for a transaction by payee/date/amount

    Bill payments

    - Set up payees for online bill payments
    - Pay a bill online
    - Schedule a bill payment for the future

    Deposits

    - Make a deposit online

    E-transfers

    - Make an e-transfer

    Note: Refer to the facilitator slides for more guidance on how to deliver this exercise

    Output

    • Create a mock initial backlog for the simulated project

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Simulation Exercise 1.3 Create a mock backlog

    30-60 minutes

    Step 3: Identify your MVP

    1. Decide which "Features and Functions" will be in your MVP and which will be delivered in future releases:

    YOUR MVP (Project Backlog)

    Epics

    "Features and Functions" in This Epic

    Administration

    - Logon and logoff
    - Register for app

    Accounts

    - See account balances
    - See a history of account transactions

    Bill payments

    - Set up payees for online bill payments
    - Pay a bill online

    FOR FUTURE RELEASES (Product Backlog)

    Epics

    In Scope

    Deposits- Make a deposit online
    Accounts- Search for a transaction by payee/date/amount/etc.
    Bill payments- Schedule a bill payment for the future

    Note: Refer to the facilitator slides for more guidance on how to deliver this exercise

    Output

    • Create a mock initial backlog for the simulated project

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Simulation Exercise 1.3 Create a mock backlog

    30-60 minutes

    Step 3: Identify your MVP

    1. Decide which "Features and Functions" will be in your MVP and which will be delivered in future releases:

    YOUR MVP EPICS

    Epics

    "Features and Functions" in This Epic

    Administration

    - Logon and logoff
    - Register for app

    Accounts

    - See account balances
    - See a history of account transactions

    Bill payments

    - Set up payees for online bill payments
    - Pay a bill online

    YOUR MVP USER STORIES

    Epics

    In Scope

    Logon and LogoffAs a user, I want to logon/logoff the app so I can do my banking securely
    Register for AppAs a user, I want to register to use the app so I can bank online
    See Account BalancesAs a user, I want to see my account balances so that I know my current financial status
    See a History of Account TransactionsAs a user, I want to see a history of my account transactions, so I am aware of where my money goes
    Set up Payees for Online Bill PaymentsAs a user, I want to set up payees so that I can easily pay my bills
    Pay a Bill OnlineAs a user, I want to pay bills online, so they get paid on time

    Note: Refer to the facilitator slides for more guidance on how to deliver this exercise

    Output

    • Create a mock initial backlog for the simulated project

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Simulation Exercise 1.4 Review
    Sprint 0

    The Online Banking Application of the spreadsheet for Sprint 0.

    Step 1: Set aside the Mock Backlog just created (you will be using the Backlog on Sprint 0 for remainder of exercise).
    Step 2: Introduce and walk through the Backlog on the Sprint 0 tab in the Scrum Simulation Exercise.
    Step 3: Discuss and answer any questions the participants may have about the Sprint 0 tab.
    Step 4: Capture any important issues or clarifications from this discussion in the table below.

    Important issues or clarifications from the Sprint 0 tab:

    • (e.g. What is the difference between the project backlog and the product backlog?)
    • (e.g. What do we do with user stories that are bigger than our sprint velocity?)
    • (e.g. Has the project backlog been prioritized?)
    • (e.g. How do we decide what to work on first?)

    Note: Refer to the facilitator slides for more guidance on how to deliver this exercise

    Output

    • Understand Sprint 0 for Scrum Simulation Exercise

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Simulation Exercise 1.4 Review
    Sprint 0

    30-60 minutes

    1. Using the information found on the Sprint 0 tab, determine the projected timeline and cost for this project's first release:

    GIVEN

    Total Story Points in Project Backlog (First Release): 307 Story Points
    Expected Sprint Velocity: 20 Story Points/Sprint
    Total Team Size (PO, SM and 4-person Delivery Team): 6 People
    Blended Hourly Rate Per Team Member (assume 8hr day): $75/Hour
    Sprint Duration: 2 Weeks

    DETERMINE

    Expected Number of Sprints to Complete Project Backlog:
    Cost Per Sprint ($):
    Total Expected Timeline (weeks):
    Total Cost of First Release:

    Note: Refer to the facilitator slides for more guidance on how to deliver this exercise

    Output

    • How to determine expected cost and timeline for an Agile project

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    The Estimation Cone of Uncertainty

    The Estimation Cone of Uncertainty

    Simulation Exercise 1.6 Understanding minimum viable products (MVP)

    30 minutes

    1. Discuss your current understanding of MVP.

    How do you describe/define MVP?

    • (Discuss/capture your understanding of minimum viable product)

    Note: Refer to the facilitator slides for more guidance on how to deliver this exercise

    Output

    • Capture your current understanding of Minimum Viable Product

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Facilitator slides: Explaining MVP

    Notes and Instructions

    The primary intent of this exercise is to explain the complex notion of MVP (it is one of the most misunderstood and contentious issues in Agile delivery). The exercise is intended to explain it in a simple and digestible way that will fundamentally change participants' understanding of MVP.
    Note that the slide contains animations.

    Imagine that your stakeholder tells you they want a blue 4-door sedan (consider this our "MVP" at this point), and you decide to build it the traditional way. As you build it (tires, then frame, then body, then joint body with frame and install engine), the stakeholder doesn't have anything they can use, and so they are only happy (and able to get value) at the end when the entire car is finished (point out the stakeholder "faces" go from unhappy to happy in the end).

    Animation 1:
    When we use Agile methods, we don't want to wait until the end before we have something the stakeholders can use. So instead of waiting until the entire car is completed, we decide our first iteration will be to give the stakeholder "a simple (blue) wheeled transportation device"…namely a skateboard that they can use for a little while (it's not a car, but it is something the stakeholder can use to get places).

    Animation 2:
    After the stakeholder has tried out the skateboard, we ask for feedback. They tell us the skateboard helped them to get around faster than walking, but they don't like the fact that it is so hard to maintain your balance on it. So, we add a handle to the skateboard to turn it into a scooter. The stakeholder then uses the scooter for a while. stakeholder feedback says staying balanced on the scooter is much easier, but they don't have a place to put groceries when they go shopping, so can we do something about that?

    (Continued on next slide…)

    Facilitator slides: Explaining MVP

    Notes and Instructions

    Animation 3:
    So next we build the stakeholder a bicycle and let them use it for a while before asking for feedback. The stakeholder tells us they love the bicycle, but they admit they get tired on long trips, so is there something we can do about that?

    Animation 4:
    So next we add a motor to the bicycle to turn it into a motorcycle, and again we give it to the stakeholder to use for a while. When we ask the stakeholder for feedback, they tell us that they LOVE the motorcycle so much, and that because they love the feeling of the wind in their hair, they've decided that they no longer want a 4-door sedan, but instead would prefer a blue 2-door convertible.

    Animation 5:
    And so, for our last iteration, we build the stakeholder what they wanted (a blue 2-door convertible) instead of what they asked for (a blue 4-door sedan), and we see that they are happier than they would have been if we had delivered the traditional way.

    INSIGHTS:
    An MVP cannot be fully known at the beginning of a project (it is the "journey" of creating the MVP with stakeholders that defines what it looks like in the end).
    Sometimes, stakeholders don't (or can't) know what they want until they see it.
    There is no "straight path" to your MVP, you determine the path forward based on what you learned in the previous iterations.
    This approach is part of the "power of Agile" and demonstrates why Agile can produce better outcomes and happier stakeholders.

    Understanding minimum viable product

    NOT Like This:

    This is a series of images. The top half of the image, shows building a car by starting with the wheels. The bottom Image shows the progression from skateboard, to scooter, to bike, to motorcycle, to car.

    It's Like This:

    Use iterations to maximize value delivery

    An image showing how to use iterations to maximize value delivery

    Use iterations to reduce accumulated risk

    An image showing how to use iterations to reduce accumulated risk.

    Understanding MVP
    (always be ready to go live)

    A great and wise pharaoh hires two architects to build his memorial pyramids.

    An image shows two architects contribution to pyramid construction.

    Understanding MVP
    (always be ready to go live)

    Several years go by, and then…

    The pharaoh is on his death bed.

    Simulation Exercise 1.7 Plan your first sprint

    30-60 minutes

    Step 1: Divide participants into independent Scrum delivery teams (max 7-8 people per team) and assign a PO (5 minutes)
    Step 2: Instruct each team to work together to decide on their "MVP strategy" for delivering this project (10-15 minutes)
    Step 3: Have each team decide on which user stories they would put in their first sprint backlog (5-10 minutes)
    Step 4: Have each team report on their findings. (10 minutes)

    Describe your team's "MVP strategy" for this project (Explain why you chose this strategy):

    Identify your first sprint backlog (Explain how this aligns with your MVP strategy):

    What, if anything, did you find interesting, insightful or valuable by having completed this exercise:

    Output

    • Experience deciding on an MVP strategy and creating your first sprint backlog

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Simulation Exercise 1.8 Do a sprint retrospective

    30-60 minutes

    Step 1: Thinking about the work you did in Exercise 3.2.7, identify what worked well and what didn't
    Step 2: Create a list of "Start/Stop/Continue" items using the table below
    Step 3: Present your list and discuss with other teams

    1. Capture findings in the table below:

    Start:
    (What could you start doing that would make Sprint Planning work better?)

    Stop:
    (What didn't work well for the team, and so you should stop doing it?)

    Continue:
    (What worked well for the team, and so you should continue doing?)

    Output

    • Experience performing a sprint retrospective

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Simulation Exercise 1.9 "What if" exercise (understanding what a fluid backlog really means)

    30-60 minutes

    1. As a team, consider what you would do in each of the following scenarios (treat each one as an independent scenario rather than cumulative):

    Scenario:

    How would you deal with this:

    After playing with and testing the Sprint 1 deliverable, your stakeholders find several small bugs that need to be fixed, along with some minor changes they would like made to the system. The total amount of effort to address all of these is estimated to be 4 story points in total.

    (e.g. First and foremost, put these requests into the Project Backlog, then…)

    Despite your best efforts, your stakeholders tell you that your Sprint 1 deliverable missed the mark by a wide margin, and they have major changes they want to see made to it.

    Several stakeholders have come forward and stated that they feel strongly that the "DEPOSIT – Deposit a cheque by taking a photo" User Story should be part of the first release, and they would like to see it moved from the Product Backlog to the project backlog (Important Note: they don't want this to change the delivery date for the first release)

    Output

    • A better understanding of how to handle change using a fluid project backlog

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Simulation Exercise 1.10 A Sprint 1 example

    30-60 minutes

    1. Consider the following example of what your Sprint 1 deliverable could be:

    An example of what your Sprint 1 deliverable could be.

    Output

    • Better understanding of an MVP strategy

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Simulation Exercise 1.10 A Sprint 1 example

    30-60 minutes

    1. As a group, discuss this approach, including:
      1. The pros and cons of the approach.
      2. Is this a shippable increment?
      3. What more would you need to do to make it a shippable increment?
    2. Capture your findings in the table below:

    Discussion

    Output

    • Better understanding of an MVP strategy

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Simulation Exercise 1.11 Simulate more sprints

    30-60 minutes

    1. As a group, continue to simulate more sprints for the online banking app:
      1. Simulate the planning, execution, demo, and retro stages for additional sprints
      2. Stop when you have had enough
    2. Capture your learnings in the table below:

    Discussion and learnings

    Output

    • Better understanding of an MVP strategy

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Scrum Simulation Module

    Simulate effective scrum practices

    Activities

    2.1 Execute the ball passing sprints

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Model and understand behavioral blockers and patterns affecting Agile teams and organizational culture.

    Pass the balls – sprint velocity game

    Goal 1. Pass as many balls as possible (Story Points) through the system during each sprint.
    Goal 2. Improve your estimation and velocity after each retrospective.

    Backlog

    An image of Sprint, passing balls from one individual to another until you reach the completion point.

    Points Completed

    Rules:

    1. Two people cannot touch the ball at the same time.
    2. Only the first and last person can hold more than one ball at a time.
    3. Every person on the Delivery Team must touch the ball at least once per sprint.
    4. Each team must record its results during the retrospective.

    Scoring:

    1. One point for every ball that completes the system.
    2. Minus one point for every dropped ball.

    Epic 1: 3 sprints

    1. 1-minute Planning
    2. 2-minute Sprints
    3. 1-minute Retrospective

    Group Retrospective
    Epic 2: 3 sprints (repeat)

    1. 1-minute Planning
    2. 2-minute Sprints
    3. 1-minute Retrospective

    Simulation Exercise 1.11 Simulate more sprints

    30-60 minutes

    Goal 1: Pass as many balls (Story Points) through the system during each sprint.
    Goal 2: Improve your estimation and velocity after each retrospective.

    1. Epic 1: 3 sprints
      1. 1-minute Planning
      2. 2-minute Sprints
      3. 1-minute Retrospective
    2. Group Retrospective
    3. Epic 2: 3 sprints
      1. 1-minute Planning
      2. 2-minute Sprints
      3. 1-minute Retrospective
    4. Group Retrospective
    5. Optionally repeat for additional sprints with team configurations or scenarios

    Rules:

    1. Two people cannot touch the ball at the same time.
    2. Only the first and last person can hold more than one ball at a time.
    3. Every person on the delivery team must touch the ball at least once per sprint.
    4. Each team must record its results during the retrospective.

    Scoring:

    1. One point for every ball that completes the system.
    2. Minus one point for every dropped ball.

    Output

    • Understand basic estimation, sprint, and retrospective techniques.
    • Experience common Agile behavior challenges.

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Facilitator slides: Sprint velocity game

    Goal:

    Pass as many balls as possible through the system during each cycle.

    Game Setup

    • Divide into teams of 8-16 people. If you have a smaller group, form one team rather than two smaller teams to start. The idea is to cause chaos with too many people in the delivery flow. See alternate versions for adding additional Epics with smaller teams.
    • Read out the instructions and ensure teams understand each one. Note that no assistance will be given during the sprints.

    Use your phone's timer to create 2-minute cycles:

    • 1-minute sprint planning
    • 2-minute delivery sprint
    • 1-minute retrospective and results recording
    • Run 3-4 cycles, then stop for a facilitated discussion of their observations and challenges.
    • Begin epic 2 and run for 3-4 more cycles.

    Facilitator slides: Sprint velocity game

    • Game Cycles
      • Epic 1: 3 complete cycles
      • 1-minute Planning
      • 2-minute Sprints
      • 1-minute Sprint retrospective
    • Group Retrospective
      • Discuss each sprint, challenges, and changes made to optimize throughput.
    • Epic 2: 3 complete cycles
      • 1-minute Planning
      • 2-minute Sprints
      • 1-minute Sprint retrospective
    • Group Retrospective
      • Discuss each sprint, challenges, and changes made to optimize throughput.
    • Game Rules
      • Each ball must have airtime. No ball cannot touch two people at the same time.
      • No person can hold more than one ball at a time.
      • Ball must be passed by every person on a team.
      • You may not pass a ball to a person directly to the person on your left or right.
      • Each team must keep score and record their results during the Retrospective.
    • Scoring
      • 1 point for every ball that completes the system.
      • Minus 1 point for every dropped ball.

    Facilitator slides: Sprint velocity game

    Facilitator Tips

    • Create a feeling of competition to get the teams to rush and work against each other. The goal is to show how this culture must be broken in Agile and DevOps. Then challenge the teams against natural silos and not focus on enterprise goals.
    • Create false urgency to increase stress, errors, and breakdowns in communication.
    • Look for patterns of traditional delivery and top-down management that limit delivery. These will emerge naturally, and teams will fall back into familiar patterns under stress.
    • Look for key lessons you want to reinforce and bring out ball game examples to help teams relate to something that is easier to understand.

    Alternate Versions

    • Run Epic 1 as one team, then have them break into typical Agile teams of 4-9 people. Compare results.
    • Run Epics with different goals: How would their approach change?
      • Fastest delivery
      • Highest production
      • Lowest defect rate
    • Have teams assign a scrum master to coordinate delivery. A scrum master and product owner are part of the overall team, but not part of the delivery team. They would not need to pass balls during each sprint.
    • Increase sprint time. Discuss right sizing sprint to complete work.
    • Give each team different numbers of balls, but don't tell them. Alternately, start each team with half as many balls, then double for Epic 2. Discuss how the sprint backlog affected their throughput.

    Facilitator slides: Sprint velocity game

    Trends to Look For and Discuss

    • False constraints - patterns where teams unnecessarily limited themselves.
    • Larger teams could have divided into smaller working teams, passing the balls between working groups.
    • Instructions did not limit that "team" meant everyone in the group. They could have formed smaller groups to process more work. LEAN
    • Using the first sprint for planning only. More time to create a POC.
    • Teams will start communicating but will grow silent, especially in later sprints. Stress interactions over the process.
    • Borrowing best practices from other teams.
    • Using retrospectives to share ideas with other teams. Stress needs to align with the company's goals, not just the team's goals.
    • How did they treat dropped balls? Rejected as errors, started over (false constraint), or picked up and continued?

    Trends to Look For and Discuss

    • Did individuals dominate the planning and execution, or did everyone feel like an equal member of the team?
    • Did they consider assigning a scrum master? The scrum master and product owner are part of the overall team, but not part of the Delivery Team. They would not need to pass balls during each Sprint.
    • What impacted their expected number of balls completed? Did it help improve quality or was it a distraction?
    • What caused their improvement in velocity? Draw the connection between how teams must work together and the need for stability.
    • Discuss the overall goal and constraints. Did they understand what the desired outcome was? Where did they make assumptions? Add talking points:
      • What if the goal was overall completed balls?
      • What if it was zero defect? No dropped balls.
      • What if it was the fastest delivery? Each ball through the system in the shortest time? Were they timing each ball?

    Scrum Simulation Module

    Simulate effective scrum practices

    Activities

    3.1 Identify key insights and takeaways

    3.2 Perform exit survey and capture results

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Identify your key insights and takeaways

    Simulation Exercise 3.1
    Identify key insights and takeaways

    30 minutes

    1. As a group, discuss and capture your thoughts on:
      1. What key insights have participants gained from the Intro to Agile presentation?
      2. What if any takeaways do participants feel are needed as a result of the presentation?
      3. What changes need to be made in the organization to support/enhance Agile adoption?
    2. Capture your findings in the table below:

    What key insights have you gained?

    What takeaways have you identified?

    • (e.g. better understanding of Agile mindset, principles, and practices)
    • (e.g. how you can improve/spread Agile practices in the organization)

    Output

    • A better understanding of Agile principles and practices
    • Action items that will help solidify Agile practices in the organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Simulation Exercise 3.2
    Perform an exit survey

    30 minutes

    1. Wrap up this section by addressing any remaining questions participants still have.
    2. Create your local exit survey by copying the template using the link below. Then copy and distribute your local survey link.
    3. Collect the consolidated survey results in preparation for your next steps.
    4. NOTE: Using this survey template requires having access to Microsoft Forms. If you cannot access Microsoft Forms, an Info-Tech analyst can send the survey for you. Alternatively, this survey can be done with sticky notes and a pen and paper to calculate the outcomes.

    Download Survey Template:

    Develop Your Agile Approach Exit Survey Template

    Output

    • A better understanding of Agile principles and practices
    • Action items that will help solidify Agile practices in the organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Agile Modules

    Prioritize Agile support with your top challenges

    Backlog Management

    Scrum Simulation

    Estimation

    Product Owner

    Product Roadmapping

    1: User stories and the art of decomposition

    2: Effective backlog management & refinement

    3: Identify insights and team feedback

    1: Scrum sprint planning and retrospective simulation

    2: Pass the balls – sprint velocity game

    1: Improve product backlog item estimation

    2: Agile estimation fundamentals

    3: Understand the wisdom of crowds

    4: Identify insights and team feedback

    1: Understand product management fundamentals

    2: The critical role of the product owner

    3: Manage effective product backlogs and roadmaps

    4: Identify insights and team feedback

    1: Identify your product roadmapping pains

    2: The six "tools" of product roadmapping

    3: Product roadmapping exercise

    Organizations often struggle with numerous pain points around Agile delivery.
    The Common Agile Challenges Survey results will help you identify and prioritize the organization's biggest (most cited) pain points. Treat these pain points like a backlog and address the biggest ones first.

    Agile modules provide supporting activities:

    Each module provides guidance and supporting activities related to a specific Agile Challenge from your survey. These modules can be arranged to meet each organization's or team's needs while providing cohesive and consistent messaging. For additional supporting research, please visit the Agile / DevOps Resource Center.

    This phase involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Estimation Module

    Improve product backlog item estimation

    Activities

    1.1 Identify your estimation pains

    1.2 (Optional) Why do we estimate?

    1.3 How do you estimate now?

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • A better understanding of Agile estimation practices and how to apply them.

    Establish consistent Agile estimation fundamentals

    an image of a hierarchy answering the question What is an estimate.

    Know the truth about estimates and their potential pitfalls.

    Then, understand how Agile estimation works to avoid these pitfalls.

    Estimation Exercise 1.1 Identify your estimation pains

    30-60 minutes

    1. As a group, discuss and capture your thoughts on:
      1. What specific challenges are you facing with your estimation practices today
      2. Capture your findings in the table below:

    What are your specific Estimation challenges?

    • (e.g. We don't estimate consistently)
    • (e.g. Our estimates are usually off by a large margin)
    • (e.g. We're not sure what approach to use when estimating)

    Output

    • Your specific estimation related challenges

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Estimation Exercise 1.2 (Optional) Why do we estimate?

    30 minutes

    1. As a group, discuss and capture your thoughts on:
      1. Why do we do estimates?
      2. What value/merit do estimates have?
    2. Capture your findings in the table below:

    Why would/should you do estimates?

    • (e.g. Our stakeholders need to know how long it will take to deliver a given feature/function)

    Output

    • Better understanding of the need for estimates

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Estimation Exercise 1.2 (Optional) Why do we estimate?

    30 minutes

    1. Estimation has its merits
    2. Here are some sample reasons for estimates:
      • "Estimates allow us to predict when a sprint goal will be met, and therefore when a substantial increment of value will be delivered."
      • "Our estimates help our stakeholders plan ahead. They are part of the value we provide."
      • "Estimates help us to de-risk scope of uncertain size and complexity."
      • "Estimated work can be traded in and out of scope for other work of similar size. Without estimates, you can't trade."
      • "The very process of estimation adds value. When we estimate we discuss requirements in more detail and gain a better understanding of what is needed."
      • "Demonstrates IT's commitment to delivering valuable products and changes."
      • "Supports business ambitions with customers and stakeholders."
      • "Helps to build a sustainable value-delivery cadence."

    Source: DZone, 2013.

    Output

    • Better understanding of the need for estimates

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Estimation Exercise 1.3 How do you estimate now?

    30 minutes

    1. As a group, speak about now you currently estimate in your organization.
    2. Capture your findings in the table below:

    Why would/should you do estimates?

    • (e.g. We don't do estimates)
    • (e.g. We ask the person assigned to each task in the project plan to estimate how long it will take)

    Output

    • Your current estimation approach

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Estimation Module

    Improve product backlog item estimation

    Activities

    2.1 (Optional) Estimate a real PBI

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • A better understanding of Agile estimation practices and how to apply them.

    Don't expect your estimates to be accurate!

    The average rough order of magnitude estimates for software are off by is up to 400%.
    Source: Boehm, 1981

    Estimate inaccuracy has many serious repercussions on the project and organization

    66%

    Average cost overrun(1)

    33%

    Average schedule overrun (1)

    17%

    Average benefits shortfall)1)

    (1) % of software projects with given issue

    Source: McKinsey & Company, 2012

    The Estimation Cone of Uncertainty

    The Estimation Cone of Uncertainty

    What is Agile estimation?

    There is no single Agile estimation technique. When selecting an approach, adopt an Agile estimation technique that works for your organization, and don't be afraid to adapt it to your circumstances. Remember: all estimates are wrong, so use them with care and skepticism.

    • Understands and accepts the limitations of any estimation process.
    • Leverages good practices to counteract these limitations (e.g. wisdom of crowds, quality-first thinking).
    • Doesn't over-invest in individual estimate accuracy (but sees their value "in aggregate").
    • Approach can change from project to project or team to team and evolves/matures over the project lifespan.
    • Uses the estimation process as an effective tool to:
      • Make commitments about what can be accomplished in a sprint (to establish capacity).
      • Convey a measure of progress and rough expected completion dates to stakeholders (including management).

    Info-Tech Insight

    All estimates are wrong, but some can be useful (leverage the "wisdom of crowds" to improve your estimation practices).

    There are many Agile estimation techniques to choose from…

    Consensus-Building Techniques
    Planning Poker

    Most popular by far (stick with one of these unless there is a good reason to consider others)

    This approach uses the Delphi method, where a group collectively estimates the size of a PBI, or user stories, with cards numbered by story points. See our Estimate Software Delivery With Confidence blueprint.

    T-Shirt Sizing

    This approach involves collaboratively estimating PBIs against a non-numerical system (e.g. small, medium, large). See DZone and C# Corner for more information.

    Dot Voting

    This approach involves giving participants a set number of dot stickers or marks and voting on the PBIs (and options) to deliver. See Dotmocracy and Wikipedia for more information.

    Bucket System

    This approach categorizes PBIs by placing them into defined buckets, which can then be further broken down through dividing and conquering. See Agile Advice and Crisp's Blog for more information.

    Affinity Mapping

    This approach involves the individual sizing and sorting of PBIs, and then the order of these PBIs are collaboratively edited. The grouping is then associated with numerical estimates or buckets if desired. See Getting Agile for more information.

    Ordering Method

    This approach involves randomly ordering items on a scale ranging from low to high. Each member will take turns moving an item one spot lower or higher where it seems appropriate. See Apiumhub, Sheidaei Blog (variant), and SitePoint (Relative Mass Valuation) for more information.

    Ensure your teams have the right information

    Estimate accuracy and consistency improve when it is clear what you are estimating (definition of ready) and what it means to complete the PBI (definition of done).
    Be sure to establish and enforce your definition of ready/done throughout the project.

    Ready

    Done
    • The value of the story to the user is indicated.
    • The acceptance criteria for the story have been clearly described.
    • Person who will accept the user story is identified.
    • The team knows how to demo the story…
    • Design complete, code compiles, static code analysis has been performed and passed.
    • Peer reviewed with coding standards passed.
    • Unit test and smoke test are done/functional (preferably automated).
    • Passes functionality testing including security testing…

    What are story points?

    Many organizations use story point sizing to estimate their PBIs
    (e.g. epics, features, user stories, and tasks)

    • A story point is a (unitless) measure of the relative size, complexity, risk, and uncertainty, of a PBI.
    • Story points do not correspond to the exact number of hours it will take to complete the PBI.
    • When using story points, think about them in terms of their size relative to one another.
    • The delivery team's sprint velocity and capacity should also be tracked in story points.

    How do you assign a point value to a user story? There is no easy answer outside of leveraging the experience of the team. Sizes are based on relative comparisons to other PBIs or previously developed items. Example: "This user story is 3 points because it is expected to take 3 times more effort than that 1-point user story."Therefore, the measurement of a story point is only defined through the team's experience, as the team matures.

    Can you equate a point to a unit of time? First and foremost, for the purposes of backlog prioritization, you don't need to know the time, just its size relative to other PBIs. For sprint planning, release planning, or any scenario where timing is a factor, you will need to have a reasonably accurate sprint capacity determined. Again, this comes down to experience.

    "Planning poker" estimation technique

    Leverage the wisdom of crowds to improve your estimates

    an image of the user story points and the Fibonacci sequence

    Planning poker: This approach uses the Delphi method, where a group collectively estimates the size of a PBI or user story, using cards with story points on them.

    Materials: Each participant has deck of cards, containing the numbers of the Fibonacci sequence.

    Typical Participants: Product owner, scrum master (usually acts as facilitator), delivery team.

    Steps:

    1. The facilitator will select a user story.
    2. The product owner answers any questions about the user story from the group.
    3. The group makes their first round of estimates, where each participant individually selects a card without showing it to anyone, and then all selections are revealed at once.
    4. If there is consensus, the facilitator records the estimate and moves onto step 1 for another user story.
    5. If there are discrepancies, the participants should state their case for their selection (especially high or low outliers) and engage in constructive debate.
    6. The group makes an additional round of estimates, where step 3-6 are completed until there is a reasonable consensus.
    7. If the consensus is the user story is too large to fit into a sprint or too poorly defined, then the user story should be decomposed or rewritten.

    Estimation Exercise 2.1 (Optional) Estimate a real PBI

    30-60 minutes

    Step 1: As a group, select a real epic, feature, or user story from one of your project backlogs which needs to be estimated:

    PBI to be Estimated:

    As a ____ I want _____ so that ______

    Step 2: Select one person in your group to act as the product owner and discuss/question the details of the selected PBI to improve your collective understanding of the requirement (the PO will do their best to explain the PBI and answer any questions).
    Step 3: Make your first round of estimates using either T-shirt sizing or the Fibonacci sequence. Be sure to agree on the boundaries for these estimates (e.g. "extra-small" (XS) is any work that can be completed in less than an hour, while "extra-large" (XL) is anything that would take a single person a full sprint to deliver – a similar approach could be used for Fibonacci where a "1" is less than an hour's work, and "21" might be a single person for a full sprint). Don't share your answer until everyone has had a chance to decide on their Estimate value for the PBI.
    Step 4: Have everyone share their chosen estimate value and briefly explain their reasoning for the estimate. If most estimate values are the same/similar, allow the group to decide whether they have reached a "collective agreement" on the estimate. If not, repeat step 3 now that everyone has had a chance to explain their initial Estimate.
    Step 5: Capture the "collective" estimate for the PBI here:

    Our collective estimate for this PBI:

    e.g. 8 story points

    Output

    • A real PBI from your project backlog which has estimated using planning poker

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Estimation Module

    Improve product backlog item estimation

    Activities

    3.1 Guess the number of jelly beans (Round 1) (15 minutes)
    3.2 Compare the average of your guesses (15 minutes)
    3.3 Guess the number of gumballs (Round 2) (15 minutes)
    3.4 Compare your guesses against the actual number

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • A better understanding of why Agile estimation and reconciliation provides reliable estimates for planning.

    Facilitator Slides: Agile Estimation (Wisdom of Crowds Exercise – Rounds 1 and 2)

    Notes and Instructions

    The exercise is intended to mimic the way Planning Poker is performed in Agile Estimation. Use the exercise to demonstrate the power of the Wisdom of Crowds and how, in circumstances where the exact answer to a question is not known, asking several people for their opinion often produces more accurate results than most/any individual opinion.

    Some participants will tend to "shout out an answer" right away, so be sure to tell participants not to share their answers until everyone has had an opportunity to register their guess (this is particularly important in Round 1, where we are trying to get unvarnished guesses from the participants).

    In Round 1:

    • Be sure to emphasize that participants are guessing the total number of jelly beans in the jar (sometimes people think it is just the number visible)
    • Once all guesses are gathered and you've calculated the error for them (and the average guess), review the results with participants (Note: the actual number of jelly beans in the jar is 1600 (it is "greyed out" on the bottom line of the table – you can make it visible by turning off the grey highlight on that cell in the table)
    • Most of the time, the average guess will be closer to the actual than most (if not all) individual guesses (but be prepared for the fact that this doesn't always happen – this is especially true when the number of participants is small)
    • When discussing the results, ask participants to share the "method" they used to make their guess (particularly those who were closest to the actual). This part of the exercise can help them to make more accurate guesses in Round 2

    In Round 2:

    • Note that this time, participants are guessing the total number of visible gumballs in the image (both whole and partial gumballs are counted)
    • Once all guesses are gathered and you've calculated the error for them (and the average guess), review the results with participants (Note: the actual number of visible gumballs is 1600 (it is "greyed out" on the bottom line of the table – you can make it visible by turning off the grey highlight on that cell in the table)
    • Most of the time, the average guess will be closer to the actual in Round 2 than it was in Round 1
    • Talk to participants about the outcomes and how the results varied from Round 1 to Round 2, along with any interesting insights they may have gained from the exercise

    Estimation Exercise 3.1 Guess the number of jelly beans (Round 1)

    15 minutes

    1. Option 1: Microsoft Forms
      1. Create your own local survey by copying the template using the link below.
      2. Add the local Survey link to the exercise instructions or send the link to the participants.
      3. Give the participants 2-3 minutes to complete their guesses.
      4. Collect the consolidated Survey responses and calculate the results on the next slide.
      5. NOTE: Using this survey template requires having access to Microsoft Forms. If you cannot access Microsoft Forms, an Info-Tech analyst or Workshop Specialist can set up the survey for you.
    2. Option 2: Embedded Excel table
      1. On the results slide, double-click the table to open the embedded Excel worksheet.
      2. Record each participant's guess in the table.
    3. Alternatively, this survey can be done with sticky notes, a pen, paper, and a calculator to determine the outcomes.

    Download Survey Template:

    Info-Tech Wisdom of the Crowd 1 (Jelly Bean Guess

    Output

    • An appreciation for the power of the wisdom of crowds

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Estimation Exercise 3.1 Guess the number of jelly beans (Round 1)

    15 minutes

    1. Guess the total number of jelly beans in the entire container (not just the ones you can see).
    2. Be sure not to share your guess with anyone else.
    3. It doesn't matter how you settle on your guess ("gut feel" is fine, so is being "scientific" about it, as well as everything in between).
    4. Again, please don't share your guess (or even how you settled on your guess) with anyone else (this exercise relies on independent guesses).

    See slide notes for instructions.

    Output

    • An appreciation for the power of the wisdom of crowds

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Estimation Exercise 3.2 Compare the average of your guesses

    15 minutes

    A blank table for you to compare the average of your guesses at the number of Jellybeans in the Jar.

    See slide notes for instructions.

    Output

    • An appreciation for the power of the wisdom of crowds

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Guess the number of gumballs

    • Option 1: Microsoft Forms
      • Create your own local survey by copying the template using the link below.
      • Add the local Survey link to the exercise instructions or send the link to the participants.
      • Give the participants 2-3 minutes to complete their guesses.
      • Collect the consolidated Survey responses and calculate the results on the next slide.
      • NOTE: Using this survey template requires having access to Microsoft Forms. If you cannot access Microsoft Forms, an Info-Tech analyst or Workshop Specialist can set up the survey for you.
    • Option 2: Embedded Excel table
      • On the results slide, double-click the table to open the embedded Excel worksheet.
      • Record each participant's guess in the table.
    • Alternatively, this survey can be done with sticky notes, a pen, paper, and a calculator to determine the outcomes.

    Download Survey Template:

    Info-Tech Wisdom of the Crowd 2 (Gumball Guess)

    Output

    • An appreciation for the power of the wisdom of crowds

    Participants

    • PM's, PO's and SM's
    • Delivery Managers
    • Delivery Teams
    • Business Stakeholders
    • Senior Leaders
    • Other Interested Parties

    Estimation Exercise 3.3 Guess the number of gumballs (Round 2)

    15 minutes

    1. Guess the total number of gumballs visible in the photo shown on the right.
    2. Again, please don't share your guess with anyone.

    Output

    • An appreciation for the power of the wisdom of crowds

    Participants

    • PM's, PO's and SM's
    • Delivery Managers
    • Delivery Teams
    • Business Stakeholders
    • Senior Leaders
    • Other Interested Parties

    Estimation Exercise 3.2 Compare the average of your guesses

    15 minutes

    A blank table for you to compare the average of your guesses at the number of Jellybeans in the Jar.

    See slide notes for instructions.

    Output

    • An appreciation for the power of the wisdom of crowds

    Participants

    • PM's, PO's and SM's
    • Delivery Managers
    • Delivery Teams
    • Business Stakeholders
    • Senior Leaders
    • Other Interested Parties

    Estimation Module

    Improve product backlog item estimation

    Activities

    4.1 Identify key insights and takeaways
    4.2 Perform exit survey and capture results

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Identify your key insights and takeaways.

    Estimation Exercise 4.2
    Identify key insights and takeaways

    30 minutes

    1. As a group, discuss and capture your thoughts on:
      1. What key insights have participants gained from the Intro to Agile presentation?
      2. What if any takeaways do participants feel are needed as a result of the presentation?
      3. What changes need to be made in the organization to support/enhance Agile adoption?
    2. Capture your findings in the table below:

    What key insights have you gained?

    What takeaways have you identified?

    • (e.g. better understanding of Agile mindset, principles, and practices)
    • (e.g. how you can improve/spread Agile practices in the organization)

    Output

    • A better understanding of Agile principles and practices
    • Action items that will help solidify Agile practices in the organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Estimation Exercise 4.2
    Perform an exit survey

    30 minutes

    1. Wrap up this section by addressing any remaining questions participants still have.
    2. Create your local exit survey by copying the template using the link below. Then copy and distribute your local survey link.
    3. Collect the consolidated survey results in preparation for your next steps.
    4. NOTE: Using this survey template requires having access to Microsoft Forms. If you cannot access Microsoft Forms, an Info-Tech analyst can send the survey for you. Alternatively, this survey can be done with sticky notes and a pen and paper to calculate the outcomes.

    Download Survey Template:

    Develop Your Agile Approach Exit Survey Template

    Output

    • A better understanding of Agile principles and practices
    • Action items that will help solidify Agile practices in the organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Agile Modules

    Prioritize Agile support with your top challenges

    Backlog Management

    Scrum Simulation

    Estimation

    Product Owner

    Product Roadmapping

    1: User stories and the art of decomposition

    2: Effective backlog management & refinement

    3: Identify insights and team feedback

    1: Scrum sprint planning and retrospective simulation

    2: Pass the balls – sprint velocity game

    1: Improve product backlog item estimation

    2: Agile estimation fundamentals

    3: Understand the wisdom of crowds

    4: Identify insights and team feedback

    1: Understand product management fundamentals

    2: The critical role of the product owner

    3: Manage effective product backlogs and roadmaps

    4: Identify insights and team feedback

    1: Identify your product roadmapping pains

    2: The six "tools" of product roadmapping

    3: Product roadmapping exercise

    Organizations often struggle with numerous pain points around Agile delivery.
    The Common Agile Challenges Survey results will help you identify and prioritize the organization's biggest (most cited) pain points. Treat these pain points like a backlog and address the biggest ones first.

    Agile modules provide supporting activities:

    Each module provides guidance and supporting activities related to a specific Agile Challenge from your survey. These modules can be arranged to meet each organization's or team's needs while providing cohesive and consistent messaging. For additional supporting research, please visit the Agile / DevOps Resource Center.

    This phase involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Product Owner Module

    Establish an effective product owner role

    Activities

    1.1 Identify your product owner pains
    1.2 What is a "product"? Who are your "consumers"?
    1.3 Define your role terminology

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Understand product management fundamentals.
    • Define your product management roles and terms.

    Product owners ensure we delivery the right changes, for the right people, at the right time.

    The importance of assigning an effective and empowered product owner to your Agile projects cannot be overstated.

    What is a product?

    A tangible solution, tool, or service (physical or digital), which enables the long-term and evolving delivery of value to customers, and stakeholders based on business and user requirements.

    Info-Tech Insight

    A proper definition of a product recognizes three key facts.

    1. A clear recognition that products are long-term endeavors that don't end after the project finishes.
    2. Products are not just 'apps', but can be software or services that drive value.
    3. There is more than one stakeholder group that derives value from the product or service.

    Estimation Exercise 4.2
    Perform an exit survey

    30-60 minutes

    1. As a group, discuss and capture your thoughts on:
      • What specific challenges are you facing with your product owner practices today?
    2. Capture your findings in the table below:

    What are your specific Product Owner challenges?

    • (e.g. We don't have product owners)
    • (e.g. Our product owners have "day jobs" as well, so they don't have enough time to devote to the project)
    • (e.g. Our product owners are unsure about the role and its associated responsibilities)

    Output

    • Your specific product owner challenges

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Product Owner Exercise 1.2 What is a "product"? Who are your "consumers"?

    30-60 minutes

    1. Discussion:
      1. How do you define a product, service, or application?
      2. Who are the consumers that receive value from the product?

    Input

    • Organizational knowledge
    • Internal terms and definitions

    Output

    • Our definition of products and services
    • Our definition of product and service consumers/customers

    Products and services share the same foundation and best practices

    The term "product" is used for consistency but would apply to services as well.

    Product=Service

    "Product" and "Service" are terms that each organization needs to define to fit its culture and customers (internal and external). The most important aspect is consistent use and understanding of:

    • External products
    • Internal products
    • External services
    • Internal services
    • Products as a service (PaaS)
    • Productizing services (SaaS)

    Recognize the different product owner perspectives

    • Business
      • Customer facing, revenue generating
    • Operations
      • Keep the lights on processes
    • Technical
      • IT systems and tools

    "A product owner in its most beneficial form acts like an Entrepreneur, like a 'mini-CEO'. The product owner is someone who really 'owns' the product."

    – – Robbin Schuurman,
    "Tips for Starting Technical Product Managers"

    Info-Tech Best Practice

    Product owners must translate needs and constraints from their perspective into the language of their audience. Kathy Borneman, Digital Product Owner at SunTrust Bank, noted the challenges of finding a common language between lines of business and IT (e.g. what is a unit?).

    Implement Info-Tech's product owner capability model

    An image of Info-Tech’s product owner capability model

    Unfortunately, most product owners operate with an incomplete knowledge of the skills and capabilities needed to perform the role. Common gaps include focusing only on product backlogs, acting as a proxy for product decisions, and ignoring the need for key performance indicators (KPIs) and analytics in both planning and value realization.

    Scale products into families to improve alignment

    Operationally align product delivery to enterprise goals

    A hierarchy showing how to break enterprise goals and strategy down into product families.

    The Info-Tech difference:

    Start by piloting product families to determine which approaches work best for your organization.

    Create a common definition of what a product is and identify products in your inventory.

    Use scaling patterns to build operationally aligned product families.

    Develop a roadmap strategy to align families and products to enterprise goals and priorities.

    Use products and families to evaluate the delivery and organizational design improvements.

    Deliver Digital Products at Scale via Enterprise Product Families

    Select the right models for scaling product management

    • Pyramid
      • Logical hierarchy of products rolling into a single service area.
      • Lower levels of the pyramid focus on more discrete services.
      • Example: Human resources mapping down to supporting applications.
    • Service Grouping
      • Organization of related services into service family.
      • Direct hierarchy does not necessarily exist within the family.
      • Example: End user support and ticketing.
    • Technical Grouping
      • Logical grouping of IT infrastructure, platforms, or applications.
      • Provides full lifecycle management when hierarchies do not exist.
      • Example: Workflow and collaboration tools.
    • Market Alignment
      • Grouping of products by customer segments or market strategy.
      • Aligns product to end users and consumers.
      • Example: Customer banking products and services.
    • Organizational Alignment
      • Used at higher levels of the organization where products are aligned under divisions.
      • Separation of product management from organizational structure no longer distinct.

    Match your product management role definitions to your product family levels

    Product Ownership exists at the different operational tiers or levels in your product hierarchy. This does not imply or require a management relationship.

    Product Portfolio
    Groups of product families within an overall value stream or capability grouping.
    Product Portfolio Manager

    Product Family
    A collection of related products. Products can be grouped along architectural, functional, operational, or experiential patterns.
    Product Family Manager

    Product
    Single product composed of one or more applications and services.
    Product Owner

    Info-Tech Insight

    The primary role conflict occurs when the product owner is a proxy for stakeholders or responsible for the delivery team. The product owner owns the product backlog. The delivery team owns the sprint backlog and delivery.

    Examine the differences between product managers and product owners

    Product management terminology is inconsistent, creating confusion in organizations introducing these roles. Understand the roles, then define terms that work best for you.

    A Table comparing the different roles of product managers to those of product owners.

    Define who manages key milestone

    Key milestones must be proactively managed. If a project manager is not available, those responsibilities need to be managed by the Product Owner or Scrum Master. Start with responsibility mapping to decide which role will be responsible.

    An image of a table with the following column headings: Example Milestones; Project Manager; Product Owner; Scrum Master*

    Product Owner Exercise 1.3 Define your role terminology

    30-60 minutes

    1. Using consistent terms is important for any organizational change and evergreen process. Capture your preferred terms to help align teams and expectations.
    Term

    Definition

    Product Owner

    • Owns and manages the product or service providing continuous delivery of value.
    • Owns the product roadmap and backlog for the product or service.
    • Works with stakeholders, end users, the delivery team, and market research to identify the product features and their estimated return on investment when implemented.
    • Responsible for refining and reprioritizing the product backlog ensuring items are "Ready" for the sprint backlog.
    • Defines KPIs to measure the value and impact of each PBI to help refine the backlog and guide the roadmap.
    • Responsible for refining and reprioritizing the sprint backlog that identifies which features will be delivered in the next sprint based on business importance.
    • Works with the product owner, stakeholders, end users, and SMEs to help define PBIs to ensure they are "Ready" for the Sprint backlog.

    Product Manager

    • Owns and manages a product or service family consisting of multiple products or services.
    • Owns the product family roadmap. Note: Product families do not have a backlog, only products do.
    • Works with stakeholders, end users, product owners, enterprise architecture, and market research to identify the product capabilities needed to accomplish goals.
    • Validates the product PBIs delivered realized the expected value and capability. Feedback is used to refine the product family roadmap and guide product owners.

    Output

    • Product management role definitions

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Product Owner Module

    Establish an effective product owner role

    Activities

    2.1 Identify enablers and blockers

    2.2 (Optional) Dissect this definition of the product owner role

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Identify cultural enablers and blockers for product owners.
    • Develop a deeper understanding of the product owner role.

    The importance of establishing an effective product owner role

    The critical importance of establishing an effective product owner role (PO) for your Agile projects cannot be overstated.

    Many new-to-Agile organizations do not fully appreciate the critical role played by the PO in Scrum, nor the fundamental changes the organization will need to make in support of the PO role. Both mistakes will reduce an organization's chances of successfully adopting Agile and achieving its promised benefits.

    The PO role is critical to the proper prioritization of requirements and efficient decision-making during the project.

    The PO role helps the organization to avoid "analysis paralysis" challenges often experienced in large command-and-control-style organizations.

    A poorly chosen or disengaged product owner will almost certainly stifle your Agile project.

    Note that for many organizations, "product owner" is not a formally recognized role, which can create HR issues. Some organizational education on Agile may be needed (especially if your organization is unionized).

    Info-Tech Insight

    Failing to establish effective product owners in your organization can be a "species-killing event" for your Agile transformation.

    The three A's of a product owner

    To ensure the effectiveness of a product owner, your organization should select one that meets the three A's:

    Available: Assign a PO that can focus full-time on the project. Make sure your PO can dedicate the time needed to fulfill this critical role.
    Appropriate: It's best for the PO to have strong subject matter expertise (so-called "super users" are often selected to be POs) as well as strong communication, collaboration, facilitation, and arbitration skills. A good PO will understand how to negotiate the best outcomes for the project, considering all project constraints.
    Authoritative: The PO must be empowered by your organization to speak authoritatively about priorities and goals and be able to answer questions from the project team quickly and efficiently. The PO must know when decisions can be made immediately and when they must be made in collaboration with other stakeholders – choosing a PO that is well-known and respected by stakeholders will help to make this more efficient.

    Info-Tech Insight

    It's critical to assign a PO that meets the three A's:

    • Available
    • Appropriate
    • Authoritative

    The three ears of a product owner*

    An effective product owner listens to (and effectively balances) the needs and constraints of three different groups:

    Organizational needs/constraints represent what is most important to the organization overall, and typically revolve around things like cost, schedule, return on investment, time to market, risk mitigation, conforming to policies and regulations, etc.

    Stakeholder needs/constraints represent what is most important to those who will be using the system and typically revolve around the delivery of value, ease of use, better outcomes, making their jobs easier and more efficient, getting what they ask for, etc.

    Delivery Team needs/constraints represent what is most important to those who are tasked with delivering the project and cover a broad range that includes tools, skills, capabilities, technology limitations, capacity limits, adequate testing, architectural considerations, sustainable workload, clear direction and requirements, opportunities to innovate, getting sufficient input and feedback, support for clearing roadblocks, dependencies on other teams, etc.

    Info-Tech Insight

    An effective PO will expertly balance the needs of:

    • The organization
    • Project stakeholders
    • The delivery team

    * For more, see Understanding Scrum: Why do Product Owners Have Three Ears

    A product owner doesn't act alone

    Although the PO plays a unique and central role in the success of an Agile project, it doesn't mean they "act alone."

    The PO is ultimately responsible for managing and maintaining an effective backlog over the project lifecycle, but many people contribute to maintaining this backlog (on large projects, BA's are often the primary contributors to the backlog).

    The PO role also relies heavily on stakeholders (to help define and elaborate user stories, provide input and feedback, answer questions, participate in sprint demos, participate in testing of sprint deliverables, etc.).

    The PO role also relies heavily on the delivery team. Some backlog management and story elaboration is done by delivery team members instead of the PO (think: elaborating user story details, creating acceptance criteria, writing test plans for user stories, etc.).

    The PO both contributes to these efforts and leads/oversees the efforts of others. The exact mix of "doing" and "leading" can be different on a case-by-case basis and is part of establishing the delivery team's norms.

    Given the importance of the role, care must be taken to not overburden the product owner, especially on large projects.

    Info-Tech Insight

    While being ultimately responsible for the product backlog, a PO often relies on others to aid in backlog management and maintenance.

    This is particularly true on large projects.

    The use of a proxy PO

    Sometimes, a proxy product owner is needed.

    It is always best to assign a product owner "from the business," who will bring subject matter expertise and have established relationships with stakeholders.

    When a PO from the business does not have enough time to fulfill the needs of the role completely (e.g. can only be a part-time PO, because they have a day job), assigning a proxy product owner can help to compensate for this.

    The proxy PO acts on behalf of the PO in order to reduce the PO's workload or to otherwise support them.

    Project participants (e.g. delivery team, stakeholders) should treat the PO and proxy PO as roughly equivalent.

    Project managers (PMs) and business analysts (BAs) are often good candidates for the proxy PO role.

    NOTE: It's highly advisable for the PO to attend all/most sprint demos in order to observe progress for themselves, and to identify any misalignment with expectations as early as possible (remember that the PO still has ultimate responsibility for the project outcomes).

    Info-Tech Insight

    Although not ideal, assigning a proxy PO can help to compensate for a PO who doesn't meet all three A's of Product Ownership.

    It is up to the PO and proxy to decide how they will work together (e.g. establish their norms).

    The use of a proxy PO

    The PO and proxy must work together closely and in a highly coordinated way.

    The PO and proxy must:

    • Work closely at the start of the project to agree on the overall approach they will follow, as well as any needs and constraints for the project.
    • Communicate frequently and effectively throughout the project, to ensure progress is being made and to address any challenges.
    • Have a "meeting of the minds" about how the different "parts" of the PO role will be divided between them (including when the proxy must defer to the PO on matters).
    • Focus on ensuring that all the responsibilities of the PO role are fulfilled effectively by the pair (how this is accomplished is up to the two of them to decide).
    • Ensure all project participants clearly understand the POs' and proxies' relative responsibilities to minimize confusion and mistakes.

    The use of multiple POs

    Sometimes, having multiple product owners makes sense.

    It is always best to assign a single product owner to a project. However, under certain circumstances, it can make sense to use multiple POs.

    For example, when implementing a large ERP system with many distinct modules (e.g. Finance, HR) it can be difficult to find a single PO who has sufficient subject matter expertise across all modules.

    When assigning Multiple POs to a project, be sure to identify a "Lead PO" (who is given ultimate responsibility for the entire project) and have the remaining POs act like Proxy POs.

    NOTE: Not surprisingly, it's highly advisable for the Lead PO to attend as many Sprint Demos as possible to observe progress for themselves, and to identify any misalignment with expectations as early as possible (remember that the Lead PO has ultimate responsibility for the project outcomes).

    Info-Tech Best Practice

    Although not ideal, assigning multiple POs to a project sometimes makes sense.

    When needed, be sure to identify a "Lead PO" and have the other PO's act like Proxies.

    Product Owner Exercise 2.1 Identify enablers and blockers

    30-60 minutes

    1. Brainstorm and discuss the key enablers that can help promote and ease your implementation of Product Ownership.
    2. Brainstorm and discuss the key blockers (or risks) that may interrupt or derail your efforts.
    3. Brainstorm mitigation activities for each blocker.
    Enablers Blockers Mitigation
    High business engagement and buy-in Significant time is required to implement and train resources Limit the scope for pilot project to allow time to learn
    Organizational acceptance for change Geographically distributed resources Temporarily collocate all resources and acquire virtual communication technology
    Existing tools can be customized for BRM Difficulty injecting customers in demos Educate customer groups on the importance of attendance and 'what's in it for them'

    Output

    • List of enablers and blockers to establishing product owners

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Establish an effective product owner role

    • The nature of a PO role can be somewhat foreign to many organizations, so candidates for the role will benefit from training along with coaching/mentoring support when starting out.
    • The PO must be able to make decisions quickly around project priorities, goals, and requirements.
    • A PO who is simply a conduit to a slow-moving steering committee will stifle an Agile project.
    • Establish clear boundaries and rules regarding which project decisions can be made directly by the PO and which must be escalated to stakeholders. Lean toward approaches that support the quickest decision-making (e.g. give the PO as much freedom as they need to be effective).
    • An effective PO has a good instinct for what is "good enough for now."
    • The organization can support the PO by focusing attention on goals and accomplishments rather than pushing processes and documentation.
    • Understand the difference between a project sponsor and a PO (the PO role is much more involved in the details, with a higher workload).
    • Agree on and clearly define the roles and responsibilities of PO, PM, dev manager, SM, etc. at the start of the project for clarity and efficiency.

    Characteristics to look for when selecting a product owner

    Here are some "ideal characteristics" for your POs (the more of these that are true for a given PO, the better):

    • Knows how to get things done in your organization
    • Has strong working relationships with project stakeholders (has established trust with them and is well respected by stakeholders as well as others)
    • Comes from the stakeholder community and is invested in the success of the project (ideally, will be an end user of the system)
    • Has proven communication, facilitation, mediation, and negotiation skills
    • Can effectively balance multiple competing priorities and constraints
    • Sees the big picture and strives to achieve the best outcomes possible (grounded in realistic expectations)
    • Works with a sense of urgency and welcomes ongoing feedback and collaboration with stakeholders
    • Understands how to act as an effective "funnel and filter" for stakeholder requests
    • Acts as an informal (but inspirational) leader whom others will follow
    • Has a strong sense of what is "good enough for now"
    • Protects the delivery team from distractions and keeps them focused on goals
    • Thinks strategically and incrementally

    Product Owner Exercise 2.2 (Optional) Dissect this definition of the product owner role

    30-60 minutes

    1. Take a minute or two to review the bullet points below, which describe the product owner's role.
    2. As a group, discuss the "message" for each bullet point in the description, and then identify which aspects would be "easy" and "hard" to achieve in your organization.
      • The product owner is a project team member who has been empowered by both the organization and stakeholders to act on their behalf and to guide the project directly with a single voice (supported by appropriate consultations with the organization and stakeholders).
      • The product owner must be someone with a good understanding of the project deliverable (they are often considered to be a subject matter expert in an area related to the project deliverable) and ideally is both well-known and respected by both the organization and stakeholders.
      • During the project, requirements clarification, prioritization, and scope changes are ultimately decided by the product owner, who must perform the important balancing act required by the project to adequately reflect the needs and constraints of the organization, its stakeholders, and the project team.
      • The product owner role can only be successful in an organization that has established a trusting and supportive culture. Great trust must be placed in the product owner to adequately balance competing needs in a way that leads to good outcomes for the organization. This trust must come with some authority to make important project decisions, and the organization must also support the product owner in addressing risks and roadblocks outside the control of the project team.
      • The product owner is first among equals when it comes to ultimate ownership of success for the project (along with the project delivery team itself). Because of this, any project of any significance will require the full-time effort of the product owner (don't shortchange yourself by under-investing in a willing, able, and available product owner)

    Output

    • Better understanding of the product owner role.

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Product Owner Exercise 2.2 (Optional) Dissect this definition of the product owner role

    Which aspects of the product owner are "easy" in your organization?

    Which aspects of the product owner are "hard" in your organization?

    Product Owner Module

    Establish an effective product owner role

    Activities

    3.1 Build a starting checklist of quality filters

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Understand the levels in a product backlog and how to create quality filters for PBIs moving through the backlog.
    • Define your product roadmap approach for key audiences.

    Product Owner Step 3: Managing effective product backlogs and roadmaps

    The primary role of the product owner is to manage the backlog effectively.

    When managed properly, the product backlog is a powerful project management tool that directly contributes to project success.

    The product owner's primary responsibility is to ensure this backlog is managed effectively.

    A backlog stores and organizes PBIs at various stages of readiness

    A well-formed backlog can be thought of as a DEEP backlog:

    • Detailed Appropriately: Product backlog items (PBIs) are broken down and refined as necessary.
    • Emergent: The backlog grows and evolves over time as PBIs are added and removed.
    • Estimated: The effort a PBI requires is estimated at each tier.
    • Prioritized: The PBIs value and priority are determined at each tier.

    (Perforce, 2018)

    An image showing the Ideas; Qualified; Ready; funnel leading to the sprint approach.

    Backlog tiers facilitate product planning steps

    An image of the product planning steps facilitated by Backlog Tiers

    Each activity is a variation of measuring value and estimating effort to validate and prioritize a PBI.

    A PBI meets our definition of done and passes through to the next backlog tier when it meets the appropriate criteria. Quality filters should exist between each tier.

    Backlog Exercise 2.1 Build a starting checklist of quality filters

    60 minutes

    1. Quality filters provide a checklist to ensure each Product Backlog Item (PBI) meets our definition of Done and is ready to move to the next backlog group (status).
    2. Create a checklist of basic descriptors that must be completed between each backlog level.
    3. If you completed this exercise in a different Module, review and update it here.
    4. Use this information to start your product strategy playbook in Deliver on Your Digital Product Vision.

    An image of the backlog tiers, identifying where product backlog and sprint backlog are

    Output

    • List of enablers and blockers to establishing product owners

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Outline the criteria to proceed to the next tier via quality filters

    Expand the concepts of defining "ready" and "done" to include the other stages of a PBIs journey through product planning.

    An image showing the approach you will use to Outline the criteria to proceed to the next tier via quality filters

    Info-Tech Insight: A quality filter ensures quality is met and teams are armed with the right information to work more efficiently and improve throughput.

    Define product value by aligning backlog delivery with roadmap goals

    In each product plan, the backlogs show what you will deliver.

    Roadmaps identify when and in what order you will deliver value, capabilities, and goals.

    Product roadmaps guide delivery and communicate your strategy

    In Deliver on Your Digital Product Vision, we demonstrate how the product roadmap is core to value realization. The product roadmap is your communicated path, and as a product owner, you use it to align teams and changes to your defined goals while aligning your product to enterprise goals and strategy.

    This is an image Adapted from: Pichler, What Is Product Management?

    Adapted from: Pichler, "What Is Product Management?"

    Info-Tech Insight

    The quality of your product backlog – and your ability to realize business value from your delivery pipeline – is directly related to the input, content, and prioritization of items in your product roadmap.

    Product delivery realizes value for your product family

    While planning and analysis are done at the family level, work and delivery are done at the individual product level.

    An example of performing planning and analysis at the family level.

    Leverage the product family roadmap for alignment

    It's more than a set of colorful boxes. It's the map to align everyone to where you are going.

    • Your product family roadmap:
      • Lays out a strategy for your product family.
      • Is a statement of intent for your family of products.
      • Communicates direction for the entire product family and product teams.
      • Directly connects to the organization's goals.
    • However, it is not:
      • Representative of a hard commitment.
      • A simple combination of your current product roadmaps.

    Your ideal roadmap approach is a spectrum, not a choice!

    Match your roadmap and backlog to the needs of the product.

    Tactical vs strategic roadmaps.

    Product Managers do not have to choose between being tactical or strategic.
    – Aha!, 2015

    Multiple roadmap views can communicate differently yet tell the same truth

    Audience

    Business/
    IT Leaders

    Users/Customers

    Delivery Teams

    Roadmap

    View

    Portfolio

    Product Family

    Technology

    Objectives

    To provide a snapshot
    of the portfolio and
    priority products

    To visualize and validate product strategy

    To coordinate broad technology and architecture decisions

    Artifacts

    Line items or sections of the roadmap are made up of individual products, and an artifact represents a disposition at its highest level.

    Artifacts are generally grouped by product teams and consist of strategic goals and the features that realize
    those goals.

    Artifacts are grouped by
    the teams who deliver
    that work and consist of technical capabilities that support the broader delivery of value for the product family.

    Product Owner Exercise 3.1 Build a starting checklist of quality filters

    60 minutes

    1. Views provide roadmap information to different audiences in the format and level of detail that is fit to their purpose.
    2. Consider the three primary audiences for roadmap alignment.
    3. Define the roles or people who the view best fits.
    4. Define the level of detail or artifacts shared in the view for each audience.
    5. Use this information to start your product strategy playbook in Deliver on Your Digital Product Vision.

    Business/
    IT Leaders

    Users/Customers

    Delivery Teams

    Audience:

    Audience:

    Audience:

    Level of Detail/Artifacts:

    Level of Detail/Artifacts:

    Level of Detail/Artifacts:

    Output

    • List of enablers and blockers to establishing product owners

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Connecting your product family roadmaps to product roadmaps

    Your product and product family roadmaps should be connected at an artifact level that is common between both. Typically, this is done with capabilities, but it can be done at a more granular level if an understanding of capabilities isn't available.

    A comparison between product family roadmaps and product roadmaps.

    Use product roadmaps to align cross-team dependencies

    Regardless of how other teams operate, teams need to align to common milestones.

    An image showing how you may Use product roadmaps to align cross-team dependencies

    Product Owner Module

    Establish an effective product owner role

    Activities

    4.1 Identify key insights and takeaways

    4.2 Perform exit survey and capture results

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Identify your key insights and takeaways.

    Product Owner Exercise 4.1
    Identify key insights and takeaways

    30 minutes

    1. As a group, discuss and capture your thoughts on:
      1. What key insights have participants gained from the Intro to Agile presentation?
      2. What if any takeaways do participants feel are needed as a result of the presentation?
      3. What changes need to be made in the organization to support/enhance Agile adoption?
    2. Capture your findings in the table below:
    What key insights have you gained? What takeaways have you identified?
    (e.g. better understanding of Agile mindset, principles, and practices) (e.g. how you can improve/spread Agile practices in the organization)

    Output

    • A better understanding of Agile principles and practices
    • Action items that will help solidify Agile practices in the organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Product Owner Exercise 4.2
    Perform an exit survey

    30 minutes

    1. Wrap up this section by addressing any remaining questions participants still have.
    2. Create your local exit survey by copying the template using the link below. Then copy and distribute your local survey link.
    3. Collect the consolidated survey results in preparation for your next steps.
    4. NOTE: Using this survey template requires having access to Microsoft Forms. If you cannot access Microsoft Forms, an Info-Tech analyst can send the survey for you. Alternatively, this survey can be done with sticky notes and a pen and paper to calculate the outcomes.

    Download Survey Template:

    Develop Your Agile Approach Exit Survey Template

    Output

    • A better understanding of Agile principles and practices
    • Action items that will help solidify Agile practices in the organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Agile Modules

    Prioritize Agile support with your top challenges

    Backlog Management

    Scrum Simulation

    Estimation

    Product Owner

    Product Roadmapping

    1: User stories and the art of decomposition

    2: Effective backlog management & refinement

    3: Identify insights and team feedback

    1: Scrum sprint planning and retrospective simulation

    2: Pass the balls – sprint velocity game

    1: Improve product backlog item estimation

    2: Agile estimation fundamentals

    3: Understand the wisdom of crowds

    4: Identify insights and team feedback

    1: Understand product management fundamentals

    2: The critical role of the product owner

    3: Manage effective product backlogs and roadmaps

    4: Identify insights and team feedback

    1: Identify your product roadmapping pains

    2: The six "tools" of product roadmapping

    3: Product roadmapping exercise

    Organizations often struggle with numerous pain points around Agile delivery.
    The Common Agile Challenges Survey results will help you identify and prioritize the organization's biggest (most cited) pain points. Treat these pain points like a backlog and address the biggest ones first.

    Agile modules provide supporting activities:

    Each module provides guidance and supporting activities related to a specific Agile challenge from your survey. These modules can be arranged to meet each organization's or team's needs while providing cohesive and consistent messaging. For additional supporting research, please visit the Agile / DevOps Resource Center.

    This phase involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Product Roadmapping

    Create effective product roadmaps

    Activities

    Roadmapping 1.1 Identify your product roadmapping pains
    Roadmapping 1.2 The six "tools" of product roadmapping
    Roadmapping 1.3 Product roadmapping exercise

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Understand product management fundamentals
    • Understand the six "tools" of roadmapping and how to use them

    Roadmapping Exercise 1.1: Tell us what product management means to you and how it differs from a project orientation

    10-15 minutes

    1. Share your current understanding of product management.
    What is product management, and how does it differ from a project orientation?

    Output

    • Your current understanding of product management and its benefits

    Participants

    • PMs, Pos, and SMs
    • Delivery managers
    • Delivery teams
    • Business stakeholders
    • Senior leaders
    • Other interested parties

    Definition of terms

    Project

    "A temporary endeavor undertaken to create a unique product, service, or result. The temporary nature of projects indicates a beginning and an end to the project work or a phase of the project work. Projects can stand alone or be part of a program or portfolio."

    – PMBOK, PMI

    Product

    "A tangible solution, tool, or service (physical or digital) that enables the long-term and evolving delivery of value to customers and stakeholders based on business and user requirements."
    Deliver on Your Digital Product Vision,
    Info-Tech Research Group

    Info-Tech Insight

    Any proper definition of product recognizes that they are long-term endeavors that don't end after the project finishes. Because of this, products need well thought out roadmaps.

    Deliver Digital Products at Scale via Enterprise Product Families

    Match your product management role definitions to your product family levels

    Product ownership exists at the different operational tiers or levels in your product hierarchy. This does not imply or require a management relationship.

    Product Portfolio
    Groups of product families within an overall value stream or capability grouping.
    Product Portfolio Manager

    Product Family
    A collection of related products. Products can be grouped along architectural, functional, operational, or experiential patterns.
    Product Family Manager

    Product
    Single product composed of one or more applications and services.
    Product Owner

    Info-Tech Insight

    The primary role conflict occurs when the product owner is a proxy for stakeholders or responsible for the delivery team. The product owner owns the product backlog. The delivery team owns the sprint backlog and delivery.

    Roadmapping Exercise 1.2 (Optional): Define "product" in your context*

    15-30 minutes

    1. Discuss what "product" means in your organization.
    2. Create a common, enterprise definition for "product."

    For example,

    • An application, platform, or application family.
    • Discrete items that deliver value to a user/customer.

    Capture your organization's definition of product:

    * For more on Product Management see Deliver on Your Digital Product Vision

    Output

    • Your enterprise/ organizational definition of products and services.

    Participants

    • PMs, Pos, and SMs
    • Delivery managers
    • Delivery teams
    • Business stakeholders
    • Senior leaders
    • Other interested parties

    Product Roadmapping

    Create effective product roadmaps

    Activities

    The six "tools" of product roadmapping

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Understand product management fundamentals
    • Understand the six "tools" of roadmapping and how to use them

    The six "tools" of product roadmapping

    the 6 tools of product roadmapping: Vision; Goals; Strategy; Roadmap; Backlog; Release Plan.

    Product Roadmapping

    Create effective product roadmaps

    Activities

    Roadmapping 3.1 Product roadmapping exercise
    Roadmapping 3.2 Identify key insights and takeaways
    Roadmapping 3.3 Perform an exit survey

    This step involves the following participants:

    • Product owners, product managers, and scrum masters
    • Delivery managers and senior leaders
    • Stakeholders and delivery teams

    Outcomes of this step

    • Understand product management fundamentals
    • Understand the six "tools" of roadmapping and how to use them

    Roadmapping Exercise 1.2 (Optional): Define "product" in your context*

    30 minutes

    1. As a team, read through the exercise back story below:

    The city of Binbetter is a picturesque place that is sadly in decline because local industry jobs are slowly relocating elsewhere. So, the local government has decided to do something to reinvigorate the city. Binbetter City Council has set aside money and a parcel of land they would like to develop into a venue that will attract visitors and generate revenue for the city.

    Your team was hired to develop the site, and you have already spent time with city representatives to create a vision, goals and strategy for building out this venue (captured on the following slides). The city doesn't want to wait until the entire venue is completed before it opens to visitors, and so you have been instructed to build it incrementally in order to bring in much needed revenue as soon as possible.

    Using the vision, goals, and strategy you have created, your team will need to plan out the build (i.e. create a roadmap and release plan for which parts of the venue to build and in which order). You can assume that visitors will come to the venue after your "Release 1", even while the rest is still under construction. Select one member of your team to be designated as the product owner. The entire team will work together to consider options and agree on a roadmap/release plan, but the product owner will be the ultimate decision-maker.

    * Adapted from Rautiainen et al, Toward Agile Product and Portfolio Management, 2015

    Output

    • Practical understanding of how to apply the six tools of product roadmapping.

    Participants

    • PMs, Pos, and SMs
    • Delivery managers
    • Delivery teams
    • Business stakeholders
    • Senior leaders
    • Other interested parties

    Roadmapping Exercise 3.1: Continued

    1. As a team, review vision, goal, and strategy:
      • Is this a "good" vision statement, and if so, why?
      • Does it live up to its definition of being: "notional and inspirational, while also calling out key guidance and constraints"?
      • Does it help you to rule in/out options for the Product?
      • e.g. Would a parking lot fit the vision?
      • What about a bunch of condominiums?
      • What about a theme park?

    Vision, Goals, and Strategy

    Product Vision: Create an architecturally significant venue that will attract both locals and tourists while also generating revenue for the city

    Roadmapping Exercise 3.1: Continued

    1. As a team, review vision, goal, and strategy:

    Vision, Goals, and Strategy

    Product Vision: Create an architecturally significant venue that will attract both locals and tourists while also generating revenue for the city

    An image of a Château-style Hotel (left) and a Gothic-style Cathedral (right)

    Goals: The venue will include a Château-style Hotel, Gothic-style Cathedral, and a Monument dedicated to the city's founder, Ivy Binbetter.

    Strategy: Develop the venue incrementally, focusing on the highest value elements first (prioritizing both usages by visitors and revenue generation).

    Roadmapping Exercise 3.1: Continued

    1. As a team, review the following exercise rules:
    • Your construction team has told you that they can divide the structures into 17 "equal" components (see below)
    • Each component will require about the same amount of time and resources to complete
    • You can ask the team to build these components in any order and temporary roofs can be built for components that are not at the top of a "stack" (e.g. you can build C3 without having to build C4 and C5 at the same time)
    • However, you cannot build the tops of any buildings first (e.g. don't build M3 until M2 and M1 are in place)

    An image of the chateau hotel and the Gothic Cathedral from the previous slide, broken down into 7 parts each

    Roadmapping Exercise 3.1: Continued

    1. As a team, review vision, goal, and strategy:
      • The city has asked you to decide on your "Release 1 MVP" and has limited you to selecting between 4 and 8 components for this MVP (fewer components = earlier opening date).
      • As a team, work together to decide which components will be in your MVP (remember, the PO makes the ultimate decision).
      • Drag your (4-8) selected MVP components over from the right and assemble them below (and explain your reasoning for your MVP selections):

    Release 1 (MVP)

    Vision, Goals, and Strategy

    Product Vision: Create an architecturally significant venue that will attract both locals and tourists while also generating revenue for the city

    Goals: The venue will include a Château-style Hotel, Gothic-style Cathedral, and a Monument dedicated to the city's founder, Ivy Binbetter.

    Strategy: Develop the venue incrementally, focusing on the highest value elements first (prioritizing both usages by visitors and revenue generation).

    An image of the chateau hotel and the Gothic Cathedral from the previous slide, broken down into 7 parts each

    Roadmapping Exercise 3.1: Continued
    (magnified venue)

    An image of the chateau hotel and the Gothic Cathedral from the previous slide, broken down into 7 parts each

    Roadmapping Exercise 3.1: Continued

    1. As a team, decide the rest of your roadmap:
      • The city has asked you to decide on the remainder of your roadmap
      • They have limited you to selecting between 2 and 4 components for each additional release (drag your selected component into each release below):
    Release 2 Release 3 Release 4 Release 5

    Vision, Goals, and Strategy

    Product Vision: Create an architecturally significant venue that will attract both locals and tourists while also generating revenue for the city

    Goals: The venue will include a Château-style Hotel, Gothic-style Cathedral, and a Monument dedicated to the city's founder, Ivy Binbetter.

    Strategy: Develop the venue incrementally, focusing on the highest value elements first (prioritizing both usages by visitors and revenue generation).

    An image of the chateau hotel and the Gothic Cathedral from the previous slide, broken down into 7 parts each

    Roadmapping Exercise 3.1: Continued

    Roadmap, Release Plan and Backlog

    an example roadmap plan; INCREASING: Priority; Requirements detail; Estimate accuracy; Level of commitment.

    Vision, Goals, and Strategy

    Product Vision: Create an architecturally significant venue that will attract both locals and tourists while also generating revenue for the city

    Goals: The venue will include a Château-style Hotel, Gothic-style Cathedral, and a Monument dedicated to the city's founder, Ivy Binbetter.

    Strategy: Develop the venue incrementally, focusing on the highest value elements first (prioritizing both usages by visitors and revenue generation).

    An image of the chateau hotel and the Gothic Cathedral from the previous slide, broken down into 7 parts each

    Roadmapping Exercise 3.2:
    Identify key insights and takeaways

    15 minutes

    1. As a group, discuss and capture your thoughts on:
      1. What key insights have participants gained from the product roadmapping module?
      2. What if any takeaways do participants feel are needed as a result of the module?
      3. What changes need to be made in the organization to support/enhance Agile adoption?
    2. Capture your findings in the table below:
    What key insights have you gained?What takeaways have you identified?
    • (e.g. better understanding of Agile mindset, principles, and practices)
    • (e.g. how you can improve/spread Agile practices in the organization)

    Output

    • A better understanding of Agile principles and practices
    • Action items that will help solidify Agile practices in the organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Roadmapping Exercise 3.3
    Perform an exit survey

    30 minutes

    1. Wrap up this section by addressing any remaining questions participants still have.
    2. Create your local exit survey by copying the template using the link below. Then copy and distribute your local survey link.
    3. Collect the consolidated survey results in preparation for your next steps.
    4. NOTE: Using this survey template requires having access to Microsoft Forms. If you cannot access Microsoft Forms, an Info-Tech analyst can send the survey for you. Alternatively, this survey can be done with sticky notes and a pen and paper to calculate the outcomes.

    Download Survey Template:

    Develop Your Agile Approach Exit Survey Template

    Output

    • A better understanding of Agile principles and practices
    • Action items that will help solidify Agile practices in the organization

    Participants

    • Product owners, product managers, and scrum masters
    • Delivery managers
    • Delivery teams
    • Stakeholders
    • Senior leaders

    Appendix

    Additional research to start your journey

    Related Info-Tech Research

    Mentoring for Agile Teams

    • Get practical help and guidance on your Agile transformation journey.

    Implement DevOps Practices That Work

    • Streamline business value delivery through the strategic adoption of DevOps practices.

    Deliver on Your Digital Product Vision

    • Build a product vision your organization can take from strategy through execution.

    Deliver Digital Products at Scale

    • Deliver value at the scale of your organization through defining enterprise product families.

    Bibliography

    "Agile Estimation Practice." DZone.com, 13 May 2013. Web.
    "Announcing DORA 2021 Accelerate State of DevOps Report." Google Cloud Blog. Accessed 8 Nov. 2022.
    "Are Your IT Strategy and Business Strategy Aligned?" 5Q Partners, 8 Jan. 2015. Accessed Oct. 2016.
    A, Karen. "20 Mental Models for Product Managers." Medium, Product Management Insider, 2 Aug. 2018 . Web.
    ADAMS, PAUL. "Product Teams: How to Build & Structure Product Teams for Growth." Inside Intercom, 30 Oct. 2019. Web.
    Agile Alliance. "Product Owner." Agile Alliance. n.d. Web.
    Ambysoft. "2018 IT Project Success Rates Survey Results." Ambysoft. 2018. Web.
    Banfield, Richard, et al. "On-Demand Webinar: Strategies for Scaling Your (Growing) Enterprise Product Team." Pluralsight, 31 Jan. 2018. Web.
    Bloch, Michael, Sven Blumberg, and Jurgen Laartz. "Delivering Large-Scale IT Projects on Time, on Budget, and on Value." McKinsey & Company, October 2012.
    Blueprint. "10 Ways Requirements Can Sabotage Your Projects Right From the Start." Blueprint. 2012. Web.
    Boehm, Barry W. Software Engineering Economics. New Jersey: Prentice Hall, 1981.
    Breddels, Dajo, and Paul Kuijten. "Product Owner Value Game." Agile2015 Conference. 2015. Web.
    Cagan, Martin. "Behind Every Great Product." Silicon Valley Product Group. 2005. Web.
    "Chaos Report 2015." The Standish Group, 2015. Accessed 29 July 2022.
    Cohn, Mike. Succeeding With Agile: Software Development Using Scrum. Addison-Wesley. 2010. Web.
    Connellan, Thomas K. Inside the Magic Kingdom, Bard Press, 1997. Print.
    Dyba, Tore, and Torgeir Dingsøyr. "Empirical Studies of Agile Software Development: A Systematic Review." Elsevier, ScienceDirect. 24 Jan. 2008. Web.
    "How do you define a product?" Scrum.org. 4 Apr 2017, Web
    EDUCAUSE. "Aligning IT Funding Models to the Pace of Technology Change." EDUCAUSE. 14 Dec. 2015. Web.
    Eick, Stephen. "Does Code Decay? Assessing the Evidence from Change Management Data." IEEE Transactions on Software Engineering, vol. 27, no. 1, Jan. 2001, pp. 1-12. Web.
    "Enablers." Scaled Agile. n.d. Web.
    "Epic." Scaled Agile. n.d. Web.
    Eringa, Ron. "Evolution of the Product Owner." RonEringa.com. 12 June 2016. Web.
    Fernandes, Thaisa. "Spotify Squad Framework - Part I." Medium.com. 6 Mar. 2017. Web.
    Fowler, Martin. "Application Boundary." MartinFowler.com. 11 Sept. 2003. Web. 20 Nov. 2017.
    Galen, Robert. "Measuring Technical Product Managership – What Does 'Good' Look Like ...." RGalen Consulting. 5 Aug. 2015. Web.
    Hackshall, Robin. "Product Backlog Refinement." Scrum Alliance. 9 Oct. 2014. Web. Feb. 2019.
    Halisky, Merland, and Luke Lackrone. "The Product Owner's Universe." Agile Alliance, Agile2016. 2016. Web.
    Kamer, Jurriaan. "How to Build Your Own 'Spotify Model'." Medium.com. 9 Feb. 2018. Web.
    Karlsson, Johan. "Backlog Grooming: Must-Know Tips for High-Value Products." Perforce. 18 May 2018. Web. Feb. 2019.
    Lindstrom, Lowell. "7 Skills You Need to Be a Great Product Owner." Scrum Alliance. n.d. Web.
    Lawrence, Richard, and Peter Green. "The Humanizing Work Guide to Splitting User Stories." Humanizing Work, 22 Oct. 2020. Web.
    Leffingwell, Dean. "SAFe 5.0." Scaled Agile Inc. 2021. Web. Feb. 2021.
    Lucero, Mario. "Product Backlog – Deep Model." Agilelucero. 8 Oct. 2014. Web.
    Lukassen, Chris. "The Five Belts Of The Product Owner." Xebia.com. 20 Sept. 2016. Web.
    Management 3.0. "Delegation Poker Product Image." Management 3.0. n.d. Web.
    McCloskey, Heather. "Scaling Product Management: Secrets to Defeating Common Challenges." Scaling Product Management: Secrets to Defeating Common Challenges, ProductPlan, 12 July 2019 . Web.
    McCloskey, Heather. "When and How to Scale Your Product Team." UserVoice Blog, UserVoice, 21 Feb. 2017 . Web.
    Medium.com. "Exploring Key Elements of Spotify's Agile Scaling Model." Medium.com. 23 July 2018. Web.
    Mironov, Rich. "Scaling Up Product Manager/Owner Teams: - Rich Mironov's Product Bytes." Rich Mironov's Product Bytes, Mironov Consulting, 12 Apr. 2014 . Web.
    "Most Agile Transformations Will Fail." Vitality Chicago Inc., 24 Jan. 2019.
    Overeem, Barry. "A Product Owner Self-Assessment." Barry Overeem. 6 Mar. 2017. Web.
    Overeem, Barry. "Retrospective: Using the Team Radar." Barry Overeem. 27 Feb. 2017. Web.
    "PI Planning." Scaled Agile. n.d. Web.
    "PI Planning."SAFe. 2020.
    Pichler, Roman. "How to Scale the Scrum Product Owner." Roman Pichler, 28 June 2016 . Web.
    Pichler, Roman. "Product Management Framework." Pichler Consulting Limited. 2014. Web.
    Pichler, Roman. "Sprint Planning Tips for Technical Product Managers." LinkedIn. 4 Sept. 2018. Web.
    Pichler, Roman. "What Is Product Management?" Pichler Consulting Limited. 26 Nov. 2014. Web.
    Project Management Institute. A Guide to the Project Management Body of Knowledge (PMBOK Guide). 7th ed., Project Management Institute, 2021.
    Radigan, Dan. "Putting the 'Flow' Back in Workflow With WIP Limits." Atlassian. n.d. Web.
    Royce, Dr. Winston W. "Managing the Development of Large Software Systems." Scf.usc.edu. 1970. Web.
    Schuurman, Robbin. "10 Tips for Technical Product Managers on Agile Product Management." Scrum.org. 28 Nov. 2017. Web.
    Schuurman, Robbin. "10 Tips for Technical Product Managers on (Business) Value." Scrum.org. 30 Nov. 2017. Web.
    Schuurman, Robbin. "10 Tips for Technical Product Managers on Product Backlog Management." Scrum.org. 5 Dec. 2017. Web.
    Schuurman, Robbin. "10 Tips for Technical Product Managers on the Product Vision." Scrum.org. 29 Nov. 2017. Web.
    Schuurman, Robbin. "Tips for Starting Technical Product Managers." Scrum.org. 27 Nov. 2017. Web.
    Sharma, Rohit. "Scaling Product Teams the Structured Way." Monetary Musings, Monetary Musings, 28 Nov. 2016 . Web.
    STEINER, ANNE. "Start to Scale Your Product Management: Multiple Teams Working on Single Product." Cprime, Cprime, 6 Aug. 2019 . Web.
    Shirazi, Reza. "Betsy Stockdale of Seilevel: Product Managers Are Not Afraid To Be Wrong." Austin VOP #50. 2 Oct. 2018. Web.
    Standish Group, The. "The Standish Group 2015 Chaos Report." The Standish Group. 2015. Web.
    Theus, Andre. "When Should You Scale the Product Management Team?" When Should You Scale the Product Management Team?, ProductPlan, 7 May 2019 . Web.
    Todaro, Dave. "Splitting Epics and User Stories." Ascendle. n.d. Web. Feb. 2019.
    Tolonen, Arto. "Scaling Product Management in a Single Product Company." Smartly.io - Digital Advertising Made Easy, Effective, and Enjoyable, Smartly.io, 26 Apr. 2018 . Web.
    Ulrich, Catherine. "The 6 Types of Product Managers. Which One Do You Need?" Medium.com. 19 Dec. 2017. Web.
    Vähäniitty, J. et al. "Chapter 7: Agile Product Management" in Towards Agile Product and Portfolio Management. Aalto University Software Process Research Group, 2010.
    VersionOne. "12th Annual State of Agile Report." VersionOne. 9 April 2018. Web.
    Verwijs, Christiaan. "Retrospective: Do The Team Radar." Medium.com. 10 Feb. 2017. Web.
    "Why Agile Fails Because of Corporate Culture - DZone Agile." Dzone.Com. Accessed 31 Aug. 2021.

    page 1 of the appendix
    page 2 of the appendix
    page 3 of the appendix
    page 4 of the appendix

    Cultural advantages of Agile

    Collaboration

    Team members leverage all their experience working towards a common goal.

    Iterations

    Cycles provide opportunities for more product feedback.

    Prioritization

    The most important needs are addressed in the current iteration.

    Continual Improvement

    Self-managing teams continually improve their approach for next iteration.

    A backlog stores and organizes PBIs at various stages of readiness

    A well-formed backlog can be thought of as a DEEP backlog:

    • Detailed Appropriately: Product backlog items (PBIs) are broken down and refined as necessary.
    • Emergent: The backlog grows and evolves over time as PBIs are added and removed.
    • Estimated: The effort a PBI requires is estimated at each tier.
    • Prioritized: The PBIs value and priority are determined at each tier.

    (Perforce, 2018)

    Info-Tech Best Practice

    Don't fully elaborate all of your PBIs at the beginning of the project instead, make sure they are elaborated "just in time." (Keep no more than 2 or 3 sprints worth of user stories in the Ready state.)

    An image showing the Ideas; Qualified; Ready; funnel leading to the sprint aproach.

    Scrum versus Kanban: Key differences

    page 6 of the appendix

    Scrum versus Kanban: When to use each

    Scrum: Delivering related or grouped changes in fixed time intervals.

    • Coordinating the development or release of related items
    • Maturing a product or service
    • Interdependencies between work items

    Kanban: Delivering independent items as soon as each is ready.

    • Work items from ticketing or individual requests
    • Completing independent changes
    • Releasing changes as soon as possible

    Develop an adaptive governance process

    page 7 of the appendix

    Five key principles for building an adaptive governance framework

    Delegate and Empower

    Decision making must be delegated down within the organization, and all resources must be empowered and supported to make effective decisions.

    Define Outcomes

    Outcomes and goals must be clearly articulated and understood across the organization to ensure decisions are in line and stay within reasonable boundaries.

    Make Risk informed decisions

    Integrated risk information must be available with sufficient data to support decision making and design approaches at all levels of the organization.

    Embed / Automate

    Governance standards and activities need to be embedded in processes and practices. Optimal governance reduces its manual footprint while remaining viable. This also allows for more dynamic adaptation.

    Establish standards and behavior

    Standards and policies need to be defined as the foundation for embedding governance practices organizationally. These guardrails will create boundaries to reinforce delegated decision making.

    Maturing governance is a journey

    Organizations should look to progress in their governance stages. Ad-Hoc, and controlled governance tends to be slow, expensive, and a poor fit for modern practices.

    The goal as you progress in your stages is to delegate governance and empower teams to make optimal decisions in real-time, knowing that they are aligned with the understood best interests of the organization.

    Automate governance for optimal velocity, while mitigating risks and driving value.

    This puts your organization in the best position to be adaptive and able to react effectively to volatility and uncertainty.

    page 8 of the appendix

    Business value is a key component to driving better decision making

    Better Decisions

    • Team Engagement
    • Frequent Delivery
    • Stakeholder Input
    • Market Analysis
    • Articulating Business Value
    • Focus on Business Needs

    Facilitation Planning Tool

    • Double-click the embedded Excel workbook to select and plan your exercises and timing.
    • Place or remove the "X" in the "Add to Agenda" column to add it to the workshop agenda and duration estimate.
    • Verify the exercise and step timing estimates from the blueprint provided on the "Detailed Workshop Planner" in columns C-F and adjust based on your facilitation and intended audience.

    an image of the Facilitation Planning Tool

    Appendix:
    SDLC transformation steps

    Waterfall SDLC: Valuable product delivered at the end of an extended project lifecycle, frequently in years

    Page 1 of the SDLC Appendix.

    • Business separated from delivery of technology it needs, only one third of product is actually valuable (Info-Tech, N=40,000).
    • In Waterfall, a team of experts in specific disciplines hand off different aspects of the lifecycle.
    • Document signoffs are required to ensure integration between silos (Business, Dev, and Ops) and individuals.
    • A separate change request process lays over the entire lifecycle to prevent changes from disrupting delivery.
    • Tools are deployed to support a specific role (e.g. BA) and seldom integrated (usually requirements <-> test).

    Wagile/Agifall/WaterScrumFall SDLC: Valuable product delivered in multiple releases

    Page 2 of the SDLC Appendix.

    • Business is more closely integrated by a business product owner accountable for day-to-day delivery of value for users.
    • The team collaborates and develops cross-functional skills as they define, design, build, and test code over time.
    • Signoffs are reduced but documentation is still focused on satisfying project delivery and operations policy requirements.
    • Change is built into the process to allow the team to respond to change dynamically.
    • Tools start to be integrated to streamline delivery (usually requirements and Agile work management tools).

    Agile SDLC: Valuable product delivered iteratively; frequency depends on Ops' capacity

    Page 3 of the SDLC Appendix.

    • Business users are closely integrated through regularly scheduled demos (e.g. every two weeks).
    • Team is fully cross-functional and collaboratesto plan, define, design, build, and test the code supported by specialists.
    • Documentation is focused on future development and operations needs.
    • Change is built into the process to allow the team to respond to change dynamically.
    • Explore automation for application development (e.g. automated regression testing).

    Agile with DevOps SDLC: High frequency iterative delivery of valuable product (e.g. every two weeks)

    Page 4 of the SDLC Appendix.

    • Business users are closely integrated through regularly scheduled demos.
    • Dev and ops teams collaborate to plan, define, design, build, test, and deploy code supported by automation.
    • Documentation is focused on supporting users, future changes, and operational support.
    • Change is built into the process to allow the team to respond to change dynamically.
    • Build, test, deploy is fully automated (service desk is still separated).

    DevOps SDLC: Continuous integration and delivery

    Page 5 of the SDLC Appendix.

    • Business users are closely integrated through regularly scheduled demos.
    • Fully integrated DevOps team collaborates to plan, define, design, build, test, deploy, and maintain code.
    • Documentation Is focused on future development and use adoption.
    • Change is built into the process to allow the team to respond to change dynamically.
    • Fully integrated development and operations toolchain.

    Fully integrated product SDLC: Agile + DevOps + continuous delivery of valuable product on demand

    Page 6 of the SDLC Appendix.

    • Business users are fully integrated with the teams through dedicated business product owner.
    • Cross-functional teams collaborate across the business and technical life of the product.
    • Documentation supports internal and external needs (business, users, Ops).
    • Change is built into the process to allow the team to respond to change dynamically.
    • Fully integrated toolchain (including service desk).

    Considerations for a Hub and Spoke Model When Deploying Infrastructure in the Cloud

    • Buy Link or Shortcode: {j2store}472|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Cloud Strategy
    • Parent Category Link: /cloud-strategy
    • The organization is planning to move resources to cloud or devise a networking strategy for their existing cloud infrastructure to harness value from cloud.
    • The right topology needs to be selected to deploy network level isolation, design the cloud for management efficiencies and provide access to shared services on cloud.
    • A perennial challenge for infrastructure on cloud is planning for governance vs flexibility which is often overlooked.

    Our Advice

    Critical Insight

    Don’t wait until the necessity arises to evaluate your networking in the cloud. Get ahead of the curve and choose the topology that optimizes benefits and supports organizational needs in the present and the future.

    Impact and Result

    • Define organizational needs and understand the pros and cons of cloud network topologies to strategize for the networking design.
    • Consider the layered complexities of addressing the governance vs. flexibility spectrum for your domains when designing your networks.

    Considerations for a Hub and Spoke Model When Deploying Infrastructure in the Cloud Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Considerations for a Hub and Spoke Model When Deploying Infrastructure in the Cloud Deck – A document to guide you through designing your network in the cloud.

    What cloud networking topology should you use? How do you provide access to shared resources in the cloud or hybrid infrastructure? What sits in the hub and what sits in the spoke?

    • Considerations for a Hub and Spoke Model When Deploying Infrastructure in the Cloud Storyboard
    [infographic]

    Further reading

    Considerations for a Hub and Spoke Model When Deploying Infrastructure in the Cloud

    Don't revolve around a legacy design; choose a network design that evolves with the organization.

    Analyst Perspective

    Cloud adoption among organizations increases gradually across both the number of services used and the amount those services are used. However, network builders tend to overlook the vulnerabilities of network topologies, which leads to complications down the road, especially since the structures of cloud network topologies are not all of the same quality. A network design that suits current needs may not be the best solution for the future state of the organization.

    Even if on-prem network strategies were retained for ease of migration, it is important to evaluate and identify the cloud network topology that can not only elevate the performance of your infrastructure in the cloud, but also that can make it easier to manage and provision resources.

    An "as the need arises" strategy will not work efficiently since changing network designs will change the way data travels within your network, which will then need to be adopted to existing application architectures. This becomes more complicated as the number of services hosted in the cloud grows.

    Keep a network strategy in place early on and start designing your infrastructure accordingly. This gives you more control over your networks and eliminates the need for huge changes to your infrastructure down the road.

    This is a picture of Nitin Mukesh

    Nitin Mukesh
    Senior Research Analyst, Infrastructure and Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    The organization is planning to move resources to the cloud or devise a networking strategy for their existing cloud infrastructure to harness value from the cloud.

    The right topology needs to be selected to deploy network level isolation, design the cloud for management efficiencies, and provide access to shared services in the cloud.

    A perennial challenge for infrastructure in the cloud is planning for governance vs. flexibility, which is often overlooked.

    Common Obstacles

    The choice of migration method may result in retaining existing networking patterns and only making changes when the need arises.

    Networking in the cloud is still new, and organizations new to the cloud may not be aware of the cloud network designs they can consider for their business needs.

    Info-Tech's Approach

    Define organizational needs and understand the pros and cons of cloud network topologies to strategize for the networking design.

    Consider the layered complexities of addressing the governance vs. flexibility spectrum for your domains when designing your networks.

    Insight Summary

    Don't wait until the necessity arises to evaluate your networking in the cloud. Get ahead of the curve and choose the topology that optimizes benefits and supports organizational needs in the present and future.

    Your challenge

    Selecting the right topology: Many organizations migrate to the cloud retaining a mesh networking topology from their on-prem design, or they choose to implement the mesh design leveraging peering technologies in the cloud without a strategy in place for when business needs change. While there may be many network topologies for on-prem infrastructure, the network design team may not be aware of the best approach in cloud platforms for their requirements, or a cloud networking strategy may even go overlooked during the migration.

    Finding the right cloud networking infrastructure for:

    • Management efficiencies
    • Network-level isolation of resources
    • Access to shared services

    Deciding between governance and flexibility in networking design: In the hub and spoke model, if a domain is in the hub, the greater the governance over it, and if it sits in the spoke, the higher the flexibility. Having a strategy for the most important domains is key. For example, some security belongs in the hub and some security belongs in the spoke. The tradeoff here is if it sits completely in the spoke, you give it a lot of freedom, but it becomes harder to standardize across the organization.

    Mesh network topology

    A mesh is a design where virtual private clouds (VPCs) are connected to each other individually creating a mesh network. The network traffic is fast and can be redirected since the nodes in the network are interconnected. There is no hierarchical relationship between the networks, and any two networks can connect with each other directly.

    In the cloud, this design can be implemented by setting up peering connections between any two VPCs. These VPCs can also be set up to communicate with each other internally through the cloud service provider's network without having to route the traffic via the internet.

    While this topology offers high redundancy, the number of connections grows tremendously as more networks are added, making it harder to scale a network using a mesh topology.

    Mesh Network on AWS

    This is an image of a Mesh Network on AWS

    Source: AWS, 2018

    Constraints

    The disadvantages of peering VPCs into a mesh quickly arise with:

    • Transitive connections: Transitive connections are not supported in the cloud, unlike with on-prem networking. This means that if there are two networks that need to communicate, a single peering link can be set up between them. However, if there are more than two networks and they all need to communicate, they should all be connected to each other with separate individual connections.
    • Cost of operation: The lack of transitive routing requires many connections to be set up, which adds up to a more expensive topology to operate as the number of networks grows. Cloud providers also usually limit the number of peering networks that can be set up, and this limit can be hit with as few as 100 networks.
    • Management: Mesh tends to be very complicated to set up, owing to the large number of different peering links that need to be established. While this may be manageable for small organizations with small operations, for larger organizations with robust cybersecurity practices that require multiple VPCs to be deployed and interconnected for communications, mesh opens you up to multiple points of failure.
    • Redundancy: With multiple points of failure already being a major drawback of this design, you also cannot have more than one peered connection between any two networks at the same time. This makes designing your networking systems for redundancy that much more challenging.
    Number of virtual networks 10 20 50 100
    Peering links required
    [(n-1)*n]/2
    45 190 1225 4950

    Proportional relationship of virtual networks to required peering links in a mesh topology

    Case study

    INDUSTRY: Blockchain
    SOURCE: Microsoft

    An organization with four members wants to deploy a blockchain in the cloud, with each member running their own virtual network. With only four members on the team, a mesh network can be created in the cloud with each of their networks being connected to each other, adding up to a total of 12 peering connections (four members with three connections each). While the members may all be using different cloud accounts, setting up connections between them will still be possible.

    The organization wants to expand to 15 members within the next year, with each new member being connected with their separate virtual networks. Once grown, the organization will have a total of 210 peering connections since each of the virtual networks will then need 14 peering connections. While this may still be possible to deploy, the number of connections makes it harder to manage and would be that much more difficult to deploy if the organization grows to even 30 or 40 members. The new scale of virtual connections calls for an alternative networking strategy that cloud providers offer – the hub and spoke topology.

    This is an image of the connections involved in a mesh network with four participants.

    Source: Microsoft, 2017

    Hub and spoke network topology

    In hub and spoke network design, each network is connected to a central network that facilitates intercommunication between the networks. The central network, also called the hub, can be used by multiple workloads/servers/services for hosting services and for managing external connectivity. Other networks connected to the hub through network peering are called spokes and host workloads.

    Communications between the workloads/servers/services on spokes pass in or out of the hub where they are inspected and routed. The spokes can also be centrally managed from the hub with IT rules and processes.

    A hub and spoke design enable a larger number of virtual networks to be interconnected as each network only needs one peered connection (to the hub) to be able to communicate with any other network in the system.

    Hub and Spoke Network on AWS

    This is an image of the Hub and Spoke Network on AWS

    What hub and spoke networks do better

    1. Ease of connectivity: Hub and spoke decreases the liabilities of scale that come from a growing business by providing a consistent connection that can be scaled easily. As more networks are added to an organization, each will only need to be connected once – to the hub. The number of connections is considerably lower than in a mesh topology and makes it easier to maintain and manage.
    2. Business agility and scalability: It is easier to increase the number of networks than in mesh, making it easier to grow your business into new channels with less time, investment, and risk.
    3. Data collection: With a hub and spoke design, all data flows through the hub – depending on the design, this includes all ingress and egress to and from the system. This makes it an excellent central network to collect all business data.
    4. Network-level isolation: Hub and spoke enables separation of workloads and tiers into different networks. This is particularly useful to ensure an issue affecting a network or a workload does not affect the rest.
    5. Network changes: Changes to a separated network are much easier to carry out knowing the changes made will not affect all the other connected networks. This reduces work-hours significantly when systems or applications need to be altered.
    6. Compliance: Compliance requirements such as SOC 1 and SOC 2 require separate environments for production, development, and testing, which can be done in a hub and spoke model without having to re-create security controls for all networks.

    Hub and spoke constraints

    While there are plenty of benefits to using this topology, there are still a few notable disadvantages with the design.

    Point-to-point peering

    The total number of total peered connections required might be lower than mesh, but the cost of running independent projects is cheaper on mesh as point-to-point data transfers are cheaper.

    Global access speeds with a monolithic design

    With global organizations, implementing a single monolithic hub network for network ingress and egress will slow down access to cloud services that users will require. A distributed network will ramp up the speeds for its users to access these services.

    Costs for a resilient design

    Connectivity between the spokes can fail if the hub site dies or faces major disruptions. While there are redundancy plans for cloud networks, it will be an additional cost to plan and build an environment for it.

    Leverage the hub and spoke strategy for:

    Providing access to shared services: Hub and spoke can be used to give workloads that are deployed on different networks access to shared services by placing the shared service in the hub. For example, DNS servers can be placed in the hub network, and production or host networks can be connected to the hub to access it, or if the central network is set up to host Active Directory services, then servers in other networks can act as spokes and have full access to the central VPC to send requests. This is also a great way to separate workloads that do not need to communicate with each other but all need access to the same services.

    Adding new locations: An expanding organization that needs to add additional global or domestic locations can leverage hub and spoke to connect new network locations to the main system without the need for multiple connections.

    Cost savings: Apart from having fewer connections than mesh that can save costs in the cloud, hub and spoke can also be used to centralize services such as DNS and NAT to be managed in one location rather than having to individually deploy in each network. This can bring down management efforts and costs considerably.

    Centralized security: Enterprises can deploy a center of excellence on the hub for security, and the spokes connected to it can leverage a higher level of security and increase resilience. It will also be easier to control and manage network policies and networking resources from the hub.

    Network management: Since each spoke is peered only once to the hub, detecting connectivity problems or other network issues is made simpler in hub and spoke than on mesh. A network manager deployed on the cloud can give access to network problems faster than on other topologies.

    Hub and spoke – mesh hybrid

    The advantages of using a hub and spoke model far exceed those of using a mesh topology in the cloud and go to show why most organizations ultimately end up using the hub and spoke as their networking strategy.

    However, organizations, especially large ones, are complex entities, and choosing only one model may not serve all business needs. In such cases, a hybrid approach may be the best strategy. The following slides will demonstrate the advantages and use cases for mesh, however limited they might be.

    Where it can be useful:

    An organization can have multiple network topologies where system X is a mesh and system Y is a hub and spoke. A shared system Z can be a part of both systems depending on the needs.

    An organization can have multiple networks interconnected in a mesh and some of the networks in the mesh can be a hub for a hub-spoke network. For example, a business unit that works on data analysis can deploy their services in a spoke that is connected to a central hub that can host shared services such as Active Directory or NAT. The central hub can then be connected to a regional on-prem network where data and other shared services can be hosted.

    Hub and spoke – mesh hybrid network on AWS

    This is an image of the Hub and spoke – mesh hybrid network on AWS

    Why mesh can still be useful

    Benefits Of Mesh

    Use Cases For Mesh

    Security: Setting up a peering connection between two VPCs comes with the benefit of improving security since the connection can be private between the networks and can isolate public traffic from the internet. The traffic between the networks never has to leave the cloud provider's network, which helps reduce a class of risks.

    Reduced network costs: Since the peered networks communicate internally through the cloud's internal networks, the data transfer costs are typically cheaper than over the public internet.

    Communication speed: Improved network latency is a key benefit from using mesh because the peered traffic does not have to go over the public internet but rather the internal network. The network traffic between the connections can also be quickly redirected as needed.

    Higher flexibility for backend services: Mesh networks can be desirable for back-end services if egress traffic needs to be blocked to the public internet from the deployed services/servers. This also helps avoid having to set up public IP or network address translation (NAT) configurations.

    Connecting two or more networks for full access to resources: For example, consider an organization that has separate networks for each department, which don't all need to communicate with each other. Here, a peering network can be set up only between the networks that need to communicate with full or partial access to each other such as finance to HR or accounting to IT.

    Specific security or compliance need: Mesh or VPC peering can also come in handy to serve specific security needs or logging needs that require using a network to connect to other networks directly and in private. For example, global organizations that face regulatory requirements of storing or transferring data domestically with private connections.

    Systems with very few networks that do not need internet access: Workloads deployed in networks that need to communicate with each other but do not require internet access or network address translation (NAT) can be connected using mesh especially when there are security reasons to keep them from being connected to the main system, e.g. backend services such as testing environments, labs, or sandboxes can leverage this design.

    Designing for governance vs. flexibility in hub and spoke

    Governance and flexibility in managing resources in the cloud are inversely proportional: The higher the governance, the less freedom you have to innovate.

    The complexities of designing an organization's networks grow with the organization as it becomes global and takes on more services and lines of business. Organizations that choose to deploy the hub and spoke model face a dilemma in choosing between governance and flexibility for their networks. Organizations need to find that sweet spot to find the right balance between how much they want to govern their systems, mainly for security- and cost-monitoring, and how much flexibility they want to provide for innovation and other operations, since the two usually tend to have an inverse relationship.

    This decision in hub and spoke usually means that the domains chosen for higher governance must be placed in the hub network, and the domains that need more flexibility in a spoke. The key variables in the following slide will help determine the placement of the domain and will depend entirely on the organization's context.

    The two networking patterns in the cloud have layered complexities that need to be systematically addressed.

    Designing for governance vs. flexibility in hub and spoke

    If a network has more flexibility in all or most of these domains, it may be a good candidate for a spoke-heavy design; otherwise, it may be better designed in a hub-centric pattern.

    • Function: The function the domain network is assigned to and the autonomy the function needs to be successful. For example, software R&D usually requires high flexibility to be successful.
    • Regulations: The extent of independence from both internal and external regulatory constraints the domain has. For example, a treasury reporting domain typically has high internal and external regulations to adhere to.
    • Human resources: The freedom a domain has to hire and manage its resources to perform its function. For example, production facilities in a huge organization have the freedom to manage their own resources.
    • Operations: The freedom a domain has to control its operations and manage its own spending to perform its functions. For example, governments usually have different departments and agencies, each with its own budget to perform its functions.
    • Technology: The independence and the ability a domain has to manage its selection and implementation of technology resources in the cloud. For example, you may not want a software testing team to have complete autonomy to deploy resources.

    Optimal placement of services between the hub and spoke

    Shared services and vendor management

    Resources that are shared between multiple projects or departments or even by the entire organization should be hosted on the hub network to simplify sharing these services. For example, e-learning applications that may be used by multiple business units to train their teams, Active Directory accessed by most teams, or even SAAS platforms such as O365 and Salesforce can leverage buying power and drive down the costs for the organization. Shared services should also be standardized across the organization and for that, it needs to have high governance.

    Services that are an individual need for a network and have no preexisting relationship with other networks or buying power and scale can be hosted in a spoke network. For example, specialized accounting software used exclusively by the accounting team or design software used by a single team. Although the services are still a part of the wider network, it helps separate duties from the shared services network and provides flexibility to the teams to customize and manage their services to suit their individual needs.

    Network egress and interaction

    Network connections, be they in the cloud or hybrid-cloud, are used by everyone to either connect to the internet, access cloud services, or access the organization's data center. Since this is a shared service, a centralized networking account must be placed in the hub for greater governance. Interactions between the spokes in a hub and spoke model happens through the hub, and providing internet access to the spokes through the hub can help leverage cost benefits in the cloud. The network account will perform routing duties between the spokes, on-prem assets, and egress out to the internet.

    For example, NAT gateways in the cloud that are managed services are usually charged by the hour, and deploying NAT on each spoke can be harder to manage and expensive to maintain. A NAT gateway deployed in a central networking hub can be accessed by all spokes, so centralizing it is a great option.

    Note that, in some cases, when using edge locations for data transfers, it may be cost effective to deploy a NAT in the spoke, but such cases usually do not apply to most organizational units.

    A centralized network hub can also be useful to configure network policies and network resources while organizational departments can configure non-network resources, which helps separate responsibilities for all the spokes in the system. For example, subnets and routes can be controlled from the central network hub to ensure standardized network policies across the network.

    Security

    While there needs to be security in the hub and the spokes individually, finding the balance of operation can make the systems more robust. Hub and spoke design can be an effective tool for security when a principal security hub is hosted in the hub network. The central security hub can collect data from the spokes as well as non-spoke sources such as regulatory bodies and threat intelligence providers, and then share the information with the spokes.

    Threat information sharing is a major benefit of using this design, and the hub can take actions to analyze and enrich the data before sharing it with spokes. Shared services such as threat intelligence platforms (TIP) can also benefit from being centralized when stationed in the hub. A collective defense approach between the hub and spoke can be very successful in addressing sophisticated threats.

    Compliance and regulatory requirements such as HIPAA can also be placed in the hub, and the spokes connected to it can make use of it instead of having to deploy it in each spoke individually.

    Cloud metering

    The governance vs. flexibility paradigm usually decides the placement of cloud metering, i.e. if the organization wants higher control over cloud costs, it should be in the central hub, whereas if it prioritizes innovation, the spokes should be allowed to control it. Regardless of the placement of the domain, the costs can be monitored from the central hub using cloud-native monitoring tools such as Azure Monitor or any third-party software deployed in the hub.

    For ease of governance and since resources are usually shared at a project level, most cloud service providers suggest that an individual metering service be placed in the spokes. The centralized billing system of the organization, however, can make use of scale and reserved instances to drive down the costs that the spokes can take advantage of. For example, billing and access control resources are placed in the lower levels in GCP to enable users to set up projects and perform their tasks. These billing systems in the lower levels are then controlled by a centralized billing system to decide who pays for the resources provisioned.

    Don't get stuck with your on-prem network design. Design for the cloud.

    1. Peering VPCs into a mesh design can be an easy way to get onto the cloud, but it should not be your networking strategy for the long run.
    2. Hub and spoke network design offers more benefits than any other network strategy to be adopted only when the need arises. Plan for the design early on and keep a strategy in place to deploy it as early as possible.
    3. Hybrid of mesh and hub and spoke will be very useful in connecting multiple large networks especially when they need to access the same resources without having to route the traffic over the internet.
    4. Governance vs. flexibility should be a key consideration when designing for hub and spoke to leverage the best out of your infrastructure.
    5. Distribute domains across the hub or spokes to leverage costs, security, data collection, and economies of scale, and to foster secure interactions between networks.

    Cloud network design strategy

    This is an image of the framework for developing a Cloud Network Design Strategy.

    Bibliography

    Borschel, Brett. "Azure Hub Spoke Virtual Network Design Best Practices." Acendri Solutions, 13 Jan. 2022. Web.
    Singh, Garvit. "Amazon Virtual Private Cloud Connectivity Options." AWS, January 2018. Web.
    "What Is the Hub and Spoke Information Sharing Model?" Cyware, 16 Aug. 2021. Web.
    Youseff, Lamia. "Mesh and Hub-and-Spoke Networks on Azure." Microsoft, Dec. 2017. Web.

    Kick-Start IT-Led Business Innovation

    • Buy Link or Shortcode: {j2store}87|cart{/j2store}
    • member rating overall impact (scale of 10): 9.2/10 Overall Impact
    • member rating average dollars saved: $38,844 Average $ Saved
    • member rating average days saved: 8 Average Days Saved
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • The CIO is not considered a strategic partner. The business may be satisfied with IT services, but no one is looking to IT to solve business problems or drive the enterprise forward.
    • Even if IT staff do generate ideas that will improve operational efficiency or enable the business, few are ever assessed or executed upon.

    Our Advice

    Critical Insight

    • Business demand for new technology is creating added pressure to innovate and executive stakeholders expect more from IT. If IT is not viewed as a source of innovation, its perceived value will decrease and the threat of shadow IT will grow. Do not wait to start finding and capitalizing on opportunities for IT-led innovation.

    Impact and Result

    • Start innovating right away. All you need are business pains and people willing to ideate around them.
    • Assemble a small team and arm them with proven techniques for identifying unique opportunities for innovation, developing impactful solutions, and prototyping quickly and effectively. Incubate a reservoir of ideas, both big and small, so that you are ready to execute on innovative projects when the timing is right.
    • Once you have demonstrated IT’s ability to innovate, mature your capability with a permanent innovation process and program.

    Kick-Start IT-Led Business Innovation Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should create innovation processes, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Launch innovation

    Sponsor a mandate for innovation and assemble a small team to start sourcing ideas with IT staff.

    • Kick-Start IT-Led Business Innovation – Phase 1: Launch Innovation
    • Innovation Working Group Charter

    2. Ideate

    Identify critical opportunities for innovation and brainstorm effective solutions.

    • Kick-Start IT-Led Business Innovation – Phase 2: Ideate
    • Idea Document
    • Idea Reservoir Tool

    3. Prototype

    Prototype ideas rapidly to gain user feedback, refine solutions, and make a compelling case for project investment.

    • Kick-Start IT-Led Business Innovation – Phase 3: Prototype
    • Prototyping Workbook
    • Prototype Assessment

    4. Mature innovation capability

    Formalize the innovation process and implement a program to create a strong culture of innovation in IT.

    • Kick-Start IT-Led Business Innovation – Phase 4: Mature Innovation Capability

    Infographic

    Workshop: Kick-Start IT-Led Business Innovation

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Launch Innovation

    The Purpose

    Introduce innovation.

    Assess overall IT maturity to understand what you want to achieve with innovation.

    Define the innovation mandate.

    Introduce ideation.

    Key Benefits Achieved

    A set of shared objectives for innovation will be defined.

    A mandate will be created to help focus innovation efforts on what is most critical to the advancement of IT's maturity.

    The group will be introduced to ideation and prepared to begin addressing critical IT or business pains.

    Activities

    1.1 Define workshop goals and objectives.

    1.2 Introduce innovation.

    1.3 Assess IT maturity.

    1.4 Define the innovation mandate.

    1.5 Introduce ideation.

    Outputs

    Workshop goals and objectives.

    An understanding of innovation.

    IT maturity assessment.

    Sponsored innovation mandate.

    An understanding of ideation.

    2 Ideate, Part I

    The Purpose

    Identify and prioritize opportunities for IT-led innovation.

    Map critical processes to identify the pains that should be ideated around.

    Brainstorm potential solutions.

    Assess, pitch, and prioritize ideas that should be investigated further.

    Key Benefits Achieved

    The team will learn best practices for ideation.

    Critical pain points that might be addressed through innovation will be identified and well understood.

    A number of ideas will be generated that can solve identified pains and potentially feed the project pipeline.

    The team will prioritize the ideas that should be investigated further and prototyped after the workshop.

    Activities

    2.1 Identify processes that present opportunities for IT-led innovation.

    2.2 Map selected processes.

    2.3 Finalize problem statements.

    2.4 Generate ideas.

    2.5 Assess ideas.

    2.6 Pitch and prioritize ideas.

    Outputs

    A list of processes with high opportunity for IT-enablement.

    Detailed process maps that highlight pain points and stakeholder needs.

    Problem statements to ideate around.

    A long list of ideas to address pain points.

    Detailed idea documents.

    A shortlist of prioritized ideas to investigate further.

    3 Ideate, Part II

    The Purpose

    Ideate around a more complex problem that presents opportunity for IT-led innovation.

    Map the associated process to define pain points and stakeholder needs in detail.

    Brainstorm potential solutions.

    Assess, pitch, and prioritize ideas that should be investigated further.

    Introduce prototyping.

    Map the user journey for prioritized ideas.

    Key Benefits Achieved

    The team will be ready to facilitate ideation independently with other staff after the workshop.

    A critical problem that might be addressed through innovation will be defined and well understood.

    A number of innovative ideas will be generated that can solve this problem and help IT position itself as a source of innovative projects.

    Ideas will be assessed and prioritized for further investigation and prototyping after the workshop.

    The team will learn best practices for prototyping.

    The team will identify the assumptions that need to be tested when top ideas are prototyped.

    Activities

    3.1 Select an urgent opportunity for IT-led innovation.

    3.2 Map the associated process.

    3.3 Finalize the problem statement.

    3.4 Generate ideas.

    3.5 Assess ideas.

    3.6 Pitch and prioritize ideas.

    3.7 Introduce prototyping.

    3.8 Map the user journey for top ideas.

    Outputs

    Selection of a process which presents a critical opportunity for IT-enablement.

    Detailed process map that highlights pain points and stakeholder needs.

    Problem statement to ideate around.

    A long list of ideas to solve the problem.

    Detailed idea documents.

    A shortlist of prioritized ideas to investigate further.

    An understanding of effective prototyping techniques.

    A user journey for at least one of the top ideas.

    4 Implement an Innovation Process and Program

    The Purpose

    Establish a process for generating, managing, prototyping, prioritizing, and approving new ideas.

    Create an action plan to operationalize your new process.

    Develop a program to help support the innovation process and nurture your innovators.

    Create an action plan to implement your innovation program.

    Decide how innovation success will be measured.

    Key Benefits Achieved

    The team will learn best practices for managing innovation.

    The team will be ready to operationalize an effective process for IT-led innovation. You can start scheduling ideation sessions as soon as the workshop is complete.

    The team will understand the current innovation ecosystem: drivers, barriers, and enablers.

    The team will be ready to roll out an innovation program that will help generate wider engagement with IT-led innovation.

    You will be ready to measure and report on the success of your program.

    Activities

    4.1 Design an IT-led innovation process.

    4.2 Assign roles and responsibilities.

    4.3 Generate an action plan to roll out the process.

    4.4 Determine critical process metrics to track.

    4.5 Identify innovation drivers, enablers, and barriers.

    4.6 Develop a program to nurture a culture of innovation.

    4.7 Create an action plan to jumpstart each of your program components.

    4.8 Determine critical metrics to track.

    4.9 Summarize findings and gather feedback.

    Outputs

    A process for IT-led innovation.

    Defined process roles and responsibilities.

    An action plan for operationalizing the process.

    Critical process metrics to measure success.

    A list of innovation drivers, enablers, and barriers.

    A program for innovation that will leverage enablers and minimize barriers.

    An action plan to roll out your innovation program.

    Critical program metrics to track.

    Overview of workshop results and feedback.

    The Small Enterprise Guide to People and Resource Management

    • Buy Link or Shortcode: {j2store}602|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Train & Develop
    • Parent Category Link: /train-and-develop
    • 52% of small business owners agree that labor quality is their most important problem, and 76% of executives expect the talent market to get even more challenging.
    • The problem? You can't compete on salary, training budgets are slim, you need people skilled in all areas, and even one resignation represents a large part of your workforce.

    Our Advice

    Critical Insight

    • The usual, reactive approach to workforce management is risky:
      • Optimizing tactics helps you hire faster, train more, and negotiate better contracts.
      • But fulfilling needs as they arise costs more, has greater risk of failure, and leaves you unprepared for future needs.
    • In a small enterprise where every resource counts, in which one hire represents 10% of your workforce, it is essential to get it right.

    Impact and Result

    • Workforce planning helps you anticipate future needs.
    • More lead time means better decisions at lower cost.
    • Small Enterprises benefit most, since every resource counts.

    The Small Enterprise Guide to People and Resource Management Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. The Small Enterprise Guide to People and Resource Management Deck – Find out why workforce planning is critical for small enterprises.

    Use this storyboard to lay the foundation of people and resources management practices in your small enterprise IT department.

    • The Small Enterprise Guide to People and Resource Management – Phases 1-3

    2. Workforce Planning Workbook – Use the tool to successfully complete all of the activities required to define and estimate your workforce needs for the future.

    Use these concise exercises to analyze your department’s talent current and future needs and create a skill sourcing strategy to fill the gaps.

    • Workforce Planning Workbook for Small Enterprises

    3. Knowledge Transfer Tools – Use these templates to identify knowledge to be transferred.

    Work through an activity to discover key knowledge held by an employee and create a plan to transfer that knowledge to a successor.

    • IT Knowledge Identification Interview Guide Template
    • IT Knowledge Transfer Plan Template

    4. Development Planning Tools – Use these tools to determine priority development competencies.

    Assess employees’ development needs and draft a development plan that fits with key organizational priorities.

    • IT Competency Library
    • Leadership Competencies Workbook
    • IT Employee Career Development Workbook
    • Individual Competency Development Plan
    • Learning Methods Catalog for IT Employees

    Infographic

    Workshop: The Small Enterprise Guide to People and Resource Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Lay Your Foundations

    The Purpose

    Set project direction and analyze workforce needs.

    Key Benefits Achieved

    Planful needs analysis ensures future workforce supports organizational goals.

    Activities

    1.1 Set workforce planning goals and success metrics.

    1.2 Identify key roles and competency gaps.

    1.3 Conduct a risk analysis to identify future needs.

    1.4 Determine readiness of internal successors.

    Outputs

    Work with the leadership team to:

    Extract key business priorities.

    Set your goals.

    Assess workforce needs.

    2 Create Your Workforce Plan

    The Purpose

    Conduct a skill sourcing analysis, and determine competencies to develop internally.

    Key Benefits Achieved

    A careful analysis ensures skills are being sourced in the most efficient way, and internal development is highly aligned with organizational objectives.

    Activities

    2.1 Determine your skill sourcing route.

    2.2 Determine priority competencies for development.

    Outputs

    Create a workforce plan.

    2.Determine guidelines for employee development.

    3 Plan Knowledge Transfer

    The Purpose

    Discover knowledge to be transferred, and build a transfer plan.

    Key Benefits Achieved

    Ensure key knowledge is not lost in the event of a departure.

    Activities

    3.1 Discover knowledge to be transferred.

    3.2 Identify the optimal knowledge transfer methods.

    3.3 Create a knowledge transfer plan.

    Outputs

    Discover tacit and explicit knowledge.

    Create a knowledge transfer roadmap.

    4 Plan Employee Development

    The Purpose

    Create a development plan for all staff.

    Key Benefits Achieved

    A well-structured development plan helps engage and retain employees while driving organizational objectives.

    Activities

    4.1 Identify target competencies & draft development goals

    4.2 Select development activities and schedule check-ins.

    4.3 Build manager coaching skills.

    Outputs

    Assess employees.

    Prioritize development objectives.

    Plan development activities.

    Build management skills.

    Further reading

    The Small Enterprise Guide to People and Resource Management

    Quickly start getting the right people, with the right skills, at the right time

    Is this research right for you?

    Research Navigation

    Managing the people in your department is essential, whether you have three employees or 300. Depending on your available time, resources, and current workforce management maturity, you may choose to focus on the overall essentials, or dive deep into particular areas of talent management. Use the questions below to help guide you to the right Info-Tech resources that best align with your current needs.

    Question If you answered "no" If you answered "yes"

    Does your IT department have fewer than 15 employees, and is your organization's revenue less than $25 million (USD)?

    Review Info-Tech's archive of research for mid-sized and large enterprise clients.

    Follow the guidance in this blueprint.

    Does your organization require a more rigorous and customizable approach to workforce management?

    Follow the guidance in this blueprint.

    Review Info-Tech's archive of research for mid-sized and large enterprise clients.

    Analyst Perspective

    Workforce planning is even more important for small enterprises than large organizations.

    It can be tempting to think of workforce planning as a bureaucratic exercise reserved for the largest and most formal of organizations. But workforce planning is never more important than in small enterprises, where every individual accounts for a significant portion of your overall productivity.

    Without workforce planning, organizations find themselves in reactive mode, hiring new staff as the need arises. They often pay a premium for having to fill a position quickly or suffer productivity losses when a critical role goes unexpectedly vacant.

    A workforce plan helps you anticipate these challenges, come up with solutions to mitigate them, and allocate resources for the most impact, which means a greater return on your workforce investment in the long run.

    This blueprint will help you accomplish this quickly and efficiently. It will also provide you with the essential development and knowledge transfer tools to put your plan into action.

    This is a picture of Jane Kouptsova

    Jane Kouptsova
    Senior Research Analyst, CIO Advisory
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    52% of small business owners agree that labor quality is their most important problem.1

    Almost half of all small businesses face difficulty due to staff turnover.

    76% of executives expect the talent market to get even more challenging.2

    Common Obstacles

    76% of executives expect workforce planning to become a top strategic priority for their organization.2

    But…

    30% of small businesses do not have a formal HR function.3

    Small business leaders are often left at a disadvantage for hiring and retaining the best talent, and they face even more difficulty due to a lack of support from HR.

    Small enterprises must solve the strategic workforce planning problem, but they cannot invest the same time or resources that large enterprises have at their disposal.

    Info-Tech's Approach

    A modular, lightweight approach to workforce planning and talent management, tailored to small enterprises

    Clear activities that guide your team to decisive action

    Founded on your IT strategy, ensuring you have not just good people, but the right people

    Concise yet comprehensive, covering the entire workforce lifecycle from competency planning to development to succession planning and reskilling

    Info-Tech Insight

    Every resource counts. When one hire represents 10% of your workforce, it is essential to get it right.

    1CNBC & SurveyMonkey. 2ADP. 3Clutch.

    Labor quality is small enterprise's biggest challenge

    The key to solving it is strategic workforce planning

    Strategic workforce planning (SWP) is a systematic process designed to identify and address gaps in today's workforce, including pinpointing the human capital needs of the future.

    Linking workforce planning with strategic planning ensures that you have the right people in the right positions, in the right places, at the right time, with the knowledge, skills, and attributes to deliver on strategic business goals.

    SWP helps you understand the makeup of your current workforce and how well prepared it is or isn't (as the case may be) to meet future IT requirements. By identifying capability gaps early, CIOs can prepare to train or develop current staff and minimize the need for severance payouts and hiring costs, while providing clear career paths to retain high performers.

    52%

    of small business owners agree that labor quality is their most important problem.1

    30%

    30% of small businesses have no formal HR function.2

    76%

    of senior leaders expect workforce planning to become the top strategic challenge for their organization.3

    1CNBC & SurveyMonkey. 2Clutch. 3ADP.

    Workforce planning matters more for small enterprises

    You know that staffing mistakes can cost your department dearly. But did you know the costs are greater for small enterprises?

    The price of losing an individual goes beyond the cost of hiring a replacement, which can range from 0.5 to 2 times that employee's salary (Gallup, 2019). Additional costs include loss of productivity, business knowledge, and team morale.

    This is a major challenge for large organizations, but the threat is even greater for small enterprises, where a single individual accounts for a large proportion of IT's productivity. Losing one of a team of 10 means 10% of your total output. If that individual was solely responsible for a critical function, your department now faces a significant gap in its capabilities. And the effect on morale is much greater when everyone is on the same close-knit team.

    And the threat continues when the staffing error causes you not to lose a valuable employee, but to hire the wrong one instead. When a single individual makes up a large percentage of your workforce, as happens on small teams, the effects of talent management errors are magnified.

    A group of 100 triangles is shown above a group of 10 triangles. In each group, one triangle is colored orange, and the rest are colored blue.

    Info-Tech Insight

    One bad hire on a team of 100 is a problem. One bad hire on a team of 10 is a disaster.

    This is an image of Info-Tech's small enterprise guide o people and resource management.

    Blueprint pre-step: Determine your starting point

    People and Resource management is essential for any organization. But depending on your needs, you may want to start at different stages of the process. Use this slide as a quick reference for how the activities in this blueprint fit together, how they relate to other workforce management resources, and the best starting point for you.

    Your IT strategy is an essential input to your workforce plan. It defines your destination, while your workforce is the vessel that carries you there. Ensure you have at least an informal strategy for your department before making major workforce changes, or review Info-Tech's guidance on IT strategy.

    This blueprint covers the parts of workforce management that occur to some extent in every organization:

    • Workforce planning
    • Knowledge transfer
    • Development planning

    You may additionally want to seek guidance on contract and vendor management, if you outsource some part of your workload outside your core IT staff.

    Track metrics

    Consider these example metrics for tracking people and resource management success

    Project Outcome Metric Baseline Target
    Reduced training costs Average cost of training (including facilitation, materials, facilities, equipment, etc.) per IT employee
    Reduced number of overtime hours worked Average hours billed at overtime rate per IT employee
    Reduced length of hiring period Average number of days between job ad posting and new hire start date
    Reduced number of project cancellations due to lack of capacity Total of number of projects cancelled per year
    Increased number of projects completed per year (project throughput) Total number of project completions per year
    Greater net recruitment rate Number of new recruits/Number of terminations and departures
    Reduced turnover and replacement costs Total costs associated with replacing an employee, including position coverage cost, training costs, and productivity loss
    Reduced voluntary turnover rate Number of voluntary departures/Total number of employees
    Reduced productivity loss following a departure or termination Team or role performance metrics (varies by role) vs. one year ago

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1:

    Scope requirements, objectives, and your specific challenges.

    Call #2: Assess current workforce needs.

    Call #4: Determine skill sourcing route.

    Call #6:

    Identify knowledge to be transferred.

    Call #8: Draft development goals and select activities.

    Call #3: Explore internal successor readiness.

    Call #5:Set priority development competencies.

    Call #7: Create a knowledge transfer plan.

    Call #9: Build managers' coaching & feedback skills.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 4 to 6 calls over the course of 3 to 4 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    1.Lay Your Foundations 2. Create Your Workforce Plan 3. Plan Knowledge Transfer 3. Plan Employee Development Next Steps and Wrap-Up (offsite)
    Activities

    1.1 Set workforce planning goals and success metrics

    1.2 Identify key roles and competency gaps

    1.3 Conduct a risk analysis to identify future needs

    1.4 Determine readiness of internal successors

    1.5 Determine your skill sourcing route

    1.6 Determine priority competencies for development

    3.1 Discover knowledge to be transferred

    3.2 Identify the optimal knowledge transfer methods

    3.3 Create a knowledge transfer plan

    4.1 Identify target competencies & draft development goals

    4.2 Select development activities and schedule check-ins

    4.3 Build manager coaching skills

    Outcomes

    Work with the leadership team to:

    1. Extract key business priorities
    2. Set your goals
    3. Assess workforce needs

    Work with the leadership team to:

    1. Create a workforce plan
    2. Determine guidelines for employee development

    Work with staff and managers to:

    1. Discover tacit and explicit knowledge
    2. Create a knowledge transfer roadmap

    Work with staff and managers to:

    1. Assess employees
    2. Prioritize development objectives
    3. Plan development activities
    4. Build management skills

    Info-Tech analysts complete:

    1. Workshop report
    2. Workforce plan record
    3. Action plan

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Each onsite day is structured with group working sessions from 9-11 a.m. and 1:30-3:30 p.m. and includes Open Analyst Timeslots, where our facilitators are available to expand on scheduled activities, capture and compile workshop results, or review additional components from our comprehensive approach.

    This is a calendar showing days 1-4, and times from 8am-5pm

    Phase 1

    Workforce Planning

    Workforce Planning

    Knowledge Transfer

    Development Planning

    Identify needs, goals, metrics, and skill gaps.

    Select a skill sourcing strategy.

    Discover critical knowledge.

    Select knowledge transfer methods.

    Identify priority competencies.

    Assess employees.

    Draft development goals.

    Provide coaching & feedback.

    The Small Enterprise Guide to People and Resource Management

    Phase Participants

    • Leadership team
    • Managers
    • Human resource partner (if applicable)

    Additional Resources

    Workforce Planning Workbook for Small Enterprises

    Phase pre-step: Gather resources and participants

    1. Ensure you have an up-to-date IT strategy. If you don't have a formal strategy in place, ensure you are aware of the main organizational objectives for the next 3-5 years. Connect with executive stakeholders if necessary to confirm this information.
      If you are not sure of the organizational direction for this time frame, we recommend you consult Info-Tech's material on IT strategy first, to ensure your workforce plan is fully positioned to deliver value to the organization.
    2. Consult with your IT team and gather any documentation pertaining to current roles and skills. Examples include an org chart, job descriptions, a list of current tasks performed/required, a list of company competencies, and a list of outsourced projects.
    3. Gather the right participants. Most of the decisions in this section will be made by senior leadership, but you will also need input from front-line managers. Ensure they are available on an as-needed basis. If your organization has an HR partner, it can also be helpful to involve them in your workforce planning process.

    Formal workforce planning benefits even small teams

    Strategic workforce planning (SWP) is a systematic process designed to identify and address gaps in your workforce today and plan for the human capital needs of the future.

    Your workforce plan is an extension of your IT strategy, ensuring that you have the right people in the right positions, in the right places, at the right time, with the knowledge, skills, and attributes to deliver on strategic business goals.

    SWP helps you understand the makeup of your current workforce and how well prepared it is or isn't (as the case may be) to meet future IT requirements. By identifying capability gaps early, CIOs can prepare to train or develop current staff and minimize the need for severance payouts and hiring costs, while providing clear career paths to retain high performers.

    The smaller the business, the more impact each individual's performance has on the overall success of the organization. When a given role is occupied by a single individual, the organization's performance in that function is determined wholly by one employee. Creating a workforce plan for a small team may seem excessive, but it ensures your organization is not unexpectedly hit with a critical competency gap.

    Right-size your workforce planning process to the size of your enterprise

    Small organizations are 2.2 times more likely to have effective workforce planning processes.1 Be mindful of the opportunities and risks for organizations of your size as you execute the project. How you build your workforce plan will not change drastically based on the size of your organization; however, the scope of your initiative, the size of your team, and the tactics you employ may vary.

    Small Organization

    Medium Organization

    Large Organization

    Project Opportunities

    • Project scope is much more manageable.
    • Communication and planning can be more manageable.
    • Fewer roles can clarify prioritization needs and promotability.
    • Project scope is more manageable.
    • Moderate budget for workforce planning initiatives is needed.
    • Communication and enforcement is easier.
    • Larger candidate pool to pull from.
    • Greater career path options for staff.
    • In-house expertise may be available

    Project Risks

    • Limited resources and time to execute the project.
    • In-house expertise is unlikely.
    • Competencies may be informal and not documented.
    • Limited overlap in responsibilities, resulting in fewer redundancies.
    • Limited staff with experience for the project.
    • Workforce planning may be a lower priority and difficult to generate buy-in for.
    • Requires more staff to manage workforce plan and execute initiatives.
    • Less collective knowledge on staff strengths may make career planning difficult.
    • Geographically dispersed business units make collaboration and communication difficult.

    1 McLean & Company Trends Report 2014

    1.1 Set project outcomes and success metrics

    1-3 hours

    1. As a group, brainstorm key pain points that the IT department experiences due to the lack of a workforce plan. Ask them to consider turnover, retention, training, and talent acquisition.
    2. Discuss any key themes that arise and brainstorm your desired project outcomes. Keep a record of these for future reference and to aid in stakeholder communication.
    3. Break into smaller groups (or if too small, continue as a single group):
      1. For each desired outcome, consider what metrics you could use to track progress. Keep your initial list of pain points in mind as you brainstorm metrics.
      2. Write each of the metric suggestions on a whiteboard and agree to track 3-5 metrics. Set targets for each metric. Consider the effort required to obtain and track the metric, as well as its reliability.
      3. Assign one individual for tracking the selected metrics. Following the meeting, that individual will be responsible for identifying the baseline and targets, and reporting on metrics progress.

    Input

    Output

    • List of workforce data available
    • List of workforce metrics to track the workforce plan's impact

    Materials

    Participants

    • Whiteboard/flip charts
    • Leadership team
    • Human resource partner (if applicable)

    1.2 Identify key roles and competency gaps

    1-3 hours

    1. As a group, identify all strategic, core, and supporting roles by reviewing the organizational chart:
      1. Strategic: What are the roles that must be filled by top performers and cannot be left vacant in order to meet strategic objectives?
      2. Core: What roles are important to drive operational excellence?
      3. Supporting: What roles are required for day-to-day work, but are low risk if the role is vacant for a period of time?
    2. Working individually or in small groups, have managers for each identified role define the level of competence required for the job. Consider factors such as:
      1. The difficulty or criticality of the tasks being performed
      2. The impact on job outcomes
      3. The impact on the performance of other employees
      4. The consequence of errors if the competency is not present
      5. How frequently the competency is used on the job
      6. Whether the competency is required when the job starts or can be learned or acquired on the job within the first six months
    3. Continue working individually and rate the level of proficiency of the current incumbent.
    4. As a group, review the assessment and make any adjustments.

    Record this information in the Workforce Planning Workbook for Small Enterprises.

    Download the Workforce Planning Workbook for Small Enterprises

    1.2 Identify key roles and competency gaps

    Input Output
    • Org chart, job descriptions, list of current tasks performed/required, list of company competencies
    • List of competency gaps for key roles
    Materials Participants
    • Leadership team
    • Managers

    Conduct a risk-of-departure analysis

    A risk-of-departure analysis helps you plan for future talent needs by identifying which employees are most likely to leave the organization (or their current role).

    A risk analysis takes into account two factors: an employee's risk for departure and the impact of departure:

    Employees are high risk for departure if they:

    • Have specialized or in-demand skills (tenured employees are more likely to have this than recent hires)
    • Are nearing retirement
    • Have expressed career aspirations that extend outside your organization
    • Have hit a career development ceiling at your organization
    • Are disengaged
    • Are actively job searching
    • Are facing performance issues or dismissal OR promotion into a new role

    Employees are low risk for departure if they:

    • Are a new hire or new to their role
    • Are highly engaged
    • Have high potential
    • Are 5-10 years out from retirement

    If you are not sure where an employee stands with respect to leaving the organization, consider having a development conversation with them. In the meantime, consider them at medium risk for departure.

    To estimate the impact of departure, consider:

    • The effect of losing the employee in the near- and medium-term, including:
      • Impact on the organization, department, unit/team and projects
      • The cost (in time, resources, and productivity loss) to replace the individual
      • The readiness of internal successors for the role

    1.3 Conduct a risk analysis to identify future needs

    1-3 hours

    Preparation: Your estimation of whether key employees are at risk of leaving the organization will depend on what you know of them objectively (skills, age), as well as what you learn from development conversations. Ensure you collect all relevant information prior to conducting this activity. You may need to speak with employees' direct managers beforehand or include them in the discussion.

    • As a group, list all your current employees, and using the previous slide for guidance, rank them on two parameters: risk of departure and impact of departure, on a scale of low to high. Record your conclusions in a chart like the one on the right. (For a more in-depth risk assessment, use the "Risk Assessment Results" tab of the Key Roles Succession Planning Tool.)
    • Employees that fall in the "Mitigate" quadrant represent key at-risk roles with at least moderate risk and moderate impact. These are your succession planning priorities. Add these roles to your list of key roles and competency gaps, and include them in your workforce planning analysis.
    • Employees that fall in the "Manage" quadrants represent secondary priorities, which should be looked at if there is capacity after considering the "Mitigate" roles.

    Record this information in the Workforce Planning Workbook for Small Enterprises.

    This is an image of the Risk analysis for risk of departure to importance of departure.

    Info-Tech Insight

    Don't be afraid to rank most or all your staff as "high impact of departure." In a small enterprise, every player counts, and you must plan accordingly.

    1.3 Conduct a risk analysis to identify future needs

    Input Output
    • Employee data on competencies, skills, certifications, and performance. Input from managers from informal development conversations.
    • A list of first- and second-priority at-risk roles to carry forward into a succession planning analysis
    Materials Participants
    • Leadership team
    • Managers

    Determine your skill sourcing route

    The characteristics of need steer hiring managers to a preferred choice, while the marketplace analysis will tell you the feasibility of each option.

    Sourcing Options

    Preferred Options

    Final Choice

    four blue circles

    A right facing arrow

    Two blue circles A right facing arrow One blue circle
    State of the Marketplace

    State of the Marketplace

    Urgency: How soon do we need this skill? What is the required time-to-value?

    Criticality: How critical, i.e. core to business goals, are the services or systems that this skill will support?

    Novelty: Is this skill brand new to our workforce?

    Availability: How often, and at what hours, will the skill be needed?

    Durability: For how long will this skill be needed? Just once, or indefinitely for regular operations?

    Scarcity: How popular or desirable is this skill? Do we have a large enough talent pool to draw from? What competition are we facing for top talent?

    Cost: How much will it cost to hire vs. contract vs. outsource vs. train this skill?

    Preparedness: Do we have internal resources available to cultivate this skill in house?

    1.4 Determine your skill sourcing route

    1-3 hours

    1. Identify the preferred sourcing method as a group, starting with the most critical or urgent skill need on your list. Use the characteristics of need to guide your discussion. If more than one option seems adequate, carry several over to the next step.
    2. Consider the marketplace factors applicable to the skill in question and use these to narrow down to one final sourcing decision.
      1. If it is not clear whether a suitable internal candidate is available or ready, refer to the next activity for a readiness assessment.
    3. Be sure to document the rationale supporting your decision. This will ensure the decision can be clearly communicated to any stakeholders, and that you can review on your decision-making process down the line.

    Record this information in the Workforce Planning Workbook for Small Enterprises.

    Info-Tech Insight

    Consider developing a pool of successors instead of pinning your hopes on just one person. A single pool of successors can be developed for either one key role that has specialized requirements or even multiple key roles that have generic requirements.

    Input

    Output

    • List of current and upcoming skill gaps
    • A sourcing decision for each skill

    Materials

    Participants

    • Leadership team
    • Human resource partner (if applicable)

    1.5 Determine readiness of internal successors

    1-3 hours

    1. As a group, and ensuring you include the candidates' direct managers, identify potential successors for the first role on your list.
    2. Ask how effectively the potential successor would serve in the role today. Review the competencies for the key role in terms of:
      1. Relationship-building skills
      2. Business skills
      3. Technical skills
      4. Industry-specific skills or knowledge
    3. Determine what competencies the succession candidate currently has and what must be learned. Be sure you know whether the candidate is open to a career change. Don't assume – if this is not clear, have a development conversation to ensure everyone is on the same page.
    4. Finally, determine how difficult it will be for the successor to acquire missing skills or knowledge, whether the resources are available to provide the required development, and how long it will take to provide it.
    5. As a group, decide whether training an internal successor is a viable option for the role in question, considering the successor's readiness and the characteristics of need for the role. If a clear successor is not readily apparent, consider:
      1. If the development of the successor can be fast-tracked, or if some requirements can be deprioritized and the successor provided with temporary support from other employees.
      2. If the role in question is being discussed because the current incumbent is preparing to leave, consider negotiating an arrangement that extends the incumbent's employment tenure.
    6. Record the decision and repeat for the next role on your list.

    Info-Tech Insight

    A readiness assessment helps to define not just development needs, but also any risks around the organization's ability to fill a key role.

    Input

    Output

    • List of roles for which you are considering training internally
    • Job descriptions and competency requirements for the roles
    • List of roles for which internal successors are a viable option

    Materials

    Participants

    • Leadership team
    • Candidates' direct managers, if applicable

    Use alternative work arrangements to gain time to prepare successors

    Alternative work arrangements are critical tools that employers can use to achieve a mutually beneficial solution that mitigates the risk of loss associated with key roles.

    Alternative work arrangements not only support employees who want to keep working, but more importantly, they allow the business to retain employees that are needed in key roles who are departure risks due to retirement.

    Viewing retirement as a gradual process can help you slow down skill loss in your organization and ensure you have sufficient time to train successors. Retiring workers are becoming increasingly open to alternative work arrangements. Among employed workers aged 50-75, more than half planned to continue working part-time after retirement.
    Source: Statistics Canada.

    Flexible work options are the most used form of alternative work arrangement

    A bar graph showing the percent of organizations who implemented alternate work arrangement, for Flexible work options; Contract based work; Part time roles; Graduated retirement programs; Part year jobs or job sharing; Increased PTO for employees over a certain age.

    Source: McLean & Company, N=44

    Choose the alternative work arrangement that works best for you and the employee

    Alternative Work Arrangement Description Ideal Use Caveats
    Flexible work options Employees work the same number of hours but have flexibility in when and where they work (e.g. from home, evenings). Employees who work fairly independently with no or few direct reports. Employee may become isolated or disconnected, impeding knowledge transfer methods that require interaction or one-on-one time.
    Contract-based work Working for a defined period of time on a specific project on a non-salaried or non-wage basis. Project-oriented work that requires specialized knowledge or skills. Available work may be sporadic or specific projects more intensive than the employee wants. Knowledge transfer must be built into the contractual arrangement.
    Part-time roles Half days or a certain number of days per week; indefinite with no end date in mind. Employees whose roles can be readily narrowed and upon whom people and critical processes are not dependent. It may be difficult to break a traditionally full-time job down into a part-time role given the size and nature of associated tasks.
    Graduated retirement Retiring employee has a set retirement date, gradually reducing hours worked per week over time. Roles where a successor has been identified and is available to work alongside the incumbent in an overlapping capacity while he or she learns. The role may only require a single FTE, and the organization may not be able to afford the amount of redundancy inherent in this arrangement.

    Choose the alternative work arrangement that works best for you and the employee

    Alternative Work Arrangement Description Ideal Use Caveats
    Part-year jobs or job sharing Working part of the year and having the rest of the year off, unpaid. Project-oriented work where ongoing external relationships do not need to be maintained. The employee is unavailable for knowledge transfer activities for a large portion of the year. Another risk is that the employee may opt not to return at the end of the extended time off with little notice.
    Increased paid time off Additional vacation days upon reaching a certain age. Best used as recognition or reward for long-term service. This may be a particularly useful retention incentive in organizations that do not offer pension plans. The company may not be able to financially afford to pay for such extensive time off. If the role incumbent is the only one in the role, this may mean crucial work is not being done.
    Altered roles Concentration of a job description on fewer tasks that allows the employee to focus on his or her specific expertise. Roles where a successor has been identified and is available to work alongside the incumbent, with the incumbent's new role highly focused on mentoring. The role may only require a single FTE, and the organization may not be able to afford the amount of redundancy inherent in this arrangement.

    Phase 2

    Knowledge Transfer

    Workforce Planning

    Knowledge Transfer

    Development Planning

    Identify needs, goals, metrics, and skill gaps.

    Select a skill sourcing strategy.

    Discover critical knowledge.

    Select knowledge transfer methods.

    Identify priority competencies.

    Assess employees.

    Draft development goals.

    Provide coaching & feedback.

    The Small Enterprise Guide to People and Resource Management

    Phase Participants

    • Leadership/management team
    • Incumbent & successor

    Additional Resources

    IT Knowledge Identification Interview Guide Template

    Knowledge Transfer Plan Template

    Determine your skill sourcing route

    Knowledge transfer plans have three key components that you need to complete for each knowledge source:

    Define what knowledge needs to be transferred

    Each knowledge source has unique information which needs to be transferred. Chances are you don't know what you don't know. The first step is therefore to interview knowledge sources to find out.

    Identify the knowledge receiver

    Depending on who the information is going to, the knowledge transfer tactic you employ will differ. Before deciding on the knowledge receiver and tactic, consider three key factors:

    • How will this knowledge be used in the future?
    • What is the next career step for the knowledge receiver?
    • Are the receiver and the source going to be in the same location?

    Identify which knowledge transfer tactics you will use for each knowledge asset

    Not all tactics are good in every situation. Always keep the "knowledge type" (information, process, skills, and expertise), knowledge sources' engagement level, and the knowledge receiver in mind as you select tactics.

    Don't miss tacit knowledge

    There are two basic types of knowledge: "explicit" and "tacit." Ensure you capture both to get a well-rounded overview of the role.

    Explicit Tacit
    • "What knowledge" – knowledge can be articulated, codified, and easily communicated.
    • Easily explained and captured – documents, memos, speeches, books, manuals, process diagrams, facts, etc.
    • Learn through reading or being told.
    • "How knowledge" – intangible knowledge from an individual's experience that is more from the process of learning, understanding, and applying information (insights, judgments, and intuition).
    • Hard to verbalize, and difficult to capture and quantify.
    • Learn through observation, imitation, and practice.

    Types of explicit knowledge

    Types of tacit knowledge

    Information Process Skills Expertise

    Specialized technical knowledge.

    Unique design capabilities/methods/models.

    Legacy systems, details, passwords.

    Special formulas/algorithms/ techniques/contacts.

    • Specialized research & development processes.
    • Proprietary production processes.
    • Decision-making processes.
    • Legacy systems.
    • Variations from documented processes.
    • Techniques for executing on processes.
    • Relationship management.
    • Competencies built through deliberate practice enabling someone to act effectively.
    • Company history and values.
    • Relationships with key stakeholders.
    • Tips and tricks.
    • Competitor history and differentiators.

    e.g. Knowing the lyrics to a song, building a bike, knowing the alphabet, watching a YouTube video on karate.

    e.g. Playing the piano, riding a bike, reading or speaking a language, earning a black belt in karate.

    Embed your knowledge transfer methods into day-to-day practice

    Multiple methods should be used to transfer as much of a person's knowledge as possible, and mentoring should always be one of them. Select your method according to the following criteria:

    Info-Tech Insight

    The more integrated knowledge transfer is in day-to-day activities, the more likely it is to be successful, and the lower the time cost. This is because real learning is happening at the same time real work is being accomplished.

    Type of Knowledge

    • Tacit knowledge transfer methods are often informal and interactive:
      • Mentoring
      • Multi-generational work teams
      • Networks and communities
      • Job shadowing
    • Explicit knowledge transfer methods tend to be more formal and one way:
      • Formal documentation of processes and best practices
      • Self-published knowledge bases
      • Formal training sessions
      • Formal interviews

    Incumbent's Preference/Successor's Preference

    Ensure you consult the employees, and their direct manager, on the way they are best prepared to teach and learn. Some examples of preferences include:

    1. Prefer traditional classroom learning, augmented with participation, critical reflection, and feedback.
    2. May get bored during formal training sessions and retain more during job shadowing.
    3. Prefer to be self-directed or self-paced, and highly receptive to e-learning and media.
    4. Prefer informal, incidental learning, tend to go immediately to technology or direct access to people. May have a short attention span and be motivated by instant results.
    5. May be uncomfortable with blogs and wikis, but comfortable with SharePoint.

    Cost

    Consider costs beyond the monetary. Some methods require an investment in time (e.g. mentoring), while others require an investment in technology (e.g. knowledge bases).

    The good news is that many supporting technologies may already exist in your organization or can be acquired for free.

    Methods that cost time may be difficult to get underway since employees may feel they don't have the time or must change the way they work.

    2.1 Create a knowledge transfer plan

    1-3 hours

    1. Working together with the current incumbent, brainstorm the key information pertaining to the role that you want to pass on to the successor. Use the IT Knowledge Identification Interview Guide Template to ensure you don't miss anything.
      • Consider key knowledge areas, including:
        • Specialized technical knowledge.
        • Specialized research and development processes.
        • Unique design capabilities/methods/models.
        • Special formulas/algorithms/techniques.
        • Proprietary production processes.
        • Decision-making criteria.
        • Innovative sales methods.
        • Knowledge about key customers.
        • Relationships with key stakeholders.
        • Company history and values.
      • Ask questions of both sources and receivers of knowledge to help determine the best knowledge transfer methods to use.
        • What is the nature of the knowledge? Explicit or tacit?
        • Why is it important to transfer?
        • How will the knowledge be used?
        • What knowledge is critical for success?
        • How will the users find and access it?
        • How will it be maintained and remain relevant and usable?
        • What are the existing knowledge pathways or networks connecting sources to recipients?
    2. Once the knowledge has been identified, use the information on the following slides to decide on the most appropriate methods. Be sure to consult the incumbent and successor on their preferences.
    3. Prioritize your list of knowledge transfer activities. It's important not to try to do too much too quickly. Focus on some quick wins and leverage the success of these initiatives to drive the project forward. Follow these steps as a guide:
      1. Take an inventory of all the tactics and techniques which you plan to employ. Eliminate redundancies where possible.
      2. Start your implementation with your highest risk role or knowledge item, using explicit knowledge transfer tactics. Interviews, use cases, and process mapping will give you some quick wins and will help gain momentum for the project.
      3. Then move forward to other tactics, the majority of which will require training and process design. Pick 1-2 other key tactics you would like to employ and build those out. For tactics that require resources or monetary investment, start with those that can be reused for multiple roles.

    Record your plan in the IT Knowledge Transfer Plan Template.

    Download the IT Knowledge Identification Interview Guide Template

    Download the Knowledge Transfer Plan Template

    Info-Tech Insight

    Wherever possible, ask employees about their personal learning styles. It's likely that a collaborative compromise will have to be struck for knowledge transfer to work well.

    2.1 Create a knowledge transfer plan

    Input

    Output

    • List of roles for which you need to transfer knowledge
    • Prioritized list of knowledge items and chosen transfer method

    Materials

    Participants

    • Leadership team
    • Incumbent
    • Successor

    Not every transfer method is effective for every type of knowledge

    Knowledge Type
    Tactic Explicit Tacit
    Information Process Skills Expertise
    Interviews Very Strong Strong Strong Strong
    Process Mapping Medium Very Strong Very Weak Very Weak
    Use Cases Medium Very Strong Very Weak Very Weak
    Job Shadow Very Weak Medium Very Strong Very Strong
    Peer Assist Strong Medium Very Strong Very Strong
    Action Review Medium Medium Strong Strong
    Mentoring Weak Weak Strong Very Strong
    Transition Workshop Strong Strong Strong Weak
    Storytelling Weak Weak Strong Very Strong
    Job Share Weak Weak Very Strong Very Strong
    Communities of Practice Strong Weak Very Strong Very Strong

    This table shows the relative strengths and weaknesses of each knowledge transfer tactic compared against four different knowledge types.

    Not all techniques are effective for all types of knowledge; it is important to use a healthy mixture of techniques to optimize effectiveness.

    Employees' engagement can impact knowledge transfer effectiveness

    Level of Engagement
    Tactic Disengaged/ Indifferent Almost Engaged - Engaged
    Interviews Yes Yes
    Process Mapping Yes Yes
    Use Cases Yes Yes
    Job Shadow No Yes
    Peer Assist Yes Yes
    Action Review Yes Yes
    Mentoring No Yes
    Transition Workshop Yes Yes
    Storytelling No Yes
    Job Share Maybe Yes
    Communities of Practice Maybe Yes

    When considering which tactics to employ, it's important to consider the knowledge holder's level of engagement. Employees who you would identify as being disengaged may not make good candidates for job shadowing, mentoring, or other tactics where they are required to do additional work or are asked to influence others.

    Knowledge transfer can be controversial for all employees as it can cause feelings of job insecurity. It's essential that motivations for knowledge transfer are communicated effectively.

    Pay particular attention to your communication style with disengaged and indifferent employees, communicate frequently, and tie communication back to what's in it for them.

    Putting disengaged employees in a position where they are mentoring others can be a risk, as their negativity could influence others not to participate, or it could negate the work you're doing to create a positive knowledge sharing culture.

    Employees' engagement can impact knowledge transfer effectiveness

    Effort by Stakeholder

    Tactic

    Business Analyst

    IT Manager

    Knowledge Holder

    Knowledge Receiver

    Interviews

    These tactics require the least amount of effort, especially for organizations that are already using these tactics for a traditional requirements gathering process.

    Medium

    N/A

    Low

    Low

    Process Mapping

    Medium

    N/A

    Low

    Low

    Use Cases

    Medium

    N/A

    Low

    Low

    Job Shadow

    Medium

    Medium

    Medium

    Medium

    Peer Assist

    Medium

    Medium

    Medium

    Medium

    Action Review

    These tactics generally require more involvement from IT management and the BA in tandem for preparation. They will also require ongoing effort for all stakeholders. It's important to gain stakeholder buy-in as it is key for success.

    Low

    Medium

    Medium

    Low

    Mentoring

    Medium

    High

    High

    Medium

    Transition Workshop

    Medium

    Low

    Medium

    Low

    Storytelling

    Medium

    Medium

    Low

    Low

    Job Share

    Medium

    High

    Medium

    Medium

    Communities of Practice

    High

    Medium

    Medium

    Medium

    Phase 3

    Development Planning

    Workforce Planning

    Knowledge Transfer

    Development Planning

    Identify needs, goals, metrics, and skill gaps.

    Select a skill sourcing strategy.

    Discover critical knowledge.

    Select knowledge transfer methods.

    Identify priority competencies.

    Assess employees.

    Draft development goals.

    Provide coaching & feedback.

    The Small Enterprise Guide to People and Resource Management

    Phase Participants

    • Leadership team
    • Managers
    • Employees

    Additional Resources

    Effective development planning hinges on robust performance management

    Your performance management framework is rooted in organizational goals and defines what it means to do any given role well.

    Your organization's priority competencies are the knowledge, skills and attributes that enable an employee to do the job well.

    Each individual's development goals are then aimed at building these priority competencies.

    Mission Statement

    To be the world's leading manufacturer and distributor of widgets.

    Business Goal

    To increase annual revenue by 10%.

    IT Department Objective

    To ensure reliable communications infrastructure and efficient support for our sales and development teams.

    Individual Role Objective

    To decrease time to resolution of support requests by 10% while maintaining quality.

    Info-Tech Insight

    Without a performance management framework, your employees cannot align their development with the organization's goals. For detailed guidance, see Info-Tech's blueprint Setting Meaningful Employee Performance Measures.

    What is a competency?

    The term "competency" refers to the collection of knowledge, skills, and attributes an employee requires to do a job well.

    Often organizations have competency frameworks that consist of core, leadership, and functional competencies.

    Core competencies apply to every role in the organization. Typically, they are tied to organizational values and business mission and/or vision.

    Functional competencies are at the department, work group, or job role levels. They are a direct reflection of the function or type of work carried out.

    Leadership competencies generally apply only to people managers in the organization. Typically, they are tied to strategic goals in the short to medium term

    Generic Functional
    • Core
    • Leadership
    • IT
    • Finance
    • Sales
    • HR

    Use the SMART model to make sure goals are reasonable and attainable

    S

    Specific: Be specific about what you want to accomplish. Think about who needs to be involved, what you're trying to accomplish, and when the goal should be met.

    M

    Measurable: Set metrics that will help to determine whether the goal has been reached.

    A

    Achievable: Ensure that you have both the organizational resources and employee capability to accomplish the goal.

    R

    Relevant: Goals must align with broader business, department, and development goals in order to be meaningful.

    T

    Time-bound: Provide a target date to ensure the goal is achievable and provide motivation.

    Example goal:

    "Learn Excel this summer."

    Problems:

    Not specific enough, not measurable enough, nor time bound.

    Alternate SMART goal:

    "Consult with our Excel expert and take the lead on creating an Excel tool in August."

    3.2 Identify target competencies & draft development goals

    1 hour

    Pre-work: Employees should come to the career conversation having done some self-reflection. Use Info-Tech's IT Employee Career Development Workbook to help employees identify their career goals.

    1. Pre-work: Managers should gather any data they have on the employee's current proficiency at key competencies. Potential sources include task-based assessments, performance ratings, supervisor or peer feedback, and informal conversation.

      Prioritize competencies. Using your list of priority organizational competencies, work with your employees to help them identify two to four competencies to focus on developing now and in the future. Use the Individual Competency Development Plan template to document your assessment and prioritize competencies for development. Consider the following questions for guidance:
      1. Which competencies are needed in my current role that I do not have full proficiency in?
      2. Which competencies are related to both my career interests and the organization's priorities?
      3. Which competencies are related to each other and could be developed together or simultaneously?
    2. Draft goals. Ask your employee to create a list of multiple simple goals to develop the competencies they have selected to work on developing over the next year. Identifying multiple goals helps to break development down into manageable chunks. Ensure goals are concrete, for example, if the competency is "communication skills," your development goals could be "presentation skills" and "business writing."
    3. Review goals:
      1. Ask why these areas are important to the employee.
      2. Share your ideas and why it is important that the employee develop in the areas identified.
      3. Ensure that the goals are realistic. They should be stretch goals, but they must be achievable. Use the SMART framework on the previous slide for guidance.

    Info-Tech Insight

    Lack of career development is the top reason employees leave organizations. Development activities need to work for both the organization and the employee's own development, and clearly link to advancing employees' careers either at the organization or beyond.

    Download the IT Employee Career Development Workbook

    Download the Individual Competency Development Plan

    3.2 Identify target competencies & draft development goals

    Input

    Output

    • Employee's career aspirations
    • List of priority organizational competencies
    • Assessment of employee's current proficiency
    • A list of concrete development goals

    Materials

    Participants

    • Employee
    • Direct manager

    Apply a blend of learning methods

    • Info-Tech recommends the 70-20-10 principle for learning and development, which places the greatest emphasis on learning by doing. This experiential learning is then supported by feedback from mentoring, training, and self-reflection.
    • Use the 70-20-10 principle as a guideline – the actual breakdown of your learning methods will need to be tailored to best suit your organization and the employee's goals.

    Spend development time and effort wisely:

    70%

    On providing challenging on-the-job opportunities

    20%

    On establishing opportunities for people to develop learning relationships with others, such as coaching and mentoring

    10%

    On formal learning and training programs

    Internal initiatives are a cost-effective development aid

    Internal Initiative

    What Is It?

    When to Use It

    Special Project

    Assignment outside of the scope of the day-to-day job (e.g. work with another team on a short-term initiative).

    As an opportunity to increase exposure and to expand skills beyond those required for the current job.

    Stretch Assignment

    The same projects that would normally be assigned, but in a shorter time frame or with a more challenging component.

    Employee is consistently meeting targets and you need to see what they're capable of.

    Training Others

    Training new or more junior employees on their position or a specific process.

    Employee wants to expand their role and responsibility and is proficient and positive.

    Team Lead On an Assignment

    Team lead for part of a project or new initiative.

    To prepare an employee for future leadership roles by increasing responsibility and developing basic managerial skills.

    Job Rotation

    A planned placement of employees across various roles in a department or organization for a set period of time.

    Employee is successfully meeting and/or exceeding job expectations in their current role.

    Incorporating a development objective into daily tasks

    What do we mean by incorporating into daily tasks?

    The next time you assign a project to an employee, you should also ask the employee to think about a development goal for the project. Try to link it back to their existing goals or have them document a new goal in their development plan.

    For example: A team of employees always divides their work in the same way. Their goal for their next project could be to change up the division of responsibility so they can learn each other's roles.

    Another example:

    "I'd like you to develop your ability to explain technical terms to a non-technical audience. I'd like you to sit down with the new employee who starts tomorrow and explain how to use all our software, getting them up and running."

    Info-Tech Insight

    Employees often don't realize that they are being developed. They either think they are being recognized for good work or they are resentful of the additional workload.

    You need to tell your employees that the activity you are asking them to do is intended to further their development.

    However, be careful not to sell mundane tasks as development opportunities – this is offensive and detrimental to engagement.

    Establish manager and employee accountability for following up

    Ensure that the employee makes progress in developing prioritized competencies by defining accountabilities:

    Tracking Progress

    Checking In

    Development Meetings

    Coaching & Feedback

    Employee accountability:

    • Employees need to keep track of what they learn.
    • Employees should take the time to reflect on their progress.

    Manager accountability:

    • Managers need to make the time for employees to reflect.

    Employee accountability:

    • Employees need to provide managers with updates and ask for help.

    Manager accountability:

    • Managers need to check in with employees to see if they need additional resources.

    Employee accountability:

    • Employees need to complete assessments again to determine whether they have made progress.

    Manager accountability:

    • Managers should schedule monthly meetings to discuss progress and identify next steps.

    Employee accountability:

    • Employees should ask their manager and colleagues for feedback after development activities.

    Manager accountability:

    • Managers can use both scheduled meetings and informal conversations to provide coaching and feedback to employees.

    3.3 Select development activities and schedule check-ins

    1-3 hours

    Pre-work: Employees should research potential development activities and come prepared with a range of suggestions.

    Pre-work: Managers should investigate options for employee development, such as internal training/practice opportunities for the employee's selected competencies and availability of training budget.

    1. Communicate your findings about internal opportunities and external training allowance to the employee. This can also be done prior to the meeting, to help guide the employee's own research. Address any questions or concerns.
    2. Review the employee's proposed list of activities, and identify priority ones based on:
      1. How effectively they support the development of priority competencies.
      2. How closely they match the employee's original goals.
      3. The learning methods they employ, and whether the chosen activities support a mix of different methods.
      4. The degree to which the employee will have a chance to practice new skills hands-on.
      5. The amount of time the activities require, balanced against the employee's work obligations.
    3. Guide the employee in selecting activities for the short and medium term. Establish an understanding that this list is tentative and subject to ongoing revision during future check-ins.
      1. If in doubt about whether the employee is over-committing, err on the side of fewer activities to start.
    4. Schedule a check-in for one month out to review progress and roadblocks, and to reaffirm priorities.
    5. Check-ins should be repeated regularly, typically once a month.

    Download the Learning Methods Catalog

    Info-Tech Insight

    Adopt a blended learning approach using a variety of techniques to effectively develop competencies. This will reinforce learning and accommodate different learning styles. See Info-Tech's Learning Methods Catalog for a description of popular experiential, relational, and formal learning methods.

    3.3 Select development activities and schedule check-ins

    Input

    Output

    • List of potential development activities (from employee)
    • List of organizational resources (from manager)
    • A selection of feasible development activities
    • Next check-in scheduled

    Materials

    Participants

    • Employee
    • Direct manager

    Tips for tricky conversations about development

    What to do if…

    Employees aren't interested in development:

    • They may have low aspiration for advancement.
    • Remind them about the importance of staying current in their role given increasing job requirements.
    • Explain that skill development will make their job easier and make them more successful at it; sell development as a quick and effective way to learn the skill.
    • Indicate your support and respond to concerns.

    Employees have greater aspiration than capability:

    • Explain that there are a number of skills and capabilities that they need to improve in order to move to the next level. If the specific skills were not discussed during the performance appraisal, do not hesitate to explain the improvements that you require.
    • Inform the employee that you want them to succeed and that by pushing too far and too fast they risk failure, which would not be beneficial to anyone.
    • Reinforce that they need to do their current job well before they can be considered for promotion.

    Employees are offended by your suggestions:

    • Try to understand why they are offended. Before moving forward, clarify whether they disagree with the need for development or the method by which you are recommending they be developed.
    • If it is because you told them they had development needs, then reiterate that this is about helping them to become better and that everyone has areas to develop.
    • If it is about the development method, discuss the different options, including the pros and cons of each.

    Coaching and feedback skills help managers guide employee development

    Coaching and providing feedback are often confused. Managers often believe they are coaching when they are just giving feedback. Learn the difference and apply the right approach for the right situation.

    What is coaching?

    A conversation in which a manager asks questions to guide employees to solve problems themselves.

    Coaching is:

    • Future-focused
    • Collaborative
    • Geared toward growth and development

    What is feedback?

    Information conveyed from the manager to the employee about their performance.

    Feedback is:

    • Past-focused
    • Prescriptive
    • Geared toward behavior and performance

    Info-Tech Insight

    Don't forget to develop your managers! Ensure coaching, feedback, and management skills are part of your management team's development plan.

    Understand the foundations of coaching to provide effective development coaching:

    Knowledge Mindset Relationship
    • Understand what coaching is and how to apply it:
    • Identify when to use coaching, feedback, or other people management practices, and how to switch between them.
    • Know what coaching can and cannot accomplish.
    • When focusing on performance, guide an employee to solve problems related to their work. When focusing on development, guide an employee to reach their own development goals.
    • Adopt a coaching mindset by subscribing to the following beliefs:
    • Employees want to achieve higher performance and have the potential to do so.
    • Employees have a unique and valuable perspective to share of the challenges they face as well as the possible solutions.
    • Employees should be empowered to realize solutions themselves to motivate them in achieving goals.
    • Develop a relationship of trust between managers and employees:
    • Create an environment of psychological safety where employees feel safe to be open and honest.
    • Involve employees in decision making and inform employees often.
    • Invest in employees' success.
    • Give and expect candor.
    • Embrace failure.

    Apply the "4A" behavior-focused coaching model

    Using a model allows every manager, even those with little experience, to apply coaching best practices effectively.

    Actively Listen

    Ask

    Action Plan

    Adapt

    Engage with employees and their message, rather than just hearing their message.

    Key active listening behaviors:

    • Provide your undivided attention.
    • Observe both spoken words and body language.
    • Genuinely try to understand what the employee is saying.
    • Listen to what is being said, then paraphrase back what you heard.

    Ask thoughtful, powerful questions to learn more information and guide employees to uncover opportunities and/or solutions.

    Key asking behaviors:

    • Ask open-ended questions.
    • Ask questions to learn something you didn't already know.
    • Ask for reasoning (the why).
    • Ask "what else?"

    Hold employees and managers accountable for progress and results.

    During check-ins, review each development goal to ensure employees are meeting their targets.

    Key action planning behaviors:

    Adapt to individual employees and situations.

    Key adapting behaviors:

    • Recognize employees' unique characteristics.
    • Appreciate the situation at hand and change your behavior and communication in order to best support the individual employee.

    Use the following questions to have meaningful coaching conversations

    Opening Questions

    • What's on your mind?
    • Do you feel you've had a good week/month?
    • What is the ideal situation?
    • What else?

    Problem-Identifying Questions

    • What is most important here?
    • What is the challenge here for you?
    • What is the real challenge here for you?
    • What is getting in the way of you achieving your goal?

    Problem-Solving Questions

    • What are some of the options available?
    • What have you already tried to solve this problem? What worked? What didn't work?
    • Have you considered all the possibilities?
    • How can I help?

    Next-Steps Questions

    • What do you need to do, and when, to achieve your goal?
    • What resources are there to help you achieve your goal? This includes people, tools, or even resources outside our organization.
    • How will you know when you have achieved your goal? What does success look like?

    The purpose of asking questions is to guide the conversation and learn something you didn't already know. Choose the questions you ask based on the flow of the conversation and on what information you would like to uncover. Approach the answers you get with an open mind.

    Info-Tech Insight

    Avoid the trap of "hidden agenda" questions, whose real purpose is to offer your own advice.

    Use the following approach to give effective feedback

    Provide the feedback in a timely manner

    • Plan the message you want to convey.
    • Provide feedback "just-in-time."
    • Ensure recipient is not preoccupied.
    • Try to balance the feedback; refer to successful as well as unsuccessful behavior.

    Communicate clearly, using specific examples and alternative behaviors

    • Feedback must be honest and helpful.
    • Be specific and give a recent example.
    • Be descriptive, not evaluative.
    • Relate feedback to behaviors that can be changed.
    • Give an alternative positive behavior.

    Confirm their agreement and understanding

    • Solicit their thoughts on the feedback.
    • Clarify if not understood; try another example.
    • Confirm recipient understands and accepts the feedback.

    Manager skill is crucial to employee development

    Development is a two-way street. This means that while employees are responsible for putting in the work, managers must enable their development with support and guidance. The latter is a skill, which managers must consciously cultivate.

    For more in-depth management skills development, see the Info-Tech "Build a Better Manager" training resources:

    Bibliography

    Anderson, Kelsie. "Is Your IT Department Prepared for the 4 Biggest Challenges of 2017?" 14 June 2017.
    Atkinson, Carol, and Peter Sandiford. "An Exploration of Older Worker Flexible Working Arrangements in Smaller Firms." Human Resource Management Journal, vol. 26, no. 1, 2016, pp. 12–28. Wiley Online Library.
    BasuMallick, Chiradeep. "Top 8 Best Practices for Employee Cross-Training." Spiceworks, 15 June 2020.
    Birol, Andy. "4 Ways You Can Succeed With a Staff That 'Wears Multiple Hats.'" The Business Journals, 26 Nov. 2013.
    Bleich, Corey. "6 Major Benefits To Cross-Training Employees." EdgePoint Learning, 5 Dec. 2018.
    Cancialosi, Chris. "Cross-Training: Your Best Defense Against Indispensable Employees." Forbes, 15 Sept. 2014.
    Cappelli, Peter, and Anna Tavis. "HR Goes Agile." Harvard Business Review, Mar. 2018.
    Chung, Kai Li, and Norma D'Annunzio-Green. "Talent Management Practices of SMEs in the Hospitality Sector: An Entrepreneurial Owner-Manager Perspective." Worldwide Hospitality and Tourism Themes, vol. 10, no. 4, Jan. 2018.
    Clarkson, Mary. Developing IT Staff: A Practical Approach. Springer Science & Business Media, 2012.
    "CNBC and SurveyMonkey Release Latest Small Business Survey Results." Momentive, 2019. Press Release. Accessed 6 Aug. 2020.
    Cselényi, Noémi. "Why Is It Important for Small Business Owners to Focus on Talent Management?" Jumpstart:HR | HR Outsourcing and Consulting for Small Businesses and Startups, 25 Mar. 2013.
    dsparks. "Top 10 IT Concerns for Small Businesses." Stratosphere Networks IT Support Blog - Chicago IT Support Technical Support, 16 May 2017.
    Duff, Jimi. "Why Small to Mid-Sized Businesses Need a System for Talent Management | Talent Management Blog | Saba Software." Saba, 17 Dec. 2018.
    Employment and Social Development Canada. "Age-Friendly Workplaces: Promoting Older Worker Participation." Government of Canada, 3 Oct. 2016.
    Exploring Workforce Planning. Accenture, 23 May 2017.
    "Five Major IT Challenges Facing Small and Medium-Sized Businesses." Advanced Network Systems. Accessed 25 June 2020.
    Harris, Evan. "IT Problems That Small Businesses Face." InhouseIT, 17 Aug. 2016.
    Heathfield, Susan. "What Every Manager Needs to Know About Succession Planning." Liveabout, 8 June 2020.
    ---. "Why Talent Management Is an Important Business Strategy." Liveabout, 29 Dec. 2019.
    Herbert, Chris. "The Top 5 Challenges Facing IT Departments in Mid-Sized Companies." ExpertIP, 25 June 2012.
    How Smaller Organizations Can Use Talent Management to Accelerate Growth. Avilar. Accessed 25 June 2020.
    Krishnan, TN, and Hugh Scullion. "Talent Management and Dynamic View of Talent in Small and Medium Enterprises." Human Resource Management Review, vol. 27, no. 3, Sept. 2017, pp. 431–41.
    Mann Jackson, Nancy. "Strategic Workforce Planning for Midsized Businesses." ADP, 6 Feb. 2017.
    McCandless, Karen. "A Beginner's Guide to Strategic Talent Management (2020)." The Blueprint, 26 Feb. 2020.
    McFeely, Shane, and Ben Wigert. "This Fixable Problem Costs U.S. Businesses $1 Trillion." Gallup.com, 13 Mar. 2019.
    Mihelič, Katarina Katja. Global Talent Management Best Practices for SMEs. Jan. 2020.
    Mohsin, Maryam. 10 Small Business Statistics You Need to Know in 2020 [May 2020]. 4 May 2020.
    Ramadan, Wael H., and B. Eng. The Influence of Talent Management on Sustainable Competitive Advantage of Small and Medium Sized Establishments. 2012, p. 15.
    Ready, Douglas A., et al. "Building a Game-Changing Talent Strategy." Harvard Business Review, no. January–February 2014, Jan. 2014.
    Reh, John. "Cross-Training Employees Strengthens Engagement and Performance." Liveabout, May 2019.
    Rennie, Michael, et al. McKinsey on Organization: Agility and Organization Design. McKinsey, May 2016.
    Roddy, Seamus. "The State of Small Business Employee Benefits in 2019." Clutch, 18 Apr. 2019.
    SHRM. "Developing Employee Career Paths and Ladders." SHRM, 28 Feb. 2020.
    Strandberg, Coro. Sustainability Talent Management: The New Business Imperative. Strandberg Consulting, Apr. 2015.
    Talent Management for Small & Medium-Size Businesses. Success Factors. Accessed 25 June 2020.
    "Top 10 IT Challenges Facing Small Business in 2019." Your IT Department, 8 Jan. 2019.
    "Why You Need Workforce Planning." Workforce.com, 24 Oct. 2022.

    Embrace Business-Managed Applications

    • Buy Link or Shortcode: {j2store}179|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $64,999 Average $ Saved
    • member rating average days saved: 18 Average Days Saved
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • The traditional model of managing applications does not address the demands of today’s rapidly changing market and digitally minded business, putting stress on scarce IT resources. The business is fed up with slow IT responses and overbearing desktop and system controls.
    • The business wants more control over the tools they use. Software as a service (SaaS), business process management (BPM), robotic process automation (RPA), artificial intelligence (AI), and low-code development platforms are all on their radar.
    • However, your current governance and management structures do not accommodate the risks and shifts in responsibilities to business-managed applications.

    Our Advice

    Critical Insight

    • IT is a business partner, not just an operator. Effective business operations hinge on high-quality, valuable, fit-for-purpose applications. IT provides the critical insights, guidance, and assistance to ensure applications are implemented and leveraged in a way that maximizes return on investment, whether it is being managed by end users or lines of business (LOBs). This can only happen if the organization views IT as a critical asset, not just a supporting player.
    • All applications should be business owned. You have applications because LOBs need them to meet the objectives and key performance indicators defined in the business strategy. Without LOBs, there would be no need for business applications. LOBs define what the application should be and do for it to be successful, so LOBs should own them.
    • Everything boils down to trust. The business is empowered to make their own decisions on how they want to implement and use their applications and, thus, be accountable for the resulting outcomes. Guardrails, role-based access, application monitoring, and other controls can help curb some risk factors, but it should not come at the expense of business innovation and time-sensitive opportunities. IT must trust the business will make rational application decisions, and the business must trust IT to support them in good times and bad.

    Impact and Result

    • Focus on the business units that matter. BMA can provide significant value to LOBs if teams and stakeholders are encouraged and motivated to adopt organizational and operational changes.
    • Reimagine the role of IT. IT is no longer the gatekeeper that blocks application adoption. Rather, IT enables the business to adopt the tools they need to be productive and they guide the business on successful BMA practices.
    • Instill business accountability. With great power comes great responsibility. If the business wants more control of their applications, they must be willing to take ownership of the outcomes of their decisions.

    Embrace Business-Managed Applications Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should embrace business-managed applications, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Embrace Business-Managed Applications – Phases 1-3
    • Business-Managed Applications Communication Template

    1. State your objectives

    Level-set the expectations for your business-managed applications.

    • Embrace Business- Managed Applications – Phase 1: State Your Objectives

    2. Design your framework and governance

    Identify and define your application managers and owners and build a fit-for-purpose governance model.

    • Embrace Business-Managed Applications – Phase 2: Design Your Framework & Governance

    3. Build your roadmap

    Build a roadmap that illustrates the key initiatives to implement your BMA and governance models.

    • Embrace Business-Managed Applications – Phase 3: Build Your Roadmap

    [infographic]

    Workshop: Embrace Business-Managed Applications

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 State Your Objectives

    The Purpose

    Define business-managed applications in your context.

    Identify your business-managed application objectives.

    State the value opportunities with business-managed applications.

    Key Benefits Achieved

    A consensus definition and list of business-managed applications goals

    Understanding of the business value business-managed applications can deliver

    Activities

    1.1 Define business-managed applications.

    1.2 List your objectives and metrics.

    1.3 State the value opportunities.

    Outputs

    Grounded definition of a business-managed application

    Goals and objectives of your business-managed applications

    Business value opportunity with business-managed applications

    2 Design Your Framework & Governance

    The Purpose

    Develop your application management framework.

    Tailor your application delivery and ownership structure to fit business-managed applications.

    Discuss the value of an applications committee.

    Discuss technologies to enable business-managed applications.

    Key Benefits Achieved

    Fit-for-purpose and repeatable application management selection framework

    Enhanced application governance model

    Applications committee design that meets your organization’s needs

    Shortlist of solutions to enable business-managed applications

    Activities

    2.1 Develop your management framework.

    2.2 Tune your delivery and ownership accountabilities.

    2.3 Design your applications committee.

    2.4 Uncover your solution needs.

    Outputs

    Tailored application management selection framework

    Roles definitions of application owners and managers

    Applications committee design

    List of business-managed application solution features and services

    3 Build Your Roadmap

    The Purpose

    Build your roadmap to implement busines-managed applications and build the foundations of your optimized governance model.

    Key Benefits Achieved

    Implementation initiatives

    Adoption roadmap

    Activities

    3.1 Build your roadmap.

    Outputs

    Business-managed application adoption roadmap

     

    Looking at Risk in a New Light: The Six Pillars of Vendor Risk Management

    • Buy Link or Shortcode: {j2store}209|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management

    • Moreso than at any other time, our world is changing. As a result, organizations – and their vendors – need to be able to adapt their plans to accommodate risk on an unprecedented level.
    • It is increasingly likely that one of an organization's vendors, or their n-party support vendors, will cause an incident. Organizations must protect themselves by creating better mechanisms to hold their n-party vendors accountable and validate that they comply.

    Our Advice

    Critical Insight

    • Identifying and managing a vendor’s potential risk impact on your organization requires multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how these changes may affect your organization.
    • Organizational leadership is often taken unaware by changes, and their plans lack the flexibility to adjust to significant regulatory upheavals.

    Impact and Result

    • Vendor management practices educate organizations on the different potential risks from vendors in your market and suggest creative and alternative ways to avoid and help manage them.
    • Prioritize and classify your vendors with quantifiable, standardized rankings.
    • Prioritize focus on your high-risk vendors.
    • Standardize your processes for identifying and monitoring vendor risks with our Comprehensive Risk Impact Tool to manage potential impacts.

    Looking at Risk in a New Light: The Six Pillars of Vendor Risk Management Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Looking at Risk in a New Light: The Six Pillars of Vendor Risk Management – Use the research to better understand the negative impacts of vendor actions to your organization

    Use this research to identify and quantify the potential risk impacts caused by vendors. Utilize Info-Tech's approach to look at the impact from various perspectives to better prepare for issues that may arise.

    • Looking at Risk in a New Light: The Six Pillars of Vendor Risk Management Storyboard

    2. Comprehensive Risk Impact Tool – Use this tool to help identify and quantify the impacts of negative vendor actions.

    By playing the “what if” game and asking probing questions to draw out – or eliminate – possible negative outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

    • Comprehensive Risk Impact Tool
    [infographic]

    Further reading

    Looking at Risk in a New Light: The Six Pillars of Vendor Risk Management

    Approach vendor risk impact assessments from all perspectives.

    Analyst Perspective

    Organizations must comprehensively understand the impacts vendors may cause through different potential actions.

    Frank Sewell

    The risks from the vendor market have become more prevalent as the technologies and organizational strategies shift to a global direction. With this shift in risk comes a necessary perspective change to align with the greater likelihood of an incident occurring from vendors' (or one of their downstream support vendor's) negative actions.

    Organizational leadership must become more aware of the increasing risks that engaging vendors impose. To do so, they need to make informed decisions, which can only be provided by engaging expert resources in their organizations to compile a comprehensive look at potential risk impacts.

    Frank Sewell

    Research Director, Vendor Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    More so than at any other time, our world is changing. As a result organizations – and their vendors – need to be able to adapt their plans to accommodate risk on an unprecedented level.

    It is increasingly likely that one of your vendors, or their n-party support vendors, will cause an incident. Organizations must protect themselves by creating better mechanisms to hold their n-party vendors accountable and validate that they comply.

    Common Obstacles

    Identifying and managing a vendor’s potential risk impact on your organization requires multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how these changes may affect your organization.

    Organizational leadership is often taken unaware by changes, and their plans lack the flexibility to adjust to significant regulatory upheavals.

    Info-Tech's Approach

    Vendor management practices educate organizations on the different potential risks from vendors in your market and suggest creative and alternative ways to avoid and help manage them.

    Prioritize and classify your vendors with quantifiable, standardized rankings.

    Prioritize focus on your high-risk vendors.

    Standardize your processes for identifying and monitoring vendor risks with our Comprehensive Risk Impact Tool to manage potential impacts.

    Info-Tech Insight

    Organizations must evolve their risk assessments to be more adaptive to respond to changes in the global market. Ongoing monitoring and continual assessment of vendors’ risks is crucial to avoiding negative impacts.

    Info-Tech’s multi-blueprint series on vendor risk assessment

    There are many individual components of vendor risk beyond cybersecurity.`

    6 components of vendor risk beyond cybersecurity.  Financial, Reputational, Operational, Strategic, Security, Regulatory & Compliance.

    This series will focus on the individual components of vendor risk and how vendor management practices can facilitate organizations’ understanding of those risks.

    Out of Scope:
    This series will not tackle risk governance, determining overall risk tolerance and appetite, or quantifying inherent risk.

    The world is constantly changing

    The IT market is constantly reacting to global influences. By anticipating changes, leaders can set expectations and work with their vendors to accommodate them.

    When the unexpected happens, being able to adapt quickly to new priorities ensures continued long-term business success.

    Below are some things no one expected to happen in the last few years:

    62%

    of IT professionals are more concerned about being a victim of ransomware than they were a year ago.

    Info-Tech Tech Trends Survey 2022

    82%

    of Microsoft non-essential employees shifted to working from home in 2020, joining the 18% already remote.

    Info-Tech Tech Trends Survey 2022

    89%

    of organizations invested in web conferencing technology to facilitate collaboration.

    Info-Tech Tech Trends Survey 2022

    Looking at Risk in a New Light:

    the 6 Pillars of Vendor Risk Management

    Vendor Risk

    • Financial

    • Strategic

    • Operational

    • Security

    • Reputational

    • Regulatory

    • Organizations must review their risk appetite and tolerance levels, considering their complete landscape.
    • Changing regulations, acquisitions, and events that affect global supply chains are current realities, not unlikely scenarios.
    • Prepare your vendor risk management for success using due diligence and scenario- based “What If” discussions to bring all the relevant parties to the table and educate your whole organization on risk factors.
    Assessing Financial Risk Impacts

    Strategic risks on a global scale

    Odds are at least one of these is currently affecting your strategic plans

    • Vendor Acquisitions
    • Global Pandemic
    • Global Shortages
    • Gas Prices
    • Poor Vendor Performance
    • Travel Bans
    • War
    • Natural Disasters
    • Supply Chain Disruptions
    • Security Incidents

    Make sure you have the right people at the table to identify and plan to manage impacts.

    Assess internal and external operational risk impacts

    Two sides of the same coin

    Internal

    • Poorly vetted supplemental staff
    • Bad system configurations
    • Lack of relevant skills
    • Poor vendor performance
    • Failure to follow established processes
    • Weak contractual accountability
    • Unsupportable or end-of-life system components

    External

    • Cyberattacks
    • Supply Chain Issues
    • Geo-Political Disruptions
    • Vendor Acquisitions
    • N-Party Non-Compliance
    • Vendor Fraud

    Operational risk is the risk of losses caused by flawed or failed processes, policies, systems, or events that disrupt business operations.

    Identify and manage security risk impacts on your organization

    Due diligence will enable successful outcomes

    • Poor vendor performance
    • Vendor acquisition
    • Supply chain disruptions and shortages
    • N-party risk
    • Third-party risk

    What your vendor associations say about you

    Reputations that affect your brand: Bad customer reviews, breach of data, poor security posture, negative news articles, public lawsuits, poor performance.

    Regulatory compliance

    Consider implementing vendor management initiatives and practices in your organization to help gain compliance with your expanding vendor landscape.

    Your organizational risks may be monitored but are your n-party vendors?

    6 components of vendor risk beyond cybersecurity.  Financial, Reputational, Operational, Strategic, Security, Regulatory & Compliance.

    Review your expectations with your vendors and hold them accountable

    Regulatory entities are looking beyond your organization’s internal compliance these days. Instead, they are more and more diving into your third-party and downstream relationships, particularly as awareness of downstream breaches increases globally.

    • Are you assessing your vendors regularly?
    • Are you validating those assessments?
    • Do your vendors have a map of their downstream support vendors?
    • Do they have the mechanisms to hold those downstream vendors accountable to your standards?

    Identify and manage risks

    Regulatory

    Regulatory agencies are putting more enforcement around ESG practices across the globe. As a result, organizations will need to monitor the changing regulations and validate that their vendors and n-party support vendors are adhering to these regulations or face penalties for non-compliance.

    Security-Data protection

    Data protection remains an issue. Organizations should ensure that the data their vendors obtain remains protected throughout the vendor’s lifecycle, including post-termination. Otherwise, they could be monitoring for a data breach in perpetuity.

    Mergers and acquisitions

    More prominent vendors continuously buy smaller companies to control the market in the IT industry. Organizations should put protections in their contracts to ensure that an IT vendor’s acquisition does not put them in a relationship with someone that could cause them an issue.

    Identify and manage risks

    Poor vendor performance

    Consider the impact of a vendor that fails to perform midway through the implementation. Organizations need to be able to manage the impact of replacing that vendor and cutting their losses rather than continuing to throw good money away after bad performance.

    Supply chain disruptions and global shortages

    Geopolitical disruptions and natural disasters have caused unprecedented interruptions to business. Incorporate forecasting of product and ongoing business continuity planning into your strategic plans to adapt as events unfold.

    Poorly configured systems

    Failing to ensure that your vendor-supported systems are properly configured and that your vendors are meeting your IT change control and configuration standards is more commonplace than expected. Proper oversight and management of your support vendors is crucial to ensure they are meeting expectations in this regard.

    What to look for

    Identify potential risk impacts

    • Is there a record of complaints against the vendor from their employees or customers?
    • Is the vendor financially sound, with the resources to support your needs?
    • Has the vendor been cited for regulatory compliance issues in the past?
    • Does the vendor have a comprehensive list of their n-party vendor partners?
      • Are they willing to accept appropriate contractual protections regarding them?
    • Does the vendor self-audit, or do they use a vetted third-party audit firm to issue a SOC report annually?
    • Does the vendor operate in regions known for instability?
    • Is the vendor willing to make concessions on contractual protections, or are they only offering one-sided agreements with as-is warranties?

    Prepare your vendor risk management for success

    Due diligence will enable successful outcomes.

    1. Obtain top-level buy-in; it is critical to success.
    2. Build enterprise risk management (ERM) through incremental improvement.
    3. Focus initial efforts on the “big wins” to prove the process works.
    4. Use existing resources.
    5. Build on any risk management activities that already exist in the organization.
    6. Socialize ERM throughout the organization to gain additional buy-in.
    7. Normalize the process long term with ongoing updates and continuing education for the organization.
    8. (Adapted from COSO)

    How to assess third-party risk

    1. Review organizational risks

      Understand the organizations risks to prepare for the “What If” game exercise.
    2. Identify and understand potential risks

      Play the “What If” game with the right people at the table.
    3. Create a risk profile packet for leadership

      Pull all the information together in a presentation document.
    4. Validate the risks

      Work with leadership to ensure that the proposed risks are in line with their thoughts.
    5. Plan to manage the risks

      Lower the overall risk potential by putting mitigations in place.
    6. Communicate the plan

      It is important not only to have a plan but also to socialize it in the organization for awareness.
    7. Enact the plan

      Once the plan is finalized and socialized, put it in place with continued monitoring for success.

    Adapted from Harvard Law School Forum on Corporate Governance

    Insight summary

    Risk impacts often come from unexpected places and have significant consequences.

    Knowing who your vendors are using for their support and supply chain could be crucial in eliminating the risk of non-compliance for your organization.

    Having a plan to identify and validate the regulatory compliance of your vendors is a must for any organization to avoid penalties.

    Insight 1

    Organizations’ strategic plans need to be adaptable to avoid vendors’ negative actions causing an expedited shift in priorities.

    For example, Philips’ recall of ventilators impacted its products and the availability of its competitors’ products as demand overwhelmed the market.

    Insight 2

    Organizations often fail to understand how n-party vendors could place them in non-compliance.

    Even if you know your complete third-party vendor landscape, you may not be aware of the downstream vendors in play. Ensure that you get visibility into this space as well, and hold your direct vendors accountable for the actions of their vendors.

    Insight 3

    Organizations need to know where their data lives and ensure it is protected.

    Make sure you know which vendors are accessing/storing your data, where they are keeping it, and that you can get it back and have the vendors destroy it when the relationship is over. Without adequate protections throughout the lifecycle of the vendor, you could be monitoring for breaches in perpetuity.

    Insight summary

    Assessing financial impacts is an ongoing, educative, and collaborative multidisciplinary process that vendor management initiatives are uniquely designed to coordinate and manage for organizations.

    Operational risk impacts often come from unexpected places and have unforeseen impacts. Knowing where your vendors place in critical business processes and those vendors' business continuity plans concerning your organization should be a priority for those managing the vendors.

    Insight 4

    Organizations need to learn how to assess the likelihood of potential risks in the rapidly changing online environments and recognize how their partnerships and subcontractors’ actions can affect their brand.

    For example, do you understand how a simple news article raises your profile for short-term and long-term adverse events?

    Insight 5

    Organizations fail to plan for vendor acquisitions appropriately.

    Vendors routinely get acquired in the IT space. Does your organization have appropriate safeguards from inadvertently entering a negative relationship? Do you have plans for replacing critical vendors purchased in such a manner?

    Insight 6

    Vendors are becoming more and more crucial to organizations’ overall operations, and most organizations have a poor understanding of the potential impacts they represent.

    Is your vendor solvent? Do they have enough staff to accommodate your needs? Has their long-term planning been affected by changes in the market? Are they unique in their space?

    Identifying vendor risk

    Who should be included in the discussion?

    • While it is true that executive-level leadership defines the strategy for an organization, it is vital for those making decisions to make informed decisions.
    • Getting input from operational experts at your organization will enhance your business's long-term potential for success.
    • Involving those who directly manage vendors and understand the market will aid operational experts in determining the forward path for relationships with your current vendors and identifying emerging potential strategic partners.
    • Make sure security, risk, and compliance are all at the table. These departments all look at risk from different angles for the business and give valuable insight collectively.
    • Organizations have a wealth of experience in their marketing departments that can help identify real-world scenarios of negative actions.

    See the blueprint Build an IT Risk Management Program

    Review your risk management plans for new risks on a regular basis.

    Keep in mind Risk =
    Likelihood x Impact

    (R=L*I).

    Impact (I) tends to remain the same, while Likelihood (L) is becoming closer to 100% as threat actors become more prevalent.

    Managing vendor risk impacts

    How could your vendors impact your organization?

    • Review vendors’ downstream connections to understand thoroughly who you are in business with
    • Institute continuous vendor lifecycle management
    • Develop IT risk governance and change control
    • Introduce continual risk assessment to monitor the relevant vendor markets
    • Monitor and schedule contract renewals and new service/module negotiations
    • Perform business alignment meetings to reassess relationships
    • Ensure strategic alignment in contracts
    • Review vendors’ business continuity plans and disaster recovery testing
    • Re-evaluate corporate policies frequently
    • Monitor your company’s and associated vendors’ online presence
    • Be adaptable and allow for innovations that arise from the current needs
      • Capture lessons learned from prior incidents to improve over time, and adjust your plans accordingly

    Organizations must review their risk appetite and tolerance levels, considering their complete landscape.

    Changing regulations, acquisitions, new security issues, and events that affect global supply chains are current realities, not unlikely scenarios.

    Ongoing Improvement

    Incorporating lessons learned.

    • Over time, despite everyone’s best observations and plans, incidents will catch us off guard.
    • When that happens, follow your incident response plans and act accordingly.
    • An essential step is to document what worked and what did not – collectively known as the “lessons learned.”
    • Use the lessons learned document to devise, incorporate, and enact a better risk management process.

    Sometimes disasters occur despite our best plans to manage them.

    When this happens, it is important to document the lessons learned and improve our plans going forward.

    The "what if" game

    1-3 hours

    Vendor management professionals are in an excellent position to help senior leadership identify and pull together resources across the organization to determine potential risks. By playing the "what if" game and asking probing questions to draw out – or eliminate – possible adverse outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

    1. Break into smaller groups (if too small, continue as a single group).
    2. Use the Comprehensive Risk Impact Tool to prompt discussion on potential risks. Keep this discussion flowing organically to explore all potentials but manage the overall process to keep the discussion pertinent and on track.
    3. Collect the outputs and ask the subject matter experts (SMEs) for management options for each one in order to present a comprehensive risk strategy. You will use this to educate senior leadership so that they can make an informed decision to accept or reject the solution.

    Download the Comprehensive Risk Impact Tool

    Input

    • List of identified potential risk scenarios scored by impact
    • List of potential mitigations of the scenarios to reduce the risk

    Output

    • Comprehensive risk profile on the specific vendor solution

    Materials

    • Whiteboard/flip charts
    • Comprehensive Risk Impact Tool to help drive discussion

    Participants

    • Vendor Management – Coordinator
    • Organizational Leadership
    • Operations Experts (SMEs)
    • Business Process Experts
    • Legal/Compliance/Risk Manager

    High risk example from tool

    High risk example from Tool.  Shows sample questions to ask to identify impacts, their associated score, weight, and comments or notes.

    Note: Even though a few items are “scored” they have not been added to the overall weight, signaling that the company has noted but does not necessarily hold them against the vendor.

    How to mitigate:

    • Contractually insist that the vendor have a third-party security audit performed annually with the stipulation that they will not denigrate below your acceptable standards.
    • At renewal negotiate better contractual terms and protections for your organization.

    Low risk example from tool

    Low risk example from Tool.  Shows sample questions to ask to identify impacts, their associated score, weight, and comments or notes.

    Summary

    Seek to understand all potential risk impacts to better prepare your organization for success.

    • Organizations need to understand and map out their entire vendor landscape.
    • Understand where all your data lives and how you can control it throughout the vendor lifecycle.
    • Organizations need to be realistic about the likelihood of potential risks in the changing global world.
    • Those organizations that consistently follow their established risk-assessment and due-diligence processes are better positioned to avoid penalties.
    • Understand how your vendors prioritize your organization in their business continuity processes.
    • Bring the right people to the table to outline potential risks in the market and your organization.
    • Socialize the third-party vendor risk management process throughout the organization to heighten awareness and enable employees to help protect the organization.
    • Organizations need to learn how to assess the likelihood of potential risks in the changing global markets and recognize how their partnerships and subcontracts affect their brand.
    • Incorporate lessons learned from prior incidents into your risk management process to build better plans for future issues.

    Organizations must evolve their risk assessments to be more meaningful to respond to global changes in the market.

    Organizations should increase the resources dedicated to monitoring the market as regulatory agencies continue to hold them more and more accountable.

    Bibliography

    Olaganathan, Rajee. “Impact of COVID-19 on airline industry and strategic plan for its recovery with special reference to data analytics technology.” Global Journal of Engineering and Technology Advances, vol 7, no 1, 2021, pp. 033-046.

    Tonello, Matteo. “Strategic Risk Management: A Primer for Directors.” Harvard Law School Forum on Corporate Governance, 23 Aug. 2012.

    Frigo, Mark L., and Richard J. Anderson. “Embracing Enterprise Risk Management: Practical Approaches for Getting Started.” COSO, 2011.

    Weak Cybersecurity is taking a toll on Small Businesses (tripwire.com)

    SecureLink 2022 White Paper SL_Page_EA+PAM (rocketcdn.me)

    Shared Assessments Member Poll March 2021 "Guide: Evolving Work Environments Impact of Covid-19 on Profile and Management of Third Parties“

    “Cybersecurity only the tip of the iceberg for third-party risk management”. Help Net Security, April 21, 2021. Accessed: 2022-07-29.

    “Third-Party Risk Management (TPRM) Managed Services”. Deloitte, 2022. Accessed: 2022-07-29.

    “The Future of TPRM: Third Party Risk Management Predictions for 2022”. OneTrust, December 20th2021. Accessed 2022-07-29.

    “Third Party Vendor definition”. Law Insider, Accessed 2022-07-29.

    “Third Party Risk”. AWAKE Security, Accessed 2022-07-29.

    Glidden, Donna. "Don't Underestimate the Need to Protect Your Brand in Publicity Clauses", Info-Tech Research Group, June 2022.

    Greenaway, Jordan. "Managing Reputation Risk: A start-to-finish guide", Transmission Private, July 2022. Accessed June 2022.

    Jagiello, Robert D, and Thomas T Hills. “Bad News Has Wings: Dread Risk Mediates Social Amplification in Risk Communication. ”Risk analysis : an official publication of the Society for Risk Analysis vol. 38,10 (2018): 2193-2207.doi:10.1111/risa.13117

    Kenton, Will. "Brand Recognition", Investopedia, August 2021. Accessed June 2022. Lischer, Brian. "How Much Does it Cost to Rebrand Your Company?", Ignyte, October 2017. Accessed June 2022.

    "Powerful Examples of How to Respond to Negative Reviews", Review Trackers, February 2022. Accessed June 2022.

    "The CEO Reputation Premium: Gaining Advantage in the Engagement Era", Weber Shadwick, March 2015. Accessed on June 2022.

    "Valuation of Trademarks: Everything You Need to Know",UpCounsel, 2022. Accessed June 2022.

    Related Info-Tech Research

    Identify and Manage Financial Risk Impacts on Your Organization

    • Vendor management practices educate organizations on potential financial impacts that vendors may incur and suggest systems to help manage them.
    • Standardize your processes for identifying and monitoring vendor risks to manage financial impacts with our Financial Risk Impact Tool.

    Identify and Manage Reputational Risk Impacts on Your Organization

    • Vendor management practices educate organizations on potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
    • Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your reputation and brand with our Reputational Risk Impact Tool.

    Identify and Manage Strategic Risk Impacts on Your Organization

    • Vendor management practices educate organizations on potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
    • Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your strategic plan with our Strategic Risk Impact Tool.

    Regulatory guidance and industry standards

    Prepare to Successfully Deploy PPM Software

    • Buy Link or Shortcode: {j2store}437|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • PPM suite deployments are complicated and challenging. Vendors and consultants can provide much needed expertise and assistance to organizations deploying new PPM suites.
    • While functional requirements are often defined during the procurement stage (for example, in an RFP), the level of detail during this stage is likely insufficient for actually configuring the solution to your specific PPM needs. Too many organizations fail to further develop these functional requirements between signing their contracts and the official start of their professional implementation engagement.
    • Many organizations fail to organize and record the PPM data they will need to populate the new PPM suite. In almost all cases, customers have the expertise and are in the best position to collect and organize their own data. Leaving this until the vendor or consultant arrives to help with the deployment can result in using your professional services in a suboptimal way.
    • Vendors and consultants want you to prepare for their implementation engagements so that you can make the best use of their expertise and assistance. They want you to deploy a PPM suite that can be sustainably adopted in the long term. All too often, however, they arrive onsite to find customers that are disorganized and underprepared.

    Our Advice

    Critical Insight

    • Preparing for a professional implementation engagement allows you to make the best use of your professional services, as well as helping to ensure that the PPM suite is deployed according to your specific PPM needs.
    • Involving your internal resources in the preparation of data and in fully defining functional requirements for the PPM suite helps to establish stakeholder buy-in early on, helping to build internal ownership of the solution from the beginning. This avoids the solution being perceived as something the vendor/consultant “forced upon us.”
    • Vendors and consultants are happy when organizations are organized and prepared for their professional implementation engagements. Preparation ensures these engagements are positive experiences for everyone involved.

    Impact and Result

    • Ensure that the data necessary to deploy the new PPM suite is recorded and organized.
    • Make your functional requirements detailed enough to ensure that the new PPM suite can be configured/customized during the deployment engagement in a way that best fits the organization’s actual PPM needs.
    • Through carefully preparing data and fully defining functional requirements, you help the solution become sustainably adopted in the long term.

    Prepare to Successfully Deploy PPM Software Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand why preparing for PPM deployment will ensure that organizations get the most value out of the implementation professional services they purchased and will help drive long-term sustainable adoption of the new PPM suite.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create a preparation team and plan

    Engage in purposeful and effective PPM deployment planning by clearly defining what to prepare and when exactly it is time to move from planning to execution.

    • Prepare to Successfully Deploy PPM Software – Phase 1: Create a Preparation Team and Plan
    • Prepare to Deploy PPM Suite Project Charter Template
    • PPM Suite Functional Requirements Document Template
    • PPM Suite Deployment Timeline Template (Excel)
    • PPM Suite Deployment Timeline Template (Project)
    • PPM Suite Deployment Communication Plan Template

    2. Prepare project-related requirements and deliverables

    Provide clearer definition to specific project-related functional requirements and collect the appropriate PPM data needed for an effective PPM suite deployment facilitated by vendors/consultants.

    • Prepare to Successfully Deploy PPM Software – Phase 2: Prepare Project-Related Requirements and Deliverables
    • PPM Deployment Data Workbook
    • PPM Deployment Dashboard and Report Requirements Workbook

    3. Prepare PPM resource requirements and deliverables

    Provide clearer definition to specific resource management functional requirements and data and create a communication and training plan.

    • Prepare to Successfully Deploy PPM Software – Phase 3: Prepare PPM Resource Requirements and Deliverables
    • PPM Suite Transition Plan Template
    • PPM Suite Training Plan Template
    • PPM Suite Training Management Tool

    4. Provide preparation materials to the vendor and implementation professionals

    Plan how to engage vendors/consultants by communicating functional requirements to them and evaluating changes to those requirements proposed by them.

    • Prepare to Successfully Deploy PPM Software – Phase 4: Provide Preparation Materials to the Vendor and Implementation Professionals
    [infographic]

    Workshop: Prepare to Successfully Deploy PPM Software

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Plan the Preparation Project

    The Purpose

    Select a preparation team and establish clear assignments and accountabilities.

    Establish clear deliverables, milestones, and metrics to ensure it is clear when the preparation phase is complete.

    Key Benefits Achieved

    Preparation activities will be organized and purposeful, ensuring that you do not threaten deployment success by being underprepared or waste resources by overpreparing.

    Activities

    1.1 Overview: Determine appropriate functional requirements to define and data to record in preparation for the deployment.

    1.2 Create a timeline.

    1.3 Create a charter for the PPM deployment preparation project: record lessons learned, establish metrics, etc.

    Outputs

    PPM Suite Deployment Timeline

    Charter for the PPM Suite Preparation Project Team

    2 Prepare Project-Related Requirements and Deliverables

    The Purpose

    Collect and organize relevant project-related data so that you are ready to populate the new PPM suite when the vendor/consultant begins their professional implementation engagement with you.

    Clearly define project-related functional requirements to aid in the configuration/customization of the tool.

    Key Benefits Achieved

    An up-to-date and complete record of all relevant PPM data.

    Avoidance of scrambling to find data at the last minute, risking importing out-of-date or irrelevant information into the new software.

    Clearly defined functional requirements that will ensure the suite is configured in a way that can be adoption in the long term.

    Activities

    2.1 Define project phases and categories.

    2.2 Create a list of all projects in progress.

    2.3 Record functional requirements for project requests, project charters, and business cases.

    2.4 Create a list of all existing project requests.

    2.5 Record the current project intake processes.

    2.6 Define PPM dashboard and reporting requirements.

    Outputs

    Project List (basic)

    Project Request Form Requirements (basic)

    Scoring/Requirements (basic)

    Business Case Requirements (advanced)

    Project Request List (basic)

    Project Intake Workflows (advanced)

    PPM Reporting Requirements (basic)

    3 Prepare PPM Resource Requirements and Deliverables

    The Purpose

    Collect and organize relevant resource-related data.

    Clearly define resource-related functional requirements.

    Create a purposeful transition, communication, and training plan for the deployment period.

    Key Benefits Achieved

    An up-to-date and complete record of all relevant PPM data that allows your vendor/consultant to get right to work at the start of the implementation engagement.

    Improved buy-in and adoption through transition, training, and communication activities that are tailored to the actual needs of your specific organization and users.

    Activities

    3.1 Create a portfolio-wide roster of project resources (and record their competencies and skills, if appropriate).

    3.2 Record resource management processes and workflows.

    3.3 Create a transition plan from existing PPM tools and processes to the new PPM suite.

    3.4 Identify training needs and resources to be leveraged during the deployment.

    3.5 Define training requirements.

    3.6 Create a PPM deployment training plan.

    Outputs

    Resource Roster and Competency Profile (basic)

    User Roles and Permissions (basic)

    Resource Management Workflows (advanced)

    Transition Approach and Plan (basic)

    Data Archiving Requirements (advanced)

    List of Training Modules and Attendees (basic)

    Internal Training Capabilities (advanced)

    Training Milestones and Deadlines (basic)

    4 Provide Preparation Materials to the Vendor and Implementation Professionals

    The Purpose

    Compile the data collected and the functional requirements defined so that they can be provided to the vendor and/or consultant before the implementation engagement.

    Key Benefits Achieved

    Deliverables that record the outputs of your preparation and can be provided to vendors/consultants before the implementation engagement.

    Ensures that the customer is an active and equal partner during the deployment by having the customer prepare their material and initiate communication.

    Vendors and/or consultants have a clear understanding of the customer’s needs and expectations from the beginning.

    Activities

    4.1 Collect, review, and finalize the functional requirements.

    4.2 Compile a functional requirements and data package to provide to the vendor and/or consultants.

    4.3 Discuss how proposed changes to the functional requirements will be reviewed and decided.

    Outputs

    PPM Suite Functional Requirements Documents

    PPM Deployment Data Workbook

    Redesign Your IT Organizational Structure

    • Buy Link or Shortcode: {j2store}275|cart{/j2store}
    • member rating overall impact (scale of 10): 9.2/10 Overall Impact
    • member rating average dollars saved: $71,830 Average $ Saved
    • member rating average days saved: 25 Average Days Saved
    • Parent Category Name: Organizational Design
    • Parent Category Link: /organizational-design

    Most organizations go through an organizational redesign to:

    • Better align to the strategic objectives of the organization.
    • Increase the effectiveness of IT as a function.
    • Provide employees with clarity in their roles and responsibilities.
    • Support new capabilities.
    • Better align IT capabilities to suit the vision.
    • Ensure the IT organization can support transformation initiatives.

    Our Advice

    Critical Insight

    • Organizational redesign is only as successful as the process leaders engage in. It shapes a story framed in a strong foundation of need and a method to successfully implement and adopt the new structure.
    • Benchmarking your organizational redesign to other organizations will not work. Other organizations have different strategies, drivers, and context. It’s important to focus on your organization, not someone else's.
    • You could have the best IT employees in the world, but if they aren’t structured well your organization will still fail in reaching its vision.

    Impact and Result

    • We are often unsuccessful in organizational redesign because we lack an understanding of why this initiative is required or fail to recognize that it is a change initiative.
    • Successful organizational design requires a clear understanding of why it is needed and what will be achieved by operating in a new structure.
    • Additionally, understanding the impact of the change initiative can lead to greater adoption by core stakeholders.

    Redesign Your IT Organizational Structure Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Redesign Your IT Organizational Structure Deck – A defined method of redesigning your IT structure that is founded by clear drivers and consistently considering change management practices.

    The purpose of this storyboard is to provide a four-phased approach to organizational redesign.

    • Redesign Your IT Organizational Structure – Phases 1-4

    2. Communication Deck – A method to communicate the new organizational structure to critical stakeholders to gain buy-in and define the need.

    Use this templated Communication Deck to ensure impacted stakeholders have a clear understanding of why the new organizational structure is needed and what that structure will look like.

    • Organizational Design Communications Deck

    3. Redesign Your IT Organizational Structure Executive Summary Template – A template to secure executive leadership buy-in and financial support for the new organizational structure to be implemented.

    This template provides IT leaders with an opportunity to present their case for a change in organizational structure and roles to secure the funding and buy-in required to operate in the new structure.

    • Redesign Your IT Organizational Structure Executive Summary

    4. Redesign Your IT Organizational Structure Workbook – A method to document decisions made and rationale to support working through each phase of the process.

    This Workbook allows IT and business leadership to work through the steps required to complete the organizational redesign process and document key rationale for those decisions.

    • Redesign Your IT Organizational Structure Workbook

    5. Redesign Your IT Organizational Structure Operating Models and Capability Definitions – A tool that can be used to provide clarity on the different types of operating models that exist as well as the process definitions of each capability.

    Refer to this tool when working through the redesign process to better understand the operating model sketches and the capability definitions. Each capability has been tied back to core frameworks that exist within the information and technology space.

    • Redesign Your IT Organizational Structure Operating Models and Capability Definitions

    Infographic

    Workshop: Redesign Your IT Organizational Structure

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish the Organizational Design Foundation

    The Purpose

    Lay the foundation for your organizational redesign by establishing a set of organizational design principles that will guide the redesign process.

    Key Benefits Achieved

    Clearly articulate why this organizational redesign is needed and the implications the strategies and context will have on your structure.

    Activities

    1.1 Define the org design drivers.

    1.2 Document and define the implications of the business context.

    1.3 Align the structure to support the strategy.

    1.4 Establish guidelines to direct the organizational design process.

    Outputs

    Clear definition of the need to redesign the organizational structure

    Understanding of the business context implications on the organizational structure creation.

    Strategic impact of strategies on organizational design.

    Customized Design Principles to rationalize and guide the organizational design process.

    2 Create the Operating Model Sketch

    The Purpose

    Select and customize an operating model sketch that will accurately reflect the future state your organization is striving towards. Consider how capabilities will be sourced, gaps in delivery, and alignment.

    Key Benefits Achieved

    A customized operating model sketch that informs what capabilities will make up your IT organization and how those capabilities will align to deliver value to your organization.

    Activities

    2.1 Augmented list of IT capabilities.

    2.2 Capability gap analysis

    2.3 Identified capabilities for outsourcing.

    2.4 Select a base operating model sketch.

    2.5 Customize the IT operating model sketch.

    Outputs

    Customized list of IT processes that make up your organization.

    Analysis of which capabilities require dedicated focus in order to meet goals.

    Definition of why capabilities will be outsourced and the method of outsourcing used to deliver the most value.

    Customized IT operating model reflecting sourcing, centralization, and intended delivery of value.

    3 Formalize the Organizational Structure

    The Purpose

    Translate the operating model sketch into a formal structure with defined functional teams, roles, reporting structure, and responsibilities.

    Key Benefits Achieved

    A detailed organizational chart reflecting team structures, reporting structures, and role responsibilities.

    Activities

    3.1 Categorize your IT capabilities within your defined functional work units.

    3.2 Create a mandate statement for each work unit.

    3.3 Define roles inside the work units and assign accountability and responsibility.

    3.4 Finalize your organizational structure.

    Outputs

    Capabilities Organized Into Functional Groups

    Functional Work Unit Mandates

    Organizational Chart

    4 Plan for the Implementation & Change

    The Purpose

    Ensure the successful implementation of the new organizational structure by strategically communicating and involving stakeholders.

    Key Benefits Achieved

    A clear plan of action on how to transition to the new structure, communicate the new organizational structure, and measure the effectiveness of the new structure.

    Activities

    4.1 Identify and mitigate key org design risks.

    4.2 Define the transition plan.

    4.3 Create the change communication message.

    4.4 Create a standard set of FAQs.

    4.5 Align sustainment metrics back to core drivers.

    Outputs

    Risk Mitigation Plan

    Change Communication Message

    Standard FAQs

    Implementation and sustainment metrics.

    Further reading

    Redesign Your IT Organizational Structure

    Designing an IT structure that will enable your strategic vision is not about an org chart – it’s about how you work.

    EXECUTIVE BRIEF

    Analyst Perspective

    Structure enables strategy.

    The image contains a picture of Allison Straker.

    Allison Straker

    Research Director,

    Organizational Transformation

    The image contains a picture of Brittany Lutes.

    Brittany Lutes

    Senior Research Analyst,

    Organizational Transformation

    An organizational structure is much more than a chart with titles and names. It defines the way that the organization operates on a day-to-day basis to enable the successful delivery of the organization’s information and technology objectives. Moreover, organizational design sees beyond the people that might be performing a specific role. People and role titles will and often do change frequently. Those are the dynamic elements of organizational design that allow your organization to scale and meet specific objectives at defined points of time. Capabilities, on the other hand, are focused and related to specific IT processes.

    Redesigning an IT organizational structure can be a small or large change transformation for your organization. Create a structure that is equally mindful of the opportunities and the constraints that might exist and ensure it will drive the organization towards its vision with a successful implementation. If everyone understands why the IT organization needs to be structured that way, they are more likely to support and adopt the behaviors required to operate in the new structure.

    Executive Summary

    Your Challenge

    Your organization needs to reorganize itself because:

    • The current IT structure does not align to the strategic objectives of the organization.
    • There are inefficiencies in how the IT function is currently operating.
    • IT employees are unclear about their role and responsibilities, leading to inconsistencies.
    • New capabilities or a change in how the capabilities are organized is required to support the transformation.

    Common Obstacles

    Many organizations struggle when it comes redesigning their IT organizational structure because they:

    • Jump right into creating the new organizational chart.
    • Do not include the members of the IT leadership team in the changes.
    • Do not include the business in the changes.
    • Consider the context in which the change will take place and how to enable successful adoption.

    Info-Tech’s Approach

    Successful IT organization redesign includes:

    • Understanding the drivers, context, and strategies that will inform the structure.
    • Remaining objective by focusing on capabilities over people or roles.
    • Identifying gaps in delivery, sourcing strategies, customers, and degrees of centralization.
    • Remembering that organizational design is a change initiative and will require buy-in.

    Info-Tech Insight

    A successful redesign requires a strong foundation and a plan to ensure successful adoption. Without these, the organizational chart has little meaning or value.

    Your challenge

    This research is designed to help organizations who are looking to:

    • Redesign the IT structure to align to the strategic objectives of the enterprise.
    • Increase the effectiveness in how the IT function is operating in the organization.
    • Provide clarity to employees around their roles and responsibilities.
    • Ensure there is an ability to support new IT capabilities and/or align capabilities to better support the direction of the organization.
    • Align the IT organization to support a business transformation such as becoming digitally enabled or engaging in M&A activities.

    Organizational design is a challenge for many IT and digital executives

    69% of digital executives surveyed indicated challenges related to structure, team silos, business-IT alignment, and required roles when executing on a digital strategy.

    Source: MIT Sloan, 2020

    Common obstacles

    These barriers make IT organizational redesign difficult to address for many organizations:

    • Confuse organizational design and organizational charts as the same thing.
    • Start with the organizational chart, not taking into consideration the foundational elements that will make that chart successful.
    • Fail to treat organizational redesign as a change management initiative and follow through with the change.
    • Exclude impacted or influential IT leaders and/or business stakeholders from the redesign process.
    • Leverage an operating model because it is trending.

    To overcome these barriers:

    • Understand the context in which the changes will take place.
    • Communicate the changes to those impacted to enable successful adoption and implementation of a new organizational structure.
    • Understand that organizational design is for more than just HR leaders now; IT executives should be driving this change.

    Succeed in Organizational Redesign

    75% The percentage of change efforts that fail.

    Source: TLNT, 2019

    55% The percentage of practitioners who identify how information flows between work units as a challenge for their organization.

    Source: Journal of Organizational Design, 2019

    Organizational design defined

    If your IT strategy is your map, your IT organizational design represents the optimal path to get there.

    IT organizational design refers to the process of aligning the organization’s structure, processes, metrics, and talent to the organization’s strategic plan to drive efficiency and effectiveness.

    Why is the right IT organizational design so critical to success?

    Adaptability is at the core of staying competitive today

    Structure is not just an organizational chart

    Organizational design is a never-ending process

    Digital technology and information transparency are driving organizations to reorganize around customer responsiveness. To remain relevant and competitive, your organizational design must be forward looking and ready to adapt to rapid pivots in technology or customer demand.

    The design of your organization dictates how roles function. If not aligned to the strategic direction, the structure will act as a bungee cord and pull the organization back toward its old strategic direction (ResearchGate.net, 2014). Structure supports strategy, but strategy also follows structure.

    Organization design is not a one-time project but a continuous, dynamic process of organizational self-learning and continuous improvement. Landing on the right operating model will provide a solid foundation to build upon as the organization adapts to new challenges and opportunities.

    Understand the organizational differences

    Organizational Design

    Organizational design the process in which you intentionally align the organizational structure to the strategy. It considers the way in which the organization should operate and purposely aligns to the enterprise vision. This process often considers centralization, sourcing, span of control, specialization, authority, and how those all impact or are impacted by the strategic goals.

    Operating Model

    Operating models provide an architectural blueprint of how IT capabilities are organized to deliver value. The placement of the capabilities can alter the culture, delivery of the strategic vision, governance model, team focus, role responsibility, and more. Operating model sketches should be foundational to the organizational design process, providing consistency through org chart changes.

    Organizational Structure

    The organizational structure is the chosen way of aligning the core processes to deliver. This can be strategic, or it can be ad hoc. We recommend you take a strategic approach unless ad hoc aligns to your culture and delivery method. A good organizational structure will include: “someone with authority to make the decisions, a division of labor and a set of rules by which the organization operates” (Bizfluent, 2019).

    Organizational Chart

    The capstone of this change initiative is an easy-to-read chart that visualizes the roles and reporting structure. Most organizations use this to depict where individuals fit into the organization and if there are vacancies. While this should be informed by the structure it does not necessarily depict workflows that will take place. Moreover, this is the output of the organizational design process.

    Sources: Bizfluent, 2019; Strategy & Business, 2015; SHRM, 2021

    The Technology Value Trinity

    The image contains a diagram of the Technology Value Trinity as described in the text below.

    All three elements of the Technology Value Trinity work in harmony to delivery business value and achieve strategic needs. As one changes, the others need to change as well.

    How do these three elements relate?

    • Digital and IT strategy tells you what you need to achieve to be successful.
    • Operating model and organizational design align resources to deliver on your strategy and priorities. This is done by strategically structuring IT capabilities in a way that enables the organizations vision and considers the context in which the structure will operate.
    • I&T governance is the confirmation of IT’s goals and strategy, which ensures the alignment of IT and business strategy and is the mechanism by which you continuously prioritize work to ensure that what is delivered is in line with the strategy.

    Too often strategy, organizational design, and governance are considered separate practices – strategies are defined without teams and resources to support. Structure must follow strategy.

    Info-Tech’s approach to organizational design

    Like a story, a strategy without a structure to deliver on it is simply words on paper.

    Books begin by setting the foundation of the story.

    Introduce your story by:

    • Defining the need(s) that are driving this initiative forward.
    • Introducing the business context in which the organizational redesign must take place.
    • Outlining what’s needed in the redesign to support the organization in reaching its strategic IT goals.

    The plot cannot thicken without the foundation. Your organizational structure and chart should not exist without one either.

    The steps to establish your organizational chart - with functional teams, reporting structure, roles, and responsibilities defined – cannot occur without a clear definition of goals, need, and context. An organizational chart alone won’t provide the insight required to obtain buy-in or realize the necessary changes.

    Conclude your story through change management and communication.

    Good stories don’t end without referencing what happened before. Use the literary technique of foreshadowing – your change management must be embedded throughout the organizational redesign process. This will increase the likelihood that the organizational structure can be communicated, implemented, and reinforced by stakeholders.

    Info-Tech uses a capability-based approach to help you design your organizational structure

    Once your IT strategy is defined, it is critical to identify the capabilities that are required to deliver on those strategic initiatives. Each initiative will require a combination of these capabilities that are only supported through the appropriate organization of roles, skills, and team structures.

    The image contains a diagram of the various services and blueprints that Info-Tech has to offer.

    Embed change management into organizational design

    Change management practices are needed from the onset to ensure the implementation of an organizational structure.

    For each phase of this blueprint, its important to consider change management. These are the points when you need to communicate the structure changes:

    • Phase 1: Begin to socialize the idea of new organizational structure with executive leadership and explain how it might be impactful to the context of the organization. For example, a new control, governance model, or sourcing approach could be considered.
    • Phase 2: The chosen operating model will influence your relationships with the business and can create/eliminate silos. Ensure IT and business leaders have insight into these possible changes and a willingness to move forward.
    • Phase 3: The new organizational structure could create or eliminate teams, reduce or increase role responsibilities, and create different reporting structures than before. It’s time to communicate these changes with those most impacted and be able to highlight the positive outcomes of the various changes.
    • Phase 4: Should consider the change management practices holistically. This includes the type of change and length of time to reach the end state, communication, addressing active resistors, acquiring the right skills, and measuring the success of the new structure and its adoption.

    Info-Tech Insight

    Do not undertake an organizational redesign initiative if you will not engage in change management practices that are required to ensure its successful adoption.

    Measure the value of the IT organizational redesign

    Given that the organizational redesign is intended to align with the overall vision and objectives of the business, many of the metrics that support its success will be tied to the business. Adapt the key performance indicators (KPIs) that the business is using to track its success and demonstrate how IT can enable the business and improve its ability to reach those targets.

    Strategic Resources

    The percentage of resources dedicated to strategic priorities and initiatives supported by IT operating model. While operational resources are necessary, ensuring people are allocating time to strategic initiatives as well will drive the business towards its goal state. Leverage Info-Tech’s IT Staffing Assessment diagnostic to benchmark your IT resource allocation.

    Business Satisfaction

    Assess the improvement in business satisfaction overall with IT year over year to ensure the new structure continues to drive satisfaction across all business functions. Leverage Info-Tech’s CIO Business Vision diagnostic to see how your IT organization is perceived.

    Role Clarity

    The degree of clarity that IT employees have around their role and its core responsibilities can lead to employee engagement and retention. Consider measuring this core job driver by leveraging Info-Tech’s Employee Engagement Program.

    Customer & User Satisfaction

    Measure customer satisfaction with technology-enabled business services or products and improvements in technology-enabled client acquisition or retention processes. Assess the percentage of users satisfied with the quality of IT service delivery and leverage Info-Tech’s End-User Satisfaction Survey to determine improvements.

    Info-Tech’s methodology for Redesigning Your IT Organization

    Phase

    1. Establish the Organizational Design Foundation

    2. Create the Operating Model Sketch

    3. Formalize the Organizational Structure

    4. Plan for Implementation and Change

    Phase Outcomes

    Lay the foundation for your organizational redesign by establishing a set of organizational design principles that will guide the redesign process.

    Select and customize an operating model sketch that will accurately reflect the future state your organization is striving towards. Consider how capabilities will be sourced, gaps in delivery, and alignment.

    Translate the operating model sketch into a formal structure with defined functional teams, roles, reporting structure, and responsibilities.

    Ensure the successful implementation of the new organizational structure by strategically communicating and involving stakeholders.

    Insight summary

    Overarching insight

    Organizational redesign processes focus on defining the ways in which you want to operate and deliver on your strategy – something an organizational chart will never be able to convey.

    Phase 1 insight

    Focus on your organization, not someone else's’. Benchmarking your organizational redesign to other organizations will not work. Other organizations have different strategies, drivers, and context.

    Phase 2 insight

    An operating model sketch that is customized to your organization’s specific situation and objectives will significantly increase the chances of creating a purposeful organizational structure.

    Phase 3 insight

    If you follow the steps outlined in the first three phases, creating your new organizational chart should be one of the fastest activities.

    Phase 4 insight

    Throughout the creation of a new organizational design structure, it is critical to involve the individuals and teams that will be impacted.

    Tactical insight

    You could have the best IT employees in the world, but if they aren’t structured well your organization will still fail in reaching its vision.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:


    Communication Deck

    Communicate the changes to other key stakeholders such as peers, managers, and staff.

    Workbook

    As you work through each of the activities, use this workbook as a place to document decisions and rationale.

    Reference Deck

    Definitions for every capability, base operating model sketches, and sample organizational charts aligned to those operating models.

    Job Descriptions

    Key deliverable:

    Executive Presentation

    Leverage this presentation deck to gain executive buy-in for your new organizational structure.

    Blueprint benefits

    IT Benefits

    • Create an organizational structure that aligns to the strategic goals of IT and the business.
    • Provide IT employees with clarity on their roles and responsibilities to ensure the successful delivery of IT capabilities.
    • Highlight and sufficiently staff IT capabilities that are critical to the organization.
    • Define a sourcing strategy for IT capabilities.
    • Increase employee morale and empowerment.

    Business Benefits

    • IT can carry out the organization’s strategic mission and vision of all technical and digital initiatives.
    • Business has clarity on who and where to direct concerns or questions.
    • Reduce the likelihood of turnover costs as IT employees understand their roles and its importance.
    • Create a method to communicate how the organizational structure aligns with the strategic initiatives of IT.
    • Increase ability to innovate the organization.

    Executive Brief Case Study

    IT design needs to support organizational and business objectives, not just IT needs.

    INDUSTRY: Government

    SOURCE: Analyst Interviews and Working Sessions

    Situation

    IT was tasked with providing equality to the different business functions through the delivery of shared IT services. The government created a new IT organizational structure with a focus on two areas in particular: strategic and operational support capabilities.

    Challenge

    When creating the new IT structure, an understanding of the complex and differing needs of the business functions was not reflected in the shared services model.

    Outcome

    As a result, the new organizational structure for IT did not ensure adequate meeting of business needs. Only the operational support structure was successfully adopted by the organization as it aligned to the individual business objectives. The strategic capabilities aspect was not aligned to how the various business lines viewed themselves and their objectives, causing some partners to feel neglected.

    Info-Tech offers various levels of support to best suit your needs.

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    Phase 1

    Call #1: Define the process, understand the need, and create a plan of action.

    Phase 2

    Call #2: Define org. design drivers and business context.

    Call #3: Understand strategic influences and create customized design principles.

    Call #4: Customize, analyze gaps, and define sourcing strategy for IT capabilities.

    Call #5: Select and customize the IT operating model sketch.

    Phase 3

    Call #6: Establish functional work units and their mandates.

    Call #7: Translate the functional organizational chart to an operational organizational chart with defined roles.

    Phase 4

    Call #8: Consider risks and mitigation tactics associated with the new structure and select a transition plan.

    Call #9: Create your change message, FAQs, and metrics to support the implementation plan.

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Establish the Organizational Redesign Foundation

    Create the Operating Model Sketch

    Formalize the Organizational Structure

    Plan for Implementation and Change

    Next Steps and
    Wrap-Up (offsite)

    Activities

    1.1 Define the org. design drivers.

    1.2 Document and define the implications of the business context.

    1.3 Align the structure to support the strategy.

    1.4 Establish guidelines to direct the organizational design process.

    2.1 Augment list of IT capabilities.

    2.2 Analyze capability gaps.

    2.3 Identify capabilities for outsourcing.

    2.4 Select a base operating model sketch.

    2.5 Customize the IT operating model sketch.

    3.1 Categorize your IT capabilities within your defined functional work units.

    3.2 Create a mandate statement for each work unit.

    3.3 Define roles inside the work units and assign accountability and responsibility.

    3.4 Finalize your organizational structure.

    4.1 Identify and mitigate key org. design risks.

    4.2 Define the transition plan.

    4.3 Create the change communication message.

    4.4 Create a standard set of FAQs.

    4.5 Align sustainment metrics back to core drivers.

    5.1 Complete in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables

    1. Foundational components to the organizational design
    2. Customized design principles
    1. Heat mapped IT capabilities
    2. Defined outsourcing strategy
    3. Customized operating model
    1. Capabilities organized into functional groups
    2. Functional work unit mandates
    3. Organizational chart
    1. Risk mitigation plan
    2. Change communication message
    3. Standard FAQs
    4. Implementation and sustainment metrics
    1. Completed organizational design communications deck

    This blueprint is part one of a three-phase approach to organizational transformation

    PART 1: DESIGN

    PART 2: STRUCTURE

    PART 3: IMPLEMENT

    IT Organizational Architecture

    Organizational Sketch

    Organizational Structure

    Organizational Chart

    Transition Strategy

    Implement Structure

    1. Define the organizational design drivers, business context, and strategic alignment.

    2. Create customized design principles.

    3. Develop and customize a strategically aligned operating model sketch.

    4. Define the future-state work units.

    5. Create future-state work unit mandates.

    6. Define roles by work unit.

    7. Turn roles into jobs with clear capability accountabilities and responsibilities.

    8. Define reporting relationships between jobs.

    9. Assess options and select go-forward organizational sketch.

    11. Validate organizational sketch.

    12. Analyze workforce utilization.

    13. Define competency framework.

    14. Identify competencies required for jobs.

    15. Determine number of positions per job

    16. Conduct competency assessment.

    17. Assign staff to jobs.

    18. Build a workforce and staffing plan.

    19. Form an OD implementation team.

    20. Develop change vision.

    21. Build communication presentation.

    22. Identify and plan change projects.

    23. Develop organizational transition plan.

    24. Train managers to lead through change.

    25. Define and implement stakeholder engagement plan.

    26. Develop individual transition plans.

    27. Implement transition plans.

    Risk Management: Create, implement, and monitor risk management plan.

    HR Management: Develop job descriptions, conduct job evaluation, and develop compensation packages.

    Monitor and Sustain Stakeholder Engagement

    Phase 1

    Establish the Organizational Redesign Foundation

    This phase will walk you through the following activities:

    1.1 Define the organizational redesign driver(s)

    1.2 Create design principles based on the business context

    1.3a (Optional Exercise) Identify the capabilities from your value stream

    1.3b Identify the capabilities required to deliver on your strategies

    1.4 Finalize your list of design principles

    This phase involves the following participants:

    • CIO
    • IT Leadership
    • Business Leadership

    Embed change management into the organizational design process

    Articulate the Why

    Changes are most successful when leaders clearly articulate the reason for the change – the rationale for the organizational redesign of the IT function. Providing both staff and executive leaders with an understanding for this change is imperative to its success. Despite the potential benefits to a redesign, they can be disruptive. If you are unable to answer the reason why, a redesign might not be the right initiative for your organization.

    Employees who understand the rationale behind decisions made by executive leaders are 3.6 times more likely to be engaged.

    McLean & Company Engagement Survey Database, 2021; N=123,188

    Info-Tech Insight

    Successful adoption of the new organizational design requires change management from the beginning. Start considering how you will convey the need for organizational change within your IT organization.

    The foundation of your organizational design brings together drivers, context, and strategic implications

    All aspects of your IT organization’s structure should be designed with the business’ context and strategic direction in mind.

    Use the following set of slides to extract the key components of your drivers, business context, and strategic direction to land on a future structure that aligns with the larger strategic direction.

    REDESIGN DRIVERS

    Driver(s) can originate from within the IT organization or externally. Ensuring the driver(s) are easy to understand and articulate will increase the successful adoption of the new organizational structure.

    BUSINESS CONTEXT

    Defines the interactions that occur throughout the organization and between the organization and external stakeholders. The context provides insight into the environment by both defining the purpose of the organization and the values that frame how it operates.

    STRATEGY IMPLICATIONS

    The IT strategy should be aligned to the overall business strategy, providing insight into the types of capabilities required to deliver on key IT initiatives.

    Understand IT’s desired maturity level, alignment with business expectations, and capabilities of IT

    Where are we today?

    Determine the current overall maturity level of the IT organization.

    Where do we want to be as an organization?

    Use the inputs from Info-Tech’s diagnostic data to determine where the organization should be after its reorganization.

    How can you leverage these results?

    The result of these diagnostics will inform the design principles that you’ll create in this phase.

    Leverage Info-Tech’s diagnostics to provide an understanding of critical areas your redesign can support:

    CIO Business Vision Diagnostic

    Management & Governance Diagnostic

    IT Staffing Diagnostic

    The image contains a picture of Info-Tech's maturity ladder.

    Consider the organizational design drivers

    Consider organizational redesign if …

    Effectiveness is a concern:

    • Insufficient resources to meet demand
    • Misalignment to IT (and business) strategies
    • Lack of clarity around role responsibility or accountability
    • IT functions operating in silos

    New capabilities are needed:

    • Organization is taking on new capabilities (digital, transformation, M&A)
    • Limited innovation
    • Gaps in the capabilities/services of IT
    • Other external environmental influences or changes in strategic direction

    Lack of business understanding

    • Misalignment between business and IT or how the organization does business
    • Unhappy customers (internal or external)

    Workforce challenges

    • Frequent turnover or inability to attract new skills
    • Low morale or employee empowerment

    These are not good enough reasons …

    • New IT leader looking to make a change for the sake of change or looking to make their legacy known
    • To work with specific/hand-picked leaders over others
    • To “shake things up” to see what happens
    • To force the organization to see IT differently

    Info-Tech Insight

    Avoid change for change’s sake. Restructuring could completely miss the root cause of the problem and merely create a series of new ones.

    1.1 Define the organizational redesign driver(s)

    1-2 hours

    1. As a group, brainstorm a list of current pain points or inhibitors in the current organizational structure, along with a set of opportunities that can be realized during your restructuring. Group these pain points and opportunities into themes.
    2. Leverage the pain points and opportunities to help further define why this initiative is something you’re driving towards. Consider how you would justify this initiative to different stakeholders in the organization.
    3. Questions to consider:
      1. Who is asking for this initiative?
      2. What are the primary benefits this is intended to produce?
      3. What are you optimizing for?
      4. What are we capable of achieving as an IT organization?
      5. Are the drivers coming from inside or outside the IT organization?
    4. Once you’ve determined the drivers for redesigning the IT organization, prioritize those drivers to ensure there is clarity when communicating why this is something you are focusing time and effort on.

    Input

    Output

    • Knowledge of the current organization
    • Pain point and opportunity themes
    • Defined drivers of the initiative

    Materials

    Participants
    • Whiteboard/flip charts (physical or electronic)
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Communications Deck

    Frame the organizational design within the context of the business

    Workforce Considerations:

    • How does your organization view its people resources? Does it have the capacity to increase the number of resources?
    • Do you currently have sufficient staff to meet the demands of the organization? Are you able to outsource resources when demand requires it?
    • Are the members of your IT organization unionized?
    • Is your workforce distributed? Do time zones impact how your team can collaborate?

    Business Context Consideration

    IT Org. Design Implication

    Culture:

    Culture, "the way we do things here,” has huge implications for executing strategy, driving engagement, and providing a guiding force that ensures organizations can work together toward common goals.

    • What is the culture of your organization? Is it cooperative, traditional, competitive, or innovative? (See appendix for details.)
    • Is this the target culture or a stepping-stone to the ideal culture?
    • How do the attitudes and behaviors of senior leaders in the organization reinforce this culture?

    Consider whether your organization’s culture can accept the operating model and organizational structure changes that make sense on paper.

    Certain cultures may lean toward particular operating models. For example, the demand-develop-service operating model may be supported by a cooperative culture. A traditional organization may lean towards the plan-build-run operating model.

    Ensure you have considered your current culture and added exercises to support it.

    If more capacity is required to accomplish the goals of the organization, you’ll want to prepare the leaders and explain the need in your design principles (to reflect training, upskilling, or outsourcing). Unionized environments require additional consideration. They may necessitate less structural changes, and so your principles will need to reflect other alternatives (hiring additional resources, creative options) to support organizational needs. Hybrid or fully remote workforces may impact how your organization interacts.

    Business context considerations

    Business Context Consideration

    IT Org. Design Implication

    Control & Governance:

    It is important to consider how your organization is governed, how decisions are made, and who has authority to make decisions.

    Strategy tells what you do, governance validates you’re doing the right things, and structure is how you execute on what’s been approved.

    • How do decisions get considered and approved in your organization? Are there specific influences that impact the priorities of the organization?
    • Are those in the organization willing to release decision-making authority around specific IT components?
    • Should the organization take on greater accountability for specific IT components?

    Organizations that require more controls may lean toward more centralized governance. Organizations that are looking to better enable and empower their divisions (products, groups, regions, etc.) may look to embed governance in these parts of the organization.

    For enterprise organizations, consider where IT has authority to make decisions (at the global, local, or system level). Appropriate governance needs to be built into the appropriate levels.

    Business context considerations

    Business Context Consideration

    IT Org. Design Implication

    Financial Constraints:

    Follow the money: You may need to align your IT organization according to the funding model.

    • Do partners come to IT with their budgets, or does IT have a central pool that they use to fund initiatives from all partners?
    • Are you able to request finances to support key initiatives/roles prioritized by the organization?
    • How is funding aligned: technology, data, digital, etc.? Is your organization business-line funded? Pooled?
    • Are there special products or digital transformation initiatives with resources outside IT? Product ownership funding?
    • How are regulatory changes funded?
    • Do you have the flexibility to adjust your budget throughout the fiscal year?
    • Are chargebacks in place? Are certain services charged back to business units

    Determine if you can move forward with a new model or if you can adjust your existing one to suit the financial constraints.

    If you have no say over your funding, pre-work may be required to build a business case to change your funding model before you look at your organizational structure – without this, you might have to rule out centralized and focus on hybrid/centralized. If you don’t control the budget (funding comes from your partners), it will be difficult to move to a more centralized model.

    A federated business organization may require additional IT governance to help prioritize across the different areas.

    Budgets for digital transformation might come from specific areas of the business, so resources may need to be aligned to support that. You’ll have to consider how you will work with those areas. This may also impact the roles that are going to exist within your IT organization – product owners or division owners might have more say.

    Business context considerations

    Business Context Consideration

    IT Org. Design Implication

    Business Perspective of IT:

    How the business perceives IT and how IT perceives itself are sometimes not aligned. Make sure the business’ goals for IT are well understood.

    • Are your business partners satisfied if IT is an order taker? Do they agree with the need for IT to become a business partner? Is IT expected to innovate and transform the organization?
    • Is what the business needs from IT the same as what IT is providing currently?

    Business Organization Structure and Growth:

    • How is the overall organization structured: Centralized/decentralized? Functionally aligned? Divided by regions?
    • In what areas does the organization prioritize investments?
    • Is the organization located across a diverse geography?
    • How big is the organization?
    • How is the organization growing and changing – by mergers and acquisitions?

    If IT needs to become more of a business partner, you’ll want to define what that means to your organization and focus on the capabilities to enable this. Educating your partners might also be required if you’re not aligned.

    For many organizations, this will include stakeholder management, innovation, and product/project management. If IT and its business partners are satisfied with an order-taker relationship, be prepared for the consequences of that.

    A global organization will require different IT needs than a single location. Specifically, site reliability engineering (SRE) or IT support services might be deployed in each region. Organizations growing through mergers and acquisitions can be structured differently depending on what the organization needs from the transaction. A more centralized organization may be appropriate if the driver is reuse for a more holistic approach, or the organization may need a more decentralized organization if the acquisitions need to be handled uniquely.

    Business context considerations

    Business Context Consideration

    IT Org. Design Implication

    Sourcing Strategy:

    • What are the drivers for sourcing? Staff augmentation, best practices, time zone support, or another reason?
    • What is your strategy for sourcing?
    • Does IT do all of your technology work, or are parts being done by business or other units?
    • Are we willing/able to outsource, and will that place us into non-compliance (regulations)?
    • Do you have vendor management capabilities in areas that you might outsource?
    • How cloud-driven is your organization?
    • Do you have global operations?

    Change Tolerance:

    • What’s your organization’s tolerance to make changes around organizational design?
    • What's the appetite and threshold for risk?

    Your sourcing strategy affects your organizational structure, including what capabilities you group together. Since managing outsourced capabilities also includes the need for vendor management, you’ll need to ensure there aren’t too many capabilities required per leader. Look closely at what can be achieved through your operating model if IT is done through other groups. Even though these groups may not be in scope of your organization changes, you need to ensure your IT team works with them effectively.

    If your organization is going to push back if there are big structural changes, consider whether the changes are truly necessary. It may be preferred to take baby steps – use an incremental versus big-bang approach.

    A need for incremental change might mean not making a major operating model change.

    Business context considerations

    Business Context Consideration

    IT Org Design. Implication

    Stakeholder Engagement & Focus:

    Identify who your customers and stakeholders are; clarify their needs and engagement model.

    • Who is the customer for IT products and services?
    • Is your customer internal? External? Both?
    • How much of a priority is customer focus for your organization?
    • How will IT interact with customers, end users, and partners? What is the engagement model desired?

    Business Vision, Services, and Products:

    Articulate what your organization was built to do.

    • What does the organization create or provide?
    • Are these products and services changing?
    • What are the most critical capabilities to your organization?
    • What makes your organization a success? What are critical success factors of the organization and how are they measuring this to determine success?

    For a customer or user focus, ensure capabilities related to understanding needs (stakeholder, UX, etc.) are prioritized. Hybrid, decentralized, or demand-develop-service models often have more of a focus on customer needs.

    Outsourcing the service desk might be a consideration if there’s a high demand for the service. A differentiation between these users might mean there’s a different demand for services.

    Think broadly in terms of your organizational vision, not just the tactical (widget creation). You might need to choose an operating model that supports vision.

    Do you need to align your organization with your value stream? Do you need to decentralize specific capabilities to enable prioritization of the key capabilities?

    1.2 Create design principles based on the business context

    1-3 hours

    1. Discuss the business context in which the IT organizational redesign will be taking place. Consider the following standard components of the business context; include other relevant components specific to your organization:
    • Culture
    • Workforce Considerations
    • Control and Governance
    • Financial Constraints
    • Business Perspective of IT
    • Business Organization Structure and Growth
    • Sourcing Strategy
    • Change Tolerance
    • Stakeholder Engagement and Focus
    • Business Vision, Services, and Products
  • Different stakeholders can have different perspectives on these questions. Be sure to consider a holistic approach and engage these individuals.
  • Capture your findings and use them to create initial design principles.
  • Input

    Output

    • Business context
    • Design principles reflecting how the business context influences the organizational redesign for IT

    Materials

    Participants

    • Whiteboard/flip charts (physical or electronic)
    • List of Context Questions
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Communications Deck

    How your IT organization is structured needs to reflect what it must be built to do

    Structure follows strategy – the way you design will impact what your organization can produce.

    Designing your IT organization requires an assessment of what it needs to be built to do:

    • What are the most critical capabilities that you need to deliver, and what does success look like in those different areas?
    • What are the most important things that you deliver overall in your organization?

    The IT organization must reflect your business needs:

    • Understand your value stream and/or your prioritized business goals.
    • Understand the impact of your strategies – these can include your overall digital strategy and/or your IT strategy

    1.3a (Optional Exercise) Identify the capabilities from your value stream

    1 hour

    1. Identify your organization’s value stream – what your overall organization needs to do from supplier to consumer to provide value. Leverage Info-Tech’s industry reference architectures if you haven’t identified your value stream, or use the Document Your Business Architecture blueprint to create yours.
    2. For each item in your value stream, list capabilities that are critical to your organizational strategy and IT needs to further invest in to enable growth.
    3. Also, list those that need further support, e.g. those that lead to long wait times, rework time, re-tooling, down-time, unnecessary processes, unvaluable processes.*
    4. Capture the IT capabilities required to enable your business in your draft principles.
    The image contains a screenshot of the above activity: Sampling Manufacturing Business Capabilities.
    Source: Six Sigma Study Guide, 2014
    Input Output
    • Organization’s value stream
    • List of IT capabilities required to support the IT strategy
    Materials Participants
    • Whiteboard/flip charts (physical or electronic)
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Communications Deck

    Your strategy will help you decide on your structure

    Ensure that you have a clear view of the goals and initiatives that are needed in your organization. Your IT, digital, business, and/or other strategies will surface the IT capabilities your organization needs to develop. Identify the goals of your organization and the initiatives that are required to deliver on them. What capabilities are required to enable these? These capabilities will need to be reflected in your design principles.

    Sample initiatives and capabilities from an organization’s strategies

    The image contains a screenshot of sample initiatives and capabilities from an organization's strategies.

    1.3b Identify the capabilities required to deliver on your strategies

    1 hour

    1. For each IT goal, there may be one or more initiatives that your organization will need to complete in order to be successful.
    2. Document those goals and infinitives. For each initiative, consider which core IT capabilities will be required to deliver on that goal. There might be one IT capability or there might be several.
    3. Identify which capabilities are being repeated across the different initiatives. Consider whether you are currently investing in those capabilities in your current organizational structure.
    4. Highlight the capabilities that require IT investment in your design principles.
    InputOutput
    • IT goals
    • IT initiatives
    • IT, digital, and business strategies
    • List of IT capabilities required to support the IT strategy
    MaterialsParticipants
    • Whiteboard/flip charts (physical or electronic)
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Communications Deck

    Create your organizational design principles

    Your organizational design principles should define a set of loose rules that can be used to design your organizational structure to the specific needs of the work that needs to be done. These rules will guide you through the selection of the appropriate operating model that will meet your business needs. There are multiple ways you can hypothetically organize yourself to meet these needs, and the design principles will point you in the direction of which solution is the most appropriate as well as explain to your stakeholders the rationale behind organizing in a specific way. This foundational step is critical: one of the key reasons for organizational design failure is a lack of requisite time spent on the front-end understanding what is the best fit.

    The image contains an example of organizing design principles as described above.

    1.4 Finalize your list of design principles

    1-3 hours

    1. As a group, review the key outputs from your data collection exercises and their implications.
    2. Consider each of the previous exercises – where does your organization stand from a maturity perspective, what is driving the redesign, what is the business context, and what are the key IT capabilities requiring support. Identify how each will have an implication on your organizational redesign. Leverage this conversation to generate design principles.
    3. Vote on a finalized list of eight to ten design principles that will guide the selection of your operating model. Have everyone leave the meeting with these design principles so they can review them in more detail with their work units or functional areas and elicit any necessary feedback.
    4. Reconvene the group that was originally gathered to create the list of design principles and make any final amendments to the list as necessary. Use this opportunity to define exactly what each design principle means in the context of your organization so everyone has the same understanding of what this means moving forward.
    InputOutput
    • Organizational redesign drivers
    • Business context
    • IT strategy capabilities
    • Organizational design principles to help inform the selection of the right operating model sketch
    MaterialsParticipants
    • Whiteboard/flip charts (physical or electronic)
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Communications Deck

    Example design principles

    Your eight to ten design principles will be those that are most relevant to YOUR organization. Below are samples that other organizations have created, but yours will not be the same.

    Design Principle

    Description

    Decision making

    We will centralize decision making around the prioritization of projects to ensure that the initiatives driving the most value for the organization as a whole are executed.

    Fit for purpose

    We will build and maintain fit-for-purpose solutions based on business units’ unique needs.

    Reduction of duplication

    We will reduce role and application duplication through centralized management of assets and clearly differentiated roles that allow individuals to focus within key capability areas.

    Managed security

    We will manage security enterprise-wide and implement compliance and security governance policies.

    Reuse > buy > build

    We will maximize reuse of existing assets by developing a centralized application portfolio management function and approach.

    Managed data

    We will create a specialized data office to provide data initiatives with the focus they need to enable our strategy.

    Design Principle

    Description

    Controlled technical diversity

    We will control the variety of technology platforms we use to allow for increased operability and reduction of costs.

    Innovation

    R&D and innovation are critical – we will build an innovation team into our structure to help us meet our digital agenda.

    Resourcing

    We will separate our project and maintenance activities to ensure each are given the dedicated support they need for success and to reduce the firefighting mentality.

    Customer centricity

    The new structure will be directly aligned with customer needs – we will have dedicated roles around relationship management, requirements, and strategic roadmapping for business units.

    Interoperability

    We will strengthen our enterprise architecture practices to best prepare for future mergers and acquisitions.

    Cloud services

    We will move toward hosted versus on-premises infrastructure solutions, retrain our data center team in cloud best practices, and build roles around effective vendor management, cloud provisioning, and architecture.

    Phase 2

    Create the Operating Model Sketch

    This phase will walk you through the following activities:

    2.1 Augment the capability list

    2.2 Heatmap capabilities to determine gaps in service

    2.3 Identify the target state of sourcing for your IT capabilities

    2.4 Review and select a base operating model sketch

    2.5 Customize the selected overlay to reflect the desired future state

    This phase involves the following participants:

    • CIO
    • IT Leadership

    Embed change management into the organizational design process

    Gain Buy-In

    Obtain desire from stakeholders to move forward with organizational redesign initiative by involving them in the process to gain interest. This will provide the stakeholders with assurance that their concerns are being heard and will help them to understand the benefits that can be anticipated from the new organizational structure.

    “You’re more likely to get buy-in if you have good reason for the proposed changes – and the key is to emphasize the benefits of an organizational redesign.”

    Source: Lucid Chart

    Info-Tech Insight

    Just because people are aware does not mean they agree. Help different stakeholders understand how the change in the organizational structure is a benefit by specifically stating the benefit to them.

    Info-Tech uses capabilities in your organizational design

    We differentiate between capabilities and competencies.

    Capabilities

    • Capabilities are focused on the entire system that would be in place to satisfy a particular need. This includes the people who are competent to complete a specific task and also the technology, processes, and resources to deliver.
    • Capabilities work in a systematic way to deliver on specific need(s).
    • A functional area is often made up of one or more capabilities that support its ability to deliver on that function.
    • Focusing on capabilities rather then the individuals in organizational redesign enables a more objective and holistic view of what your organization is striving toward.

    Competencies

    • Competencies on the other hand are specific to an individual. It determines if the individual poses the skills or ability to perform.
    • Competencies are rooted in the term competent, which looks to understand if you are proficient enough to complete the specific task at hand.
    • Source: The People Development Magazine, 2020

    Use our IT capabilities to establish your IT organization design

    The image contains a diagram of the various services and blueprints that Info-Tech has to offer.

    2.1 Augment the capability list

    1-3 hours

    1. Using the capability list on the previous slide, go through each of the IT capabilities and remove any capabilities for which your IT organization is not responsible and/or accountable. Refer to the Operating Model and Capability Definition List for descriptions of each of the IT capabilities.
    2. Augment the language of specific capabilities that you feel are not directly reflective of what is being done within your organizational context or that you feel need to be changed to reflect more specifically how work is being done in your organization.
    • For example, some organizations may refer to their service desk capability as help desk or regional support. Use a descriptive term that most accurately reflects the terminology used inside the organization today.
  • Add any core capabilities from your organization that are missing from the provided IT capability list.
    • For example, organizations that leverage DevOps capabilities for their product development may desire to designate this in their operating model.
  • Document the rationale for decisions made for future reference.
  • Input Output
    • Baseline list of IT capabilities
    • IT capabilities required to support IT strategy
    • Customized list of IT capabilities
    Materials Participants
    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership

    Record the results in the Organizational Design Workbook

    Gaps in delivery

    Identify areas that require greater focus and attention.

    Assess the gaps between where you currently are and where you need to be. Evaluate how critical and how effective your capabilities are:

    • Criticality = Importance
      • Try to focus on those which are highly critical to the organization.
      • These may be capabilities that have been identified in your strategies as areas to focus on.
    • Effectiveness = Performance
      • Identify those where the process or system is broken or ineffective, preventing the team from delivering on the capability.
      • Effectiveness could take into consideration how scalable, adaptable, or sustainable each capability is.
      • Focus on the capabilities that are low or medium in effectiveness but highly critical. Addressing the delivery of these capabilities will lead to the most positive outcomes in your organization.

    Remember to identify what allows the highly effective capabilities to perform at the capacity they are. Leverage this when increasing effectiveness elsewhere.

    High Gap

    There is little to no effectiveness (high gap) and the capability is highly important to your organization.

    Medium Gap

    Current ability is medium in effectiveness (medium gap) and there might be some priority for that capability in your organization.

    Low Gap

    Current ability is highly effective (low gap) and the capability is not necessarily a priority for your organization.

    2.2 Heatmap capabilities to determine gaps in delivery

    1-3 hours

    1. At this point, you should have identified what capabilities you need to have to deliver on your organization's goals and initiatives.
    2. Convene a group of the key stakeholders involved in the IT organizational design initiative.
    3. Review your IT capabilities and color each capability border according to the effectiveness and criticality of that capability, creating a heat map.
    • Green indicates current ability is highly effective (low gap) and the capability is not necessarily a priority for your organization.
    • Yellow indicates current ability is medium in effectiveness (medium gap) and there might be some priority for that capability in your organization.
    • Red indicates that there is little to no effectiveness (high gap) and the capability is highly important to your organization.
    Input Output
    • Selected capabilities from activity 2.1
    • Gap analysis in delivery of capabilities currently
    Materials Participants
    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership

    Record the results in the Organizational Design Workbook

    Don’t forget the why: why are you considering outsourcing?

    There are a few different “types” of outsourcing:

    1. Competitive Advantage – Working with a third-party organization for the knowledge, insights, and best practices they can bring to your organization.
    2. Managed Service– The third party manages a capability or function for your organization.
    3. Staff Augmentation – Your organization brings in contractors and third-party organizations to fill specific skills gaps.

    Weigh which sourcing model(s) will best align with the needed capabilities to deliver effectively

    Insourcing

    Staff Augmentation

    Managed Service

    Competitive Advantage

    Description

    The organization maintains full responsibility for the management and delivery of the IT capability or service.

    Vendor provides specialized skills and enables the IT capability or service together with the organization to meet demand.

    Vendor completely manages the delivery of value for the IT capability, product or service.

    Vendor has unique skills, insights, and best practices that can be taught to staff to enable insourced capability and competency.

    Benefits

    • Retains in-house control over proprietary knowledge and assets that provide competitive or operational advantage.
    • Gains efficiency due to integration into the organization’s processes.
    • Provision of unique skills.
    • Addresses variation in demand for resources.
    • Labor cost savings.
    • Improves use of internal resources.
    • Improves effectiveness due to narrow specialization.
    • Labor cost savings.
    • Gain insights into aspects that could provide your organization with advantages over competitors.
    • Long-term labor cost savings.
    • Short-term outsourcing required.
    • Increase in-house competencies.

    Drawbacks

    • Quality of services/capabilities might not be as high due to lack of specialization.
    • No labor cost savings.
    • Potentially inefficient distribution of labor for the delivery of services/capabilities.
    • Potential conflicts in management or delivery of IT services and capabilities.
    • Negative impact on staff morale.
    • Limited control over services/capabilities.
    • Limited integration into organization’s processes.
    • Short-term labor expenses.
    • Requires a culture of continuous learning and improvement.

    Your strategy for outsourcing will vary with capability and capacity

    The image contains a diagram to show the Develop Vendor Management Capabilities, as described in the text below.

    Capability

    Capacity

    Outsourcing Model

    Low

    Low

    Your solutions may be with you for a long time, so it doesn’t matter whether it is a strategic decision to outsource development or if you are not able to attract the talent required to deliver in your market. Look for a studio, agency, or development shop that has a proven reputation for long-term partnership with its clients.

    Low

    High

    Your team has capacity but needs to develop new skills to be successful. Look for a studio, agency, or development shop that has a track record of developing its customers and delivering solutions.

    High

    Low

    Your organization knows what it is doing but is strapped for people. Look at “body shops” and recruiting agencies that will support short-term development contracts that can be converted to full-time staff or even a wholesale development shop acquisition.

    High

    High

    You have capability and capacity for delivering on your everyday demands but need to rise to the challenge of a significant, short-term rise in demand on a critical initiative. Look for a major system integrator or development shop with the specific expertise in the appropriate technology.

    Use these criteria to inform your right sourcing strategy

    Sourcing Criteria

    Description

    Determine whether you’ll outsource using these criteria

    1. Critical or commodity

    Determine whether the component to be sourced is critical to your organization or if it is a commodity. Commodity components, which are either not strategic in nature or related to planning functions, are likely candidates for outsourcing. Will you need to own the intellectual property created by the third party? Are you ok if they reuse that for their other clients?

    2. Readiness to outsource

    Identify how easy it would be to outsource a particular IT component. Consider factors such as knowledge transfer, workforce reassignment or reduction, and level of integration with other components.

    Vendor management readiness – ensuring that you have sufficient capabilities to manage vendors – should also be considered here.

    3. In-house capabilities

    Determine if you have the capability to deliver the IT solutions in-house. This will help you establish how easy it would be to insource an IT component.

    4. Ability to attract resources (internal vs. outsourced)

    Determine if the capability is one that is easily sourced with full-time, internal staff or if it is a specialty skill that is best left for a third-party to source.

    Determine your sourcing model using these criteria

    5. Cost

    Consider the total cost (investment and ongoing costs) of the delivery of the IT component for each of the potential sourcing models for a component.

    6. Quality

    Define the potential impact on the quality of the IT component being sourced by the possible sourcing models.

    7. Compliance

    Determine whether the sourcing model would fit with regulations in your industry. For example, a healthcare provider would only go for a cloud option if that provider is HIPAA compliant.

    8. Security

    Identify the extent to which each sourcing option would leave your organization open to security threats.

    9. Flexibility

    Determine the extent to which the sourcing model will allow your organization to scale up or down as demand changes.

    2.3 Identify capabilities that could be outsourced

    1-3 hours

    1. For each of the capabilities that will be in your future-state operating model, determine if it could be outsourced. Review the sourcing criteria available on the previous slide to help inform which sourcing strategy you will use for each capability.
    2. When looking to outsource or co-source capabilities, consider why that capability would be outsourced:
    • Competitive Advantage – Work with a third-party organization for the knowledge, insights, and best practices they can bring to your organization.
    • Managed Service – The third party manages a capability or function for your organization.
    • Staff Augmentation – Your organization brings in contractors and third-party organizations to fill specific skills gaps.
  • Place an asterisk (*) around the capabilities that will be leveraging one of the three previous sourcing options.
  • InputOutput
    • Customized IT capabilities
    • Sourcing strategy for each IT capability
    MaterialsParticipants
    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership

    Record the results in the Organizational Design Workbook

    What is an operating model?

    Leverage a cohesive operating model throughout the organizational design process.

    An IT operating model sketch is a visual representation of the way your IT organization needs to be designed and the capabilities it requires to deliver on the business mission, strategic objectives, and technological ambitions. It ensures consistency of all elements in the organizational structure through a clear and coherent blueprint.

    The visual should be the optimization and alignment of the IT organization’s structure to deliver the capabilities required to achieve business goals. Additionally, it should clearly show the flow of work so that key stakeholders can understand where inputs flow in and outputs flow out of the IT organization. Investing time in the front end getting the operating model right is critical. This will give you a framework to rationalize future organizational changes, allowing you to be more iterative and your model to change as the business changes.

    The image contains an example of an operating model as described in the text above.

    Info-Tech Insight

    Every structure decision you make should be based on an identified need, not on a trend.Build your IT organization to enable the priorities of the organization.

    Each IT operating model is characterized by a variety of advantages and disadvantages

    Centralized

    Hybrid

    Decentralized

    Advantages
    • Maximum flexibility to allocate IT resources across business units.
    • Low-cost delivery model and greatest economies of scale.
    • Control and consistency offers opportunity for technological rationalization and standardization and volume purchasing at the highest degree.
    • Centralizes processes and services that require consistency across the organization.
    • Decentralizes processes and services that need to be responsive to local market conditions.
    • Eliminates duplication and redundancy by allowing effective use of common resources (e.g. shared services, standardization).
    • Goals are aligned to the distinct business units or functions.
    • Greater flexibility and more timely delivery of services.
    • Development resources are highly knowledgeable about business-unit-specific applications.
    • Business unit has greatest control over IT resources and can set and change priorities as needed.

    Disadvantages

    • Less able to respond quickly to local requirements with flexibility.
    • IT can be resistant to change and unwilling to address the unique needs of end users.
    • Business units can be frustrated by perception of lack of control over resources.
    • Development of special business knowledge can be limited.
    • Requires the most disciplined governance structure and the unwavering commitment of the business; therefore, it can be the most difficult to maintain.
    • Requires new processes as pooled resources must be staffed to approved projects.
    • Redundancies, conflicts, and incompatible technologies can result from business units having differentiated services and applications – increasing cost.
    • Ability to share IT resources is low due to lack of common approaches.
    • Lack of integration limits the communication of data between businesses and reduces common reporting.

    Decentralization can take many forms – define what it means to your organization

    Decentralization can take a number of different forms depending on the products the organization supports and how the organization is geographically distributed. Use the following set of explanations to understand the different types of decentralization possible and when they may make sense for supporting your organizational objectives.

    Line of Business

    Decentralization by lines of business (LoB) aligns decision making with business operating units based on related functions or value streams. Localized priorities focus the decision making from the CIO or IT leadership team. This form of decentralization is beneficial in settings where each line of business has a unique set of products or services that require specific expertise or flexible resourcing staffing between the teams.

    Product Line

    Decentralization by product line organizes your team into operationally aligned product families to improve delivery throughput, quality, and resource flexibility within the family. By adopting this approach, you create stable product teams with the right balance between flexibility and resource sharing. This reinforces value delivery and alignment to enterprise goals within the product lines.

    Geographical

    Geographical decentralization reflects a shift from centralized to regional influences. When teams are in different locations, they can experience a number of roadblocks to effective communication (e.g. time zones, regulatory differences in different countries) that may necessitate separating those groups in the organizational structure, so they have the autonomy needed to make critical decisions.

    Functional

    Functional decentralization allows the IT organization to be separated by specialty areas. Organizations structured by functional specialization can often be organized into shared service teams or centers of excellence whereby people are grouped based on their technical, domain, or functional area within IT (Applications, Data, Infrastructure, Security, etc.). This allows people to develop specialized knowledge and skills but can also reinforce silos between teams.

    2.4 Review and select a base operating model sketch

    1 hour

    1. Review the set of base operating model sketches available on the following slides.
    2. For each operating model sketch, there are benefits and risks to be considered. Make an informed selection by understanding the risks that your organization might be taking on by adopting that particular operating model.
    3. If at any point in the selection process the group is unsure about which operating model will be the right fit, refer back to your design principles established in activity 1.4. These should guide you in the selection of the right operating model and eliminate those which will not serve the organization.
    InputOutput
    • Organizational design principles
    • Customized list of IT capabilities
    • Operating model sketch examples
    • Selected operating model sketch
    MaterialsParticipants
    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership

    Record the results in the Organizational Design Workbook

    Centralized Operating Model #1: Plan-Build-Run

    I want to…

    • Establish a formalized governance process that takes direction from the organization on which initiatives should be prioritized by IT.
    • Ensure there is a clear separation between teams that are involved in strategic planning, building solutions, and delivering operational support.
    • Be able to plan long term by understanding the initiatives that are coming down the pipeline and aligning to an infrequent budgeting plan.

    BENEFITS

    • Effective at implementing long-term plans efficiently; separates maintenance and projects to allow each to have the appropriate focus.
    • More oversight over financials; better suited for fixed budgets.
    • Works across centralized technology domains to better align with the business’ strategic objectives – allows for a top-down approach to decision making.
    • Allows for economies of scale and expertise pooling to improve IT’s efficiency.
    • Well-suited for a project-driven environment that employs waterfall or a hybrid project management methodology that is less iterative.

    RISKS

    • Creates artificial silos between the build (developers) and run (operations staff) teams, as both teams focus on their own responsibilities and often fail to see the bigger picture.
    • Miss opportunities to deliver value to the organization or innovate due to an inability to support unpredictable/shifting project demands as decision making is centralized in the plan function.
    • The portfolio of initiatives being pursued is often determined before requirements analysis takes place, meaning the initiative might be solving the wrong need or problem.
    • Depends on strong hand-off processes to be defined and strong knowledge transfer from build to run functions in order to be successful.
    The image contains an example of a Centralized Operating Model: Plan-Build-Run.

    Centralized Operating Model #2: Demand-Develop-Service

    I want to…

    • Listen to the business to understand new initiatives or service enhancements being requested.
    • Enable development and operations to work together to seamlessly deliver in a DevOps culture.
    • Govern and confirm that initiatives being requested by the business are still aligned to IT’s overarching strategy and roadmap before prioritizing those initiatives.

    BENEFITS

    • Aligns well with an end-to-end services model; constant attention to customer demand and service supply.
    • Centralizes service operations under one functional area to serve shared needs across lines of business.
    • Allows for economies of scale and expertise pooling to improve IT’s efficiency.
    • Elevates sourcing and vendor management as its own strategic function; lends well to managed service and digital initiatives.
    • Development and operations housed together; lends well to DevOps-related initiatives and reduces the silos between these two core groups.

    RISKS

    • IT prioritizes the initiatives it thinks are a priority to the business based on how well it establishes good stakeholder relations and communications.
    • Depends on good governance to prevent enhancements and demands from being prioritized without approval from those with accountability and authority.
    • This model thrives in a DevOps culture but does not mean it ensures your organization is a “DevOps” organization. Be sure you're encouraging the right behaviors and attitudes.

    The image contains an example of a Centralized Operating Model: Demand, Develop, Service.

    Hybrid Operating Model #1: LOB/Functional Aligned

    I want to…

    • Better understand the various needs of the organization to align IT priorities and ensure the right services can be delivered.
    • Keep all IT decisions centralized to ensure they align with the overarching strategy and roadmap that IT has set.
    • Organize your shared services in a strategic manner that enables delivery of those services in a way that fits the culture of the organization and the desired method of operating.

    BENEFITS

    • Best of both worlds of centralization and decentralization; attempts to channel benefits from both centralized and decentralized models.
    • Embeds key IT functions that require business knowledge within functional areas, allowing for critical feedback and the ability to understand those business needs.
    • Places IT in a position to not just be “order takers” but to be more involved with the different business units and promote the value of IT.
    • Achieves economies of scale where necessary through the delivery of shared services that can be requested by the function.
    • Shared services can be organized to deliver in the best way that suits the organization.

    RISKS

    • Different business units may bypass governance to get their specific needs met by functions – to alleviate this, IT must have strong governance and prioritize amongst demand.
    • Decentralized role can be viewed as an order taker by the business if not properly embedded and matured.
    • No guaranteed synergy and integration across functions; requires strong communication, collaboration, and steering.
    • Cannot meet every business unit’s needs – can cause tension from varying effectiveness of the IT functions.

    The image contains an example of a Hybrid Operating Model: LOB/Functional Aligned.

    Hybrid Model #2: Product-Aligned Operating Model

    I want to…

    • Align my IT organization into core products (services) that IT provides to the organization and establish a relationship with those in the organization that have alignment to that product.
    • Have roles dedicated to the lifecycle of their product and ensure the product can continuously deliver value to the organization.
    • Maintain centralized set of standards as it applies to overall IT strategy, security, and architecture to ensure consistency across products and reduce silos.

    BENEFITS

    • Focus is on the full lifecycle of a product – takes a strategic view of how technology enables the organization.
    • Promotes centralized backlog around a specific value creator, rather than a traditional project focus that is more transactional.
    • Dedicated teams around the product family ensure you have all of the resources required to deliver on your product roadmap.
    • Reduces barriers between IT and business stakeholders; focuses on technology as a key strategic enabler.
    • Delivery is largely done through frequent releases that can deliver value.

    RISKS

    • If there is little or no business involvement, it could prevent IT from truly understanding business demand and prioritizing the wrong work.
    • A lack of formal governance can create silos between the IT products, causing duplication of efforts, missed opportunities for collaboration, and redundancies in application or vendor contracts.
    • Members of each product can interpret the definition of standards (e.g. architecture, security) differently.

    The image contains an example of the Hybrid Operating Model: Product-Aligned Operating Model.

    Hybrid Operating Model #3: Service-Aligned Operating Model

    I want to…

    • Decentralize the IT organization by the various IT services it offers to the organization while remaining centralized with IT strategy, governance, security and operational services.
    • Ensure IT services are defined and people resources are aligned to deliver on those services.
    • Enable each of IT’s services to have the autonomy to understand the business needs and be able to manage the operational and new project initiatives with a dedicated service owner or business relationship manager.

    BENEFITS

    • Strong enabler of agility as each service has the autonomy to make decisions around operational work versus project work based on their understanding of the business demand.
    • Individuals in similar roles that are decentralized across services are given coaching to provide common direction.
    • Allows teams to efficiently scale with service demand.
    • This is a structurally baseline DevOps model. Each group will have services built within that have their own dedicated teams that will handle the full gambit of responsibilities, from new features to enhancements and maintenance.

    RISKS

    • Service owners require a method to collaborate to avoid duplication of efforts or projects that conflict with the efforts of other IT services.
    • May result in excessive cost through role redundancies across different services, as each will focus on components like integration, stakeholder management, project management, and user experiences.
    • Silos cause a high degree of specialization, making it more difficult for team members to imagine moving to another defined service group, limiting potential career advancement opportunities.
    • The level of complex knowledge required by shared services (e.g. help desk) is often beyond what they can provide, causing them to rely on and escalate to defined service groups more than with other operating models.

    The image contains an example of the Hybrid Operating Model: Service-Aligned Operating Model.

    Decentralized Model: Division Decentralization (LoB, Geography, Function, Product)

    I want to…

    • Decentralize the IT organization to enable greater autonomy within specific groups that have differing customer demands and levels of support.
    • Maintain a standard level of service that can be provided by IT for all divisions.
    • Ensure each division has access to critical data and reports that supports informed decision making.

    BENEFITS

    • Organization around functions allows for diversity in approach in how areas are run to best serve a specific business unit’s needs.
    • Each functional line exists largely independently, with full capacity and control to deliver service at the committed SLAs.
    • Highly responsive to shifting needs and demands with direct connection to customers and all stages of the solution development lifecycle.
    • Accelerates decision making by delegating authority lower into the function.
    • Promotes a flatter organization with less hierarchy and more direct communication with the CIO.

    RISKS

    • Requires risk and security to be centralized and have oversight of each division to prevent the decisions of one division from negatively impacting other divisions or the enterprise.
    • Less synergy and integration across what different lines of business are doing can result in redundancies and unnecessary complexity.
    • Higher overall cost to the IT group due to role and technology duplication across different divisions.
    • It will be difficult to centralize aspects of IT in the future, as divisions adopt to a culture of IT autonomy.

    The image contains an example of the Decentralized Model: Division Decentralization.

    Enterprise Model: Multi-Modal

    I want to…

    • Have an organizational structure that leverages several different operating models based on the needs and requirements of the different divisions.
    • Provide autonomy and authority to the different divisions so they can make informed and necessary changes as they see fit without seeking approval from a centralized IT group.
    • Support the different initiatives the enterprise is focused on delivering and ensure the right model is adopted based on those initiatives.

    BENEFITS

    • Allows for the organization to work in ways that best support individual areas; for example, areas that support legacy systems can be supported through traditional operating models while areas that support digital transformations may be supported through more flexible operating models.
    • Enables a specialization of knowledge related to each division.

    RISKS

    • Inconsistency across the organization can lead to confusion on how the organization should operate.
    • Parts of the organization that work in more traditional operating models may feel limited in career growth and innovation.
    • Cross-division initiatives may require greater oversight and a method to enable operations between the different focus areas.

    The image contains an example of the Enterprise Model: Multi-Modal.

    Create enabling teams that bridge your divisions

    The following bridges might be necessary to augment your divisions:

    • Specialized augmentation: There might not be a sufficient number of resources to support each division. These teams will be leveraged across the divisions; this means that the capabilities needed for each division will exist in this bridge team, rather than in the division.
    • Centers of Excellence: Capabilities that exist within divisions can benefit from shared knowledge across the enterprise. Your organization might set up centers of excellence to support best practices in capabilities organization wide. These are Forums in the unfix model, or communities of practice and support capability development rather than deliveries of each division.
    • Facilitation teams might be required to support divisions through coaching. This might include Agile or other coaches who can help teams adopt practices and embed learnings.
    • Holistic teams provide an enterprise view as they work with various divisions. This can include capabilities like user experience, which can benefit from the holistic perspective rather than a siloed one. People with these capabilities augment the divisions on an as-needed basis.
    The image contains a diagram to demonstrate the use of bridges on divisions.

    2.5 Customize the selected sketch to reflect the desired future state

    1-3 hours

    1. Using the baseline operating model sketch, walk through each of the IT capabilities. Based on the outputs from activity 2.1:
      1. Remove any capabilities for which your IT organization is not responsible and/or accountable.
      2. Augment the language of specific capabilities that you feel are not directly reflective of what is being done within your organizational context or that you feel need to be changed to reflect more specifically how work is being done in your organization.
      3. Add any core capabilities from your organization that are missing from the provided IT capability list.
    2. Move capabilities to the right places in the operating model to reflect how each of the core IT processes should interact with one another.
    3. Add bridges as needed to support the divisions in your organization. Identify which capabilities will sit in these bridges and define how they will enable the operating model sketch to deliver.
    InputOutput
    • Selected base operating model sketch
    • Customized list of IT capabilities
    • Understanding of outsourcing and gaps
    • Customized operating model sketch
    MaterialsParticipants
    • Whiteboard/flip charts
    • Operating model sketch examples
    • CIO
    • IT Leadership

    Record the results in the Organizational Design Workbook

    Document the final operating model sketch in the Communications Deck

    Phase 3

    Formalize the Organizational Structure

    This phase will walk you through the following activities:

    3.1 Create work units

    3.2 Create work unit mandates

    3.3 Define roles inside the work units

    3.4 Finalize the organizational chart

    3.5 Identify and mitigate key risks

    This phase involves the following participants:

    • CIO
    • IT Leadership
    • Business Leadership

    Embed change management into the organizational design process

    Enable adoption of the new structure.

    You don’t have to make the change in one big bang. You can adopt alternative transition plans such as increments or pilots. This allows people to see the benefits of why you are undergoing the change, allows the change message to be repeated and applied to the individuals impacted, and provides people with time to understand their role in making the new organizational structure successful.

    “Transformational change can be invigorating for some employees but also highly disruptive and stressful for others.”

    Source: OpenStax, 2019

    Info-Tech Insight

    Without considering the individual impact of the new organizational structure on each of your employees, the change will undoubtedly fail in meeting its intended goals and your organization will likely fall back into old structured habits.

    Use a top-down approach to build your target-state IT organizational sketch

    The organizational sketch is the outline of the organization that encompasses the work units and depicts the relationships among them. It’s important that you create the structure that’s right for your organization, not one that simply fits with your current staff’s skills and knowledge. This is why Info-Tech encourages you to use your operating model as a mode of guidance for structuring your future-state organizational sketch.

    The organizational sketch is made up of unique work units. Work units are the foundational building blocks on which you will define the work that IT needs to get done. The number of work units you require and their names will not match your operating model one to one. Certain functional areas will need to be broken down into smaller work units to ensure appropriate leadership and span of control.

    Use your customized operating model to build your work units

    WHAT ARE WORK UNITS?

    A work unit is a functional group or division that has a discrete set of processes or capabilities that it is responsible for, which don’t overlap with any others. Your customized list of IT capabilities will form the building blocks of your work units. Step one in the process of building your structure is grouping IT capabilities together that are similar or that need to be done in concert in the case of more complex work products. The second step is to iterate on these work units based on the organizational design principles from Phase 1 to ensure that the future-state structure is aligned with enablement of the organization’s objectives.

    Work Unit Examples

    Here is a list of example work units you can use to brainstorm what your organization’s could look like. Some of these overlap in functionality but should provide a strong starting point and hint at some potential alternatives to your current way of organizing.

    • Office of the CIO
    • Strategy and Architecture
    • Architecture and Design
    • Business Relationship Management
    • Projection and Portfolio Management
    • Solution Development
    • Solution Delivery
    • DevOps
    • Infrastructure and Operations
    • Enterprise Information Security
    • Security, Risk & Compliance
    • Data and Analytics

    Example of work units

    The image contains an example of work units.

    3.1 Create functional work units

    1-3 hours

    1. Using a whiteboard or large tabletop, list each capability from your operating model on a sticky note and recreate your operating model. Use one color for centralized activities and a second color for decentralized activities.
    2. With the group of key IT stakeholders, review the operating model and any important definitions and rationale for decisions made.
    3. Starting with your centralized capabilities, review each in turn and begin to form logical groups of compatible capabilities. Review the decentralized capabilities and repeat the process, writing additional sticky notes for capabilities that will be repeated in decentralized units.
    4. Note: Not all capabilities need to be grouped. If you believe that a capability has a high enough priority, has a lot of work, or is significantly divergent from others put this capability by itself.
    5. Define a working title for each new work unit, and discuss the pros and cons of the model. Ensure the work units still align with the operating model and make any changes to the operating model needed.
    6. Review your design principles and ensure that they are aligned with your new work units.
    InputOutput
    • Organizational business objectives
    • Customized operating model
    • Defined work units
    MaterialsParticipants
    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Workbook

    Group formation

    Understand the impact of the functional groups you create.

    A group consists of two or more individuals who are working toward a common goal. Group formation is how those individuals are organized to deliver on that common goal. It should take into consideration the levels of hierarchy in your structure, the level of focus you give to processes, and where power is dispersed within your organizational design.

    Importance: Balance highly important capabilities with lower priority capabilities

    Specialization: The scope of each role will be influenced by specialized knowledge and a dedicated leader

    Effectiveness: Group capabilities that increase their efficacy

    Span of Control: Identify the right number of employees reporting to a single leader

    Choose the degree of specialization required

    Be mindful of the number of hats you’re placing on any one role.

    • Specialization exists when individuals in an organization are dedicated to performing specific tasks associated with a common goal and requiring a particular skill set. Aligning the competencies required to carry out the specific tasks based on the degree of complexity associated with those tasks ensures the right people and number of people can be assigned.
    • When people are organized by their specialties, it reduces the likelihood of task switching, reduces the time spent training or cross-training, and increases the focus employees can provide to their dedicated area of specialty.
    • There are disadvantages associated with aligning teams by their specialization, such as becoming bored and seeing the tasks they are performing as monotonous. Specialization doesn’t come without its problems. Monitor employee motivation

    Info-Tech Insight

    Smaller organizations will require less specialization simply out of necessity. To function and deliver on critical processes, some people might be asked to wear several hats.

    Avoid overloading the cognitive capacity of employees

    Cognitive load refers to the number of responsibilities that one can successfully take on.

    • When employees are assigned an appropriate number of responsibilities this leads to:
      • Engaged employees
      • Less task switching
      • Increased effectiveness on assigned responsibilities
      • Reduced bottlenecks
    • While this cognitive load can differ from employee to employee, when assigning role responsibilities, ensure each role isn’t being overburdened and spreading their focus thin.
    • Moreover, capable does not equal successful. Just because someone has the capability to take on more responsibilities doesn’t mean they will be successful.
    • Leverage the cognitive load being placed on your team to help create boundaries between teams and demonstrate clear role expectations.
    Source: IT Revolution, 2021

    Info-Tech Insight

    When you say you are looking for a team that is a “jack of all trades,” you are likely exceeding appropriate cognitive loads for your staff and losing productivity to task switching.

    Factors to consider for span of control

    Too many and too few direct reports have negative impacts on the organization.

    Complexity: More complex work should have fewer direct reports. This often means the leader will need to provide lots of support, even engaging in the work directly at times.

    Demand: Dynamic shifts in demand require more managerial involvement and therefore should have a smaller span of control. Especially if this demand is to support a 24/7 operation.

    Competency Level: Skilled employees should require less hands-on assistance and will be in a better position to support the business as a member of a larger team than those who are new to the role.

    Purpose: Strategic leaders are less involved in the day-to-day operations of their teams, while operational leaders tend to provide hands-on support, specifically when short-staffed.

    Group formation will influence communication structure

    Pick your poison…

    It’s important to understand the impacts that team design has on your services and products. The solutions that a team is capable of producing is highly dependent on how teams are structured. For example, Conway’s Law tells us that small distributed software delivery teams are more likely to produce modular service architecture, where large collocated teams are better able to create monolithic architecture. This doesn’t just apply to software delivery but also other products and services that IT creates. Note that small distributed teams are not the only way to produce quality products as they can create their own silos.

    Sources: Forbes, 2017

    Create mandates for each of your identified work units

    WHAT ARE WORK UNIT MANDATES?

    The work unit mandate should provide a quick overview of the work unit and be clear enough that any reader can understand why the work unit exists, what it does, and what it is accountable for.

    Each work unit will have a unique mandate. Each mandate should be distinguishable enough from your other work units to make it clear why the work is grouped in this specific way, rather than an alternative option. The mandate will vary by organization based on the agreed upon work units, design archetype, and priorities.

    Don’t just adopt an example mandate from another organization or continue use of the organization’s pre-existing mandate – take the time to ensure it accurately depicts what that group is doing so that its value-added activities are clear to the larger organization.

    Examples of Work Unit Mandates

    The Office of the CIO will be a strategic enabler of the IT organization, driving IT organizational performance through improved IT management and governance. A central priority of the Office of the CIO is to ensure that IT is able to respond to evolving environments and challenges through strategic foresight and a centralized view of what is best for the organization.

    The Project Management Office will provide standardized and effective project management practices across the IT landscape, including an identified project management methodology, tools and resources, project prioritization, and all steps from project initiation through to evaluation, as well as education and development for project managers across IT.

    The Solutions Development Group will be responsible for the high-quality development and delivery of new solutions and improvements and the production of customized business reports. Through this function, IT will have improved agility to respond to new initiatives and will be able to deliver high-quality services and insights in a consistent manner.

    3.2 Create work unit mandates

    1-3 hours

    1. Break into teams of three to four people and assign an equal number of work units to each team.
    2. Have each team create a set of statements that describe the overall purpose of that working group. Each mandate statement should:
    • Be clear enough that any reader can understand.
    • Explain why the work unit exists, what it does, and what it is accountable for.
    • Be distinguishable enough from your other work units to make it clear why the work is grouped in this specific way, rather than an alternative option.
  • Have each group present their work unit mandates and make changes wherever necessary.
  • InputOutput
    • Work units
    • Work unit mandates
    MaterialsParticipants
    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Workbook

    Identify the key roles and responsibilities for the target IT organization

    Now that you have identified the main units of work in the target IT organization, it is time to identify the roles that will perform that work. At the end of this step, the key roles will be identified, the purpose statement will be built, and accountability and responsibility for roles will be clearly defined. Make sure that accountability for each task is assigned to one role only. If there are challenges with a role, change the role to address them (e.g. split roles or shift responsibilities).

    The image contains an example of two work units: Enterprise Architecture and PMO. It then lists the roles of the two work units.

    Info-Tech Insight

    Do not bias your role design by focusing on your existing staff’s competencies. If you begin to focus on your existing team members, you run the risk of artificially narrowing the scope of work or skewing the responsibilities of individuals based on the way it is, rather than the way it should be.

    3.3 Define roles inside the work units

    1-3 hours

    1. Select a work unit from the organizational sketch.
    2. Describe the most senior role in that work unit by asking, “what would the leader of this group be accountable or responsible for?” Define this role and move the capabilities they will be accountable for under that leader. Repeat this activity for the capabilities this leader would be responsible for.
    3. Continue to define each role that will be required in that work unit to deliver or provide oversight related to those capabilities.
    4. Continue until key roles are identified and the capabilities each role will be accountable or responsible for are clarified.
    5. Remember, only one role can have accountability for each capability but several can have responsibility.
    6. For each role, use the list of capabilities that the position will be accountable, responsible, or accountable and responsible for to create a job description. Leverage your own internal job descriptions or visit our Job Descriptions page.
    InputOutput
    • Work units
    • Work unit mandates
    • Responsibilities
    • Accountabilities
    • Roles with clarified responsibilities and accountabilities
    MaterialsParticipants
    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Workbook

    Delivery model for product or solution development

    Can add additional complexity or clarity

    • Certain organizational structures will require a specific type of resourcing model to meet expectations and deliver on the development or sustainment of core products and solutions.
    • There are four common methods that we see in IT organizations:
      • Functional Roles: Completed work is handed off from functional team to functional team sequentially as outlined in the organization’s SDLC.
      • Shared Service & Resource Pools (Matrix): Resources are pulled whenever the work requires specific skills or pushed to areas where product demand is high.
      • Product or System: Work is directly sent to the teams who are directly managing the product or directly supporting the requestor.
      • Skills & Competencies: Work is directly sent to the teams who have the IT and business skills and competencies to complete the work.
    • Each of these will lead to a difference in how the functional team is skilled. They could have a great understanding of their customer, the product, the solution, or their service.

    Info-Tech Insight

    Despite popular belief, there is no such thing as the Spotify model, and organizations that structured themselves based on the original Spotify drawing might be missing out on key opportunities to obtain productivity from employees.

    Sources: Indeed, 2020; Agility Scales

    There can be different patterns to structure and resource your product delivery teams

    The primary goal of any product delivery team is to improve the delivery of value for customers and the business based on your product definition and each product’s demand. Each organization will have different priorities and constraints, so your team structure may take on a combination of patterns or may take on one pattern and then transform into another.

    Delivery Team Structure Patterns

    How Are Resources and Work Allocated?

    Functional Roles

    Teams are divided by functional responsibilities (e.g. developers, testers, business analysts, operations, help desk) and arranged according to their placement in the software development lifecycle (SDLC).

    Completed work is handed off from team to team sequentially as outlined in the organization’s SDLC.

    Shared Service and Resource Pools

    Teams are created by pulling the necessary resources from pools (e.g. developers, testers, business analysts, operations, help desk).

    Resources are pulled whenever the work requires specific skills or pushed to areas where product demand is high.

    Product or System

    Teams are dedicated to the development, support, and management of specific products or systems.

    Work is directly sent to the teams who are directly managing the product or directly supporting the requester.

    Skills and Competencies

    Teams are grouped based on skills and competencies related to technology (e.g. Java, mobile, web) or familiarity with business capabilities (e.g. HR, Finance).

    Work is directly sent to the teams who have the IT and business skills and competencies to complete the work.

    Delivery teams will be structured according to resource and development needs

    Functional Roles

    Shared Service and Resource Pools

    Product or System

    Skills and Competencies

    When your people are specialists versus having cross-functional skills

    Leveraged when specialists such as Security or Operations will not have full-time work on the product

    When you have people with cross-functional skills who can self-organize around a product’s needs

    When you have a significant investment in a specific technology stack

    The image contains a diagram of functional roles.The image contains a diagram of shared service and resource pools.The image contains a diagram of product or system.The image contains a diagram of skills and competencies.

    For more information about delivering in a product operating model, refer to our Deliver Digital Products at Scale blueprint.

    3.4 Finalize the organizational chart

    1-3 hours

    1. Import each of your work units and the target-state roles that were identified for each.
    2. In the place of the name of each work unit in your organizational sketch, replace the work unit name with the prospective role name for the leader of that group.
    3. Under each of the leadership roles, import the names of team members that were part of each respective work unit.
    4. Validate the final structure as a group to ensure each of the work units includes all the necessary roles and responsibilities and that there is clear delineation of accountabilities between the work units.

    Input

    Output

    • Work units
    • Work unit mandates
    • Roles with accountabilities and responsibilities
    • Finalized organizational chart

    Materials

    Participants

    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Workbook & Executive Communications Deck

    Proactively consider and mitigate redesign risks

    Every organizational structure will include certain risks that should have been considered and accepted when choosing the base operating model sketch. Now that the final organizational structure has been created, consider if those risks were mitigated by the final organizational structure that was created. For those risks that weren’t mitigated, have a tactic to control risks that remain present.

    3.5 Identify and mitigate key risks

    1-3 hours

    1. For each of the operating model sketch options, there are specific risks that should have been considered when selecting that model.
    2. Take those risks and transfer them into the correct slide of the Organizational Design Workbook.
    3. Consider if there are additional risks that need to be considered with the new organizational structure based on the customizations made.
    4. For each risk, rank the severity of that risk on a scale of low, medium, or high.
    5. Determine one or more mitigation tactic(s) for each of the risks identified. This tactic should reduce the likelihood or impact of the risk event happening.
    InputOutput
    • Final organizational structure
    • Operating model sketch benefits and risks
    • Redesign risk mitigation plan
    MaterialsParticipants
    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Workbook

    Phase 4

    Plan for Implementation & Change

    This phase will walk you through the following activities:

    4.1 Select a transition plan

    4.2 Establish the change communication messages

    4.3 Be consistent with a standard set of FAQs

    4.4 Define org. redesign resistors

    4.5 Create a sustainment plan

    This phase involves the following participants:

    • CIO
    • IT Leadership
    • Business Leadership
    • HR Business Partners

    All changes require change management

    Change management is:

    Managing a change that requires replanning and reorganizing and that causes people to feel like they have lost control over aspects of their jobs.

    – Padar et al., 2017
    People Process Technology

    Embedding change management into organizational design

    PREPARE A

    Awareness: Establish the need for organizational redesign and ensure this is communicated well.

    This blueprint is mostly focused on the prepare and transition components.

    D

    Desire: Ensure the new structure is something people are seeking and will lead to individual benefits for all.

    TRANSITION K

    Knowledge: Provide stakeholders with the tools and resources to function in their new roles and reporting structure.

    A

    Ability: Support employees through the implementation and into new roles or teams.

    FUTURE R

    Reinforcement: Emphasize and reward positive behaviors and attitudes related to the new organizational structure.

    Implementing the new organizational structure

    Implementing the organizational structure can be the most difficult part of the process.

    • To succeed in the process, consider creating an implementation plan that adequately considers these five components.
    • Each of these are critical to supporting the final organizational structure that was established during the redesign process.

    Implementation Plan

    Transition Plan: Identify the appropriate approach to making the transition, and ensure the transition plan works within the context of the business.

    Communication Strategy: Create a method to ensure consistent, clear, and concise information can be provided to all relevant stakeholders.

    Plan to Address Resistance: Given that not everyone will be happy to move forward with the new organizational changes, ensure you have a method to hear feedback and demonstrate concerns have been heard.

    Employee Development Plan: Provide employees with tools, resources, and the ability to demonstrate these new competencies as they adjust to their new roles.

    Monitor and Sustain the Change: Establish metrics that inform if the implementation of the new organizational structure was successful and reinforce positive behaviors.

    Define the type of change the organizational structure will be

    As a result, your organization must adopt OCM practices to better support the acceptance and longevity of the changes being pursued.

    Incremental Change

    Transformational Change

    Organizational change management is highly recommended and beneficial for projects that require people to:

    • Adopt new tools and workflows.
    • Learn new skills.
    • Comply with new policies and procedures.
    • Stop using old tools and workflows.

    Organizational change management is required for projects that require people to:

    • Move into different roles, reporting structures, and career paths.
    • Embrace new responsibilities, goals, reward systems, and values.
    • Grow out of old habits, ideas, and behaviors.
    • Lose stature in the organization.

    Info-Tech Insight

    How you transition to the new organizational structure can be heavily influenced by HR. This is the time to be including them and leveraging their expertise to support the transition “how.”

    Transition Plan Options

    Description

    Pros

    Cons

    Example

    Big Bang Change

    Change that needs to happen immediately – “ripping the bandage off.”

    • It puts an immediate stop to the current way of operating.
    • Occurs quickly.
    • More risky.
    • People may not buy into the change immediately.
    • May not receive the training needed to adjust to the change.

    A tsunami in Japan stopped all imports and exports. Auto manufacturers were unable to get parts shipped and had to immediately find an alternative supplier.

    Incremental Change

    The change can be rolled out slower, in phases.

    • Can ensure that people are bought in along the way through the change process, allowing time to adjust and align with the change.
    • There is time to ensure training takes place.
    • It can be a timely process.
    • If the change is dragged on for too long (over several years) the environment may change and the rationale and desired outcome for the change may no longer be relevant.

    A change in technology, such as HRIS, might be rolled out one application at a time to ensure that people have time to learn and adjust to the new system.

    Pilot Change

    The change is rolled out for only a select group, to test and determine if it is suitable to roll out to all impacted stakeholders.

    • Able to test the success of the change initiative and the implementation process.
    • Able to make corrections before rolling it out wider, to aid a smooth change.
    • Use the pilot group as an example of successful change.
    • Able to gain buy-in and create change champions from the pilot group who have experienced it and see the benefits.
    • Able to prevent an inappropriate change from impacting the entire organization.
    • Lengthy process.
    • Takes time to ensure the change has been fully worked through.

    A retail store is implementing a new incentive plan to increase product sales. They will pilot the new incentive plan at select stores, before rolling it out broadly.

    4.1 Select a transition plan approach

    1-3 hours

    1. List each of the changes required to move from your current structure to the new structure. Consider:
      1. Changes in reporting structure
      2. Hiring new members
      3. Eliminating positions
      4. Developing key competencies for staff
    2. Once you’ve defined all the changes required, consider the three different transition plan approaches: big bang, incremental, and pilot. Each of the transition plan approaches will have drawbacks and benefits. Use the list of changes to inform the best approach.
    3. If you are proceeding with the incremental or the pilot, determine the order in which you will proceed with the changes or the groups that will pilot the new structure first.
    InputOutput
    • Customized operating model sketch
    • New org. chart
    • Current org. chart
    • List of changes to move from current to future state
    • Transition plan to support changes
    MaterialsParticipants
    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership
    • HR Business Partners

    Record the results in the Organizational Design Workbook

    Make a plan to effectively manage and communicate the change

    Success of your new organizational structure hinges on adequate preparation and effective communication.

    The top challenge facing organizations in completing the organizational redesign is their organizational culture and acceptance of change. Effective planning for the implementation and communication throughout the change is pivotal. Make sure you understand how the change will impact staff and create tailored plans for communication.

    65% of managers believe the organizational change is effective when provided with frequent and clear communication.

    Source: SHRM, 2021

    Communicate reasons for organizational structure changes and how they will be implemented

    Leaders of successful change spend considerable time developing a powerful change message, i.e. a compelling narrative that articulates the desired end state, and that makes the change concrete and meaningful to staff.

    The organizational change message should:

    • Explain why the change is needed.
    • Summarize what will stay the same.
    • Highlight what will be left behind.
    • Emphasize what is being changed.
    • Explain how change will be implemented.
    • Address how change will affect various roles in the organization.
    • Discuss the staff’s role in making the change successful.

    Five elements of communicating change

    • What is the change?
    • Why are we doing it?
    • How are we going to go about it?
    • How long will it take us to do it?
    • What will the role be for each department and individual?
    Source: Cornelius & Associates, 2010

    4.2 Establish the change communication messages

    2 hours

    1. The purpose of this activity is to establish a change communication message you can leverage when talking to stakeholders about the new organizational structure.
    2. Review the questions in the Organizational Design Workbook.
    3. Establish a clear message around the expected changes that will have to take place to help realize the new organizational structure.
    InputOutput
    • Customized operating model sketch
    • New org. chart
    • Current org. chart
    • List of changes
    • Transition plan
    • Change communication message for new organizational structure
    MaterialsParticipants
    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Workbook

    Apply the following communication principles to make your IT organization redesign changes relevant to stakeholders

    Be Clear

    • Say what you mean and mean what you say.
    • Choice of language is important: “Do you think this is a good idea? I think we could really benefit from your insights and experience here.” Or do you mean: “I think we should do this. I need you to do this to make it happen.”
    • Don’t use jargon.

    Be Consistent

    • The core message must be consistent regardless of audience, channel, or medium.
    • Test your communication with your team or colleagues to obtain feedback before delivering to a broader audience.
    • A lack of consistency can be interpreted as an attempt at deception. This can hurt credibility and trust.

    Be Concise

    • Keep communication short and to the point so key messages are not lost in the noise.
    • There is a risk of diluting your key message if you include too many other details.

    Be Relevant

    • Talk about what matters to the stakeholder.
    • Talk about what matters to the initiative.
    • Tailor the details of the message to each stakeholder’s specific concerns.
    • IT thinks in processes but stakeholders only care about results: talk in terms of results.
    • IT wants to be understood but this does not matter to stakeholders. Think: “what’s in it for them?”
    • Communicate truthfully; do not make false promises or hide bad news.

    Frequently asked questions (FAQs) provide a chance to anticipate concerns and address them

    As a starting point for building an IT organizational design implementation, look at implementing an FAQ that will address the following:

    • The what, who, when, why, and where
    • The transition process
    • What discussions should be held with clients in business units
    • HR-centric questions

    Questions to consider answering:

    • What is the objective of the IT organization?
    • What are the primary changes to the IT organization?
    • What does the new organizational structure look like?
    • What are the benefits to our IT staff and to our business partners?
    • How will the IT management team share new information with me?
    • What is my role during the transition?
    • What impact is there to my reporting relationship within my department?
    • What are the key dates I should know about?

    4.3 Be consistent with a standard set of FAQs

    1 hour

    1. Beyond the completed communications plans, brainstorm a list of answers to the key “whats” of your organizational design initiative:
    • What is the objective of the IT organization?
    • What are the primary changes to the IT organization?
    • What does the new organizational structure look like?
    • What are the benefits to our IT staff and to our business partners?
  • Think about any key questions that may rise around the transition:
    • How will the IT management team share new information with me?
    • What is my role during the transition?
    • What impact is there to my reporting relationship within my department?
    • What are the key dates I should know about?
  • Determine the best means of socializing this information. If you have an internal wiki or knowledge-sharing platform, this would be a useful place to host the information.
  • InputOutput
    • Driver(s) for the new organizational structure
    • List of changes to move from current to future state
    • Change communication message
    • FAQs to provide to staff about the organizational design changes
    MaterialsParticipants
    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Workbook

    The change reaction model

    The image contains a picture of the change reaction model. The model includes a double arrow pointing in both directions of left and right. On top of the arrow are 4 circles spread out on the arrow. They are labelled: Active Resistance, Detachment, Questioning, Acceptance.

    (Adapted from Cynthia Wittig)

    Info-Tech Insight

    People resist changes for many reasons. When it comes to organizational redesign changes, some of the most common reasons people resist change include a lack of understanding, a lack of involvement in the process, and fear.

    Include employees in the employee development planning process

    Prioritize

    Assess employee to determine competency levels and interests.

    Draft

    Employee drafts development goals; manager reviews.

    Select

    Manager helps with selection of development activities.

    Check In

    Manager provides ongoing check-ins, coaching, and feedback.

    Consider core and supplementary components that will sustain the new organizational structure

    Supplementary sustainment components:

    • Tools & Resources
    • Structure
    • Skills
    • Work Environment
    • Tasks
    • Disincentives

    Core sustainment components:

    • Empowerment
    • Measurement
    • Leadership
    • Communication
    • Incentives

    Sustainment Plan

    Sustain the change by following through with stakeholders, gathering feedback, and ensuring that the change rationale and impacts are clearly understood. Failure to so increases the potential that the change initiative will fail or be a painful experience and cost the organization in terms of loss of productivity or increase in turnover rates.

    Support sustainment with clear measurements

    • Measurement is one of the most important components of monitoring and sustaining the new organizational structure as it provides insight into where the change is succeeding and where further support should be added.
    • There should be two different types of measurements:
    1. Standard Change Management Metrics
    2. Organizational Redesign Metrics
  • When gathering data around metrics, consider other forms of measurement (qualitative) that can provide insights on opportunities to enhance the success of the organizational redesign change.
    1. Every measurement should be rooted to a goal. Many of the goals related to organizational design will be founded in the driver of this change initiative
    2. Once the goals have been defined, create one or more measurements that determines if the goal was successful.
    3. Use specific key performance indicators (KPIs) that contain a metric that is being measured and the frequency of that measurement.

    Info-Tech Insight

    Obtaining qualitative feedback from employees, customers, and business partners can provide insight into where the new organizational structure is operating optimally versus where there are further adjustments that could be made to support the change.

    4.4 Consider sustainment metrics

    1 hour

    1. Establish metrics that bring the entire process together and that will ensure the new organizational design is a success.
    2. Go back to your driver(s) for the organizational redesign. Use these drivers to help inform a particular measurement that can be used to determine if the new organizational design will be successful. Each measurement should be related to the positive benefits of the organization, an individual, or the change itself.
    3. Once you have a list of measurements, use these to determine the specific KPI that can be qualified through a metric. Often you are looking for an increase or decrease of a particular measurement by a dollar or percentage within a set time frame.
    4. Use the example metrics in the workbook and update them to reflect your organization’s drivers.
    InputOutput
    • Driver(s) for the new organizational structure
    • List of changes to move from current to future state
    • Change communication message
    • Sustainment metrics
    MaterialsParticipants
    • Whiteboard/Flip Charts
    • CIO
    • IT Leadership
    • Business Leadership

    Record the results in the Organizational Design Workbook

    Related Info-Tech Research

    Build a Strategic IT Workforce Plan

    • Continue into the second phase of the organizational redesign process by defining the required workforce to deliver.
    • Leveraging trends, data, and feedback from your employees, define the competencies needed to deliver on the defined roles.

    Implement a New IT Organizational Structure

    • Organizational design implementations can be highly disruptive for IT staff and business partners.
    • Without a structured approach, IT leaders may experience high turnover, decreased productivity, and resistance to the change.

    Define the Role of Project Management in Agile and Product-Centric Delivery

    • There are many voices with different opinions on the role of project management. This causes confusion and unnecessary churn.
    • Project management and product management naturally align to different time horizons. Harmonizing their viewpoints can take significant work.

    Research Contributors and Experts

    The image contains a picture of Jardena London.

    Jardena London

    Transformation Catalyst, Rosetta Technology Group

    The image contains a picture of Jodie Goulden.

    Jodie Goulden

    Consultant | Founder, OrgDesign Works

    The image contains a picture of Shan Pretheshan.

    Shan Pretheshan

    Director, SUPA-IT Consulting

    The image contains a picture of Chris Briley.

    Chris Briley

    CIO, Manning & Napier

    The image contains a picture of Dean Meyer.

    Dean Meyer

    President N. Dean Meyer and Associates Inc.

    The image contains a picture of Jimmy Williams.

    Jimmy Williams

    CIO, Chocktaw Nation of Oklahoma

    Info-Tech Research Group

    Cole Cioran, Managing Partner

    Dana Daher, Research Director

    Hans Eckman, Principal Research Director

    Ugbad Farah, Research Director

    Ari Glaizel, Practice Lead

    Valence Howden, Principal Research Director

    Youssef Kamar, Senior Manager, Consulting

    Carlene McCubbin, Practice Lead

    Baird Miller, Executive Counsellor

    Josh Mori, Research Director

    Rajesh Parab, Research Director

    Gary Rietz, Executive Counsellor

    Bibliography

    “A Cheat Sheet for HR Professionals: The Organizational Development Process.” AIHR, 2021. Web.

    Acharya, Ashwin, Roni Lieber, Lissa Seem, and Tom Welchman. “How to identify the right ‘spans of control’ for your organization.” McKinsey, 21 December 2017. Web.

    Anand. N., and Jean-Louis Barsoux. “What everyone gets wrong about change management. Harvard Business Review, December 2017. Web.

    Atiken, Chris. “Operating model design-first principles.” From Here On, 24 August 2018. Web.

    “Avoid common digital transformation challenges: Address your IT Operating Model Now.” Sofigate, 5 May 2020. Web.

    Baumann, Oliver, and Brian Wu. “The many dimensions of research on designing flat firms.” Journal of Organizational Design, no. 3, vol. 4. 09 May 2022.Web.

    Bertha, Michael. “Cross the project to product chasm.” CIO, 1 May 2020. Web.

    Blenko, Marcia, and James Root. “Design Principles for a Robust Operating Model.” Bain & Company, 8 April 2015. Web.

    Blenko, Marcia, Leslie Mackrell, and Kevin Rosenberg. “Operating models: How non-profits get from strategy to results.” The Bridge Span Group, 15 August 2019. Web.

    Boulton, Clint. “PVH finds perfect fit in hybrid IT operating model amid pandemic.” CIO, 19 July 2021. Web.

    Boulton, Clint. “Why digital disruption leaves no room for bimodal IT.” CIO, 11 May 2017. Web.

    Bright, David, et al. “Chapter 10: Organizational Structure & Change.” Principles of Management, OpenStax, Rice University, 20 March 2019. Book.

    Campbell, Andrew. “Design Principles: How to manage them.” Ashridge Operating Models. 1 January 2022. Web.

    D., Maria. “3 Types of IT Outsourcing Models and How to Choose Between Them.” Cleveroad, 29 April 2022. Web.

    Devaney, Eric. “9 Types of Organizational Structure Every Company Should Consider.” HubSpot, 11 February 2022. Web.

    Devaney, Erik. “The six building blocks of organizational structure.” Hubspot, 3 June 2020. Web.

    Eisenman, M., S. Paruchuri, and P. Puranam. “The design of emergence in organizations.” Journal of Organization Design, vol. 9, 2020. Web.

    Forbes Business Development Council. “15 Clear Signs It’s Time to Restructure the Business.” Forbes, 10 February 2020. Web.

    Freed, Joseph. “Why Cognitive Load Could Be The Most Important Employee Experience Metric In The Next 10 Years.” Forbes, 30 June 2020. Web.

    Galibraith, Jay. “The Star Model.” JayGalbraith.com, n.d. Web.

    Girod, Stéphane, and Samina Karim. “Restructure or reconfigure?” Harvard Business Review, April 2017. Web.

    Goldman, Sharon. “The need for a new IT Operating Model: Why now?” CIO, 27 August 2019. Web.

    Halapeth, Milind. “New age IT Operating Model: Creating harmony between the old and the new.” Wirpo, n.d. Web.

    Harvey, Michelle. “Why a common operating model is efficient for business productivity.” CMC, 10 May 2020. Web.

    Helfand, Heidi. “Dynamic Reteaming.” O’Reilly Media, 7 July 2020. Book.

    JHeller, Martha. “How Microsoft CIO Jim DuBois changed the IT Operating Model.” CIO, 2 February 2016. Web.

    Heller, Martha. “How Stryker IT Shifted to a global operating model.” CIO, 19 May 2021. Web.

    Heller, Michelle. “Inside blue Shields of California’s IT operating model overhaul.” CIO, 24 February 2021. Web.

    Hessing, Ted. “Value Stream Mapping.” Six Sigma Study Guide, 11 April 2014. Web.

    Huber, George, P. “What is Organization Design.” Organizational Design Community, n.d. Web.

    Indeed Editorial Team. “5 Advantages and Disadvantages of the Matrix Organizational Structure.” Indeed, 23 November 2020. Web.

    Indeed Editorial Team. “How to plan an effective organization restructure.” Indeed, 10 June 2021. Web.

    “Insourcing vs Outsourcing vs Co-Sourcing.” YML Group, n.d. Web.

    “Investing in more strategic roles.” CAPS Research, 3 February 2022. Web.

    Jain, Gagan. “Product IT Operating Model: The next-gen model for a digital work.” DevOps, 22 July 2019. Web.

    Kane, Gerald, D. Plamer, and Anh Phillips. “Accelerating Digital Innovation Inside and Out.” Deloitte Insights, 4 June 2019. Web.

    Krush, Alesia. “IT companies with ‘flat’ structures: utopia or innovative approach?” Object Style, 18 October 2018. Web.

    Law, Michael. “Adaptive Design: Increasing Customer Value in Your Organisation.” Business Agility Institute, 5 October 2020. Web.

    LucidContent Team. “How to get buy-in for changes to your organizational structure.” Lucid Chart, n.d. Web.

    Matthews, Paul. “Do you know the difference between competence and capability?” The People Development Magazine, 25 September 2020. Web.

    Meyer, Dean N. “Analysis: Common symptoms of organizational structure problems.” NDMA, n.d. Web.

    Meyer, N. Dean. “Principle-based Organizational Structure.” NDMA Publishing, 2020. Web.

    Morales Pedraza, Jorge. Answer to posting, “What is the relationship between structure and strategy?” ResearchGate.net, 5 March 2014. Web.

    Nanjad, Len. “Five non-negotiables for effective organization design change.” MNP, 01 October 2021. Web.

    Neilson, Gary, Jaime Estupiñán, and Bhushan Sethi. “10 Principles of Organizational Design.” Strategy & Business, 23 March 2015. Web.

    Nicastro, Dom. “Understanding the Foundational Concepts of Organizational Design.” Reworked, 24 September 2020. Web.

    Obwegeser, Nikolaus, Tomoko Yokoi, Michael Wade, and Tom Voskes. “7 Key Principles to Govern Digital Initiatives.” MIT Sloan, 1 April 2020. Web.

    “Operating Models and Tools.” Business Technology Standard, 23 February 2021. Web.

    “Organizational Design Agility: Journey to a combined community.” ODF-BAI How Space, Organizational Design Forum, 2022. Web.

    “Organizational Design: Understanding and getting started.” Ingentis, 20 January 2021. Web.

    Padar, Katalin, et al. “Bringing project and change management roles into sync.” Journal of Change Management, 2017. Web.

    Partridge, Chris. “Evolve your Operating Model- It will drive everything.” CIO, 30 July 2021. Web.

    Pijnacker, Lieke. “HR Analytics: role clarity impacts performance.” Effectory, 25 September 2019. Web.

    Pressgrove, Jed. “Centralized vs. Federated: Breaking down IT Structures.” Government Technology, March 2020. Web.

    Sherman, Fraser. “Differences between Organizational Structure and Design.” Bizfluent, 20 September 2019. Web.

    Skelton, Matthew, and Manual Pais. “Team Cognitive Load.” IT Revolution, 19 January 2021. Web.

    Skelton, Matthew, and Manual Pais. Team Topologies. IT Revolution Press, 19 September 2019. Book

    Spencer, Janet, and Michael Watkins. “Why organizational change fails.” TLNT, 26 November 2019. Web.

    Storbakken, Mandy. “The Cloud Operating Model.” VMware, 27 January 2020. Web.

    "The Qualities of Leadership: Leading Change.” Cornelius & Associates, 2010. Web.

    “Understanding Organizational Structures.” SHRM, 31 August 2021. Web.

    "unfix Pattern: Base.” AgilityScales, n.d. Web.

    Walker, Alex. “Half-Life: Alyx helped change Valve’s Approach to Development.” Kotaku, 10 July 2020. Web.

    "Why Change Management.” Prosci, n.d. Web.

    Wittig, Cynthia. “Employees' Reactions to Organizational Change.” OD Practioner, vol. 44, no. 2, 2012. Web.

    Woods, Dan. “How Platforms are neutralizing Conway’s Law.” Forbes, 15 August 2017. Web.

    Worren, Nicolay, Jeroen van Bree, and William Zybach. “Organization Design Challenges. Results from a practitioner survey.” Journal of Organizational Design, vol. 8, 25 July 2019. Web.

    Appendix

    IT Culture Framework

    This framework leverages McLean & Company’s adaptation of Quinn and Rohrbaugh’s Competing Values Approach.

    The image contains a diagram of the IT Culture Framework. The framework is divided into four sections: Competitive, Innovative, Traditional, and Cooperative, each with their own list of descriptors.

    Modernize Communications and Collaboration Infrastructure

    • Buy Link or Shortcode: {j2store}306|cart{/j2store}
    • member rating overall impact (scale of 10): 9.4/10 Overall Impact
    • member rating average dollars saved: $68,332 Average $ Saved
    • member rating average days saved: 22 Average Days Saved
    • Parent Category Name: Voice & Video Management
    • Parent Category Link: /voice-video-management
    • Organizations are losing productivity from managing the limitations of yesterday’s technology. The business is changing and the current communications solution no longer adequately connects end users.
    • Old communications technology, including legacy telephony systems, disjointed messaging and communication or collaboration mediums, and unintuitive video conferencing, deteriorates the ability of users to work together in a productive manner.
    • You need a solution that meets budgetary requirements and improves internal and external communication, productivity, and the ability to work together.

    Our Advice

    Critical Insight

    • Project scope and assessment will take more time than you initially anticipate. Poorly defined technical requirements can result in failure to meet the needs of the business. Defining project scope and assessing the existing solution is 60% of project time. Being thorough here will make the difference moving forward.
    • Even when the project is about modernizing technology, it’s not really about the technology. The requirements of your people and the processes you want to maintain or reform should be the influential factors in your decisions on technology.
    • Gaining business buy-in can be difficult for projects that the business doesn’t equate with directly driving revenue. Ensure your IT team communicates with the business throughout the process and establishes business requirements. Framing conversations in a “business first, IT second” way is crucial to speaking in a language the business will understand.

    Impact and Result

    • Define a comprehensive set of requirements (across people, process, and technology) at the start of the project. Communication solutions are long-term commitments and mistakes in planning will be amplified during implementation.
    • Analyze the pros and cons of each deployment option and identify a communications solution that balances your budget and communications objectives and requirements.
    • Create an effective RFP by outlining your specific business and technical needs and goals.
    • Make the case for your communications infrastructure modernization project and be prepared to support it.

    Modernize Communications and Collaboration Infrastructure Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should modernize your communications and collaboration infrastructure, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess communications infrastructure

    Evaluate the infrastructure requirements and the ability to undergo modernization from legacy technology.

    • Modernize Communications and Collaboration Infrastructure – Phase 1: Assess Communications Infrastructure
    • Communications Infrastructure Roadmap Tool
    • Team Skills Inventory Tool
    • MACD Workflow Mapping Template - Visio
    • MACD Workflow Mapping Template - PDF

    2. Define the target state

    Build and document a formal set of business requirements using Info-Tech's pre-populated template after identifying stakeholders, aligning business and user needs, and evaluating deployment options.

    • Modernize Communications and Collaboration Infrastructure – Phase 2: Define the Target State
    • Stakeholder Engagement Workbook
    • Communications Infrastructure Stakeholder Focus Group Guide
    • IP Telephony and UC End-User Survey Questions
    • Enterprise Communication and Collaboration System Business Requirements Document
    • Communications TCO-ROI Comparison Calculator

    3. Advance the project

    Draft an RFP for a UC solution and gain project approval using Info-Tech’s executive presentation deck.

    • Modernize Communications and Collaboration Infrastructure – Phase 3: Advance the Project
    • Unified Communications Solution RFP Template
    • Modernize Communications Infrastructure Executive Presentation
    [infographic]

    Workshop: Modernize Communications and Collaboration Infrastructure

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess the Communications Infrastructure

    The Purpose

    Identify pain points.

    Build a skills inventory.

    Define and rationalize template configuration needs.

    Define standard service requests and map workflow.

    Discuss/examine site type(s) and existing technology.

    Determine network state and readiness.

    Key Benefits Achieved

    IT skills & process understanding.

    Documentation reflecting communications infrastructure.

    Reviewed network readiness.

    Completed current state analysis.

    Activities

    1.1 Build a skills inventory.

    1.2 Document move, add, change, delete (MACD) processes.

    1.3 List relevant communications and collaboration technologies.

    1.4 Review network readiness checklist.

    Outputs

    Clearly documented understanding of available skills

    Documented process maps

    Complete list of relevant communications and collaboration technologies

    Completed readiness checklist

    2 Learn and Evaluate Options to Define the Future

    The Purpose

    Hold focus group meeting.

    Define business needs and goals.

    Define solution options.

    Evaluate options.

    Discuss business value and readiness for each option.

    Key Benefits Achieved

    Completed value and readiness assessment.

    Current targets for service and deployment models.

    Activities

    2.1 Conduct internal focus group.

    2.2 Align business needs and goals.

    2.3 Evaluate deployment options.

    Outputs

    Understanding of user needs, wants, and satisfaction with current solution

    Assessment of business needs and goals

    Understanding of potential future-state solution options

    3 Identify and Close the Gaps

    The Purpose

    Identify gaps.

    Examine and evaluate ways to remedy gaps.

    Determine specific business requirements and introduce draft of business requirements document.

    Key Benefits Achieved

    Completed description of future state.

    Identification of gaps.

    Identification of key business requirements.

    Activities

    3.1 Identify gaps and brainstorm gap remedies.

    3.2 Complete business requirements document.

    Outputs

    Well-defined gaps and remedies

    List of specific business requirements

    4 Build the Roadmap

    The Purpose

    Introduce Unified Communications Solution RFP Template.

    Develop statement of work (SOW).

    Document technical requirements.

    Complete cost-benefit analysis.

    Key Benefits Achieved

    Unified Communications RFP.

    Documented technical requirements.

    Activities

    4.1 Draft RFP (SOW, tech requirements, etc.).

    4.2 Conduct cost-benefit analysis.

    Outputs

    Ready to release RFP

    Completed cost-benefit analysis

    Create a Buyer Persona and Journey

    • Buy Link or Shortcode: {j2store}558|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions
    • Contacts fail to convert to leads because messaging fails to resonate with buyers.
    • Products fail to reach targets given shallow understanding of buyer needs.
    • Sellers' emails go unopened and attempts at discovery fail due to no understanding of buyer challenges, pain points, and needs.

    Our Advice

    Critical Insight

    • Marketing leaders in possession of well-researched and up-to-date buyer personas and journeys dramatically improve product market fit, lead gen, and sales results.
    • Success starts with product, marketing, and sales alignment on targeted personas.
    • Speed to deploy is enabled via initial buyer persona attribute discovery internally.
    • However, ultimate success requires buyer interviews, especially for the buyer journey.
    • Leading marketers update journey maps every six months as disruptive events such as COVID-19 and new media and tech platform advancements require continual innovation.

    Impact and Result

    • Reduce time and treasure wasted chasing the wrong prospects.
    • Improve product-market fit.
    • Increase open and click-through rates in your lead gen engine.
    • Perform more effective sales discovery and increase eventual win rates.

    Create a Buyer Persona and Journey Research & Tools

    Start here – read the Executive Brief

    Our Executive Brief summarizes the challenges faced when buyer persona and journeys are ill-defined. It describes the attributes of, and the benefits that accrue from, a well-defined persona and journey and the key steps to take to achieve success.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Drive an aligned initial draft of buyer persona

    Define and align your team on target persona, outline steps to capture and document a robust buyer persona and journey, and capture current team buyer knowledge.

    • Buyer Persona Creation Template
    • Buyer Persona and Journey Interview Guide and Data Capture Tool

    2. Interview buyers and validate persona and journey

    Hold initial buyer interviews, test initial results, and continue with interviews.

    3. Prepare communications and educate stakeholders

    Consolidate interview findings, present to product, marketing, and sales teams. Work with them to apply to product design, marketing launch/campaigning, and sales and customer success enablement.

    • Buyer Persona and Journey Summary Template
    [infographic]

    Workshop: Create a Buyer Persona and Journey

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Align Team, Identify Persona, and Document Current Knowledge

    The Purpose

    Organize, drive alignment on target persona, and capture initial views.

    Key Benefits Achieved

    Steering committee and project team roles and responsibilities clarified.

    Product, marketing, and sales aligned on target persona.

    Build initial team understanding of persona.

    Activities

    1.1 Outline a vision for buyer persona and journey creation and identify stakeholders.

    1.2 Identify buyer persona choices and settle on an initial target.

    1.3 Document team knowledge about buyer persona (and journey where possible).

    Outputs

    Documented steering committee and working team

    Executive Brief on personas and journey

    Personas and initial targets

    Documented team knowledge

    2 Validate Initial Work and Identify Buyer Interviewees

    The Purpose

    Build list of buyer interviewees, finalize interview guide, and validate current findings with analyst input.

    Key Benefits Achieved

    Interview efficiently using 75-question interview guide.

    Gain analyst help in persona validation, reducing workload.

    Activities

    2.1 Share initial insights with covering industry analyst.

    2.2 Hear from industry analyst their perspectives on the buyer persona attributes.

    2.3 Reconcile differences; update “current understanding.”

    2.4 Identify interviewee types by segment, region, etc.

    Outputs

    Analyst-validated initial findings

    Target interviewee types

    3 Schedule and Hold Buyer Interviews

    The Purpose

    Validate current persona hypothesis and flush out those attributes only derived from interviews.

    Key Benefits Achieved

    Get to a critical mass of persona and journey understanding quickly.

    Activities

    3.1 Identify actual list of 15-20 interviewees.

    3.2 Hold interviews and use interview guides over the course of weeks.

    3.3 Hold review session after initial 3-4 interviews to make adjustments.

    3.4 Complete interviews.

    Outputs

    List of interviewees; calls scheduled

    Initial review – “are you going in the right direction?”

    Completed interviews

    4 Summarize Findings and Provide Actionable Guidance to Colleagues

    The Purpose

    Summarize persona and journey attributes and provide activation guidance to team.

    Key Benefits Achieved

    Understanding of product market fit requirements, messaging, and marketing, and sales asset content.

    Activities

    4.1 Summarize findings.

    4.2 Create action items for supporting team, e.g. messaging, touch points, media spend, assets.

    4.3 Convene steering committee/executives and working team for final review.

    4.4 Schedule meetings with colleagues to action results.

    Outputs

    Complete findings

    Action items for team members

    Plan for activation

    5 Measure Impact and Results

    The Purpose

    Measure results, adjust, and improve.

    Key Benefits Achieved

    Activation of outcomes; measured results.

    Activities

    5.1 Review final copy, assets, launch/campaign plans, etc.

    5.2 Develop/review implementation plan.

    5.3 Reconvene team to review results.

    Outputs

    Activation review

    List of suggested next steps

    Further reading

    Create a Buyer Persona and Journey

    Make it easier to market, sell, and achieve product-market fit with deeper buyer understanding.

    EXECUTIVE BRIEF

    Executive Summary

    Your Challenge

    B2B marketers without documented personas and journeys often experience the following:

    • Contacts fail to convert to leads because messaging fails to resonate with buyers.
    • Products fail to reach targets given shallow understanding of buyer needs.
    • Sellers’ emails go unopened, and attempts at discovery fail due to no understanding of buyer challenges, pain points, and needs.

    Without a deeper understanding of buyer needs and how they buy, B2B marketers will waste time and precious resources targeting the incorrect personas.

    Common Obstacles

    Despite being critical elements, organizations struggle to build personas due to:

    • A lack of alignment and collaboration among marketing, product, and sales.
    • An internal focus; or a lack of true customer centricity.
    • A lack of tools and techniques for building personas and buyer journeys.

    In today’s Agile development environment, combined with the pressure to generate revenues quickly, high tech marketers often skip the steps necessary to go deeper to build buyer understanding.

    SoftwareReviews’ Approach

    With a common framework and target output, clients will:

    • Align marketing, sales, and product, and collaborate together to share current knowledge on buyer personas and journeys.
    • Target 12-15 customers and prospects to interview and validate insights. Share that with customer-facing staff.
    • Activate the insights for more customer-centric lead generation, product development, and selling.

    Clients who activate findings from buyer personas and journeys will see a 50% results improvement.

    SoftwareReviews Insight:
    Buyer personas and buyer journeys are essential ingredients in go-to-market success, as they inform for product, marketing, sales, and customer success who we are targeting and how to engage with them successfully.

    Buyer personas and journeys: A go-to-market critical success factor

    Marketers – large and small – will fail to optimize product-market fit, lead generation, and sales effectiveness without well-defined buyer personas and a buyer journey.

    Critical Success Factors of a Successful G2M Strategy:

    • Opportunity size and business case
    • Buyer personas and journey
    • Competitively differentiated product hypothesis
    • Buyer-validated commercial concept
    • Sales revenue plan and program cost budget
    • Consolidated communications to steering committee

    Jeff Golterman, Managing Director, SoftwareReviews Advisory

    “44% of B2B marketers have already discovered the power of Personas.”
    – Hasse Jansen, Boardview.io!, 2016

    Documenting buyer personas enables success beyond marketing

    Documenting buyer personas has several essential benefits to marketing, sales, and product teams:

    • Achieve a better understanding of your target buyer – by building a detailed buyer persona for each type of buyer and keeping it fresh, you take a giant step toward becoming a customer-centric organization.
    • Team alignment on a common definition – will happen when you build buyer personas collaboratively and among those teams that touch the customer.
    • Improved lead generation – increases dramatically when messaging and marketing assets across your lead generation engine better resonate with buyers because you have taken the time to understand them deeply.
    • More effective selling – is possible when sellers apply persona development output to their interactions with prospects and customers.
    • Better product-market fit – increases when product teams more deeply understand for whom they are designing products. Documenting buyer challenges, pain points, and unmet needs gives product teams what they need to optimize product adoption.

    “It’s easier buying gifts for your best friend or partner than it is for a stranger, right? You know their likes and dislikes, you know the kind of gifts they’ll have use for, or the kinds of gifts they’ll get a kick out of. Customer personas work the same way, by knowing what your customer wants and needs, you can present them with content targeted specifically to their wants and needs.”
    – Emma Bilardi, Product Marketing Alliance, 2020

    Buyer understanding activates just about everything

    Without the deep buyer insights that persona and journey capture enables, marketers are suboptimized.

    Buyer Persona and Journey

    • Product design
    • Customer targeting
    • Personalization
    • Messaging
    • Content marketing
    • Lead gen & scoring
    • Sales Effectiveness
    • Customer retention

    “Marketing eutopia is striking the all-critical sweet spot that adds real value and makes customers feel recognized and appreciated, while not going so far as to appear ‘big brother’. To do this, you need a deep understanding of your audience coming from a range of different data sets and the capability to extract meaning.”
    – Plexure, 2020

    Does your organization need buyer persona and journey updating?

    “Yes,” if experiencing one or more key challenges:

    • Sales time is wasted on unqualified leads
    • Website abandon rates are high
    • Lead gen engine click-through rates are low
    • Ideal customer profile is ill defined
    • Marketing asset downloads are low
    • Seller discovery with prospects is ineffective
    • Sales win/loss rates drop due to poor product-market fit
    • Higher than desired customer churn

    SoftwareReviews Advisory Insight:
    Marketers developing buyer personas and journeys that lack agreement among Marketing, Sales, and Product of personas to target will squander precious time and resources throughout the customer targeting and acquisition process.

    Outcomes and benefits

    Building your buyer persona and journey using our methodology will enable:

    • Greater stakeholder alignment – when marketing, product, and sales agree on personas, less time is wasted on targeting alternate personas.
    • Improved product-market fit – when buyers see both pain-relieving features and value-based pricing, “because you asked vs. guessed,” win rates increase.
    • Greater open and click-through rates – because you understood buyer pain points and motivations for solution seeking, you’ll see higher visits and engagement with your lead gen engine, and because you asked “what asset types do you find most helpful” your CTAs become ”lead-gen magnets” because you’ve offered the right asset types in your content marketing strategy.
    • More qualified leads – because you defined a more accurate ideal customer profile (ICP) and your lead scoring algorithm has improved, sellers see more qualified leads.
    • Increased sales cycle velocity – since you learned from personas their content and engagement preferences and what collateral types they need during the down-funnel sales discussions, sales calls are more productive and sales cycles shrink.

    Our methodology for buyer persona and journey creation

    1. Document Team Knowledge of Buyer Persona and Drive Alignment 2. Interview Target Buyer Prospects and Customers 3. Create Outputs and Apply to Marketing, Sales, and Product
    Phase Steps
    1. Outline a vision for buyer persona and journey creation and identify stakeholders.
    2. Pull stakeholders together, identify initial buyer persona, and begin to document team knowledge about buyer persona (and journey where possible).
    3. Validate with industry and marketing analyst’s initial buyer persona, and identify list of buyer interviewees.
    1. Hold interviews and document and share findings.
    2. Validate initial drafts of buyer persona and create initial documented buyer journey. Review findings among key stakeholders, steering committee, and supporting analysts.
    3. Complete remaining interviews.
    1. Summarize findings.
    2. Convene steering committee/exec. and working team for final review.
    3. Communicate to key stakeholders in product, marketing, sales, and customer success for activation.
    Phase Outcomes
    1. Steering committee and team selection
    2. Team insights about buyer persona documented
    3. Buyer persona validation with industry and marketing analysts
    4. Sales, marketing, and product alignment
    1. Interview guide
    2. Target interviewee list
    3. Buyer-validated buyer persona
    4. Buyer journey documented with asset types, channels, and “how buyers buy” fully documented
    1. Education deck on buyer persona and journey ready for use with all stakeholders: product, field marketing, sales, executives, customer success, partners
    2. Activation will update product-market fit, optimize lead gen, and improve sales effectiveness

    Our approach provides interview guides and templates to help rebuild buyer persona

    Our methodology will enable you to align your team on why it’s important to capture the most important attributes of buyer persona including:

    • Functional – helps you find and locate your target personas
    • Emotive – deepens team understanding of buyer initiatives, motivations for seeking alternatives, challenges they face, pain points for your offerings to address, and terminology that describes the “space”
    • Solution – enables greater product market fit
    • Behavioral – clarifies how to communicate with personas and understand their content preferences
    Functional – “to find them”
    Job Role Title Org. Chart Dynamics Buying Center Firmographics
    Emotive – “what they do and jobs to be done”
    Initiatives: What programs/projects the persona is tasked with and their feelings and aspirations about these initiatives. Motivations? Build credibility? Get promoted? Challenges: Identify the business issues, problems, and pain points that impede attainment of objectives. What are their fears, uncertainties, and doubts about these challenges? Buyer Need: They may have multiple needs; which need is most likely met with the offering? Terminology: What are the keywords/phrases they organically use to discuss the buyer need or business issue?
    Decision Criteria – “how they decide”
    Buyer Role: List decision-making criteria and power level. The five common buyer roles are champion, influencer, decision maker, user, and ratifier (purchaser/negotiator). Evaluation and Decision Criteria: Which lens – strategic, financial, or operational – does the persona evaluate the impact of purchase through?
    Solution Attributes – “what does the ideal solution look like”
    Steps in “Jobs to Be Done” Elements of the “Ideal Solution” Business outcomes from ideal solution Opportunity scope; other potential users Acceptable price for value delivered Alternatives that see consideration Solution sourcing: channel, where to buy
    Behavioral Attributes – “how to approach them successfully”
    Content Preferences: List the persona’s content preferences – blog, infographic, demo, video – vs. long-form assets (e.g. white paper, presentation, analyst report). Interaction Preferences: Which are preferred among in-person meetings, phone calls, emails, videoconferencing, conducting research via Web, mobile, and social? Watering Holes: Which physical or virtual places do they go to network or exchange info with peers (e.g. LinkedIn)?

    Buyer journeys are constantly shifting

    If you didn’t remap buyer journeys in 2021, you may be losing to competitors that did. Leaders remap buyer journey frequently.

    • The multi-channel buyer journey is constantly changing. Today’s B2B buyer uses industry research sites, vendor content marketing assets, software reviews sites, contacts with vendor salespeople, events participation, peer networking, consultants, emails, social media sites, and electronic media to research purchasing decisions.
    • COVID-19 has dramatically decreased face-to-face interaction. We estimate a B2B buyer spent 20-25% more time online in 2021 than pre-COVID-19 researching software buying decisions. This has diminished the importance of face-to-face selling and given dramatic rise to digital selling and outbound marketing.
    • Content marketing has exploded, but without mapping the buyer journey and knowing where – by channel –and when – by buyer journey step – to offer content marketing assets, we will fail to convert prospects into buyers.

    “~2/3 of [B2B] buyers prefer remote human interactions or digital self-service.” And during Aug. ‘20 to Feb. ‘21, use of digital self-service to interact with sales reps leapt by more than 10% for both researching and evaluating new suppliers.”
    – Liz Harrison, Dennis Spillecke, Jennifer Stanley, and Jenny Tsai McKinsey & Company, 2021

    SoftwareReviews Advisory Insight:
    Marketers are advised to update their buyer journey annually and with greater frequency when the human vs. digital mix is affected due to events such as COVID-19 and as emerging media such as AR shifts asset-type usage and engagement options.

    Our approach helps you define the buyer journey

    Because marketing leaders need to reach buyers through the right channel with the right message at the right time during their decision cycle, you’ll benefit by using questionnaires that enable you to build the below easily and quickly.

    You’ll be more successful by following our overall guidance

    Overarching insight

    Buyer personas and buyer journeys are essential ingredients in go-to-market success, as they inform for product, marketing, sales, and customer success who we are targeting and how to engage with them successfully.

    Align Your Team

    Marketers developing buyer personas and journeys that lack agreement among Marketing, Sales, and Product of personas to target will squander precious time and resources throughout the customer targeting and acquisition process.

    Jump-Start Persona Development

    Marketing leaders leverage the buyer persona knowledge not only from in-house experts in areas such as sales and executives but from analysts that speak with their buyers each and every day.

    Buyer Interviews Are a Must

    While leaders will get a fast start by interviewing sellers, executives, and analysts, you will fail to craft the right messages, build the right marketing assets, and design the best buyer journey if you skip buyer interviews.

    Watch for Disruption

    Leaders will update their buyer journey annually and with greater frequency when the human vs. digital mix is effected due to events such as COVID-19 and as emerging media such as AR and VR shifts the way buyers engage.

    Advanced Buyer Journey Discovery

    Digital marketers that ramp up lead gen engine capabilities to capture “wins” and measure engagement back through the lead gen and nurturing engines will build a more data-driven view of the buyer journey. Target to build this advanced capability in your initial design.

    Tools and templates to speed your success

    This blueprint is accompanied by supporting deliverables to help you gather team insights, interview customers and prospects, and summarize results for ease in communications.

    To support your buyer persona and journey creation, we’ve created the enclosed tools

    Buyer Persona Creation Template

    A PowerPoint template to aid the capture and summarizing of your team’s insights on the buyer persona.

    Buyer Persona and Journey Interview Guide and Data Capture Tool

    For interviewing customers and prospects, this tool is designed to help you interview personas and summarize results for up to 15 interviewees.

    Buyer Persona and Journey Summary Template

    A PowerPoint template into which you can drop your buyer persona and journey interviewees list and summary findings.

    SoftwareReviews offers two levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    The "do-it-yourself" step-by-step instructions begin with Phase 1.

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    A Guided Implementation is a series of analysts inquiries with you and your team.

    Diagnostics and consistent frameworks are used throughout each option.

    Guided Implementation

    A Guided Implementation (GI) is series of calls with a SoftwareReviews Advisory analyst to help implement our best practices in your organization.

    For guidance on marketing applications, we can arrange a discussion with an Info-Tech analyst.

    Your engagement managers will work with you to schedule analyst calls.

    What does our GI on buyer persona and journey mapping look like?

    Drive an Aligned Initial Draft of Buyer Persona

    • Call #1: Collaborate on vision for buyer persona and the buyer journey. Review templates and sample outputs. Identify your team.
    • Call #2: Review work in progress on capturing working team knowledge of buyer persona elements.
    • Call #3: (Optional) Review Info-Tech’s research-sourced persona insights.
    • Call #4: Validate the persona WIP with Info-Tech analysts. Review buyer interview approach and target list.

    Interview Buyers and Validate Persona and Journey

    • Call #5: Revise/review interview guide and final interviewee list; schedule interviews.
    • Call #6: Review interim interview finds; adjust interview guide.
    • Call #7: Use interview findings to validate/update persona and build journey map.
    • Call #8: Add supporting analysts to final stakeholder review.

    Prepare Communications and Educate Stakeholders

    • Call #9: Review output templates completed with final persona and journey findings.
    • Call #10: Add supporting analysts to stakeholder education meetings for support and help with addressing questions/issues.

    Workshop overview

    Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

    Day1 Day 2 Day 3 Day 4 Day 5
    Align Team, Identify Persona, and Document Current Knowledge Validate Initial Work and Identify Buyer Interviewees Schedule and Hold Buyer interviews Summarize Findings and Provide Actionable Guidance to Colleagues Measure Impact and Results
    Activities

    1.1 Outline a vision for buyer persona and journey creation and identify stakeholders.

    1.2 Identify buyer persona choices and settle on an initial target.

    1.3 Document team knowledge about buyer persona (and journey where possible).

    2.1 Share initial insights with covering industry analyst.

    2.2 Hear from industry analyst their perspectives on the buyer persona attributes.

    2.3 Reconcile differences; update “current understanding.”

    2.4 Identify interviewee types by segment, region, etc.

    3.1 Identify actual list of 15-20 interviewees.

    A gap of up to a week for scheduling of interviews.

    3.2 Hold interviews and use interview guides (over the course of weeks).

    3.3 Hold review session after initial 3-4 interviews to make adjustments.

    3.4 Complete interviews.

    4.1 Summarize findings.

    4.2 Create action items for supporting team, e.g. messaging, touch points, media spend, assets.

    4.3 Convene steering committee/exec. and working team for final review.

    4.4 Schedule meetings with colleagues to action results.

    5.1 Review final copy, assets, launch/campaign plans, etc.

    5.2 Develop/review implementation plan.

    A period of weeks will likely intervene to execute and gather results.

    5.3 Reconvene team to review results.

    Deliverables
    1. Documented steering committee and working team
    2. Executive Brief on personas and journey
    3. Personas and initial targets
    4. Documented team knowledge
    1. Analyst-validated initial findings
    2. Target interviewee types
    1. List of interviewees; calls scheduled
    2. Initial review – “are we going in the right direction?”
    3. Completed interviews
    1. Complete findings
    2. Action items for team members
    3. Plan for activation
    1. Activation review
    2. List of suggested next steps

    Phase 1
    Drive an Aligned Initial Draft of Buyer Persona

    This Phase walks you through the following activities:

    • Develop an understanding of what comprises a buyer persona and journey, including their importance to overall go-to-market strategy and execution.
    • Sample outputs.

    This Phase involves the following stakeholders:

    • Program leadership
    • Product Marketing
    • Product Management
    • Representative(s) from Sales
    • Executive Leadership

    1.1 Establish the team and align on shared vision

    Input

    • Typically a joint recognition that buyer personas have not been fully documented.
    • Identify working team members/participants (see below), and an executive sponsor.

    Output

    • Communication of team members involved and the make-up of steering committee and working team
    • Alignment of team members on a shared vision of “Why Build Buyer Personas and Journey” and what key attributes define both.

    Materials

    • N/A

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • CMO/Sponsoring Executive Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • SoftwareReviews marketing analyst

    60 minutes

    1. Schedule inquiry with working team members and walk the team through the Buyer Persona and Journey Executive Brief PowerPoint presentation.
    2. Optional: Have the (SoftwareReviews Advisory) SRA analyst walk the team through the Buyer Persona and Journey Executive Brief PowerPoint presentation as part of your session.

    Review the Create a Buyer Persona Executive Brief (Slides 3-14)

    1.2 Document team knowledge of buyer persona

    Input

    • Working team member knowledge

    Output

    • Initial draft of your buyer persona

    Materials

    • Buyer Persona Creation Template

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • CMO/Sponsoring Executive (optional)
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    2-3 sessions of 60 minutes each

    1. Schedule meeting with working team members and, using the Buyer Persona Template, lead the team in a discussion that documents current team knowledge of the target buyer persona.
    2. Lead the team to prioritize an initial, single, most important persona and to collaborate to complete the template (and later, the buyer journey). Once the team learns the process for working on the initial persona, the development of additional personas will become more efficient.
    3. Place the PowerPoint template in a shared drive for team collaboration. Expect to schedule several 60-minute meets. Quicken collaboration by encouraging team to “do their homework” by sharing persona knowledge within the shared drive version of the template. Your goal is to get to an initial agreed upon version that can be shared for additional validation with industry analyst(s) in the next step.

    Download the Buyer Persona Creation Template

    1.3 Validate with industry analysts

    Input

    • Identify gaps in persona from previous steps

    Output

    • Further validated buyer persona

    Materials

    • Bring your Buyer Persona Creation Template to the meeting to share with analysts

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • CMO/Sponsoring Executive (Optional)
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • Info-Tech analyst covering your product category and SoftwareReviews marketing analyst

    30 minutes

    1. Schedule meeting with working team members and discuss which persona areas require further validation from an Info-Tech analyst who has worked closely with those buyers within your persona.

    60 minutes

    1. Schedule an inquiry with the appropriate Info-Tech analyst and SoftwareReviews Advisory analyst to share current findings and see:
      1. Info-Tech analyst provide content feedback given what they know about your target persona and product category.
      2. SoftwareReviews Advisory analyst provide feedback on persona approach and to coach any gaps or important omissions.
    2. Tabulate results and update your persona summary. At this point you will likely require additional validation through interviews with customers and prospects.

    1.4 Identify interviewees and prepare for interviews

    Input

    • Identify segments within which you require persona knowledge
    • Understand your persona insight gaps

    Output

    • List of interviewees

    Materials

    • Interviewee recording template on following slide
    • Interview guide questions found within the Buyer Persona and Journey Interview Guide and data Capture Tool

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    1-2 weeks

    1. Identify the types of customers and prospects that will best represent your target persona. Choose interviewees that when interviewed will inform key differences among key segments (geographies, company size, mix of customers and prospects, etc.).
    2. Recruit interviewees and schedule interviews for 45 minutes.
    3. Keep track of Interviewees using the slide following this one.
    4. In preparation for interviews, review the Buyer Persona and Journey Interview Guide and Data Capture Tool. Review the two sets of questions:
      1. Buyer Persona-Related – use to validate areas where you still have gaps in your persona, OR if you are starting with a blank persona and wish to build your personas entirely based on customer and prospect interviews.
      2. Buyer-Journey Related, which we will focus on in the next phase.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    The image shows a table titled ‘Interviewee List.’ A note next to the title indicates: Here you will document your interviewee list and outreach plan. A note in the Segment column indicates: Ensure you are interviewing personas across segments that will give you the insights you need, e.g. by size, by region, mix of customers and prospects. A note in the Title column reads: Vary your title types up or down in the “buying center” if you are seeking to strengthen buying center dynamics understanding. A note in the Roles column reads: Vary your role types according to decision-making roles (decision maker, influencer, ratifier, coach, user) if you are seeking to strengthen decision-making dynamics understanding.

    Phase 2
    Interview Buyers and Validate Persona and Journey

    This Phase walks you through the following activities:

    • Developing final interview guide.
    • Interviewing buyers and customers.
    • Adjusting approach.
    • Validating buyer persona.
    • Crafting buyer journey
    • Gaining analyst feedback.

    This Phase involves the following stakeholders:

    • Program leadership
    • Product Marketing
    • Representative(s) from Sales

    2.1 Hold interviews

    Input

    • List of interviewees
    • Final list of questions

    Output

    • Buyer perspectives on their personas and buyer journeys

    Materials

    • Buyer Persona and Journey Interview Guide and data Capture Tool

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    1-2 weeks

    1. Hold interviews and adjust your interviewing approach as you go along. Uncover where you are not getting the right answers, check with working team and analysts, and adjust.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    2.2 Use interview findings to validate what’s needed for activation

    Input

    • List of interviewees
    • Final list of questions

    Output

    • Buyer perspectives on their personas and buyer journeys
    • Stakeholder feedback that actionable insights are resulting from interviews

    Materials

    • Buyer Persona Creation Template
    • Buyer Persona and Journey Interview Guide and Data Capture Tool

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • SoftwareReviews marketing analyst

    2 hours

    1. Convene your team, with marketing analysts, and test early findings: It’s wise to test initial interview results to check that you are getting the right insights to understand and validate key challenges, pain points, needs, and other vital areas pertaining to the buyer persona. Are the answers you are getting enabling you to complete the Summary slides for later communications and training for Sales?
    2. Check when doing buyer journey interviews that you are getting actionable answers that drive messaging, what asset types are needed, what the marketing channel mix is, and other vital insights to activate the results. Are the answers you are getting adequate to give guidance to campaigners, content marketers, and sales enablement?
    3. See the following slides for detailed questions that need to be answered satisfactorily by your team members that need to “activate” the results.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    2.2.1 Are you getting what you need from interviews to inform the buyer persona?

    Test that you are on the right track:

    1. Are you getting the functional answers so you can guide sellers to the right roles? Can you guide marketers/campaigners to the right “Ideal Customer Profile” for lead scoring?
    2. Are you capturing the right emotive areas that will support message crafting? Solutioning? SEM/SEO?
    3. Are you capturing insights into “how they decide” so sellers are well informed on the decision-making dynamics?
    4. Are you getting a strong understanding of content, interaction preferences, and news and information sources so sellers can outreach more effectively, you can pinpoint media spend, and content marketing can create the right assets?
    Functional – “to find them”
    Job Role Title Org. Chart Dynamics Buying Center Firmographics
    Emotive – “what they do and jobs to be done”
    Initiatives: What programs/projects the persona is tasked with and their feelings and aspirations about these initiatives. Motivations? Build credibility? Get promoted? Challenges: Identify the business issues, problems, and pain points that impede attainment of objectives. What are their fears, uncertainties, and doubts about these challenges? Buyer Need: They may have multiple needs; which need is most likely met with the offering? Terminology: What are the keywords/phrases they organically use to discuss the buyer need or business issue?
    Decision Criteria – “how they decide”
    Buyer Role: List decision-making criteria and power level. The five common buyer roles are champion, influencer, decision maker, user, and ratifier (purchaser/negotiator). Evaluation and Decision Criteria: Which lens – strategic, financial, or operational – does the persona evaluate the impact of purchase through?
    Solution Attributes – “what does the ideal solution look like”
    Steps in “Jobs to Be Done” Elements of the “Ideal Solution” Business outcomes from ideal solution Opportunity scope; other potential users Acceptable price for value delivered Alternatives that see consideration Solution sourcing: channel, where to buy
    Behavioral Attributes – “how to approach them successfully”
    Content Preferences: List the persona’s content preferences – blog, infographic, demo, video – vs. long-form assets (e.g. white paper, presentation, analyst report). Interaction Preferences: Which are preferred among in-person meetings, phone calls, emails, videoconferencing, conducting research via Web, mobile, and social? Watering Holes: Which physical or virtual places do they go to network or exchange info with peers (e.g. LinkedIn)?

    2.2.2 Are you getting what you need from interviews to support the buyer journey?

    Our approach helps you define the buyer journey

    Because marketing leaders need to reach buyers through the right channel with the right message at the right time during their decision cycle, you’ll benefit by using questionnaires that enable you to build the below easily and quickly.

    2.3 Continue interviews

    Input

    • Final adjustments to list of interview questions

    Output

    • Final buyer perspectives on their personas and buyer journeys

    Materials

    • Buyer Persona Creation Template
    • Buyer Persona and Journey Interview Guide and data Capture Tool

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    1-2 weeks

    1. Continue customer and prospect interviews.
    2. Ensure you are gaining the segment perspectives needed.
    3. Complete the “Summary” columns within the Buyer Persona and Journey Interview Guide and Data Capture Tool.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    Phase 3
    Prepare Communications and Educate Stakeholders

    This Phase walks you through the following activities:

    • Creating outputs for key stakeholders
    • Communicating final findings and supporting marketing, sales, and product activation.

    This Phase involves the following stakeholders:

    • Program leadership
    • Product Marketing
    • Product Management
    • Sales
    • Field Marketing/Campaign Management
    • Executive Leadership

    3.1 Summarize interview results and convene full working team and steering committee for final review

    Input

    • Buyer persona and journey interviews detail

    Output

    • Buyer perspectives on their personas and buyer journeys

    Materials

    • Buyer Persona and Journey Interview Guide and Data Capture Tool
    • Buyer Persona and Journey Summary Template

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • CMO/Sponsoring Executive (Optional)
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • SoftwareReviews marketing analyst

    1-2 hours

    1. Summarize interview results within the Buyer Persona and Journey Summary Template.

    Download the Buyer Persona and Journey Interview Guide and Data Capture Tool

    Download the Buyer Persona and Journey Summary Template

    3.2 Convene executive steering committee and working team to review results

    Input

    • Buyer persona and journey interviews summary

    Output

    • Buyer perspectives on their personas and buyer journeys

    Materials

    • Buyer Persona and Journey Summary Template

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales

    1-2 hours

    1. Present final persona and journey results to the steering committee/executives and to working group using the summary slides interview results within the Buyer Persona and Journey Summary Template to finalize results.

    Download the Buyer Persona and Journey Summary Template

    3.3 Convene stakeholder meetings to activate results

    Input

    • Buyer persona and journey interviews summary

    Output

    Activation of key learnings to drive:

    • Better product –market fit
    • Lead gen
    • Sales effectiveness
    • Awareness

    Materials

    • Buyer Persona and Journey Summary Template

    Participants

    • Initiative Manager – individual leading the buyer persona and journey initiative
    • Working Team – typically representatives in Product Marketing, Product Management, and Sales
    • Stakeholder team members (see left)

    4-5 hours

    Present final persona and journey results to each stakeholder team. Key presentations include:

    1. Product team to validate product market fit.
    2. Content marketing to provide messaging direction for the creation of awareness and lead gen assets.
    3. Campaigners/Field Marketing for campaign-related messaging and to identify asset types required to be designed and delivered to support the buyer journey.
    4. Social media strategists for social post copy, and PR for other awareness-building copy.
    5. Sales enablement/training to enable updating of sales collateral, proposals, and sales training materials. Sellers to help with their targeting, prospecting, and crafting of outbound messaging and talk tracks.

    Download the Buyer Persona and Journey Summary Template

    Summary of Accomplishment

    Problem Solved

    With the help of this blueprint, you have deepened your and your colleagues’ buyer understanding at both the persona “who they are” level and the buyer journey “how do they buy” level. You are among the minority of marketing leaders that have fully documented a buyer persona and journey – congratulations!

    The benefits of having led your team through the process are significant and include the following:

    • Better alignment of customer/buyer-facing teams such as in product, marketing, sales, and customer success.
    • Messaging that can be used by marketing, sales, and social teams that will resonate with buyer initiatives, pain points, sought-after “pain relief,” and value.
    • Places in the digital and physical universe where your prospects “hang out” so you can optimize your media spend.
    • More effective use of marketing assets and sales collateral that align with the way your prospect needs to consume information throughout their buyer journey to make a decision in your solution area.

    And by capturing and documenting your buyer persona and journey even for a single buyer type, you have started to build the “institutional strength” to apply the process to other roles in the decision-making process or for when you go after new and different buyer types for new products. And finally, by bringing your team along with you in this process, you have also led your team in becoming a more customer-focused organization – a strategic shift that all organizations should pursue.

    If you would like additional support, contact us and we’ll make sure you get the professional expertise you need.

    Contact your account representative for more information.

    info@softwarereviews.com

    1-888-670-8889

    Related Software Reviews Research

    Optimize Lead Generation With Lead Scoring

    • Save time and money and improve your sales win rates when you apply our methodology to score contacts with your lead gen engine more accurately and pass better qualified leads over to your sellers.
    • Our methodology teaches marketers to develop your own lead scoring approach based upon lead/contact profile vs. your Ideal Customer Profile (ICP) and scores contact engagement. Applying the methodology to arrive at your own approach to scoring will mean reduced lead gen costs, higher conversion rates, and increased marketing-influenced wins.

    Bibliography

    Bilardi, Emma. “How to Create Buyer Personas.” Product Marketing Alliance, July 2020. Accessed Dec. 2021.

    Harrison, Liz, Dennis Spillecke, Jennifer Stanley, and Jenny Tsai. “Omnichannel in B2B sales: The new normal in a year that has been anything but.” McKinsey & Company, 15 March 2021. Accessed Dec. 2021.

    Jansen, Hasse. “Buyer Personas – 33 Mind Blowing Stats.” Boardview.io!, 19 Feb. 2016. Accessed Jan. 2022.

    Raynor, Lilah. “Understanding The Changing B2B Buyer Journey.” Forbes Agency Council, 18 July 2021. Accessed Dec. 2021.

    Simpson, Jon. “Finding Your Audience: The Importance of Developing a Buyer Persona.” Forbes Agency Council, 16 May 2017. Accessed Dec. 2021.

    “Successfully Executing Personalized Marketing Campaigns at Scale.” Plexure, 6 Jan. 2020. Accessed Dec 2020.

    Ulwick, Anthony W. JOBS TO BE DONE: Theory to Practice. E-book, Strategyn, 1 Jan. 2017. Accessed Jan. 2022.

    The First 100 Days As CIO

    • Buy Link or Shortcode: {j2store}540|cart{/j2store}
    • member rating overall impact (scale of 10): 9.2/10 Overall Impact
    • member rating average dollars saved: $54,525 Average $ Saved
    • member rating average days saved: 26 Average Days Saved
    • Parent Category Name: High Impact Leadership
    • Parent Category Link: /lead
    • You’ve been promoted from within to the role of CIO.
    • You’ve been hired externally to take on the role of CIO.

    Our Advice

    Critical Insight

    • Foundational understanding must be achieved before you start. Hit the ground running before day one by using company documents and initial discussions to pin down the company’s type and mode.
    • Listen before you act (usually). In most situations, executives benefit from listening to peers and staff before taking action.
    • Identify quick wins early and often. Fix problems as soon as you recognize them to set the tone for your tenure.

    Impact and Result

    • Collaborate to collect the details needed to identify the right mode for your organization and determine how it will influence your plan.
    • Use Info-Tech’s diagnostic tools to align your vision with that of business executives and form a baseline for future reference.

    The First 100 Days As CIO Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why the first 100 days of being a new executive is a crucial time that requires the right balance of listening with taking action. See how seven calls with an executive advisor will guide you through this period.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Check in with your executive advisor over seven calls

    Organize your first 100 days as CIO into activities completed within two-week periods, aided by the guidance of an executive advisor.

    • The First 100 Days As CIO – Storyboard
    • Organizational Catalog
    • Cultural Archetype Calculator
    • IT Capability Assessment

    2. Communicate your plan to your manager

    Communicate your strategy with a presentation deck that you will complete in collaboration with Info-Tech advisors.

    • The First 100 Days As CIO – Presentation Deck

    3. View an example of the final presentation

    See an example of a completed presentation deck, from the new CIO of Gotham City.

    • The First 100 Days As CIO – Presentation Deck Example

    4. Listen to our podcast

    Check out The Business Leadership podcast in Info-Tech's special series, The First 100 Days.

    • "The First 100 Days" Podcast – Alan Fong, CTO, DealerFX
    • "The First 100 Days" Podcast – Denis Gaudreault, country manager for Intel’s Canada and Latin America region
    • "The First 100 Days" Podcast – Dave Penny & Andrew Wertkin, BlueCat
    • "The First 100 Days" Podcast – Susan Bowen, CEO, Aptum
    • "The First 100 Days" Podcast – Wayne Berger, CEO IWG Plc Canada and Latin America
    • "The First 100 Days" Podcast – Eric Wright, CEO, LexisNexis Canada
    • "The First 100 Days" Podcast – Erin Bury, CEO, Willful
    [infographic]

    Further reading

    The First 100 Days As CIO

    Partner with Info-Tech for success in this crucial period of transition.

    Analyst Perspective

    The first 100 days refers to the 10 days before you start and the first three months on the job.

    “The original concept of ‘the first 100 days’ was popularized by Franklin Delano Roosevelt, who passed a battery of new legislation after taking office as US president during the Great Depression. Now commonly extended to the business world, the first 100 days of any executive role is a critically important period for both the executive and the organization.

    But not every new leader should follow FDR’s example of an action-first approach. Instead, finding the right balance of listening and taking action is the key to success during this transitional period. The type of the organization and the mode that it’s in serves as the fulcrum that determines where the point of perfect balance lies. An executive facing a turnaround situation will want to focus on more action more quickly. One facing a sustaining success situation or a realignment situation will want to spend more time listening before taking action.” (Brian Jackson, Research Director, CIO, Info-Tech Research Group)

    Executive summary

    Situation

    • You’ve been promoted from within to the role of CIO.
    • You’ve been hired externally to take on the role of CIO.

    Complication

    Studies show that two years after a new executive transition, as many as half are regarded as failures or disappointments (McKinsey). First impressions are hard to overcome, and a CIO’s first 100 days are heavily weighted in terms of how others will assess their overall success. The best way to approach this period is determined by both the size and the mode of an organization.

    Resolution

    • Work with Info-Tech to prepare a 100-day plan that will position you for success.
    • Collaborate to collect the details needed to identify the right mode for your organization and determine how it will influence your plan.
    • Use Info-Tech’s diagnostic tools to align your vision with that of business executives and form a baseline for future reference.

    Info-Tech Insight

    1. Foundational understanding must be achieved before you start.
      Hit the ground running before day one by using company documents and initial discussions to pin down the company’s type and mode.
    2. Listen before you act (usually).
      In most situations, executives benefit from listening to peers and staff before taking action.
    3. Identify quick wins early and often.
      Fix problems as soon as you recognize them to set the tone for your tenure.

    The First 100 Days: Roadmap

    A roadmap timeline of 'The 100-Day Plan' for your first 100 days as CIO and related Info-Tech Diagnostics. Step A: 'Foundational Preparation' begins 10 days prior to your first day. Step B: 'Management's Expectations' is Days 0 to 30, with the diagnostic 'CIO-CEO Alignment'. Step C: 'Assessing the IT Team' is Days 10 to 75, with the diagnostics 'IT M&G Diagnostic' at Day 30 and 'IT Staffing Assessment' at Day 60. Step D: 'Assess the Key Stakeholders' is Days 40 to 85 with the diagnostic 'CIO Business Vision Survey'. Step E: 'Deliver First-Year Plan' is Days 80 to 100.

    Concierge service overview

    Organize a call with your executive advisor every two weeks during your first 100 days. Info-Tech recommends completing our diagnostics during this period. If you’re not able to do so, instead complete the alternative activities marked with (a).

    Call 1 Call 2 Call 3 Call 4 Call 5 Call 6 Call 7
    Activities
    Before you start: Day -10 to Day 1
    • 1.1 Interview your predecessor.
    • 1.2 Learn the corporate structure.
    • 1.3 Determine STARS mode.
    • 1.4 Create a one-page intro sheet.
    • 1.5 Update your boss.
    Day 0 to 15
    • 2.1 Introduce yourself to your team.
    • 2.2 Document your sphere of influence.
    • 2.3 Complete a competitor array.
    • 2.4 Complete the CEO-CIO Alignment Program.
    • 2.4(a) Agree on what success looks like with the boss.
    • 2.5 Inform team of IT M&G Framework.
    Day 16 to 30
    • 3.1 Determine the team’s cultural archetype.
    • 3.2 Create a cultural adjustment plan.
    • 3.3 Initiate IT M&G Diagnostic.
    • 3.4 Conduct a high-level analysis of current IT capabilities.
    • 3.4 Update your boss.
    Day 31 to 45
    • 4.1 Inform stakeholders about CIO Business Vision survey.
    • 4.2 Get feedback on initial assessments from your team.
    • 4.3 Initiate CIO Business Vision survey.
    • 4.3(a) Meet stakeholders and catalog details.
    Day 46 to 60
    • 5.1 Inform the team that you plan to conduct an IT staffing assessment.
    • 5.2 Initiate the IT Staffing Assessment.
    • 5.3 Quick wins: Make recommend-ations based on CIO Business Vision Diagnostic/IT M&G Framework.
    • 5.4 Update your boss.
    Day 61 to 75
    • 6.1 Run a start, stop, continue exercise with IT staff.
    • 6.2 Make a categorized vendor list.
    • 6.3 Determine the alignment of IT commitments with business objectives.
    Day 76 to 90
    • 7.1 Finalize your vision – mission – values statement.
    • 7.2 Quick Wins: Make recommend-ations based on IT Staffing Assessment.
    • 7.3 Create and communicate a post-100-day plan.
    • 7.4 Update your boss.
    Deliverables Presentation Deck Section A: Foundational Preparation Presentation Deck slides 9, 11-13, 19-20, 29 Presentation Deck slides 16, 17, 21 Presentation Deck slides 30, 34 Presentation Deck slides 24, 25, 2 Presentation Deck slides 27, 42

    Call 1

    Before you start: Day -10 to Day 1

    Interview your predecessor

    Interviewing your predecessor can help identify the organization’s mode and type.

    Before reaching out to your predecessor, get a sense of whether they were viewed as successful or not. Ask your manager. If the predecessor remains within the organization in a different role, understand your relationship with them and how you'll be working together.

    During the interview, make notes about follow-up questions you'll ask others at the organization.

    Ask these open-ended questions in the interview:

    • Tell me about the team.
    • Tell me about your challenges.
    • Tell me about a major project your team worked on. How did it go?
    • Who/what has been helpful during your tenure?
    • Who/what created barriers for you?
    • What do your engagement surveys reveal?
    • Tell me about your performance management programs and issues.
    • What mistakes would you avoid if you could lead again?
    • Why are you leaving?
    • Could I reach out to you again in the future?

    Learn the corporate structure

    Identify the organization’s corporate structure type based on your initial conversations with company leadership. The type of structure will dictate how much control you'll have as a functional head and help you understand which stakeholders you'll need to collaborate with.

    To Do:

    • Review the organization’s structure list and identify whether the structure is functional, prioritized, or a matrix. If it's a matrix organization, determine if it's a strong matrix (project manager holds more authority), weak matrix (functional manager holds more authority), or balanced matrix (managers hold equal authority).

    Functional

    • Most common structure.
    • Traditional departments such as sales, marketing, finance, etc.
    • Functional managers hold most authority.

    Projectized

    • Most programs are implemented through projects with focused outcomes.
    • Teams are cross-functional.
    • Project managers hold the most authority.

    Matrix

    • Combination of projectized and functional.
    • Organization is a dynamic environment.
    • Authority of functional manager flows down through division, while authority of project manager flows sideways through teams.

    This organization is a ___________________ type.

    (Source: Simplilearn)

    Presentation Deck, slide 6

    Determine the mode of the organization: STARS

    Based on your interview process and discussions with company leadership, and using Michael Watkins’ STARS assessment, determine which mode your organization is in: startup, turnaround, accelerated growth, realignment, or sustaining success.

    Knowing the mode of your organization will determine how you approach your 100-day plan. Depending on the mode, you'll rebalance your activities around the three categories of assess, listen, and deliver.

    To Do:

    • Review the STARS table on the right.

    Based on your situation, prioritize activities in this way:

    • Startup: assess, listen, deliver
    • Turnaround: deliver, listen, assess
    • Accelerated Growth: assess, listen, deliver
    • Realignment: listen, assess, deliver
    • Sustaining success: listen, assess, deliver

    This organization is a ___________________ type.

    (Source: Watkins, 2013.)

    Presentation Deck, slide 6

    Determine the mode of the organization: STARS

    STARS Startup Turnaround Accelerated Growth Realignment Sustaining Success
    Definition Assembling capabilities to start a project. Project is widely seen as being in serious trouble. Managing a rapidly expanding business. A previously successful organization is now facing problems. A vital organization is going to the next level.
    Challenges Must build strategy, structures, and systems from scratch. Must recruit and make do with limited resources. Stakeholders are demoralized; slash and burn required. Requires structure and systems to scale; hiring and onboarding. Employees need to be convinced change is needed; restructure at the top required. Risk of living in shadow of a successful former leader.
    Advantages No rigid preconceptions. High-energy environment and easy to pivot. A little change goes a long way when people recognize the need. Motivated employee base willing to stretch. Organization has clear strengths; people desire success. Likely a strong team; foundation for success likely in place.

    Satya Nadella's listen, lead, and launch approach

    CASE STUDY

    Industry Software
    Source Gregg Keizer, Computerworld, 2014

    When Satya Nadella was promoted to the CEO role at Microsoft in 2014, he received a Glassdoor approval rating of 85% and was given an "A" grade by industry analysts after his first 100 days. What did he do right?

    • Created a sense of urgency by shaking up the senior leadership team.
    • Already understood the culture as an insider.
    • Listened a lot and did many one-on-one meetings.
    • Established a vision communicated with a mantra that Microsoft would be "mobile-first, cloud-first."
    • Met his words with actions. He launched Office for iPad and made many announcements for cloud platform Azure.
    Photo of Satya Nadella, CEO, Microsoft Corp.
    Satya Nadella, CEO, Microsoft Corp. (Image source: Microsoft)

    Listen to 'The First 100 Days' podcast – Alan Fong

    Create a one-page introduction sheet to use in communications

    As a new CIO, you'll have to introduce yourself to many people in the organization. To save time on communicating who you are as a person outside of the office, create a brief one-pager that includes a photo of you, where you were born and raised, and what your hobbies are. This helps make a connection more quickly so your conversations can focus on the business at hand rather than personal topics.

    For your presentation deck, remove the personal details and just keep it professional. The personal aspects can be used as a one-pager for other communications. (Source: Personal interview with Denis Gaudreault, Country Lead, Intel.)

    Presentation Deck, slide 5

    Call 2

    Day 1 to Day 15

    Introduce yourself to your team

    Prepare a 20-second pitch about yourself that goes beyond your name and title. Touch on your experience that's relevant to your new role or the industry you're in. Be straightforward about your own perceived strengths and weaknesses so that people know what to expect from you. Focus on the value you believe you'll offer the group and use humor and humility where you're comfortable. For example:

    “Hi everyone, my name is John Miller. I have 15 years of experience marketing conferences like this one to vendors, colleges, and HR departments. What I’m good at, and the reason I'm here, is getting the right people, businesses, and great ideas in a room together. I'm not good on details; that's why I work with Tim. I promise that I'll get people excited about the conference, and the gifts and talents of everyone else in this room will take over from there. I'm looking forward to working with all of you.”

    Have a structured set of questions ready that you can ask everyone.

    For example:
    • How well is the company performing based on expectations?
    • What must the company do to sustain its financial performance and market competitiveness?
    • How do you foresee the CIO contributing to the team?
    • How have past CIOs performed from the perspective of the team?
    • What would successful performance of this role look like to you? To your peers?
    • What challenges and obstacles to success am I likely to encounter? What were the common challenges of my predecessor?
    • How do you view the culture here and how do successful projects tend to get approved?
    • What are your greatest challenges? How could I help you?

    Get to know your sphere of influence: prepare to connect with a variety of people before you get down to work

    Your ability to learn from others is critical at every stage in your first 100 days. Keep your sphere of influence in the loop as you progress through this period.

    A diagram of circles within circles representing your spheres of influence. The smallest circle is 'IT Leaders' and is noted as your 'Immediate circle'. The next largest circle is 'IT Team', then 'Peers - Business Leads', then 'Internal Clients' which is noted as you 'Extended circle'. The largest circle is 'External clients'.

    Write down the names, or at least the key people, in each segment of this diagram. This will serve as a quick reference when you're planning communications with others and will help you remember everyone as you're meeting lots of new people in your early days on the job.

    • Everyone knows their networks are important.
    • However, busy schedules can cause leaders to overlook their many audiences.
    • Plan to meet and learn from all people in your sphere to gain a full spectrum of insights.

    Presentation Deck, slide 29

    Identify how your competitors are leveraging technology for competitive advantage

    Competitor identification and analysis are critical steps for any new leader to assess the relative strengths and weaknesses of their organization and develop a sense of strategic opportunity and environmental awareness.

    Today’s CIO is accountable for driving innovation through technology. A competitive analysis will provide the foundation for understanding the current industry structure, rivalry within it, and possible competitive advantages for the organization.

    Surveying your competitive landscape prior to the first day will allow you to come to the table prepared with insights on how to support the organization and ensure that you are not vulnerable to any competitive blind spots that may exist in the evaluations conducted by the organization already.

    You will not be able to gain a nuanced understanding of the internal strengths and weaknesses until you are in the role, so focus on the external opportunities and how competitors are using technology to their advantage.

    Info-Tech Best Practice

    For a more in-depth approach to identifying and understanding relevant industry trends and turning them into insights, leverage the following Info-Tech blueprints:

    Presentation Deck, slide 9

    Assess the external competitive environment

    Associated Activity icon

    INPUT: External research

    OUTPUT: Competitor array

    1. Conduct a broad analysis of the industry as a whole. Seek to answer the following questions:
      1. Are there market developments or new markets?
      2. Are there industry or lifestyle trends, e.g. move to mobile?
      3. Are there geographic changes in the market?
      4. Are there demographic changes that are shaping decision making?
      5. Are there changes in market demand?
    2. Create a competitor array by identifying and listing key competitors. Try to be as broad as possible here and consider not only entrenched close competitors but also distant/future competitors that may disrupt the industry.
    3. Identify the strengths, weaknesses, and key brand differentiators that each competitor brings to the table. For each strength and differentiator, brainstorm ways that IT-based innovation enables each. These will provide a toolkit for deeper conversations with your peers and your business stakeholders as you move further into your first 100 days.
    Competitor Strengths Weaknesses Key Differentiators IT Enablers
    Competitor 1
    Competitor 2
    Competitor 3

    Complete the CEO-CIO Alignment Program

    Associated Activity icon Run the diagnostic program or use the alternative activities to complete your presentation

    INPUT: CEO-CEO Alignment Program (recommended)

    OUTPUT: Desired and target state of IT maturity, Innovation goals, Top priorities

    Materials: Presentation Deck, slides 11-13

    Participants: CEO, CIO

    Introduce the concept of the CEO-CIO Alignment Program using slide 10 of your presentation deck and the brief email text below.

    Talk to your advisory contact at Info-Tech about launching the program. More information is available on Info-Tech’s website.

    Once the report is complete, import the results into your presentation:

    • Slide 11, the CEO’s current and desired states
    • Slide 12, IT innovation goals
    • Slide 13, top projects and top departments from the CEO and the CIO

    Include any immediate recommendations you have.

    Hello CEO NAME,

    I’m excited to get started in my role as CIO, and to hit the ground running, I’d like to make sure that the IT department is aligned with the business leadership. We will accomplish this using Info-Tech Research Group’s CEO-CIO Alignment Program. It’s a simple survey of 20 questions to be completed by the CEO and the CIO.

    This survey will help me understand your perception and vision as I get my footing as CIO. I’ll be able to identify and build core IT processes that will automate IT-business alignment going forward and create an effective IT strategy that helps eliminate impediments to business growth.

    Research shows that IT departments that are effectively aligned to business goals achieve more success, and I’m determined to make our IT department as successful as possible. I look forward to further detailing the benefits of this program to you and answering any questions you may have the next time we speak.

    Regards,
    CIO NAME

    New KPIs for CEO-CIO Alignment — Recommended

    Info-Tech CEO-CIO Alignment Program

    Info-Tech's CEO-CIO Alignment Program is set up to build IT-business alignment in any organization. It helps the CIO understand CEO perspectives and priorities. The exercise leads to useful IT performance indicators, clarifies IT’s mandate and which new technologies it should invest in, and maps business goals to IT priorities.

    Benefits

    Master the Basics
    Cut through the jargon.
    Take a comprehensive look at the CEO perspective.
    Target Alignment
    Identify how IT can support top business priorities. Address CEO-CIO differences.
    Start on the Right Path
    Get on track with the CIO vision. Use correct indicators and metrics to evaluate IT from day one.

    Supporting Tool or Template icon Additional materials are available on Info-Tech’s website.

    The desired maturity level of IT — Alternative

    Associated Activity icon Use only if you can’t complete the CEO-CIO Alignment Program

    Step 1: Where are we today?

    Determine where the CEO sees the current overall maturity level of the IT organization.

    Step 2: Where do we want to be as an organization?

    Determine where the CEO wants the IT organization to be in order to effectively support the strategic direction of the business.

    A colorful visual representation of the different IT maturity levels. At the bottom is 'STRUGGLE, Unable to Provide Reliable Business Services', then moving upwards are 'SUPPORT, Reliable Infrastructure and IT Service Desk', 'OPTIMIZE, Effective Fulfillment of Work Orders, Functional Business Applications, and Reliable Service Management', 'EXPAND, Effective Execution on Business Projects, Strategic Use of Analytics and Customer Technology', and at the top is 'TRANSFORM, Reliable Technology Innovation'.

    Presentation Deck, slide 11

    Tim Cook's powerful use of language

    CASE STUDY

    Industry Consumer technology
    Source Carmine Gallo, Inc., 2019

    Apple CEO Tim Cook, an internal hire, had big shoes to fill after taking over from the late Steve Jobs. Cook's ability to control how the company is perceived is a big credit to his success. How does he do it? His favorite five words are “The way I see it..." These words allow him to take a line of questioning and reframe it into another perspective that he wants to get across. Similarly, he'll often say, "Let me tell you the way I look at it” or "To put it in perspective" or "To put it in context."

    In your first two weeks on the job, try using these phrases in your conversations with peers and direct reports. It demonstrates that you value their point of view but are independently coming to conclusions about the situation at hand.

    Photo of Tim Cook, CEO, Apple Inc.
    Tim Cook, CEO, Apple Inc. (Image source: Apple)

    Listen to 'The First 100 Days' podcast – Denis Gaudreault

    Inform your team that you plan to do an IT Management & Governance Diagnostic survey

    Associated Activity icon Run the diagnostic program or use the alternative activities to complete your presentation

    INPUT: IT Management & Governance Diagnostic (recommended)

    OUTPUT: Process to improve first, Processes important to the business

    Materials: Presentation Deck, slides 19-20

    Participants: CIO, IT staff

    Introduce the IT Management & Governance Diagnostic survey that will help you form your IT strategy.

    Explain that you want to understand current IT capabilities and you feel a formal approach is best. You’ll also be using this approach as an important metric to track your department’s success. Tell them that Info-Tech Research Group will be conducting the survey and it’s important to you that they take action on the email when it’s sent to them.

    Example email:

    Hello TEAM,

    I appreciate meeting each of you, and so far I’m excited about the talents and energy on the team. Now I need to understand the processes and capabilities of our department in a deeper way. I’d like to map our process landscape against an industry-wide standard, then dive deeper into those processes to understand if our team is aligned. This will help us be accountable to the business and plan the year ahead. Advisory firm Info-Tech Research Group will be reaching out to you with a simple survey that shouldn’t take too long to complete. It’s important to me that you pay attention to that message and complete the survey as soon as possible.

    Regards,
    CIO NAME

    Call 3

    Day 16 to Day 30

    Leverage team interviews as a source of determining organizational culture

    Info-Tech recommends that you hold group conversations with your team to uncover their opinions of the current organizational culture. This not only helps build transparency between you and your team but also gives you another means of observing behavior and reactions as you listen to team members’ characterizations of the current culture.

    A visualization of the organizational culture of a company asks the question 'What is culture?' Five boxes are stacked, the bottom two are noted as 'The invisible causes' and the top two are noted as 'The visible signs'. From the bottom, 'Fundamental assumptions and beliefs', 'Values and attitudes', 'The way we do things around here', 'Behaviors', and at the top, 'Environment'. (Source: Hope College Blog Network)

    Note: It is inherently difficult for people to verbalize what constitutes a culture – your strategy for extracting this information will require you to ask indirect questions to solicit the highest value information.

    Questions for Discussion:

    • What about the current organizational environment do you think most contributes to your success?
    • What barriers do you experience as you try to accomplish your work?
    • What is your favorite quality that is present in our organization?
    • What is the one thing you would most like to change about this organization?
    • Do the organization's policies and procedures support your efforts to accomplish work or do they impede your progress?
    • How effective do you think IT’s interactions are with the larger organization?
    • What would you consider to be IT’s top three guiding principles?
    • What kinds of people fail in this organization?

    Supporting Tool or Template icon See Info-Tech’s Cultural Archetype Calculator.

    Use the Competing Values Framework to define your organization’s cultural archetype

    THE COMPETING VALUES FRAMEWORK (CVF):

    CVF represents the synthesis of academic study of 39 indicators of effectiveness for organizations. Using a statistical analysis, two polarities that are highly predictive of differences in organizational effectiveness were isolated:

    1. Internal focus and integration vs. external focus and differentiation.
    2. Stability and control vs. flexibility and discretion.

    By plotting these dimensions on a matrix of competing values, four main cultural archetypes are identified with their own value drivers and theories of effectiveness.

    A map of cultural archetypes with 'Internal control and integration' on the left, 'External focus and differentiation' on the right, 'Flexibility and discretion' on top, and 'Stability and control' on the bottom. Top left is 'Clan Archetype', internal and flexible. Top right is 'Adhocracy Archetype', external and flexible. Bottom left is 'Hierarchy Archetype', internal and controlled. Bottom right is 'Market Archetype', external and controlled.

    Presentation Deck, slide 16

    Create a cultural adjustment plan

    Now that you've assessed the cultural archetype, you can plan an appropriate approach to shape the culture in a positive way. When new executives want to change culture, there are a few main options at hand:

    Autonomous evolution: Encourage teams to learn from each other. Empower hybrid teams to collaborate and reward teams that perform well.

    Planned and managed change: Create steering committee and project-oriented taskforces to work in parallel. Appoint employees that have cultural traits you'd like to replicate to hold responsibility for these bodies.

    Cultural destruction: When a toxic culture needs to be eliminated, get rid of its carriers. Putting new managers or directors in place with the right cultural traits can be a swift and effective way to realign.

    Each option boils down to creating the right set of incentives and deterrents. What behaviors will you reward and which ones will you penalize? What do those consequences look like? Sometimes, but not always, some structural changes to the team will be necessary. If you feel these changes should be made, it's important to do it sooner rather than later. (Source: “Enlarging Your Sphere of Influence in Your Organization,” MindTools Corporate, 2014.)

    As you're thinking about shaping a desired culture, it's helpful to have an easy way to remember the top qualities you want to espouse. Try creating an acronym that makes it easy for staff to remember. For example: RISE could remind your staff to be Responsive, Innovative, Sustainable, and Engaging (RISE). Draw upon your business direction from your manager to help produce desired qualities (Source: Jennifer Schaeffer).

    Presentation Deck, slide 17

    Gary Davenport’s welcome “surprise”

    CASE STUDY

    Industry Telecom
    Source Interview with Gary Davenport

    After Gary Davenport was hired on as VP of IT at MTS Allstream, his first weekend on the job was spent at an all-executive offsite meeting. There, he learned from the CEO that the IT department had a budget reduction target of 25%, like other departments in the company. “That takes your breath away,” Davenport says.

    He decided to meet the CEO monthly to communicate his plans to reduce spending while trying to satisfy business stakeholders. His top priorities were:

    1. Stabilize IT after seven different leaders in a five-year period.
    2. Get the IT department to be respected. To act like business owners instead of like servants.
    3. Better manage finances and deliver on projects.

    During Davenport’s 7.5-year tenure, the IT department became one of the top performers at MTS Allstream.

    Photo of Gary Davenport.
    Gary Davenport’s first weekend on the job at MTS Allstream included learning about a 25% reduction target. (Image source: Ryerson University)

    Listen to 'The First 100 Days' podcast – David Penny & Andrew Wertkin

    Initiate IT Management & Governance Diagnostic — Recommended

    Info-Tech Management & Governance Diagnostic

    Talk to your Info-Tech executive advisor about launching the survey shortly after informing your team to expect it. You'll just have to provide the names and email addresses of the staff you want to be involved. Once the survey is complete, you'll harvest materials from it for your presentation deck. See slides 19 and 20 of your deck and follow the instructions on what to include.

    Benefits

    A sample of the 'High Level Process Landscape' materials available from Info-Tech. A sample of the 'Strategy and Governance In Depth Results' materials available from Info-Tech. A sample of the 'Process Accountability' materials available from Info-Tech.
    Explore IT Processes
    Dive deeper into performance. Highlight problem areas.
    Align IT Team
    Build consensus by identifying opposing views.
    Ownership & Accountability
    Identify process owners and hold team members accountable.

    Supporting Tool or Template icon Additional materials available on Info-Tech’s website.

    Conduct a high-level analysis of current IT capabilities — Alternative

    Associated Activity icon

    INPUT: Interviews with IT leadership team, Capabilities graphic on next slide

    OUTPUT: High-level understanding of current IT capabilities

    Run this activity if you're not able to conduct the IT Management & Governance Diagnostic.

    Schedule meetings with your IT leadership team. (In smaller organizations, interviewing everyone may be acceptable.) Provide them a list of the core capabilities that IT delivers upon and ask them to rate them on an effectiveness scale of 1-5, with a short rationale for their score.

    • 1. Not effective (NE)
    • 2. Somewhat Effective (SE)
    • 3. Effective (E)
    • 4. Very Effective (VE)
    • 5. Extremely Effective (EE)

    Presentation Deck, slide 21

    Use the following set of IT capabilities for your assessment

    Strategy & Governance

    IT Governance Strategy Performance Measurement Policies Quality Management Innovation

    People & Resources

    Stakeholder Management Resource Management Financial Management Vendor Selection & Contract Management Vendor Portfolio Management Workforce Strategy Strategic Comm. Organizational Change Enablement

    Service Management & Operations

    Operations Management Service Portfolio Management Release Management Service Desk Incident & Problem Management Change Management Demand Management

    Infrastructure

    Asset Management Infrastructure Portfolio Management Availability & Capacity Management Infrastructure Management Configuration Management

    Information Security & Risk

    Security Strategy Risk Management Compliance, Audit & Review Security Detection Response & Recovery Security Prevention

    Applications

    Application Lifecycle Management Systems Integration Application Development User Testing Quality Assurance Application Maintenance

    PPM & Projects

    Portfolio Management Requirements Gathering Project Management

    Data & BI

    Data Architecture BI & Reporting Data Quality & Governance Database Operations Enterprise Content Management

    Enterprise Architecture

    Enterprise Architecture Solution Architecture

    Quick wins: CEO-CIO Alignment Program

    Complete this while waiting on the IT M&G survey results. Based on your completed CEO-CIO Alignment Report, identify the initiatives you can tackle immediately.

    If you are here... And want to be here... Drive toward... Innovate around...
    Business Partner Innovator Leading business transformation
    • Emerging technologies
    • Analytical capabilities
    • Risk management
    • Customer-facing tech
    • Enterprise architecture
    Trusted Operator Business Partner Optimizing business process and supporting business transformation
    • IT strategy and governance
    • Business architecture
    • Projects
    • Resource management
    • Data quality
    Firefighter Trusted Operator Optimize IT processes and services
    • Business applications
    • Service management
    • Stakeholder management
    • Work orders
    Unstable Firefighter Reduce use disruption and adequately support the business
    • Network and infrastructure
    • Service desk
    • Security
    • User devices

    Call 4

    Day 31 to Day 45

    Inform your peers that you plan to do a CIO Business Vision survey to gauge your stakeholders’ satisfaction

    Associated Activity icon Run the diagnostic program or use the alternative activities to complete your presentation

    INPUT: CIO Business Vision survey (recommended)

    OUTPUT: True measure of business satisfaction with IT

    Materials: Presentation Deck, slide 30

    Participants: CIO, IT staff

    Meet the business leaders at your organization face-to-face if possible. If you can't meet in person, try a video conference to establish some rapport. At the end of your introduction and after listening to what your colleague has to say, introduce the CIO Business Vision Diagnostic.

    Explain that you want to understand how to meet their business needs and you feel a formal approach is best. You'll also be using this approach as an important metric to track your department's success. Tell them that Info-Tech Research Group will be conducting the survey and it’s important to you that they take the survey when the email is sent to them.

    Example email:

    Hello PEER NAMES,

    I'm arranging for Info-Tech Research Group to invite you to take a survey that will be important to me. The CIO Business Vision survey will help me understand how to meet your business needs. It will only take about 15 minutes of your time, and the top-line results will be shared with the organization. We will use the results to plan initiatives for the future that will improve your satisfaction with IT.

    Regards,
    CIO NAME

    Gain feedback on your initial assessments from your IT team

    There are two strategies for gaining feedback on your initial assessments of the organization from the IT team:

    1. Review your personal assessments with the relevant members of your IT organization as a group. This strategy can help to build trust and an open channel for communication between yourself and your team; however, it also runs the risk of being impacted by groupthink.
    2. Ask for your team to complete their own assessments for you to compare and contrast. This strategy can help extract more candor from your team, as they are not expected to communicate what may be nuanced perceptions of organizational weaknesses or criticisms of the way certain capabilities function.

    Who you involve in this process will be impacted by the size of your organization. For larger organizations, involve everyone down to the manager level. In smaller organizations, you may want to involve everyone on the IT team to get an accurate lay of the land.

    Areas for Review:

    • Strategic Document Review: Are there any major themes or areas of interest that were not covered in my initial assessment?
    • Competitor Array: Are there any initiatives in flight to leverage new technologies?
    • Current State of IT Maturity: Does IT’s perception align with the CEO’s? Where do you believe IT has been most effective? Least effective?
    • IT’s Key Priorities: Does IT’s perception align with the CEO’s?
    • Key Performance Indicators: How has IT been measured in the past?

    Info-Tech Best Practice

    You need your team’s hearts and minds or you risk a short tenure. Overemphasizing business commitment by neglecting to address your IT team until after you meet your business stakeholders will result in a disenfranchised group. Show your team their importance.

    Susan Bowen's talent maximization

    CASE STUDY

    Industry Infrastructure Services
    Source Interview with Susan Bowen

    Susan Bowen was promoted to be the president of Cogeco Peer 1, an infrastructure services firm, when it was still a part of Cogeco Communications. Part of her mandate was to help spin out the business to a new owner, which occurred when it was acquired by Digital Colony. The firm was renamed Aptum and Bowen was put in place as CEO, which was not a certainty despite her position as president at Cogeco Peer 1. She credits her ability to put the right talent in the right place as part of the reason she succeeded. After becoming president, she sought a strong commitment from her directors. She gave them a choice about whether they'd deliver on a new set of expectations – or not. She also asks her leadership on a regular basis if they are using their talent in the right way. While it's tempting for directors to want to hold on to their best employees, those people might be able to enable many more people if they can be put in another place.

    Bowen fully rounded out her leadership team after Aptum was formed. She created a chief operating officer and a chief infrastructure officer. This helped put in place more clarity around roles at the firm and put an emphasis on client-facing services.

    Photo of Susan Bowen, CEO, Aptum.
    Susan Bowen, CEO, Aptum (Image source: Aptum)

    Listen to 'The First 100 Days' podcast – Susan Bowen

    Initiate CIO Business Vision survey – new KPIs for stakeholder management — Recommended

    Info-Tech CIO Business Vision

    Be sure to effectively communicate the context of this survey to your business stakeholders before you launch it. Plan to talk about your plans to introduce it in your first meetings with stakeholders. When ready, let your executive advisor know you want to launch the tool and provide the names and email addresses of the stakeholders you want involved. After you have the results, harvest the materials required for your presentation deck. See slide 30 and follow the instructions on what to include.

    Benefits

    Icon for Key Stakeholders. Icon for Credibility. Icon for Improve. Icon for Focus.
    Key Stakeholders
    Clarify the needs of the business.
    Credibility
    Create transparency.
    Improve
    Measure IT’s progress.
    Focus
    Find what’s important.

    Supporting Tool or Template icon Additional materials are available on Info-Tech’s website.

    Create a catalog of key stakeholder details to reference prior to future conversations — Alternative

    Only conduct this activity if you’re not able to run the CIO Business Vision diagnostic.

    Use the Organizational Catalog as a personal cheat sheet to document the key details around each of your stakeholders, including your CEO when possible.

    The catalog will be an invaluable tool to keep the competing needs of your different stakeholders in line, while ensuring you are retaining the information to build the political capital needed to excel in the C-suite.

    Note: It is important to keep this document private. While you may want to communicate components of this information, ensure your catalog remains under lock and (encryption) key.

    Screenshot of the Organizational Catalog for Stakeholders. At the top are spaces for 'Name', 'Job Title', etc. Boxes include 'Key Personal Details', 'Satisfaction Levels With IT', 'Preferred Communications', 'Key Activities', 'In-Flight and Scheduled Projects', 'Key Performance Indicators', and 'Additional Details'.

    Info-Tech Insight

    While profiling your stakeholders is important, do not be afraid to profile yourself as well. Visualizing how your interests overlap with those of your stakeholders can provide critical information on how to manage your communications so that those on the receiving end are hearing exactly what they need.

    Activity: Conduct interviews with your key business stakeholders — Alternative

    Associated Activity icon

    1. Once you have identified your key stakeholders through your interviews with your boss and your IT team, schedule a set of meetings with those individuals.
    2. Use the meetings to get to know your stakeholders, their key priorities and initiatives, and their perceptions of the effectiveness of IT.
      1. Use the probative questions to the right to elicit key pieces of information.
      2. Refer to the Organizational Catalog tool for more questions to dig deeper in each category. Ensure that you are taking notes separate from the tool and are keeping the tool itself secure, as it will contain private information specific to your interests.
    3. Following each meeting, record the results of your conversation and any key insights in the Organizational Catalog. Refer to the following slide for more details.

    Questions for Discussion:

    • Be indirect about your personal questions – share stories that will elicit details about their interests, kids, etc.
    • What are your most critical/important initiatives for the year?
    • What are your key revenue streams, products, and services?
    • What are the most important ways that IT supports your success? What is your satisfaction level with those services?
    • Are there any current in-flight projects or initiatives that are a current pain point? How can IT assist to alleviate challenges?
    • How is your success measured? What are your targets for the year on those metrics?

    Presentation Deck, slide 34

    Call 5

    Day 46 to Day 60

    Inform your team that you plan to do an IT staffing assessment

    Associated Activity icon Introduce the IT Staffing Assessment that will help you get the most out of your team

    INPUT: Email template

    OUTPUT: Ready to launch diagnostic

    Materials: Email template, List of staff, Sample of diagnostic

    Participants: CIO, IT staff

    Explain that you want to understand how the IT staff is currently spending its time by function and by activity. You want to take a formal approach to this task and also assess the team’s feelings about its effectiveness across different processes. The results of the assessment will serve as the foundation that helps you improve your team’s effectiveness within the organization.

    Example email:

    Hello PEER NAMES,

    The feedback I've heard from the team since joining the company has been incredibly useful in beginning to formulate my IT strategy. Now I want to get a clear picture of how everyone is spending their time, especially across different IT functions and activities. This will be an opportunity for you to share feedback on what we're doing well, what we need to do more of, and what we're missing. Expect to receive an email invitation to take this survey from Info-Tech Research Group. It's important to me that you complete the survey as soon as you're can. Attached you’ll find an example of the report this will generate. Thank you again for providing your time and feedback.

    Regards,
    CIO NAME

    Wayne Berger's shortcut to solve staffing woes

    CASE STUDY

    Industry Office leasing
    Source Interview with Wayne Berger

    Wayne Berger was hired to be the International Workplace Group (IWG) CEO for Canada and Latin America in 2014.

    Wayne approached his early days with the office space leasing firm as a tour of sorts, visiting nearly every one of the 48 office locations across Canada to host town hall meetings. He heard from staff at every location that they felt understaffed. But instead of simply hiring more staff, Berger actually reduced the workforce by 33%.

    He created a more flexible approach to staffing:

    • Employees no longer just reported to work at one office; instead, they were ready to go to wherever they were most needed in a specific geographic area.
    • He centralized all back-office functions for the company so that not every office had to do its own bookkeeping.
    • Finally, he changed the labor profile to consist of full-time staff, part-time staff, and time-on-demand workers.
    Photo of Wayne Berger, CEO, IWG Plc.
    Wayne Berger, CEO, IWG Plc (Image source: IWG)

    Listen to 'The First 100 Days' podcast – Wayne Berger

    Initiate IT Staffing Assessment – new KPIs to track IT performance — Recommended

    Info-Tech IT Staffing Assessment

    Info-Tech’s IT Staffing Assessment provides benchmarking of key metrics against 4,000 other organizations. Dashboard-style reports provide key metrics at a glance, including a time breakdown by IT function and by activity compared against business priorities. Run this survey at about the 45-day mark of your first 90 days. Its insights will be used to inform your long-term IT strategy.

    Benefits

    Icon for Right-Size IT Headcount. Icon for Allocate Staff Correctly. Icon for Maximize Teams.
    Right-Size IT Headcount
    Find the right level for stakeholder satisfaction.
    Allocate Staff Correctly
    Identify staff misalignments with priorities.
    Maximize Teams
    Identify how to drive staff.

    Supporting Tool or Template icon Additional materials are available on Info-Tech’s website.

    Quick wins: Make recommendations based on IT Management & Governance Framework

    Complete this exercise while waiting on the IT Staffing Assessment results. Based on your completed IT Management & Governance report, identify the initiatives you can tackle immediately. You can conduct this as a team exercise by following these steps:

    1. Create a shortlist of initiatives based on the processes that were identified as high need but scored low in effectiveness. Think as broadly as possible during this initial brainstorming.
    2. Write each initiative on a sticky note and conduct a high-level analysis of the amount of effort that would be required to complete it, as well as its alignment with the achievement of business objectives.
    3. Draw the matrix below on a whiteboard and place each sticky note onto the matrix based on its potential impact and difficulty to address.
    A matrix of initiative categories based on effort to achieve and alignment with business objectives. It is split into quadrants: the vertical axis is 'Potential Impact' with 'High, Fully supports achievement of business objectives' at the top and 'Low, Limited support of business objectives' at the bottom; the horizontal axis is 'Effort' with 'Low' on the left and 'High' on the right. Low impact, low effort is 'Low Current Value, No immediate attention required, but may become a priority in the future if business objectives change'. Low impact, high effort is 'Future Reassessment, No immediate attention required, but may become a priority in the future if business objectives change'. High impact, high effort is 'Long-Term Initiatives, High impact on business outcomes but will take more effort to implement. Schedule these in your long-term roadmap'. High impact, low effort is 'Quick Wins, High impact on business objectives with relatively small effort. Some combination of these will form your early wins'.

    Call 6

    Day 61 to Day 75

    Run a start, stop, continue exercise with your IT staff — Alternative

    This is an alternative activity to running an IT Staffing Assessment, which contains a start/stop/continue assessment. This activity can be facilitated with a flip chart or a whiteboard. Create three pages or three columns and label them Start, Stop, and Continue.

    Hand out sticky notes to each team member and then allow time for individual brainstorming. Instruct them to write down their contributions for each category on the sticky notes. After a few minutes, have everyone stick their notes in the appropriate category on the board. Discuss as a group and see what themes emerge. Record the results that you want to share in your presentation deck (GroupMap).

    Gather your team and explain the meaning of these categories:

    Start: Activities you're not currently doing but should start doing very soon.

    Stop: Activities you're currently doing but aren’t working and should cease.

    Continue: Things you're currently doing and are working well.

    Presentation Deck, slide 24

    Determine the alignment of IT commitments with business objectives

    Associated Activity icon

    INPUT: Interviews with IT leadership team

    OUTPUT: High-level understanding of in-flight commitments and investments

    Run this only as an alternative to the IT Management & Governance Diagnostic.

    1. Schedule meetings with IT leadership to understand what commitments have been made to the business in terms of new products, projects, or enhancements.
    2. Determine the following about IT’s current investment mix:
      1. What are the current IT investments and assets? How do they align to business goals?
      2. What investments in flight are related to which information assets?
      3. Are there any immediate risks identified for these key investments?
      4. What are the primary business issues that demand attention from IT consistently?
      5. What choices remain undecided in terms of strategic direction of the IT organization?
    3. Document your key investments and commitments as well as any points of misalignment between objectives and current commitments as action items to address in your long-term plans. If they are small fixes, consider them during your quick-win identification.

    Presentation Deck, slide 25

    Determine the alignment of IT commitments with business objectives

    Run this only as an alternative to the IT Staffing Assessment diagnostic.

    Schedule meetings with IT leadership to understand what commitments have been made to the business in terms of new products, projects, or enhancements.

    Determine the following about IT’s current investment mix:

    • What are the current IT investments and assets?
    • How do they align to business goals?
    • What in-flight investments are related to which information assets?
    • Are there any immediate risks identified for these key investments?
    • What are the primary business issues that demand attention from IT consistently?
    • What remains undecided in terms of strategic direction of the IT organization?

    Document your key investments and commitments, as well as any points of misalignment between objectives and current commitments, as action items to address in your long-term plans. If they are small-effort fixes, consider them during your quick-win identification.

    Presentation Deck, slide 25

    Make a categorized vendor list by IT process

    As part of learning the IT team, you should also create a comprehensive list of vendors under contract. Collaborate with the finance department to get a clear view of how much of the IT budget is spent on specific vendors. Try to match vendors to the IT processes they serve from the IT M&G framework.

    You should also organize your vendors based on their budget allocation. Go beyond just listing how much money you’re spending with each vendor and categorize them into either “transactional” relationships or “strategic relationships.” Use the grid below to organize them. Ideally, you’ll want most relationships to be high spend and strategic (Source: Gary Davenport).

    A matrix of vendor categories with the vertical axis 'Spend' increasing upward, and the horizontal axis 'Type of relationship' with values 'Transactional' or 'Strategic'. The bottom left corner is 'Low Spend Transactional', the top right corner is 'High Spend Strategic'.

    Where to source your vendor list:

    • Finance department
    • Infrastructure managers
    • Vendor manager in IT

    Further reading: Manage Your Vendors Before They Manage You

    Presentation Deck, slide 26

    Jennifer Schaeffer’s short-timeline turnaround

    CASE STUDY

    Industry Education
    Source Interview with Jennifer Schaeffer

    Jennifer Schaeffer joined Athabasca University as CIO in November 2017. She was entering a turnaround situation as the all-online university lacked an IT strategy and had built up significant technical debt. Armed with the mandate of a third-party consultant that was supported by the president, Schaeffer used a people-first approach to construct her strategy. She met with all her staff, listening to them carefully regardless of role, and consulted with the administrative council and faculty members. She reflected that feedback in her plan or explained to staff why it wasn’t relevant for the strategy. She implemented a “strategic calendaring” approach for the organization, making sure that her team members were participating in meetings where their work was assessed and valued. Drawing on Spotify as an inspiration, she designed her teams in a way that everyone was connected to the customer experience. Given her short timeline to execute, she put off a deep skills analysis of her team for a later time, as well as creating a full architectural map of her technology stack. The outcome is that 2.5 years later, the IT department is unified in using the same tooling and optimization standards. It’s more flexible and ready to incorporate government changes, such as offering more accessibility options.

    Photo of Jennifer Schaeffer.
    Jennifer Schaeffer took on the CIO role at Athabasca University in 2017 and was asked to create a five-year strategic plan in just six weeks.
    (Image source: Athabasca University)

    Listen to 'The First 100 Days' podcast – Eric Wright

    Call 7

    Day 76 to Day 90

    Finalize your vision – mission – values statement

    A clear statement for your values, vision, and mission will help crystallize your IT strategy and communicate what you're trying to accomplish to the entire organization.

    Mission: This statement describes the needs that IT was created to meet and answers the basic question of why IT exists.

    Vision: Write a statement that captures your values. Remember that the vision statement sets out what the IT organization wants to be known for now and into the future.

    Values: IT core values represent the standard axioms by which the IT department operates. Similar to the core values of the organization as a whole, IT’s core values are the set of beliefs or philosophies that guide its strategic actions.

    Further reading: IT Vision and Mission Statements Template

    Presentation Deck, slide 42

    John Chen's new strategic vision

    CASE STUDY

    Industry Mobile Services
    Source Sean Silcoff, The Globe and Mail

    John Chen, known in the industry as a successful turnaround executive, was appointed BlackBerry CEO in 2014 following the unsuccessful launch of the BlackBerry 10 mobile operating system and a new tablet.

    He spent his first three months travelling, talking to customers and suppliers, and understanding the company's situation. He assessed that it had a problem generating cash and had made some strategic errors, but there were many assets that could benefit from more investment.

    He was blunt about the state of BlackBerry, making cutting observations of the past mistakes of leadership. He also settled a key question about whether BlackBerry would focus on consumer or enterprise customers. He pointed to a base of 80,000 enterprise customers that accounted for 80% of revenue and chose to focus on that.

    His new mission for BlackBerry: to transform it from being a "mobile technology company" that pushes handset sales to "a mobile solutions company" that serves the mobile computing needs of its customers.

    Photo of John Chen, CEO of BlackBerry.
    John Chen, CEO of BlackBerry, presents at BlackBerry Security Summit 2018 in New York City (Image source: Brian Jackson)

    Listen to 'The First 100 Days' podcast – Erin Bury

    Quick wins: Make recommendations based on the CIO Business Vision survey

    Based on your completed CIO Business Vision survey, use the IT Satisfaction Scorecard to determine some initiatives. Focus on areas that are ranked as high importance to the business but low satisfaction. While all of the initiatives may be achievable given enough time, use the matrix below to identify the quick wins that you can focus on immediately. It’s important to not fail in your quick-win initiative.

    • High Visibility, Low Risk: Best bet for demonstrating your ability to deliver value.
    • Low Visibility, Low Risk: Worth consideration, depending on the level of effort required and the relative importance to the stakeholder.
    • High Visibility, High Risk: Limit higher-risk initiatives until you feel you have gained trust from your stakeholders, demonstrating your ability to deliver.
    • Low Visibility, High Risk: These will be your lowest value, quick-win initiatives. Keep them in a backlog for future consideration in case business objectives change.
    A matrix of initiative categories based on organizational visibility and risk of failure. It is split into quadrants: the vertical axis is 'Organizational Visibility' with 'High' at the top and 'Low' at the bottom; the horizontal axis is 'Risk of Failure' with 'Low' on the left and 'High' on the right. 'Low Visibility, Low Risk, Few stakeholders will benefit from the initiative’s implementation.' 'Low Visibility, High Risk, No immediate attention is required, but it may become a priority in the future if business objectives change.' 'High Visibility, Low Risk, Multiple stakeholders will benefit from the initiative’s implementation, and it has a low risk of failure.' 'High Visibility, High Risk, Multiple stakeholders will benefit from the initiative’s implementation, but it has a higher risk of failure.'

    Presentation Deck, slide 27

    Create and communicate a post-100 plan

    The last few slides of your presentation deck represent a roundup of all the assessments you’ve done and communicate your plan for the months ahead.

    Slide 38. Based on the information on the previous slide and now knowing which IT capabilities need improvement and which business priorities are important to support, estimate where you'd like to see IT staff spend their time in the near future. Will you be looking to shift staff from one area to another? Will you be looking to hire staff?

    Slide 39. Take your IT M&G initiatives from slide 19 and list them here. If you've already achieved a quick win, list it and mark it as completed to show what you've accomplished. Briefly outline the objectives, how you plan to achieve the result, and what measurement will indicate success.

    Slide 40. Reflect your CIO Business Vision initiatives from slide 31 here.

    Slide 41. Use this roadmap template to list your initiatives by roughly when they’ll be worked on and completed. Plan for when you’ll update your diagnostics.

    Expert Contributors

    Photo of Alan Fong, Chief Technology Officer, Dealer-FX Alan Fong, Chief Technology Officer, Dealer-FX
    Photo of Andrew Wertkin, Chief Strategy Officer, BlueCat NetworksPhoto of David Penny, Chief Technology Officer, BlueCat Networks Andrew Wertkin, Chief Strategy Officer, BlueCat Networks
    David Penny, Chief Technology Officer, BlueCat Networks
    Photo of Susan Bowen, CEO, Aptum Susan Bowen, CEO, Aptum
    Photo of Erin Bury, CEO, Willful Erin Bury, CEO, Willful
    Photo of Denis Gaudreault, Country Manager, Intel Canada and Latin America Denis Gaudreault, Country Manager, Intel Canada and Latin America
    Photo of Wayne Berger, CEO, IWG Plc Wayne Berger, CEO, IWG Plc
    Photo of Eric Wright, CEO, LexisNexis Canada Eric Wright, CEO, LexisNexis Canada
    Photo of Gary Davenport Gary Davenport, past president of CIO Association” of Canada, former VP of IT, Enterprise Solutions Division, MTS AllStream
    Photo of Jennifer Schaeffer, VP of IT and CIO, Athabasca University Jennifer Schaeffer, VP of IT and CIO, Athabasca University

    Bibliography

    Beaudan, Eric. “Do you have what it takes to be an executive?” The Globe and Mail, 9 July 2018. Web.

    Bersohn, Diana. “Go Live on Day One: The Path to Success for a New CIO.” PDF document. Accenture, 2015. Web.

    Bradt, George. “Executive Onboarding When Promoted From Within To Follow A Successful Leader.” Forbes, 15 Nov. 2018. Web.

    “CIO Stats: Length of CIO Tenure Varies By Industry.” CIO Journal, The Wall Street Journal. 15 Feb. 2017. Web.

    “Enlarging Your Sphere of Influence in Your Organization: Your Learning and Development Guide to Getting People on Side.” MindTools Corporate, 2014.

    “Executive Summary.” The CIO's First 100 Days: A Toolkit. PDF document. Gartner, 2012. Web.

    Forbes, Jeff. “Are You Ready for the C-Suite?” KBRS, n.d. Web.

    Gallo, Carmine. “Tim Cook Uses These 5 Words to Take Control of Any Conversation.” Inc., 9 Aug. 2019. Web.

    Giles, Sunnie. “The Most Important Leadership Competencies, According to Leaders Around the World.” Harvard Business Review, 15 March 2016. Web.

    Godin, Seth. “Ode: How to tell a great story.” Seth's Blog. 27 April 2006. Web.

    Green, Charles W. “The horizontal dimension of race: Social culture.” Hope College Blog Network, 19 Oct. 2014. Web.

    Hakobyan, Hayk. “On Louis Gerstner And IBM.” Hayk Hakobyan, n.d. Web.

    Bibliography

    Hargrove, Robert. Your First 100 Days in a New Executive Job, edited by Susan Youngquist. Kindle Edition. Masterful Coaching Press, 2011.

    Heathfield, Susan M. “Why ‘Blink’ Matters: The Power of Your First Impressions." The Balance Careers, 25 June 2019. Web.

    Hillis, Rowan, and Mark O'Donnell. “How to get off to a flying start in your new job.” Odgers Berndtson, 29 Nov. 2018. Web.

    Karaevli, Ayse, and Edward J. Zajac. “When Is an Outsider CEO a Good Choice?” MIT Sloan Management Review, 19 June 2012. Web.

    Keizer, Gregg. “Microsoft CEO Nadella Aces First-100-Day Test.” Computerworld, 15 May 2014. Web.

    Keller, Scott, and Mary Meaney. “Successfully transitioning to new leadership roles.” McKinsey & Company, May 2018. Web.

    Kress, R. “Director vs. Manager: What You Need to Know to Advance to the Next Step.” Ivy Exec, 2016. Web.

    Levine, Seth. “What does it mean to be an ‘executive’.” VC Adventure, 1 Feb. 2018. Web.

    Lichtenwalner, Benjamin. “CIO First 90 Days.” PDF document. Modern Servant Leader, 2008. Web.

    Nawaz, Sabina. “The Biggest Mistakes New Executives Make.” Harvard Business Review, 15 May 2017. Web.

    Pruitt, Sarah. “Fast Facts on the 'First 100 Days.‘” History.com, 22 Aug. 2018. Web.

    Rao, M.S. “An Action Plan for New CEOs During the First 100 Days.” Training, 4 Oct. 2014. Web.

    Reddy, Kendra. “It turns out being a VP isn't for everyone.” Financial Post, 17 July 2012. Web.

    Silcoff, Sean. “Exclusive: John Chen’s simple plan to save BlackBerry.” The Globe & Mail, 24 Feb. 2014. Web.

    Bibliography

    “Start Stop Continue Retrospective.” GroupMap, n.d. Web.

    Surrette, Mark. “Lack of Rapport: Why Smart Leaders Fail.” KBRS, n.d. Web.

    “Understanding Types of Organization – PMP Study.” Simplilearn, 4 Sept. 2019. Web.

    Wahler, Cindy. “Six Behavioral Traits That Define Executive Presence.” Forbes, 2 July 2015. Web.

    Watkins, Michael D. The First 90 Days, Updated and Expanded. Harvard Business Review Press, 2013.

    Watkins, Michael D. “7 Ways to Set Up a New Hire for Success.” Harvard Business Review, 10 May 2019. Web.

    “What does it mean to be a business executive?” Daniels College of Business, University of Denver, 12 Aug. 2014. Web.

    Yeung, Ken. “Turnaround: Marissa Mayer’s first 300 days as Yahoo’s CEO.” The Next Web, 19 May 2013. Web.

    Mature and Scale Product Ownership

    • Buy Link or Shortcode: {j2store}145|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $21,919 Average $ Saved
    • member rating average days saved: 13 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • Product owners must bridge the gap between the customers, operations, and delivery to ensure products continuously deliver increasing value.
    • Product owners are often assigned to projects or product delivery without proper support, guidance, or alignment.
    • In many organizations, the product owner role is not well-defined, serves as a proxy for stakeholder ownership, and lacks reinforcement of the key skills needed to be successful.

    Our Advice

    Critical Insight

    A product owner is the CEO for their product. Successful product management starts with empowerment and accountability. Product owners own the vision, roadmap, and value realization for their product or family aligned to enterprise goals and priorities.

    • Product and service ownership share the same foundation - underlying capabilities and best practices to own and improve a product or service are identical for both roles. Use the terms that make the most sense for your culture.
    • Product owners represent three primary perspectives: Business (externally facing), Technical (systems and tools), or Operational (manual processes). Although all share the same capabilities, how they approach their responsibilities is influenced by their primary perspective.
    • Product owners are operating under an incomplete understanding of the capabilities needed to succeed. Most product/service owners lack a complete picture of the needed capabilities, skills, and activities to successfully perform their roles.

    Impact and Result

    • Create a culture of product management trust and empowerment with product owners aligned to your operational structure and product needs.
    • Promote and develop true Agile skills among your product owners and family managers.
    • Implement Info-Tech’s product owner capability model to define the role expectations and provide a development path for product owners.

    Mature and Scale Product Ownership Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Mature and Scale Product Ownership Storyboard – Establish a culture of success for product management and mature product owner capabilities.

    Strengthen the product owner role in your organization by focusing on core capabilities and proper alignment.

  • Establish a foundation for empowerment and success.
  • Assign and align product owners with products and stakeholders.
  • Mature product owner capabilities and skills.
    • Mature and Scale Product Ownership Storyboard

    2. Mature and Scale Product Ownership Readiness Assessment – Determine your readiness for a product-centric culture based on Info-Tech’s CLAIM+G model.

    Using Info-Tech’s CLAIM model, quickly determine your organization’s strengths and weaknesses preparing for a product culture. Use the heat map to identify key areas.

    • Mature and Scale Product Ownership Readiness Assessment

    3. Mature and Scale Product Ownership Playbook – Playbook for product owners and product managers.

    Use the blueprint exercises to build your personal product owner playbook. You can also use the workbook to capture exercise outcomes.

    • Mature and Scale Product Ownership Playbook

    4. Mature and Scale Product Ownership Workbook – Workbook for product owners and product managers.

    Use this workbook to capture exercise outcomes and transfer them to your Mature and Scale Product Ownership Playbook (optional).

    • Mature and Scale Product Ownership Workbook

    5. Mature and Scale Product Ownership Proficiency Assessment – Determine your current proficiency and improvement areas.

    Product owners need to improve their core capabilities and real Agile skills. The assessment radar will help identify current proficiency and growth opportunities.

    • Mature and Scale Product Ownership Proficiency Assessment
    [infographic]

    Workshop: Mature and Scale Product Ownership

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish the foundation for product ownership

    The Purpose

    Establish the foundation for product ownership.

    Key Benefits Achieved

    Product owner playbook with role clarity and RACI.

    Activities

    1.1 Define enablers and blockers of product management.

    1.2 Define your product management roles and names.

    1.3 Assess your product management readiness.

    1.4 Identify your primary product owner perspective.

    1.5 Define your product owner RACI.

    Outputs

    Enablers and blockers

    Role definitions.

    Product culture readiness

    Product owner perspective mapping

    Product owner RACI

    2 Align product owners to products

    The Purpose

    Align product owners to products.

    Key Benefits Achieved

    Assignment of resources to open products.

    A stakeholder management strategy.

    Activities

    2.1 Assign resources to your products and families.

    2.2 Visualize relationships to identify key influencers.

    2.3 Group stakeholders into categories.

    2.4 Prioritize your stakeholders.

    Outputs

    Product resource assignment

    Stakeholder management strategy

    Stakeholder management strategy

    Stakeholder management strategy

    3 Mature product owner capabilities

    The Purpose

    Mature product owner capabilities.

    Key Benefits Achieved

    Assess your Agile product owner readiness

    Assess and mature product owner capabilities

    Activities

    3.1 Assess your real Agile skill proficiency.

    3.2 Assess your vison capability proficiency.

    3.3 Assess your leadership capability proficiency.

    3.4 Assess your PLM capability proficiency.

    3.5 Assess your value realization capability proficiency.

    3.6 Identify your business value drivers and sources of value.

    Outputs

    Real Agile skill proficiency assessment

    Info-Tech’s product owner capability model proficiency assessment

    Info-Tech’s product owner capability model proficiency assessment

    Info-Tech’s product owner capability model proficiency assessment

    Info-Tech’s product owner capability model proficiency assessment

    Business value drivers and sources of value

    Further reading

    Mature and Scale Product Ownership

    Strengthen the product owner’s role in your organization by focusing on core capabilities and proper alignment.

    Executive Brief

    Analyst Perspective

    Empower product owners throughout your organization.

    Hans Eckman

    Whether you manage a product or service, the fundamentals of good product ownership are the same. Organizations need to focus on three key elements of product ownership in order to be successful.

    • Create an environment of empowerment and service leadership to reinforce product owners and product family managers as the true owners of the vision, improvement, and realized the value of their products.
    • Align product and product family owner roles based on operational alignment and the groups defined when scaling product management.
    • Develop your product owners to improve the quality of roadmaps, alignment to enterprise goals, and profit and loss (P&L) for each product or service.

    By focusing the attention of the teammates serving in product owner or service owner roles, your organization will deliver value sooner and respond to change more effectively.

    Hans Eckman

    Principal Research Director – Application Delivery and Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Product owners must bridge the gap between the customers, operations, and delivery to ensure products continuously deliver increasing value.

    Product owners are often assigned to projects or product delivery without proper support, guidance, or alignment.

    In many organizations the product owner role is not well-defined, serves as a proxy for stakeholder ownership, and lacks reinforcement of the key skills needed to be successful.

    Common Obstacles

    Organizations have poor alignment or missing product owners between lines of business, IT, and operations.

    Product owners are aligned to projects and demand management rather than long-term strategic product ownership.

    Product families are not properly defined, scaled, and supported within organizations.

    Individuals in product owner roles have an incomplete understanding of needed capabilities and lack a development path.

    Info-Tech's Approach

    Create a culture of product management trust and empowerment with product owners aligned to your operational structure and product needs.

    Promote and develop true Agile skills among your product owners and family managers.

    Implement Info-Tech’s product owner capability model to define the role expectations and provide a development path for product owners.

    Extend product management success using Deliver on Your Digital Product Vision and Deliver Digital Products at Scale.

    Info-Tech Insight

    There is no single correct approach to product ownership. Product ownership must be tuned and structured to meet the delivery needs of your organization and the teams it serves.

    Info-Tech’s Approach

    Product owners make the final decision

    • Establish a foundation for empowerment and success
    • Assign product owners and align with products and stakeholders
    • Mature product owner capabilities and skills
    Product Owner capabilities: Vision, Product Lifecycle Management, Leadership, Value Realization

    The Info-Tech difference

    1. Assign product owners where product decisions are needed, not to match org charts or delivery teams. The product owner has the final word on product decisions.
    2. Organize product owners into related teams to ensure product capabilities delivered are aligned to enterprise strategy and goals.
    3. Shared products and services must support the needs of many product owners with conflicting priorities. Shared service product owners must map and prioritize demand to align to enterprise priorities and goals.
    4. All product owners share the same capability model.

    Insight summary

    There is no single correct approach to product ownership

    Successful product management starts with empowerment and accountability. Product owners own the vision, roadmap, and value realization for their product or family aligned to enterprise goals and priorities.

    Phase 1 insight

    Product owners represent three primary perspectives: business (external-facing), technical (systems and tools), or operational (manual processes). Although all share the same capabilities, how they approach their responsibilities is influenced by their primary perspective.

    Phase 2 insight

    Start with your operational grouping of products and families, identifying where an owner is needed. Then, assign people to the products and families. The owner does not define the product or family.

    Phase 3 insight

    Product owners are operating under an incomplete understanding of the capabilities needed to succeed. Most product/service owners lack a complete picture of the needed capabilities, skills, and activities to successfully perform their roles.

    Product and service ownership share the same foundation

    The underlying capabilities and best practices to own and improve a product or service are identical for both roles. Use the terms that make the most sense for your culture.

    Map product owner roles to your existing job titles

    Identify where product management is needed and align expectations with existing roles. Successful product management does not require a dedicated job family.

    Projects can be a mechanism for funding product changes and improvements

    Projects can be a mechanism for funding product changes and improvements. Shows difference of value for project life-cycles, hybrid life-cycles, and product life-cycles.

    Projects within products

    Regardless of whether you recognize yourself as a product-based or project-based shop, the same basic principles should apply.

    You go through a period or periods of project-like development to build a version of an application or product.

    You also have parallel services along with your project development, which encompass the more product-based view. These may range from basic support and maintenance to full-fledged strategy teams or services like sales and marketing.

    Product and services owners share the same foundation and capabilities

    For the purpose of this blueprint, product/service and product owner/service owner are used interchangeably. The term “product” is used for consistency but would apply to services, as well.

    Product = Service

    Common foundations: Focus on continuous improvement, ROI, and value realization. Clear vision, goals, roadmap, and backlog.

    “Product” and “service” are terms that each organization needs to define to fit its culture and customers (internal and external). The most important aspect is consistent use and understanding of:

    • External products
    • Internal products
    • External services
    • Internal services
    • Products as a service (PaaS)
    • Productizing services (SaaS)

    Recognize the product owner perspectives

    The 3 product owner perspectives. 1. Business: Customer-facing, value-generating. 2. Technical: IT systems and tools. 3. Operations: Keep-the-lights-on processes.

    Product owners represent one of three primary perspectives. Although all share the same capabilities, how they approach their responsibilities is influenced by their primary perspective.

    Info-Tech Insight

    Product owners must translate needs and constraints from their perspective into the language of their audience. Kathy Borneman, Digital Product Owner at SunTrust Bank, noted the challenges of finding a common language between lines of business and IT (e.g. what is a unit?).

    Match your product management role definitions to your product family levels

    Product ownership exists at the different operational tiers or levels in your product hierarchy. This does not imply a management relationship.

    Product portfolio

    Groups of product families within an overall value stream or capability grouping.

    Project portfolio manager

    Product family

    A collection of related products. Products can be grouped along architectural, functional, operational, or experiential patterns.

    Product family manager

    Product

    Single product composed of one or more applications and services.

    Product owner

    Info-Tech Insight

    Define the current roles that will perform the product management function or define consistent role names to product owners and managers.

    Align enterprise value through product families

    Product families are operational groups based on capabilities or business functions. Product family managers translate goals, priorities, and constraints so they are actionable at the next level. Product owners prioritize changes to enhance the capabilities that allow you to realize your product family. Enabling capabilities realize value and help reach your goals.

    Understand special circumstances

    In Deliver Digital Products at Scale, products were grouped into families using Info-Tech’s five scaling patterns. Assigning owners to Enterprise Applications and Shared Services requires special consideration.

    Value stream alignment

    • Business architecture
      • Value stream
      • Capability
      • Function
    • Market/customer segment
    • Line of business (LoB)
    • Example: Customer group > value stream > products

    Enterprise applications

    • Enabling capabilities
    • Enterprise platforms
    • Supporting apps
    • Example: HR > Workday/Peoplesoft > Modules Supporting: Job board, healthcare administrator

    Shared Services

    • Organization of related services into service family
    • Direct hierarchy does not necessarily exist within the family
    • Examples: End-user support and ticketing, workflow and collaboration tools

    Technical

    • Domain grouping of IT infrastructure, platforms, apps, skills, or languages
    • Often used in combination with Shared Services grouping or LoB-specific apps
    • Examples: Java, .NET, low-code, database, network

    Organizational alignment

    • Used at higher levels of the organization where products are aligned under divisions
    • Separation of product managers from organizational structure is no longer needed because the management team owns the product management role

    Map sources of demand and influencers

    Use the stakeholder analysis to define the key stakeholders and sources of demand for enterprise applications and shared services. Extend your mapping to include their stakeholders and influencers to uncover additional sources of demand and prioritization.

    Map of key stakeholders for enterprise applications and shared services.

    Info-Tech Insight

    Your product owner map defines the influence landscape your product operates. It is every bit as important as the teams who enhance, support and operate your product directly.

    Combine your product owner map with your stakeholder map to create a comprehensive view of influencers.

    The primary value of the product owner is to fill the backlog with the highest ROI opportunities aligned with enterprise goals.

    Info-Tech Insight

    The product owner owns the direction of the product.

    • Roadmap - Where are we going?
    • Backlog - What changes are needed to get there?
    • Product review - Did we get close enough?

    Product delivery realizes value for your product family

    While planning and analysis are done at the family level, work and delivery are done at the individual product level.

    Product strategy includes: Vision, Goals, Roadmap, backlog and Release plan.

    Product family owners are more strategic

    When assigning resources, recognize that product family owners will need to be more strategic with their planning and alignment of child families and products.

    Product family owners are more strategic. They require a roadmap that is strategic, goal-based, high-level, and flexible.

    Info-Tech Insight

    Roadmaps for your product family are, by design, less detailed. This does not mean they aren’t actionable! Your product family roadmap should be able to communicate clear intentions around the future delivery of value in both the near and long term.

    Connecting your product family roadmaps to product roadmaps

    Your product and product family roadmaps should be connected at an artifact level that is common between both. Typically, this is done with capabilities, but it can be done at a more granular level if an understanding of capabilities isn’t available.

    Product family roadmap versus Product Roadmaps.

    Develop a product owner stakeholder strategy

    Stakeholder management, Product lifecycle, Project delivery, Operational support.

    Stakeholders are a critical cornerstone to product ownership. They provide the context, alignment, and constraints that influence or control what a product owner can accomplish.

    Product owners operate within a network of stakeholders who represent different perspectives within the organization.

    First, product owners must identify members of their stakeholder network. Next, they should devise a strategy for managing stakeholders.

    Without a stakeholder strategy, product owners will encounter obstacles, resistance, or unexpected changes.

    Create a stakeholder network map to product roadmaps and prioritization

    Follow the trail of breadcrumbs from your direct stakeholders to their influencers, to uncover hidden stakeholders.

    Stakeholder network map defines the influence landscape your product operates. Connectors determine who may be influencing your direct stakeholders.

    Info-Tech Insight

    Your stakeholder map defines the influence landscape your product operates. It is every bit as important as the teams who enhance, support and operate your product directly.

    Use “connectors” to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have informal yet substantive relationships with your stakeholders.

    Being successful at Agile is more than about just doing Agile

    The following represents the hard skills needed to “Do Agile”:

    Being successful at Agile needs 4 hard skills: 1. Engineering skills, 2. Technician Skills, 3. Framework/Process skills, 4. Tools skills.
    • Engineering skills. These are the skills and competencies required for building brand-new valuable software.
    • Technician skills. These are the skills and competencies required for maintaining and operating the software delivered to stakeholders.
    • Framework/Process skills. These are the specific knowledge skills required to support engineering or technician skills.
    • Tools skills. This represents the software that helps you deliver other software.

    While these are important, they are not the whole story. To effectively deliver software, we believe in the importance of being Agile over simply doing Agile.

    Adapted from: “Doing Agile” Is Only Part of the Software Delivery Pie

    Why focus on core skills?

    They are the foundation to achieve business outcomes

    Skills, actions, output and outcomes

    The right skills development is only possible with proper assessment and alignment against outcomes.

    Focus on these real Agile skills

    Agile skills

    • Accountability
    • Collaboration
    • Comfort with ambiguity
    • Communication
    • Empathy
    • Facilitation
    • Functional decomposition
    • Initiative
    • Process discipline
    • Resilience

    Product capabilities deliver value

    As a product owner, you are responsible for managing these facets through your capabilities and activities.

    The core product and value stream consists of: Funding - Product management and governance, Business functionality - Stakeholder and relationship management, and Technology - Product delivery.

    Info-Tech Best Practice

    It is easy to lose sight of what matters when we look at a product from a single point of view. Despite what "The Agile Manifesto" says, working software is not valuable without the knowledge and support that people need in order to adopt, use, and maintain it. If you build it, they will not come. Product owners must consider the needs of all stakeholders when designing and building products.

    Recognize product owner knowledge gaps

    Pulse survey of product owners

    Pulse survey of product owners. Graph shows large percentage of respondents have alignment to common agile definition of product owners. Yet a significant perception gap in P&L, delivery, and analytics.

    Info-Tech Insight

    1. Less than 15% of respondents identified analytics or financial management as a key component of product ownership.
    2. Assess your product owner’s capabilities and understanding to develop a maturity plan.

    Source: Pulse Survey (N=18)

    Implement the Info-Tech product owner capability model

    Unfortunately, most product owners operate with incomplete knowledge of the skills and capabilities needed to perform the role. Common gaps include focusing only on product backlogs, acting as a proxy for product decisions, and ignoring the need for key performance indicators (KPIs) and analytics in both planning and value realization.

    Product Owner capabilities: Vision, Product Lifecycle Management, Leadership, Value Realization

    Vision

    • Market Analysis
    • Business Alignment
    • Product Roadmap

    Leadership

    • Soft Skills
    • Collaboration
    • Decision Making

    Product Lifecycle Management

    • Plan
    • Build
    • Run

    Value Realization

    • KPIs
    • Financial Management
    • Business Model

    Product owner capabilities provide support

    Vision predicts impact of Value realization. Value realization provides input to vision

    Your vision informs and aligns what goals and capabilities are needed to fulfill your product or product family vision and align with enterprise goals and priorities. Each item on your roadmap should have corresponding KPIs or OKRs to know how far you moved the value needle. Value realization measures how well you met your target, as well as the impacts on your business value canvas and cost model.

    Product lifecycle management builds trust with Leadership. Leadership improves quality of Product lifecycle management.

    Your leadership skills improve collaborations and decisions when working with your stakeholders and product delivery teams. This builds trust and improves continued improvements to the entire product lifecycle. A product owner’s focus should always be on finding ways to improve value delivery.

    Product owner capabilities provide support

    Leadership enhances Vision. Vision Guides Product Lifecycle Management. Product Lifecycle Management delivers Value Realization. Leadership enhances Value Realization

    Develop product owner capabilities

    Each capability: Vision, Product lifecycle management, Value realization and Leadership has 3 components needed for successful product ownership.

    Avoid common capability gaps

    Vision

    • Focusing solely on backlog grooming (tactical only)
    • Ignoring or failing to align product roadmap to enterprise goals
    • Operational support and execution
    • Basing decisions on opinion rather than market data
    • Ignoring or missing internal and external threats to your product

    Leadership

    • Failing to include feedback from all teams who interact with your product
    • Using a command-and-control approach
    • Viewing product owner as only a delivery role
    • Acting as a proxy for stakeholder decisions
    • Avoiding tough strategic decisions in favor of easier tactical choices

    Product lifecycle management

    • Focusing on delivery and not the full product lifecycle
    • Ignoring support, operations, and technical debt
    • Failing to build knowledge management into the lifecycle
    • Underestimating delivery capacity, capabilities, or commitment
    • Assuming delivery stops at implementation

    Value realization

    • Focusing exclusively on “on time/on budget” metrics
    • Failing to measure a 360-degree end-user view of the product
    • Skipping business plans and financial models
    • Limiting financial management to project/change budgets
    • Ignoring market analysis for growth, penetration, and threats

    Your product vision is your North Star

    It's ok to dream a little!

    Who is the target customer, what is the key benefit, what do they need, what is the differentiator

    Adapted from: Crossing the Chasm

    Info-Tech Best Practice

    A product vision shouldn’t be so far out that it doesn’t feel real or so short-term that it gets bogged down in minutiae and implementation details. Finding the right balance will take some trial and error and will be different for each organization.

    Leverage the product canvas to state and inform your product vision

    Leverage the product Canvas to state and inform your product vision. Includes: Product name, Tracking info, Vision, List of business objectives or goals, Metrics used to measure value realization, List of groups who consume the product/service, and List of key resources or stakeholders.

    Define product value by aligning backlog delivery with roadmap goals

    In each product plan, the backlogs show what you will deliver. Roadmaps identify when and in what order you will deliver value, capabilities, and goals.

    In each product plan, the backlogs show what you will deliver. Roadmaps identify when and in what order you will deliver value, capabilities, and goals.

    Use a balanced value to establish a common definition of goals and value

    Value drivers are strategic priorities aligned to our enterprise strategy and translated through our product families. Each product and change has an impact on the value driver helping us reach our enterprise goals.

    Importance of the value driver multiplied by the Impact of value score is equal to the Value score.

    Info-Tech Insight

    Your value drivers and impact helps estimate the expected value of roadmap items, prioritize roadmap and backlog items, and identify KPIs and OKRs to measure value realization and actual impact.

    Use CLAIM to guide your journey

    Culture, Learning, Automation, Integrated teams, Metrics and governance.

    Value is best created by self-managing teams who deliver in frequent, short increments supported by leaders who coach them through challenges.

    Product-centric delivery and Agile are a radical change in how people work and think. Structured, facilitated learning is required throughout the transformation to help leaders and practitioners make the shift.

    Product management, Agile, and DevOps have inspired SDLC tools that have become a key part of delivery practices and work management.

    Self-organizing teams that cross business, delivery, and operations are essential to gain the full benefits of product-centric delivery.

    Successful implementations require the disciplined use of metrics that support developing better teams

    Communicate reasons for changes and how they will be implemented

    Five elements of communicating change: What is the change? Why are we doing it? How are we going to go about it? How long will it take us to do it? What will the role be for each department individual?

    Leaders of successful change spend considerable time developing a powerful change message; that is, a compelling narrative that articulates the desired end state, and that makes the change concrete and meaningful to staff.

    The organizational change message should:

    • Explain why the change is needed.
    • Summarize what will stay the same.
    • Highlight what will be left behind.
    • Emphasize what is being changed.
    • Explain how the change will be implemented.
    • Address how change will affect various roles in the organization.
    • Discuss the staff’s role in making the change successful.

    Info-Tech’s methodology for mature and scale product ownership

    Phase steps

    1. Establish the foundation for product ownership

    Step 1.1 Establish an environment for product owner success

    Step 1.2 Establish your product ownership model

    2. Align product owners to products

    Step 2.1 Assign product owners to products

    Step 2.2 Manage stakeholder influence

    3. Mature product owner capabilities

    Step 3.1 Assess your Agile product owner readiness

    Step 3.2 Mature product owner capabilities

    Phase outcomes

    1.1.1 Define enablers and blockers of product management

    1.1.2 Define your product management roles and names

    1.2.1 Identify your primary product owner perspective

    1.2.2 Define your product owner RACI

    2.1.1 Assign resources to your products and families

    2.2.1 Visualize relationships to identify key influencers

    2.2.2 Group stakeholders into categories

    2.2.3 Prioritize your stakeholders

    3.1.1 Assess your real Agile skill proficiency

    3.2 Mature product owner capabilities

    3.2.1 Assess your vision capability proficiency

    3.2.2 Assess your leadership capability proficiency

    3.2.3 Assess your PLM capability proficiency

    3.2.4 Identify your business value drivers and sources of value

    3.2.5 Assess your value realization capability proficiency

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals.

    Key deliverable

    Mature and Scale Product Ownership Playbook

    Capture and organize the outcomes of the activities in the workbook.

    Mature and Scale Product Ownership Workbook

    The workbook helps organize and communicate the outcomes of each activity.

    Mature and Scale Product Ownership Readiness Assessment

    Determine your level of mastery of real Agile skills and product owner capabilities.


    Blueprint benefits

    IT benefits

    • Competent product owner who can support teams operating in any delivery methodology.
    • Representative viewpoint and input from the technical and operational product owner perspectives.
    • Products aligned to business needs and committed work are achievable.
    • Single point of contact with a business representative.
    • Acceptance of product owner role outside the Scrum teams.

    Business benefits

    • Better alignment to enterprise goals, vision, and outcomes.
    • Improved coordination with stakeholders.
    • Quantifiable value realization tied to vision.
    • Product decisions made at the right time and with the right input.
    • Product owner who has the appropriate business, operations, and technical knowledge.

    Measure the value of this blueprint

    Align product owner metrics to product delivery and value realization.

    Member outcome

    Suggested Metric

    Estimated impact

    Increase business application satisfaction Satisfaction of business applications (CIO BV Diagnostic) 20% increase within one year after implementation
    Increase effectiveness of application portfolio management Effectiveness of application portfolio management (M&G Diagnostic) 20% increase within one year after implementation
    Increase importance and effectiveness of application portfolio Importance and effectiveness to business (APA Diagnostic) 20% increase within one year after implementation
    Increase satisfaction of support of business operations Support to business (CIO BV Diagnostic) 20% increase within one year after implementation
    Successfully deliver committed work (productivity) Number of successful deliveries; burndown Reduction in project implementation overrun by 20%

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project"

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Establish the Foundation for Product Ownership

    Phase 2 Align Product Owners to Products

    Phase 3 Mature Product Owner Capabilities

    • Call #1:
      Scope objectives and your specific challenges
    • Call #2:
      Step 1.1 Establish an environment for product owner success
      Step 1.2 Establish your product ownership model
    • Call #3:
      Step 2.1 Assign product owners to products
    • Call #4:
      Step 2.2 Manage stakeholder influence
    • Call #5:
      Step 3.1 Assess your Agile product owner readiness
    • Call #6:
      Step 3.2 Mature product owner capabilities

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 and 12 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Phase 1

    Phase 2

    Phase 3

    Activities

    Establish the Foundation for Product Ownership

    Step 1.1 Establish an environment for product owner success

    1.1.1 Define enablers and blockers of product management

    1.1.2 Define your product management roles and names

    1.1.3 Assess your product management readiness

    Step 1.2 Establish your product ownership model

    1.2.1 Identify your primary product owner perspective

    1.2.2 Define your product owner RACI

    Align Product Owners to Products

    Step 2.1 Assign product owners to products

    2.1.1 Assign resources to your products and families

    Step 2.2 Manage stakeholder influence

    2.2.1 Visualize relationships to identify key influencers

    2.2.2 Group stakeholders into categories

    2.2.3 Prioritize your stakeholders

    Mature Product Owner Capabilities

    Step 3.1 Assess your Agile product owner readiness

    3.1.1 Assess your real Agile skill proficiency

    Step 3.2 Mature product owner capabilities=

    3.2.1 Assess your Vision capability proficiency

    3.2.2 Assess your Leadership capability proficiency

    3.2.3 Assess your PLM capability proficiency

    3.2.4 Identify your business value drivers and sources of value

    3.2.5 Assess your Value Realization capability proficiency

    Deliverables

    1. Enablers and blockers
    2. Role definitions
    3. Product culture readiness
    4. Product owner perspective mapping
    5. Product owner RACI
    1. Product resource assignment
    2. Stakeholder management strategy
    1. Real Agile skill proficiency assessment
    2. Info-Tech’s product owner capability model proficiency assessment
    3. Business value drivers and sources of value

    Related Info-Tech Research

    Product delivery

    Deliver on Your Digital Product Vision

    Build a product vision your organization can take from strategy through execution.

    Deliver Digital Products at Scale

    Deliver value at the scale of your organization through defining enterprise product families.

    Build Your Agile Acceleration Roadmap

    Quickly assess the state of your Agile readiness and plan your path forward to higher value realization.

    Develop Your Agile Approach for a Successful Transformation

    Understand Agile fundamentals, principles, and practices so you can apply them effectively in your organization.

    Implement DevOps Practices That Work

    Streamline business value delivery through the strategic adoption of DevOps practices.

    Extend Agile Practices Beyond IT

    Further the benefits of Agile by extending a scaled Agile framework to the business.

    Build Your BizDevOps Playbook

    Embrace a team sport culture built around continuous business-IT collaboration to deliver great products.

    Embed Security Into the DevOps Pipeline

    Shift security left to get into DevSecOps.

    Spread Best Practices With an Agile Center of Excellence

    Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Enable Organization-Wide Collaboration by Scaling Agile

    Execute a disciplined approach to rolling out Agile methods in the organization.

    Related Info-Tech Research

    Application portfolio management

    APM Research Center

    See an overview of the APM journey and how we can support the pieces in this journey.

    Application Portfolio Management Foundations

    Ensure your application portfolio delivers the best possible return on investment.

    Streamline Application Maintenance

    Effective maintenance ensures the long-term value of your applications.

    Streamline Application Management

    Move beyond maintenance to ensuring exceptional value from your apps.

    Build an Application Department Strategy

    Delivering value starts with embracing what your department can do.

    Embrace Business-Managed Applications

    Empower the business to implement its own applications with a trusted business-IT relationship.

    Optimize Applications Release Management

    Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Related Info-Tech Research

    Value, delivery metrics, estimation

    Build a Value Measurement Framework

    Focus product delivery on business value-driven outcomes.

    Select and Use SDLC Metrics Effectively

    Be careful what you ask for, because you will probably get it.

    Application Portfolio Assessment: End User Feedback

    Develop data-driven insights to help you decide which applications to retire, upgrade, re-train on, or maintain to meet the demands of the business.

    Create a Holistic IT Dashboard

    Mature your IT department by measuring what matters.

    Refine Your Estimation Practices With Top-Down Allocations

    Don’t let bad estimates ruin good work.

    Estimate Software Delivery With Confidence

    Commit to achievable software releases by grounding realistic expectations.

    Reduce Time to Consensus With an Accelerated Business Case

    Expand on the financial model to give your initiative momentum.

    Optimize Project Intake, Approval, and Prioritization

    Deliver more projects by giving yourself the voice to say “no” or “not yet” to new projects.

    Enhance PPM Dashboards and Reports

    Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Related Info-Tech Research

    Organizational design and performance

    Redesign Your IT Organizational Structure

    Focus product delivery on business value-driven outcomes.

    Build a Strategic Workforce Plan

    Have the right people in the right place, at the right time.

    Implement a New Organizational Structure

    Reorganizations are inherently disruptive. Implement your new structure with minimal pain for staff while maintaining IT performance throughout the change.

    Build an IT Employee Engagement Program

    Don’t just measure engagement, act on it.

    Set Meaningful Employee Performance Measures

    Set holistic measures to inspire employee performance.

    Phase 1

    Establish the Foundation for Product Ownership

    Phase 1: Establish an environment for product owner success, Establish your product ownership model

    Mature and Scale Product Ownership

    This phase will walk you through the following activities:

    1.1.1 Define enablers and blockers of product management

    1.1.2 Define your product management roles and names

    1.1.3 Assess your product management readiness

    1.2.1 Identify your primary product owner perspective

    1.2.2 Define your product owner RACI

    This phase involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Step 1.1

    Establish an environment for product owner success

    Activities

    1.1.1 Define enablers and blockers of product management

    1.1.2 Define your product management roles and names

    1.1.3 Assess your product management readiness

    Establish the foundation for product ownership

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Outcomes of this step

    • Enablers and blockers
    • Role definitions

    Empower product owners as the true owners of their product

    Product ownership requires decision-making authority and accountability for the value realization from those decisions. POs are more than a proxy for stakeholders, aggregators for changes, and the communication of someone else’s priorities.

    “A Product Owner in its most beneficial form acts like an Entrepreneur, like a 'mini-CEO'. The Product Owner is someone who really 'owns' the product.”

    – Robbin Schuurman,
    “Tips for Starting Technical Product Managers”

    Info-Tech Best Practice

    Implement Info-Tech’s Product Owner Capability Model to help empower and hold product owners accountable for the maturity and success of their product. The product owner must understand how their product fits into the organization’s mission and strategy in order to align to enterprise value.

    Product and service owners share the same foundation and capabilities

    For the purpose of this blueprint, product/service and product owner/service owner are used interchangeably. The term “product” is used for consistency but applies to services, as well.

    Product = Service

    Common foundations: Focus on continuous improvement, ROI, and value realization. Clear vision, goals, roadmap, and backlog.

    “Product” and “service” are terms that each organization needs to define to fit its culture and customers (internal and external). The most important aspect is consistent use and understanding of:

    • External products
    • Internal products
    • External services
    • Internal services
    • Products as a service (PaaS)
    • Productizing services (SaaS)

    Define product ownership to match your culture and customers

    Characteristics of a discrete product:

    • Has end users or consumers
    • Delivers quantifiable value
    • Evolves or changes over time
    • Has predictable delivery
    • Has definable boundaries
    • Has a cost to produce and operate
    • Has a discrete backlog and roadmap of improvements

    What does not need a product owner?

    • Individual features
    • Transactions
    • Unstructured data
    • One-time solutions
    • Non-repeatable processes
    • Solutions that have no users or consumers
    • People or teams

    Info-Tech Insight

    • Products are long-term endeavors that don’t end after the project finishes.
    • Products mature and improve their ability to deliver value.
    • Products have a discrete backlog of changes to improve the product itself, separate from operational requests fulfilled by the product or service.

    Need help defining your products or services? Download our blueprint Deliver Digital Products at Scale.

    Connect roadmaps to value realization with KPIs

    Every roadmap item should have an expected realized value once it is implemented. The associate KPIs or OKRs determine if our goal was met. Any gap in value feedback back into the roadmap and backlog refinement.</p data-verified=

    " loading="lazy">

    Info-Tech Insight

    Every roadmap item should have an expected realized value once it is implemented. The associate KPIs or OKRs determine if our goal was met. Any gap in value feedback back into the roadmap and backlog refinement.

    Identify the differences between a project-centric and a product-centric organization

    Differences between Project centric and Product centric organizations in regards to: Funding, Prioritization, Accountability, Product management, Work allocation, and Capacity management.

    Info-Tech Insight

    Product delivery requires significant shifts in the way you complete development work and deliver value to your users. Make the changes that support improving end-user value and enterprise alignment.

    Projects can be a mechanism for funding product changes and improvements

    Projects lifecycle, hybrid lifecycle and product lifecycle. Period or periods of project development have parallel services that encompass a more product-based view.

    Projects withing products

    Regardless of whether you recognize yourself as a product-based or project-based shop, the same basic principles should apply.

    You go through a period or periods of project-like development to build a version of an application or product.

    You also have parallel services along with your project development, which encompasses a more product-based view. These may range from basic support and maintenance to full-fledged strategy teams or services like sales and marketing.

    Recognize common barriers to product management

    The transition to product ownership is a series of behavioral and cultural changes supported by processes and governance. It takes time and consistency to be successful.

    • Command and control structures
    • Lack of ownership and accountability
    • High instability in the market, demand, or organization
    • Lack of dedicated teams align to delivery, service, or product areas
    • Culture of one-off projects
    • Lack of identified and engaged stakeholders
    • Lack of customer exposure and knowledge

    Agile’s four core values

    “…while there is value in the items on the right, we value the items on the left more.”

    Source: “The Agile Manifesto”

    We value...

    We value being agile: Individuals and interactions, Working Software, Customer collaboration, Responding to change. Versus being prescriptive: Processes and tools, Comprehensive documentation, Contract negotiation, following a plan.

    Exercise 1.1.1 Define enablers and blockers of product management

    1 hour
    1. Identify and mitigate blockers of product management in your organization.
    2. What enablers will support strong product owners?
    3. What blockers will make the transition to product management harder?
    4. For each blocker, also define at least one mitigating step.
    Define enablers e.g. team culture. Define blockers and at least one mitigating step

    Output

    • Enablers and blockers

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Align enterprise value through product families

    Product families are operational groups based on capabilities or business functions. Product family managers translate goals, priorities, and constraints so they are actionable at the next level. Product owners prioritize changes to enhance the capabilities that allow you to realize your product family. Enabling capabilities realize value and help reach your goals.

    Effective product delivery requires thinking about more than just a single product

    Good application and product management begins with strengthening good practices for a single or small set of applications, products, and services.

    Product portfolio

    Groups of product families within an overall value stream or capability grouping.

    Project portfolio manager

    Product family

    A collection of related products. Products can be grouped along architectural, functional, operational, or experiential patterns.

    Product family manager

    Product

    Single product composed of one or more applications and services.

    Product owner

    Info-Tech Insight

    Define the current roles that will perform the product management function or define consistent role names to product owners and managers.

    Exercise 1.1.2 Define your product management roles and names

    1-2 hour
    1. Identify the roles in which product management activities will be owned.
    2. Define a common set of role names and describe the role.
    3. Map the level of accountability for each role: Product or Product Family
    4. Product owner perspectives will be defined in the next step.

    Define roles, description and level of product accountability.

    Output

    • Role definitions

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Use CLAIM to guide your journey

    Culture, Learning, Automation, Integrated teams, Metrics and governance.

    Value is best created by self-managing teams who deliver in frequent, short increments supported by leaders who coach them through challenges.

    Product-centric delivery and Agile are a radical change in how people work and think. Structured, facilitated learning is required throughout the transformation to help leaders and practitioners make the shift.

    Product management, Agile, and DevOps have inspired SDLC tools that have become a key part of delivery practices and work management.

    Self-organizing teams that cross business, delivery, and operations are essential to gain the full benefits of product-centric delivery.

    Successful implementations require the disciplined use of metrics that support developing better teams

    Exercise 1.1.3 Assess your product management readiness

    1 hour
    1. Open and complete the Mature and Scale Product Ownership Readiness Assessment in your Playbook or the provided Excel tool.
    2. Discuss high and low scores for each area to reach a consensus.
    3. Record your results in your Playbook.

    Assess your culture, learning, automation, Integrated teams, metrics and governance.

    Output

    • Assessment of product management readiness based on Info-Tech’s CLAIM+G model.

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Readiness Assessment.

    Communicate reasons for changes and how they will be implemented

    Five elements of communicating change: What is the change? Why are we doing it? How are we going to go about it? How long will it take us to do it? What will the role be for each department individual?

    Leaders of successful change spend considerable time developing a powerful change message; that is, a compelling narrative that articulates the desired end state, and that makes the change concrete and meaningful to staff.

    The organizational change message should:

    Step 1.2

    Establish your product ownership model

    Activities

    1.2.1 Identify your primary product owner perspective

    1.2.2 Define your product owner RACI

    Establish the foundation for product ownership

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Outcomes of this step

    • Product owner perspective mapping
    • Product owner RACI

    Recognize the product owner perspectives

    The 3 product owner perspectives. 1. Business: Customer-facing, value-generating. 2. Technical: IT systems and tools. 3. Operations: Keep-the-lights-on processes.

    Product owners represent one of three primary perspectives. Although all share the same capabilities, how they approach their responsibilities is influenced by their primary perspective.

    Info-Tech Best Practice

    Product owners must translate needs and constraints from their perspective into the language of their audience. Kathy Borneman, Digital Product Owner at SunTrust Bank, noted the challenges of finding a common language between lines of business and IT (e.g. what is a unit?).

    Identify and align to product owner perspectives to ensure product success

    Product owner perspectives

    The 3 product owner perspectives. 1. Business: Customer-facing, value-generating. 2. Technical: IT systems and tools. 3. Operations: Keep-the-lights-on processes.
    1. Each product owner perspective provides important feedback, demand, and support for the product.
    2. Where a perspective is represented by a distinct role, the perspective is managed with that product owner.
    3. If separate roles don’t exist, the product owner must evaluate their work using two or three perspectives.
    4. The ultimate success of a product, and therefore product owner, is meeting the end-user value of the business product owner, tool support of the technical product owner, and manual processing support of the operations product owner.

    Line of business (LOB) product owners

    LOB product owners focus on the products and services consumed by the organization’s external consumers and users. The role centers on the market needs, competitive landscape, and operational support to deliver products and services.

    Business perspective

    • Alignment to enterprise strategy and priorities
    • Growth: market penetration and/or revenue
    • Perception of product value
    • Quality, stability, and predictability
    • Improvement and innovation
    • P&L
    • Market threats and opportunities
    • Speed to market
    • Service alignment
    • Meet or exceed individual goals

    Relationship to Operations

    • Customer satisfaction
    • Speed of delivery and manual processing
    • Continuity

    Relationship to Technical

    • Enabler
    • Analysis and insight
    • Lower operating and support costs

    Technical product owners

    Technical product owners are responsible for the IT systems, tools, platforms, and services that support business operations. Often they are identified as application or platform managers.

    Technical perspective

    • Application, application suite, or group of applications
    • Core platforms and tools
    • Infrastructure and networking
    • Third-party technology services
    • Enable business operations
    • Direct-to-customer product or service
    • Highly interconnected
    • Need for continuous improvement
    • End-of-life management
    • Internal value proposition and users

    Relationship to Business

    • Direct consumers
    • End users
    • Source of funding

    Relationship to Operations

    • End users
    • Process enablement or automation
    • Support, continuity, and manual intervention

    Operations (service) product owners

    Operational product owners focus on the people, processes, and tools needed for manual processing and decisions when automation is not cost-effective. Operational product owners are typically called service owners due to the nature of their work.

    Operational perspective

    • Business enablement
    • Continuity
    • Problem, incident, issue resolution
    • Process efficiency
    • Throughput
    • Error/defect avoidance
    • Decision enablement
    • Waste reduction
    • Limit time in process
    • Disaster recovery

    Relationship to Business

    • Revenue enablement
    • Manual intervention and processing
    • End-user satisfaction

    Relationship to Technical

    • Process enabler
    • Performance enhancement
    • Threat of automation

    Exercise 1.2.1 Identify your primary product owner perspective

    1 hour
    1. Identify which product owner perspective represents your primary focus.
    2. Determine where the other perspectives need to be part of your product roadmap or if they are managed by other product owners.

    Identify product/service name, identify product owner perspective, determine if other perspectives need to be part of roadmap.

    Output

    • Identification of primary product owner perspective.

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Realign differences between project managers and product owners

    Differences between Project Manager and Product Owners in regards to: Funding, Prioritization, Accountability, Product management, Work allocation, and Capacity management.

    Manage and communicate key milestones

    Successful product owners understand and define the key milestones in their product delivery lifecycles. These need to be managed along with the product backlog and roadmap.

    Define key milestones and their product delivery life-cycles.

    Info-Tech Best Practice

    Product ownership isn’t just about managing the product backlog and development cycles. Teams need to manage key milestones such as learning milestones, test releases, product releases, phase gates, and other organizational checkpoints.

    Define who manages each key milestone

    Key milestones must be proactively managed. If a project manager is not available, those responsibilities need to be managed by the product owner or Scrum Master. Start with responsibility mapping to decide which role will be responsible.

    Example milestones and Project Manager, Product Owner and Team Facilitator.

    *Scrum Master, Delivery Manager, Team Lead

    Exercise 1.2.2 Define your product owner RACI

    60 minutes
    1. Review your product and project delivery methodologies to identify key milestones (including approvals, gates, reviews, compliance checks, etc.). List each milestone on a flip chart or whiteboard.
    2. For each milestone, define who is accountable for the completion.
    3. For each milestone, define who is responsible for executing the milestone activity. (Who does the work that allows the milestone to be completed?)
    4. Review any responsibility and accountability gaps and identify opportunities to better support and execute your operating model.
    5. If you previously completed Deliver Digital Products at Scale , review and update your RACI in the Mature and Scale Product Ownership Workbook .

    Define: Milestones, Project Manager, Product/service owner, Team Facilitator, and Other roles.

    Output

    • Product owner RACI

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Phase 2

    Align Product Owners to Products

    Phase 2: Assign product owners to products, Manage stakeholder influence

    Mature and Scale Product Ownership

    This phase will walk you through the following activities:

    2.1.1 Assign resources to your products and families

    2.2.1 Visualize relationships to identify key influencers

    2.2.2 Group stakeholders into categories

    2.2.3 Prioritize your stakeholders

    This phase involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Step 2.1

    Assign product owners to products

    Activities

    2.1.1 Assign resources to your products and families

    Align product owners to products

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Outcomes of this step

    • Product resource assignment

    Match your product management role definitions to your product family levels

    Using the role definitions, you created in Exercise 1.1.2, determine which roles correspond to which levels of your product families.

    Product portfolio

    Groups of product families within an overall value stream or capability grouping.

    Project portfolio manager

    Product family

    A collection of related products. Products can be grouped along architectural, functional, operational, or experiential patterns.

    Product family manager

    Product

    Single product composed of one or more applications and services.

    Product owner

    Info-Tech Insight

    Define the current roles that will perform the product management function or define consistent role names to product owners and managers.

    Assign resources throughout your product families

    Project families are owned by a product manager. Product owners own each product that has a distinct backlog.

    Info-Tech Insight

    • Start by assigning resources to each product or product family box.
    • A product owner can be responsible for more than one product.
    • Ownership of more than one product does not mean they share the same backlog.
    • For help organizing your product families, please download Deliver Digital Products at Scale.

    Understand special circumstances

    In Deliver Digital Products at Scale , products were grouped into families using Info-Tech’s five scaling patterns. Assigning owners to Enterprise Applications and Shared Services requires special consideration.

    Value stream alignment

    • Business architecture
      • Value stream
      • Capability
      • Function
    • Market/customer segment
    • Line of business (LoB)
    • Example: Customer group > value stream > products

    Enterprise applications

    • Enabling capabilities
    • Enterprise platforms
    • Supporting apps
    • Example: HR > Workday/Peoplesoft > Modules Supporting: Job board, healthcare administrator

    Shared Services

    • Organization of related services into service family
    • Direct hierarchy does not necessarily exist within the family
    • Examples: End-user support and ticketing, workflow and collaboration tools

    Technical

    • Domain grouping of IT infrastructure, platforms, apps, skills, or languages
    • Often used in combination with Shared Services grouping or LoB-specific apps
    • Examples: Java, .NET, low-code, database, network

    Organizational alignment

    • Used at higher levels of the organization where products are aligned under divisions
    • Separation of product managers from organizational structure is no longer needed because the management team owns the product management role

    Map the source of demand to each product

    With enterprise applications and shared services, your demand comes from other product and service owners rather than end customers in a value stream.

    Enterprise applications

    • Primary demand comes from the operational teams and service groups using the platform.
    • Each group typically has processes and tools aligned to a module or portion of the overall platform.
    • Product owners determine end-user needs to assist with process improvement and automation.
    • Product family managers help align roadmap goals and capabilities across the modules and tools to ensure consistency and the alignment of changes.

    Shared services

    • Primary demand for shared services comes from other product owners and service managers whose solution or application is dependent on the shared service platform.
    • Families are grouped by related themes (e.g. workflow tools) to increase reusability, standard enterprise solutions, reduced redundancy, and consistent processes across multiple teams.
    • Product owners manage the individual applications or services within a family.

    Pattern: Enterprise applications

    A division or group delivers enabling capabilities and the team’s operational alignment maps directly to the modules/components of an enterprise application and other applications that support the specific business function.

    Workforce Management, Strategic HR, Talent Management, Core HR

    Example:

    • Human resources is one corporate function. Within HR, however, there are subfunctions that operate independently.
    • Each operational team is supported by one or more applications or modules within a primary HR system.
    • Even though the teams work independently, the information they manage is shared with, or ties into processes used by other teams. Coordination of efforts helps provide a higher level of service and consistency.

    For additional information about HRMS, please download Get the Most Out of Your HRMS.

    Assigning owners to enterprise applications

    Align your enterprise application owners to your operating teams that use the enterprise applications. Effectively, your service managers will align with your platform module owners to provide integrated awareness and planning.

    Family manager (top-level), Family managers (second-level) and Product owners.

    Pattern: Shared services

    Grouping by service type, knowledge area, or technology allows for specialization while families align service delivery to shared business capabilities.

    Grouping by service type, knowledge area, or technology allows for specialization while families align service delivery to shared business capabilities.

    Example:

    • Recommended for governance, risk, and compliance; infrastructure; security; end-user support; and shared platforms (workflow, collaboration, imaging/record retention). Direct hierarchies do not necessarily exist within the shared service family.
    • Service groupings are common for service owners (also known as support managers, operations managers, etc.).
    • End-user ticketing comes through a common request system, is routed to the team responsible for triage, and then is routed to a team for resolution.
    • Collaboration tools and workflow tools are enablers of other applications, and product families might support multiple apps or platforms delivering that shared capability.

    Assigning owners to shared services

    Assign owners by service type, knowledge area, or technology to provide alignment of shared business capabilities and common solutions.

    Family manager (top-level), Family managers (second-level) and Product owners.

    Map sources of demand and influencers

    Use the stakeholder analysis to define the key stakeholders and sources of demand for enterprise applications and shared services. Extend your mapping to include their stakeholders and influencers to uncover additional sources of demand and prioritization.

    Map of key stakeholders for enterprise applications and shared services.

    Info-Tech Insight

    Your product owner map defines the influence landscape your product operates. It is every bit as important as the teams who enhance, support, and operate your product directly.

    Combine your product owner map with your stakeholder map to create a comprehensive view of influencers.

    Exercise 2.1.1 Assign resources to your products and families

    1-4 hours
    1. Use the product families you completed in Deliver Digital Products at Scale to determine which products and product families need a resource assigned. Where the same resource fills more than one role, they are the product owner or manager for each independently.
    2. Product families that are being managed as products (one backlog for multiple products) should have one owner until the family is split into separate products later.
    3. For each product and family, define the following:
      • Who is the owner (role or person)?
      • Is ownership clearly defined?
      • Are there other stakeholders who make decisions for the product?
    4. Record the results in the Mature and Scale Product Ownership Workbook on the Product Owner Mapping worksheet.

    Output

    • Product owner and manager resource alignment.

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Step 2.2

    Manage stakeholder influence

    Activities

    2.2.1 Visualize relationships to identify key influencers

    2.2.2 Group stakeholders into categories

    2.2.3 Prioritize your stakeholders

    Align product owners to products

    This step involves the following participants:

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Delivery managers
    • Business analysts

    Outcomes of this step

    • Stakeholder management strategy

    Develop a product owner stakeholder strategy

    Stakeholder management, Product lifecycle, Project delivery, Operational support.

    Stakeholders are a critical cornerstone to product ownership. They provide the context, alignment, and constraints that influence or control what a product owner can accomplish.

    Product owners operate within a network of stakeholders who represent different perspectives within the organization.

    First, product owners must identify members of their stakeholder network. Next, they should devise a strategy for managing stakeholders.

    Without a stakeholder strategy, product owners will encounter obstacles, resistance, or unexpected changes.

    Create a stakeholder network map to product roadmaps and prioritization

    Follow the trail of breadcrumbs from your direct stakeholders to their influencers to uncover hidden stakeholders.

    Create a stakeholder network map to product roadmaps and prioritization. Use connectors to determine who may be influencing your direct stakeholders.

    Info-Tech Insight

    Your stakeholder map defines the influence landscape your product operates. It is every bit as important as the teams who enhance, support, and operate your product directly.

    Use connectors to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have informal yet substantive relationships with your stakeholders.

    Exercise 2.2.1 Visualize relationships to identify key influencers

    1 hour
    1. List direct stakeholders for your product.
    2. Determine the stakeholders of your stakeholders and consider adding each of them to the stakeholder list.
    3. Assess who has either formal or informal influence over your stakeholders; add these influencers to your stakeholder list.
    4. Construct a diagram linking stakeholders and their influencers together.
      • Use black arrows to indicate the direction of professional influence.
      • Use dashed green arrows to indicate informal bidirectional influence relationships.
    5. Record the results in the Mature and Scale Product Ownership Workbook .

    Output

    • Relationships among stakeholders and influencers

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Categorize your stakeholders with a prioritization map

    A stakeholder prioritization map helps product owners categorize their stakeholders by their level of influence and ownership in the product and/or teams.

    Influence versus Ownership/Interest

    There are four areas on the map, and the stakeholders within each area should be treated differently.

    • Players have a high interest in the initiative and the influence to effect change over the initiative. Their support is critical, and a lack of support can cause significant impediments to the objectives.
    • Mediators have a low interest but significant influence over the initiative. They can help to provide balance and objective opinions to issues that arise.
    • Noisemakers have low influence but high interest. They tend to be very vocal and engaged, either positively or negatively but have little ability to enact their wishes.
    • Spectators are generally apathetic and have little influence over or interest in the initiative.

    Exercise 2.2.2 Group stakeholders into categories

    1 hour
    1. Identify your stakeholders’ interest in and influence on your Agile implementation as high, medium, or low by rating the attributes below.
    2. Map your results to the model below to determine each stakeholder’s category.
    3. Record the results in the Mature and Scale Product Ownership Workbook .

    Influence versus Ownership/Interest with CMO, CIO and Product Manager in assigned areas.

    Output

    • Categorization of stakeholders and influencers

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Prioritize your stakeholders

    There may be too many stakeholders to be able to manage them all. Focus your attention on the stakeholders that matter most.

    Stakeholder category versus level of support.

    Consider the three dimensions of stakeholder prioritization: influence, interest, and support. Support can be determined by rating the following question: How likely is it that your stakeholder would recommend your product? These parameters are used to prioritize which stakeholders are most important and should receive your focused attention. The table to the right indicates how stakeholders are ranked.

    Exercise 2.2.3 Prioritize your stakeholders

    1 hour
    1. Identify the level of support of each stakeholder by answering the following question: How likely is it that your stakeholder would endorse your product?
    2. Prioritize your stakeholders using the prioritization scheme on the previous slide.
    3. Record the results in the Mature and Scale Product Ownership Workbook .

    Stakeholder, Category, level of support, prioritization.

    Output

    • Stakeholder and influencer prioritization

    Participants

    • Product owners
    • Product managers
    • Development team leads
    • Portfolio managers
    • Business analysts

    Capture in the Mature and Scale Product Ownership Playbook.

    Define strategies for engaging stakeholders by type

    Authority Vs. Ownership/Interest.

    Type

    Quadrant

    Actions

    Players

    High influence, high interest – actively engage Keep them updated on the progress of the project. Continuously involve players in the process and maintain their engagement and interest by demonstrating their value to its success.

    Mediators

    High influence, low interest – keep satisfied They can be the game changers in groups of stakeholders. Turn them into supporters by gaining their confidence and trust and including them in important decision-making steps. In turn, they can help you influence other stakeholders.

    Noisemakers

    Low influence, high interest – keep informed Try to increase their influence (or decrease it if they are detractors) by providing them with key information, supporting them in meetings, and using mediators to help them.

    Spectators

    Low influence, low interest – monitor They are followers. Keep them in the loop by providing clarity on objectives and status updates.

    Info-Tech Insight

    Each group of stakeholders draws attention and resources away from critical tasks. By properly identifying your stakeholder groups, the product owner can develop corresponding actions to manage stakeholders in each group. This can dramatically reduce wasted effort trying to satisfy spectators and noisemakers while ensuring the needs of mediators and players are met.

    Phase 3

    Mature Product Owner Capabilities

    Phase 3: Assess your Agile product owner readiness, Mature product owner capabilities.

    Mature and Scale Product Ownership

    This phase will walk you through the following activities:

    3.1.1 Assess your real Agile skill proficiency

    3.2.1 Assess your vision capability proficiency

    3.2.2 Assess your leadership capability proficiency

    3.2.3 Assess your PLM capability proficiency

    3.2.4 Identify your business value drivers and sources of value

    3.2.5 Assess your value realization capability proficiency

    This phase involves the following participants:

    • Product owners
    • Product managers

    Step 3.1

    Assess your Agile product owner readiness

    Activities

    3.1.1 Assess your real Agile skill proficiency

    Mature product owner capabilities

    This step involves the following participants:

    • Product owners
    • Product managers

    Outcomes of this step

    • Real Agile skill proficiency assessment

    Why focus on core skills?

    They are the foundation to achieve business outcomes

    Skills, actions, output and outcomes

    The right skills development is only possible with proper assessment and alignment against outcomes.

    Being successful at Agile is more than about just doing Agile

    The following represents the hard skills needed to “Do Agile”:

    Being successful at Agile needs 4 hard skills: 1. Engineering skills, 2. Technician Skills, 3. Framework/Process skills, 4. Tools skills.

    • Engineering skills. These are the skills and competencies required for building brand-new valuable software.
    • Technician skills. These are the skills and competencies required for maintaining and operating the software delivered to stakeholders.
    • Framework/Process skills. These are the specific knowledge skills required to support engineering or technician skills.
    • Tools skills. This represents the software that helps you deliver other software.

    While these are important, they are not the whole story. To effectively deliver software, we believe in the importance of being Agile over simply doing Agile.

    Adapted from: “Doing Agile” Is Only Part of the Software Delivery Pie

    Focus on these real Agile skills

    Agile skills

    • Accountability
    • Collaboration
    • Comfort with ambiguity
    • Communication
    • Empathy
    • Facilitation
    • Functional decomposition
    • Initiative
    • Process discipline
    • Resilience

    Info-Tech research shows these are the real Agile skills to get started with

    Skill Name

    Description

    Accountability

    Refers to the state of being accountable. In an Agile context, it implies transparency, dedication, acting responsibly, and doing what is necessary to get the job done.

    Collaboration

    Values diverse perspectives and working with others to achieve the best output possible. Effective at working toward individual, team, department, and organizational goals.

    Comfort with ambiguity

    Allows you to confidently take the next steps when presented with a problem without having all the necessary information present.

    Communication

    Uses different techniques to share information, concerns, or emotions when a situation arises, and it allows you to vary your approach depending on the current phase of development.

    Empathy

    Is the ability to understand and share the feelings of another to better serve your team and your stakeholders.

    Facilitation

    Refers to guiding and directing people through a set of conversations and events to learn and achieve a shared understanding.

    Functional decomposition

    Is being able to break down requirements into constituent epics and stories.

    Initiative

    Is being able to anticipate challenges and then act on opportunities that lead to better business outcomes.

    Process discipline

    Refers to the focus of following the right steps for a given activity at the right time to achieve the right outcomes.

    Resilience

    Refers to the behaviors, thoughts, and actions that allow a person to recover from stress and adversity.

    Accountability

    An accountable person:

    • Takes ownership of their own decisions and actions and is responsible for the quality of results.
    • Recognizes personal accountabilities to others, including customers.
    • Works well autonomously.
    • Ensures that the mutual expectations between themselves and others are clearly defined.
    • Takes the appropriate actions to ensure that obligations are met in a timely manner.
    • As a leader, takes responsibility for those being led.

    Accountability drives high performance in teams and organizations

    • The performance level of teams depends heavily on accountability and who demonstrates it:
      • In weak teams, there is no accountability.
      • In mediocre teams, supervisors demonstrate accountability.
      • In high-performance teams, peers manage most performance problems through joint accountability. (Grenny, 2014)
    • According to Bain & Company, accountability is the third most important attribute of high-performing companies. Some of the other key attributes include honest, performance-focused, collaborative, and innovative. (Mankins, 2013)

    All components of the employee empowerment driver have a strong, positive correlation with engagement.

    Employee empowerment and Correlation with engagement.

    Source: McLean & Company Engagement Database, 2018; N=71,794

    Accountability

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Alerts others to possible problems in a timely manner.
    • Seeks appropriate support to solve problems.
    • Actively contributes to the creation and evaluation of possible solutions.
    • Acts on solutions selected and decisions made as directed.
    • Makes effective decisions about how to complete work tasks.
    • Demonstrates the capability of breaking down concrete issues into parts and synthesizing information succinctly.
    • Collects and analyzes information from a variety of sources.
    • Seeks information and input to fully understand the cause of problems.
    • Takes action to address obstacles and problems before they impact performance and results.
    • Initiates the evaluation of possible solutions to problems.
    • Makes effective decisions about work task prioritization.
    • Appropriately assesses risks before deciding.
    • Effectively navigates through ambiguity, using multiple data points to analyze issues and identify trends.
    • Does not jump to conclusions.
    • Draws logical conclusions and provides opinions and recommendations with confidence.
    • Takes ownership over decisions and their consequences.
    • Demonstrates broad knowledge of information sources that can be used to assess problems and make decisions.
    • Invests time in planning, discovery, and reflection to drive better decisions.
    • Effectively leverages hard data as inputs to making decisions.
    • Garners insight from abstract data and makes appropriate decisions.
    • Coaches others in effective decision-making practices.
    • Has the authority to solve problems and make decisions.
    • Thinks several steps ahead in deciding the best course of action, anticipating likely outcomes, risks, or implications.
    • Establishes metrics to aid in decision-making, for self and teams
    • Prioritizes objective and ambiguous information and analyzes this when making decisions.
    • Solicits a diverse range of opinions and perspectives as inputs to decision making.
    • Applies frameworks to decision making, particularly in situations that have little base in prior experience.
    • Makes effective decisions about organizational priorities.
    • Holds others accountable for their decisions and consequences.
    • Creates a culture of empowerment and trust to facilitate effective problem solving and decision making.
    • Makes sound decisions that have organization-wide consequences and that influence future direction.

    Collaboration as a skill

    The principles and values of Agile revolve around collaboration.

    • Works well with others on specialized and cross-functional teams.
    • Can self-organize while part of a team.
    • Respects the commitments that others make.
    • Identifies and articulates dependencies.
    • Values diverse perspectives and works with others to achieve the best output possible.
    • Effective at working toward individual, team, department, and organizational goals.
    The principles and values of Agile revolve around collaboration. Doing what was done before (being prescriptive), going though the motions (doing Agile), living the principles (being Agile)

    Collaboration

    The Agile Manifesto has three principles that focus on collaboration:

    1. The business and developers must work together daily throughout the project.
    2. Build projects around motivated individuals. Give them the environment and support they need and trust them to get the job done.
    3. The most efficient and effective method of conveying information to and within a development team is face-to-face conversation.

    Effective collaboration supports Agile behaviors, including embracing change and the ability to work iteratively.

    Collaboration

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Understands role on the team and the associated responsibilities and accountabilities.
    • Treats team members with respect.
    • Contributes to team decisions and to the achievement of team goals and objectives.
    • Demonstrates a positive attitude.
    • Works cross-functionally to achieve common goals and to support the achievement of other team/department goals.
    • Values working in a diverse team and understands the importance of differing perspectives to develop unique solutions or ideas.
    • Fosters team camaraderie, collaboration, and cohesion.
    • Understands the impact of one's actions on the ability of team members to do their jobs.
    • Respects the differences other team members bring to the table by openly seeking others' opinions.
    • Helps the team accomplish goals and objectives by breaking down shared goals into smaller tasks.
    • Approaches challenging team situations with optimism and an open mind, focusing on coming to a respectful conclusion.
    • Makes suggestions to improve team engagement and effectiveness.
    • Supports implementation of team decisions.
    • Professionally gives and seeks feedback to achieve common goals.
    • Values working in a diverse team and understands the importance of differing perspectives to develop unique solutions or ideas.
    • Motivates the team toward achieving goals and exceeding expectations.
    • Reaches out to other teams and departments to build collaborative, cross-functional relationships.
    • Creates a culture of collaboration that leverages team members' strengths, even when the team is remote or virtual.
    • Participates and encourages others to participate in initiatives that improve team engagement and effectiveness.
    • Builds consensus to make and implement team decisions, often navigating through challenging task or interpersonal obstacles.
    • Values leading a diverse team and understands the importance of differing perspectives to develop unique solutions or ideas.
    • Creates a culture of collaboration among teams, departments, external business partners, and all employee levels.
    • Breaks down silos to achieve inter-departmental collaboration.
    • Demonstrates ownership and accountability for team/department/ organizational outcomes.
    • Uses an inclusive and consultative approach in setting team goals and objectives and making team decisions.
    • Coaches others on how to identify and proactively mitigate potential points of team conflict.
    • Recognizes and rewards teamwork throughout the organization.
    • Provides the tools and resources necessary for teams to succeed.
    • Values diverse teams and understands the importance of differing perspectives to develop unique solutions or ideas.

    Comfort with ambiguity

    Ability to handle ambiguity is a key factor in Agile success.

    • Implies the ability to maintain a level of effectiveness when all information is not present.
    • Able to confidently act when presented with a problem without all information present.
    • Risk and uncertainty can comfortably be handled.
    • As a result, can easily adapt and embrace change.
    • People comfortable with ambiguity demonstrate effective problem-solving skills.

    Relative importance of traits found in Agile teams

    1. Handles ambiguity
    2. Agreeable
    3. Conscientious

    Comfort with ambiguity

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Requires most information to be present before carrying out required activities.
    • Can operate with some information missing.
    • Comfortable asking people within their known circles for help.
    • Significant time is taken to reveal small pieces of information.
    • More adept at operating with information missing.
    • Willing to reach out to people outside of their regular circles for assistance and clarification.
    • Able to apply primary and secondary research methods to fill in the missing pieces.
    • Can operate essentially with a statement and a blank page.
    • Able to build a plan, drive others and themselves to obtain the right information to solve the problem.
    • Able to optimize only pulling what is necessary to answer the desired question and achieve the desired outcome.

    Communication

    Even though many organizations recognize its importance, communication is one of the root causes of project failure.

    Project success vs Communication effectiveness. Effective communications is associated with a 17% increase in finishing projects within budget.

    56%

    56% of the resources spent on a project are at risk due to ineffective communications.

    PMI, 2013.

    29%

    In 29% of projects started in the past 12 months, poor communication was identified as being one of the primary causes of failure.

    PMI, 2013.

    Why are communication skills important to the Agile team?

    It’s not about the volume, it’s about the method.

    • Effectively and appropriately interacts with others to build relationships and share ideas and information.
    • Uses tact and diplomacy to navigate difficult situations.
    • Relays key messages by creating a compelling story, targeted toward specific audiences.

    Communication effectiveness, Activity and Effort required.

    Adapted From: Agile Modeling

    Communication

    Your Score:____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Actively listens, learns through observation, and uses clear and precise language.
    • Possesses an open and approachable demeanor, with a positive and constructive tone.
    • Demonstrates interest in the thoughts and feelings of others.
    • Considers potential responses of others before speaking or acting.
    • Checks own understanding of others’ communication by repeating or paraphrasing.
    • Demonstrates self-control in stressful situations.
    • Provides clear, concise information to others via verbal or written communication.
    • Seeks to understand others' points of view, looking at verbal and non-verbal cues to encourage open and honest discussions.
    • Invites and encourages others to participate in discussions.
    • Projects a sincere and genuine tone.
    • Remains calm when dealing with others who are upset or angry.
    • Provides and seeks support to improve communication.
    • Does not jump to conclusions or act on assumptions.
    • Tailors messages to meet the different needs of different audiences.
    • Accurately interprets responses of others to their words and actions.
    • Provides feedback effectively and with empathy.
    • Is a role model for others on how to effectively communicate.
    • Ensures effective communication takes place at the departmental level.
    • Engages stakeholders using appropriate communication methods to achieve desired outcomes.
    • Creates opportunities and forums for discussion and idea sharing.
    • Demonstrates understanding of the feelings, motivations, and perspectives of others, while adapting communications to anticipated reactions.
    • Shares insights about their own strengths, weaknesses, successes, ad failures to show empathy and help others relate.
    • Discusses contentious issues without getting defensive and maintains a professional tone.
    • Coaches others on how to communicate effectively and craft targeted messages.
    • Sets and exemplifies standards for respectful and effective communications in the organization.
    • Comfortably delivers strategic messages supporting their function and the organization at the enterprise level.
    • Communicates with senior-level executives on complex organizational issues.
    • Promotes inter-departmental communication and transparency.
    • Achieves buy-in and consensus from people who share widely different views.
    • Shares complex messages in clear, understandable language.
    • Accurately interprets how they are perceived by others.
    • Rallies employees to communicate ideas and build upon differing perspectives to drive innovation.

    Empathy

    Empathy is the ability to understand and share the feelings of another in order to better serve your team and your stakeholders. There are three kinds:

    Cognitive

    Thought, understanding, intellect

    • Knowing how someone else feels and what they might be thinking.
    • Contributes to more effective communication.

    Emotional

    Feelings, physical sensation

    • You physically feel the emotions of the other person.
    • Helps build emotional connections with others.

    Compassionate

    Intellect, emotion with action

    • Along with understanding, you take action to help.

    How is empathy an Agile skill?

    Empathy enables you to serve your team, your customers, and your organization

    Serving the team

    • Primary types: Emotional and compassionate empathy.
    • The team is accountable for delivery.
    • By being able to empathize with the person you are talking to, complex issues can be addressed.
    • A lack of empathy leads to a lack of collaboration and being able to go forward on a common path.

    Serving your customers and stakeholders

    • Primary type: Cognitive empathy.
    • Agile enables the delivery of the right value at the right time to your stakeholders
    • Translating your stakeholders' needs requires an understanding of who they are as people. This is done through observations, interviews and conversations.
    • Leveraging empathy maps and user-story writing is an effective tool.

    Empathy

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Knowing how someone else feels and what they might be thinking.
    • Ability to build emotional connections with others.
    • Able to harness emotional connections to achieve tangible and experiential outcomes.
    • Demonstrates an awareness of different feelings and ways of thinking by both internal and external stakeholders.
    • Limited ability to make social connections with others outside of the immediate team.
    • Able to connect with similarly minded people to improve customer/stakeholder satisfaction. (Insights into action)
    • Able to interact and understand others with vastly different views.
    • Lack of agreement does not stop individual. from asking questions, understanding, and pushing the conversation forward

    Facilitation

    It’s not just your manager’s problem.

    “Facilitation is the skill of moderating discussions within a group in order to enable all participants to effectively articulate their views on a topic under discussion, and to ensure that participants in the discussion are able to recognize and appreciate the differing points of view that are articulated.” (IIBA, 2015)

    • Drives action through influence, often without authority.
    • Leads and impacts others' thinking, decisions, or behavior through inclusive practices and relationship building.
    • Encourages others to self-organize and hold themselves accountable.
    • Identifies blockers and constructively removes barriers to progress.

    Facilitation

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Drives action through influence, often without authority.
    • Leads and impacts others' thinking, decisions, or behavior through inclusive practices and relationship building.
    • Encourages others to self-organize and hold themselves accountable.
    • Identifies blockers and constructively removes barriers to progress.
    • Maps and executes processes effectively.
    • Uses facts and concrete examples to demonstrate a point and gain support from others.
    • Openly listens to the perspectives of others.
    • Builds relationships through honest and consistent behavior.
    • Understands the impact of their own actions and how others will perceive it.
    • Identifies impediments to progress.
    • Anticipates the effect of one's approach on the emotions and sensitivities of others.
    • Practices active listening while demonstrating positivity and openness.
    • Customizes discussion and presentations to include "what’s in it for me" for the audience.
    • Presents compelling information to emphasize the value of an idea.
    • Involves others in refining ideas or making decisions in order to drive buy-in and action.
    • Knows how to appropriately use influence to achieve outcomes without formal authority.
    • Seeks ways and the help of others to address barriers or blockers to progress.
    • Leverages a planned approach to influencing others by identifying stakeholder interests, common goals, and potential barriers.
    • Builds upon successes to gain acceptance for new ideas.
    • Facilitates connections between members of their network for the benefit of the organization or others.
    • Demonstrates the ability to draw on trusting relationships to garner support for ideas and action.
    • Encourages a culture that allows space for influence to drive action.
    • Adept at appropriately leveraging influence to achieve business unit outcomes.
    • Actively manages the removal of barriers and blockers for teams.

    Functional decomposition

    It’s not just a process, it’s a skill.

    “Functional decomposition helps manage complexity and reduce uncertainty by breaking down processes, systems, functional areas, or deliverables into their simpler constituent parts and allowing each part to be analyzed independently."

    (IIBA, 2015)

    Being able to break down requirements into constituent consumable items (example: epics and user stories).

    Start: Strategic Initiatives. 1: Epics. 2: Capabilities. 3: Features. End: Stories.

    Use artifact mapping to improve functional decomposition

    In our research, we refer to these items as epics, capabilities, features, and user stories. How you develop your guiding principles and structure your backlog should be based on the terminology and artifact types commonly used in your organization.

    Agile, Waterfall, Relationship, Decomposition skill most in demand, definition.

    Functional Decomposition

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Able to decompose items with assistance from other team members.
    • Able to decompose items independently, ensuring alignment with business value.
    • Able to decompose items independently and actively seeks out collaboration opportunities with relevant SME's during and after the refinement process to ensure completion.
    • Able to decompose items at a variety of granularity levels.
    • Able to teach and lead others in their decomposition efforts.
    • Able to quickly operate at different levels of the requirements stack.

    Initiative and self-organization

    A team that takes initiative can self-organize to solve critical problems.

    • "The best architectures, requirements, and designs emerge from self-organizing teams." (Agile Manifesto)
    • In a nutshell, the initiative represents the ability to anticipate challenges and act on opportunities that lead to better business outcomes.
    • Anticipates challenges and acts on opportunities that lead to better business outcomes.
    • Thinks critically and is motivated to use both specialist expertise and general knowledge.
    • Driven by the delivery of business value and better business outcomes.
    • Empowers others to act and is empowered and self-motivated.

    Initiative and self-organization

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Demonstrates awareness of an opportunity or issue which is presently occurring or is within the immediate work area.
    • Reports an opportunity or issue to the appropriate person.
    • Acts instead of waiting to be asked.
    • Willingly takes on challenges, even if they fall outside their area of expertise.
    • Is proactive in identifying issues and making recommendations to resolve them.
    • Within the scope of the work environment, takes action to improve processes or results, or to resolve problems.
    • Not deterred by obstacles.
    • Tackles challenges that require risk taking.
    • Procures the necessary resources, team and technical support to enable success.
    • Assists others to get the job done.
    • Demonstrates awareness of an opportunities or issues which are in the future or outside the immediate work area.
    • Typically exceeds the expectations of the job.
    • Learns new technology or skills outside their specialization so that they can be a more effective team member.
    • Recommends solutions to enhance results or prevent potential issues.
    • Drives implementation of new processes within the team to improve results.
    • Able to provide recommendations on plans and decisions that are strategic and future-oriented for the organization.
    • Identifies areas of high risk or of organizational level impact.
    • Able to empower significant recourses from the organization to enable success.
    • Leads long-term engagements that result in improved organizational capabilities and processes.

    Process discipline

    A common misconception is that Agile means no process and no discipline. Effective Agile teams require more adherence to the right processes to create a culture of self-improvement.

    • Refers to the focus of following the right steps for a given activity at the right time to achieve the right outcomes.
    • Focus on following the right steps for a given activity at the right time to achieve desired outcomes.
    Example: Scrum Ceremonies during a sprint (1 - 4 weeks/sprint). 1: Sprint planning, 2: Daily scrum, 3: Sprint review, 4: Sprint retrospective.

    Process discipline

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Demonstrates awareness of the key processes and steps that are needed in a given situation.
    • Limited consistency in following processes and limited understanding of the 'why' behind the processes.
    • Aware and follows through with key agile processes in a consistent manner.
    • Demonstrates not only the knowledge of processes but understands the 'why' behind their existence.
    • Aware and follows through with key agile processes in a consistent manner.
    • Demonstrates understanding of not only why specific processes exist but can suggest changes to improve efficiency, consistency, and outcomes.

    N/A -- Maximum level is '3

    Resilience

    If your team hits the wall, don’t let the wall hit them back.

    • Resilience is critical for an effective Agile transformation. A team that demonstrates resilience always exhibits:
    • Evolution over transformation – There is a recognition that changes happen over time.
    • Intensity and productivity – A race is not won by the ones who are the fastest, but by the ones who are the most consistent. Regardless of what comes up, the team can push through.
    • That organizational resistance is futile – Given that it is working on the right objectives, the team needs to demonstrate a consistency of approach and intensity regardless of what may stand in its way.
    • Refers to the behaviors, thoughts, and actions that allow a person to recover from stress and adversity.

    How resilience aligns with Agile

    A team is not “living the principles” without resilience.

    1. Purpose

      Aligns with: “Our highest priority is to satisfy the customer through early and continuous delivery of valuable software.” The vision or goals may not be clear in certain circumstances and can be difficult to relate to a single work item. Being able to intrinsically source and harness a sense of purpose becomes more important, especially as a self-organizing team.
    2. Perseverance

      Aligns with: “Agile processes harness change for the customer's competitive advantage.” Perseverance enables teams to continuously deliver at a steady pace, addressing impediments or setbacks and continuing to move forward.
    3. Composure

      Aligns with: “Agile processes promote sustainable development,” and “At regular intervals, the team reflects ... and adjusts its behavior accordingly.”
      When difficult situations arise, composure allows us to understand perspectives, empathize with customers, accept late changes, and sustain a steady pace.
    4. Self-Reliance

      Aligns with: “The best architectures, requirements, and designs emerge from self-organizing teams.” Knowing oneself, recognizing strengths, and drawing on past successes, can be a powerful aid in creating high-performing Agile teams
    5. Authenticity

      Aligns with: “At regular intervals, the team reflects … and adjusts its behavior accordingly,” and “Build projects around motivated individuals.”
      When difficult situations arise, authenticity is crucial. “For example, being able to openly disclose areas outside of your strengths in sprint planning or being able to contribute constructively toward self-organization.”

    Adapted from: Why Innovation, 2019.

    Resilience

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Easily distracted and stopped by moderately stressful and challenging situations.
    • Requires significant help from others to get back on track.
    • Not frequently able (or knows) how to ask for help
    • Handles typical stresses and challenges for the given role.
    • Able to get back on track with limited assistance.
    • Able to ask for help when they need it.
    • Quality of work unaffected by an increase in pressures and challenges.
    • Handles stresses and challenges what is deemed above and beyond their given role.
    • Able to provide advice to others on how to handle difficult and challenging situations.
    • Quality of work and outcomes is maintained and sometimes exceeded as pressure increases.
    • Team looks to this individual as being the gold standard on how to approach any given problem or situation.
    • Directly mentors others on approaches in situations regardless of the level of challenge.

    Exercise 1.2.1 Identify your primary product owner perspective

    1 hour
    1. Review each real Agile skill and determine your current proficiency.
    2. Complete your assessment in the Mature and Scale Product Owner Proficiency Assessment tool.
    3. Record the results in the Mature and Scale Product Ownership Playbook.
    4. Review the skills map to identify strengths and areas of growth.

    Accountability, Collaboration, Comfort in Ambiguity, Communication, Empathy, Facilitation, Functional Decomposition, Initiative, Process Discipline, Resilience.

    Output

    • Agile skills assessment results.

    Participants

    • Product owners
    • Product managers

    Capture in the Mature and Scale Product Owner Proficiency Assessment.

    Determine your Agile skills proficiency: Edit chart data to plot your scores or add your data points and connect the lines.

    Step 3.2

    Mature product owner capabilities

    Activities

    3.2.1 Assess your vision capability proficiency

    3.2.2 Assess your leadership capability proficiency

    3.2.3 Assess your PLM capability proficiency

    3.2.4 Identify your business value drivers and sources of value

    3.2.5 Assess your value realization capability proficiency

    Mature product owner capabilities

    This step involves the following participants:

    • Product owners
    • Product managers

    Outcomes of this step

    • Info-Tech product owner capability model proficiency assessment

    Product capabilities deliver value

    As a product owner, you are responsible for managing these facets through your capabilities and activities.

    The core product and value stream consists of: Funding - Product management and governance, Business functionality - Stakeholder and relationship management, and Technology - Product delivery.

    Info-Tech Best Practice

    It is easy to lose sight of what matters when we look at a product from a single point of view . Despite what "The Agile Manifesto" says, working software is not valuable without the knowledge and support that people need in order to adopt, use, and maintain it. If you build it, they will not come. Product owners must consider the needs of all stakeholders when designing and building products.

    Recognize product owner knowledge gaps

    Pulse survey of product owners

    Pulse survey of product owners. Graph shows large percentage of respondents have alignment to common agile definition of product owners. Yet a significant perception gap in P&L, delivery, and analytics.

    Info-Tech Insight

    1. Less than 15% of respondents identified analytics or financial management as a key component of product ownership.
    2. Assess your product owner’s capabilities and understanding to develop a maturity plan.

    Source: Pulse Survey (N=18)

    Implement the Info-Tech product owner capability model

    Unfortunately, most product owners operate with incomplete knowledge of the skills and capabilities needed to perform the role. Common gaps include focusing only on product backlogs, acting as a proxy for product decisions, and ignoring the need for key performance indicators (KPIs) and analytics in both planning and value realization.

    Product Owner capabilities: Vision, Product Lifecycle Management, Leadership, Value Realization

    Vision

    • Market Analysis
    • Business Alignment
    • Product Roadmap

    Leadership

    • Soft Skills
    • Collaboration
    • Decision Making

    Product Lifecycle Management

    • Plan
    • Build
    • Run

    Value Realization

    • KPIs
    • Financial Management
    • Business Model

    Product owner capabilities provide support

    Vision predicts impact of Value realization. Value realization provides input to vision

    Your vision informs and aligns what goals and capabilities are needed to fulfill your product or product family vision and align with enterprise goals and priorities. Each item on your roadmap should have corresponding KPIs or OKRs to know how far you moved the value needle. Value realization measures how well you met your target, as well as the impacts on your business value canvas and cost model.

    Product lifecycle management builds trust with Leadership. Leadership improves quality of Product lifecycle management.

    Your leadership skills improve collaborations and decisions when working with your stakeholders and product delivery teams. This builds trust and improves continued improvements to the entire product lifecycle. A product owner’s focus should always be on finding ways to improve value delivery.

    Product owner capabilities provide support

    Leadership enhances Vision. Vision Guides Product Lifecycle Management. Product Lifecycle Management delivers Value Realization. Leadership enhances Value Realization

    Develop product owner capabilities

    Each capability: Vision, Product lifecycle management, Value realization and Leadership has 3 components needed for successful product ownership.

    Avoid common capability gaps

    Vision

    • Focusing solely on backlog grooming (tactical only)
    • Ignoring or failing to align product roadmap to enterprise goals
    • Operational support and execution
    • Basing decisions on opinion rather than market data
    • Ignoring or missing internal and external threats to your product

    Leadership

    • Failing to include feedback from all teams who interact with your product
    • Using a command-and-control approach
    • Viewing product owner as only a delivery role
    • Acting as a proxy for stakeholder decisions
    • Avoiding tough strategic decisions in favor of easier tactical choices

    Product lifecycle management

    • Focusing on delivery and not the full product lifecycle
    • Ignoring support, operations, and technical debt
    • Failing to build knowledge management into the lifecycle
    • Underestimating delivery capacity, capabilities, or commitment
    • Assuming delivery stops at implementation

    Value realization

    • Focusing exclusively on “on time/on budget” metrics
    • Failing to measure a 360-degree end-user view of the product
    • Skipping business plans and financial models
    • Limiting financial management to project/change budgets
    • Ignoring market analysis for growth, penetration, and threats

    Capabilities: Vision

    Market Analysis

    • Customer Empathy: Identify the target users and unique value your product provides that is not currently being met. Define the size of your user base, segmentation, and potential growth.
    • Customer Journey: Define the future path and capabilities your users will respond to.
    • Competitive analysis: Complete a SWOT analysis for your end-to-end product lifecycle. Use Info-Tech’s Business SWOT Analysis Template.

    Business Alignment

    • Enterprise alignment: Align to enterprise and product family goals, strategies, and constraints.
    • Delivery and release strategy: Develop a delivery strategy to achieve value quickly and adapt to internal and external changes. Value delivery is constrained by your delivery pipeline.
    • OCM and go-to-market strategy: Create organizational change management, communications, and a user implementation approach to improve adoption and satisfaction from changes.

    Product Roadmap

    • Roadmap strategy: Determine the duration, detail, and structure of your roadmap to accurately communicate your vision.
    • Value prioritization: Define criteria used to evaluate and sequence demand items.
    • Release and capacity planning: Build your roadmap with realistic goals and milestones based on your delivery pipeline and dependencies.

    “Customers are best heard through many ears.”

    – Thomas K. Connellan, Inside the Magic Kingdom

    Vision: Market Analysis, Business Alignment, and Product Roadmap.

    Info-Tech Insight

    Data comes from many places and may still not tell the complete story.

    Build your product strategy playbook

    Complete Deliver on Your Digital Product Vision to define your Vision, Goals, Roadmap approach, and Backlog quality filters.

    Digital Product Strategy Supporting Workbook

    Supporting workbook that captures the interim results from a number of exercises that will contribute to your overall digital product vision.

    Product Backlog Item Prioritization Tool

    An optional tool to help you capture your product backlog and prioritize based on your given criteria

    Product Roadmap Tool

    An optional tool to help you build out and visualize your first roadmap.

    Your Digital Product Vision Details Strategy

    Record the results from the exercises to help you define, detail, and make real your digital product vision.

    Your product vision is your North Star

    It's ok to dream a little!

    Who is the target customer, what is the key benefit, what do they need, what is the differentiator

    Adapted from: Geoffrey Moore, 2014.

    Info-Tech Best Practice

    A product vision shouldn’t be so far out that it doesn’t feel real or so short-term that it gets bogged down in minutiae and implementation details. Finding the right balance will take some trial and error and will be different for each organization.

    Use product roadmaps to guide delivery

    In Deliver on Your Digital Product Vision, we showed how the product roadmap is key to value realization. As a product owner, the product roadmap is your communicated path to align teams and changes to your defined goals, while aligning your product to enterprise goals and strategy.

    As a product owner, the product roadmap is your communicated path to align teams and changes to your defined goals, while aligning your product to enterprise goals and strategy

    Info-Tech Best Practice

    Info-Tech Best Practice Product delivery requires a comprehensive set of business and technical competencies to effectively roadmap, plan, deliver, support, and validate your product portfolio. Product delivery is a “multi-faceted, complex discipline that can be difficult to grasp and hard to master.” It will take time to learn and adopt methods and become a competent product manager or owner (“What Is Product Management?”, Pichler Consulting Limited).

    Match your roadmap and backlog to the needs of the product

    Ultimately, you want products to be able to respond faster to changes and deliver value sooner. The level of detail in the roadmap and backlog is a tool to help the product owner plan for change. The duration of your product roadmap is all directly related to the tier of product owner in the product family.

    The level of detail in the roadmap and backlog is a tool to help the product owner plan for change. The duration of your product roadmap is all directly related to the tier of product owner in the product family.

    Product delivery realizes value for your product family

    While planning and analysis are done at the family level, work and delivery are done at the individual product level.

    Product strategy includes: Vision, Goals, Roadmap, backlog and Release plan.

    Use artifact mapping to improve functional decomposition

    In our research, we refer to these items as epics, capabilities, features, and user stories. How you develop your guiding principles and structure your backlog should be based on the terminology and artifact types commonly used in your organization.

    Agile, Waterfall, Relationship, Decomposition skill most in demand, definition.

    Manage and communicate key milestones

    Successful product owners understand and define the key milestones in their product delivery lifecycles. These need to be managed along with the product backlog and roadmap.

    Define key milestones and their release dates.

    Info-Tech Best Practice

    Product ownership isn’t just about managing the product backlog and development cycles! Teams need to manage key milestones such as learning milestones, test releases, product releases, phase gates, and other organizational checkpoints!

    Milestones

    • Points in the timeline when the established set of artifacts is complete (feature-based), or checking status at a particular point in time (time-based).
    • Typically assigned a date and used to show the progress of development.
    • Plays an important role when sequencing different types of artifacts.

    Release dates

    • Releases mark the actual delivery of a set of artifacts packaged together in a new version of the product.
    • Release dates, firm or not, allow stakeholders to anticipate when this is coming.

    Leverage the product canvas to state and inform your product vision

    Leverage the product Canvas to state and inform your product vision. Includes: Product name, Tracking info, Vision, List of business objectives or goals, Metrics used to measure value realization, List of groups who consume the product/service, and List of key resources or stakeholders.

    Capability: Vision

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Product backlog.
    • Basic roadmap with milestones and releases.
    • Unprioritized stakeholder list.
    • Understanding of product’s purpose and value.
    • Customers and end-users defined with core needs identified.
    • Roadmap with goals and capabilities defined by themes and set to appropriate time horizons.
    • Documented stakeholder management plan with communication and collaboration aligned to the stakeholder strategy.
    • Value drivers traced to product families and enterprise goals.
    • Customer personas defined with pain relievers and value creators defined.
    • Fully-developed roadmap traced to family (and child) roadmaps.
    • Expected ROI for all current and next roadmap items.
    • KPIs/OKRs used to improve roadmap prioritization and sequencing.
    • Proactive stakeholder engagement and reviews.
    • Cross-functional engagement to align opportunities and drive enterprise value.
    • Formal metrics to assess customer needs and value realization.
    • Roadmaps managed in an enterprise system for full traceability, value realization reporting, and views for defined audiences.
    • Proactive stakeholder engagement with regular planning and review ceremonies tied to their roadmaps and goals.
    • Cross-functional innovation to find disruptive opportunities to drive enterprise value.
    • Omni-channel metrics and customer feedback mechanisms to proactively evaluate goals, capabilities, and value realization.

    Exercise 3.2.1 Assess your Vision capability proficiency

    1 hour
    1. Review the expectations for this capability and determine your current proficiency for each skill.
    2. Complete your assessment in the Mature and Scale Product Owner Proficiency Assessment tool.
    3. Record the results in the Mature and Scale Product Ownership Playbook.
    4. Review the skills map to identify strengths and areas of growth.

    Output

    • Product owner capability assessment

    Participants

    • Product owners
    • Product managers

    Capture in the Mature and Scale Product Owner Proficiency Assessment.

    Capabilities: Leadership

    Soft Skills

    • Communication: Maintain consistent, concise, and appropriate communication using SMART guidelines (specific, measurable, attainable, relevant, and timely).
    • Integrity: Stick to your values, principles, and decision criteria for the product to build and maintain trust with your users and teams.
    • Influence: Manage stakeholders using influence and collaboration over contract negotiation.

    Collaboration

    • Stakeholder management: Build a communications strategy for each stakeholder group, tailored to individual stakeholders.
    • Relationship management: Use every interaction point to strengthen relationships, build trust, and empower teams.
    • Team development: Promote development through stretch goals and controlled risks to build team capabilities and performance.

    Decision Making

    • Prioritized criteria: Remove personal bias by basing decisions off data analysis and criteria.
    • Continuous improvement: Balance new features with the need to ensure quality and create an environment of continuous improvement.
    • Team empowerment/negotiation: Push decisions to teams closest to the problem and solution, using Delegation Poker to guide you.

    “Everything walks the walk. Everything talks the talk.”

    – Thomas K. Connellan, Inside the Magic Kingdom

    Leadership: Soft skills, collaboration, decision making.

    Info-Tech Insight

    Product owners cannot be just a proxy for stakeholder decisions. The product owner owns product decisions and management of all stakeholders.

    Capability: Leadership

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Activities are prioritized with minimal direction and/or assistance.
    • Progress self-monitoring against objectives with leadership apprised of deviations against plan.
    • Facilitated decisions from stakeholders or teams.
    • Informal feedback on performance and collaboration with teams.
    • Independently prioritized activities and provide direction or assistance to others as needed.
    • Managed issue resolution and provided guidance on goals, priorities, and constraints.
    • Product decision ownership with input from stakeholders, SMEs, and delivery teams.
    • Formal product management retrospectives with tracked and measured changes to improve performance.
    • Consulted in the most challenging situations to provide subject matter expertise on leading practices and industry standards.
    • Provide mentoring and coaching to your peers and/or teammates.
    • Use team empowerment, pushing decisions to the lowest appropriate level based on risk and complexity.
    • Mature and flexible communication.
    • Provide strategies and programs ensuring all individuals in the delivery organization obtain the level of coaching and supervision required for success in their position.
    • Provide leadership to the organization’s coaches ensuring delivery excellence across the organization.
    • Help develop strategic initiatives driving common approaches and utilizing information assets and processes across the enterprise.

    Exercise 3.2.2 Assess your Leadership capability proficiency

    1 hour
    1. Review the expectations for this capability and determine your current proficiency for each skill.
    2. Complete your assessment in the Mature and Scale Product Owner Proficiency Assessment tool.
    3. Record the results in the Mature and Scale Product Ownership Playbook.
    4. Review the skills map to identify strengths and areas of growth.

    Output

    • Product owner capability assessment

    Participants

    • Product owners
    • Product managers

    Capture in the Mature and Scale Product Owner Proficiency Assessment.

    Capability: Product lifecycle management

    Plan

    • Product backlog: Follow a schedule for backlog intake, grooming, updates, and prioritization.
    • Journey map: Create an end-user journey map to guide adoption and loyalty.
    • Fit for purpose: Define expected value and intended use to ensure product meets your end user’s needs.

    Build

    • Capacity management: Work with operations and delivery teams to ensure consistent and stable outcomes.
    • Release strategy: Build learning, release, and critical milestones into a repeatable release plan.
    • Compliance: Build policy compliance into delivery practices to ensure alignment and reduce avoidable risk (privacy, security).

    Run

    • Adoption: Focus attention on end-user adoption and proficiency to accelerate value and maximize retention.
    • Support: Build operational support and business continuity into every team.
    • Measure: Measure KPIs and validate expected value to ensure product alignment to goals and consistent product quality.

    “Pay fantastic attention to detail. Reward, recognize, celebrate.”

    – Thomas K. Connellan, Inside the Magic Kingdom

    Product Lifecycle Management: Plan, Build, Run

    Info-Tech Insight

    Product owners must actively manage the full lifecycle of the product.

    Define product value by aligning backlog delivery with roadmap goals

    In each product plan, the backlogs show what you will deliver. Roadmaps identify when and in what order you will deliver value, capabilities, and goals.

    In each product plan, the backlogs show what you will deliver. Roadmaps identify when and in what order you will deliver value, capabilities, and goals.

    A backlog stores and organizes PBIs at various stages of readiness

    A backlog stores and organizes PBIs at different levels of readiness. Stage 3 - Ideas are composed of raw, vague ideas that have yet to go through any formal valuation. Stage 2 - Qualified are researched and qualified PBIs awaiting refinement. Stage 1 - Ready are Discrete, refined RBIs that are read to be placed in your development team's sprint plans.

    A well-formed backlog can be thought of as a DEEP backlog:

    Detailed Appropriately: PBIs are broken down and refined, as necessary.

    Emergent: The backlog grows and evolves over time as PBIs are added and removed.

    Estimated: The effort a PBI requires is estimated at each tier.

    Prioritized: The PBI’s value and priority are determined at each tier.

    (Perforce, 2018)

    Distinguish your specific goals for refining in the product backlog vs. planning for a sprint itself

    Often backlog refinement is used interchangeably or considered a part of sprint planning. The reality is they are very similar, as the required participants and objectives are the same; however, there are some key differences.

    Backlog refinement versus Sprint planning. Differences in Objectives, Cadence and Participants

    Use quality filters to promote high value items into the delivery pipeline

    Product backlog has quality filters such as: Backlogged, Qualified and Ready. Sprint backlog has a backlog of accepted PBI's

    Basic scrum process

    The scrum process coordinates multiple stakeholders to deliver on business priorities.

    Prioritized Backlog, Sprint Backlog, Manage Delivery, Sprint Review, Product Release

    Capability: Product lifecycle management

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Informal or undocumented intake process.
    • Informal or undocumented delivery lifecycle.
    • Unstable or unpredictable throughput or quality.
    • Informal or undocumented testing and release processes.
    • Informal or undocumented organizational change management planning for each release.
    • Informal or undocumented compliance validation with every release.
    • Documented intake process with stakeholder prioritization of requests.
    • Consistent delivery lifecycle with stable and predictable throughput with an expected range of delivery variance.
    • Formal and documented testing and release processes.
    • Organizational change management planning for each major release.
    • Compliance validation with every major release.
    • Intake process using value drivers and prioritization criteria to sequence all items.
    • Consistent delivery lifecycle with stable and predictable throughput with little variance.
    • Risk-based and partially automated testing and release processes.
    • Organizational change management planning for all releases.
    • Automated compliance validation with every major release.
    • Intake process using enterprise value drivers and prioritization criteria to sequence all items.
    • Stable Agile DevOps with low variability and automation.
    • Risk-based automated and manual testing.
    • Multiple release channels based on risk. Automated build, validation, and rollback capabilities.
    • Cross-channel, integrated organizational change management for all releases.
    • Automated compliance validation with every change or release.

    Exercise 3.2.3 Assess your PLM capability proficiency

    1 hour
    1. Review the expectations for this capability and determine your current proficiency for each skill.
    2. Complete your assessment in the Mature and Scale Product Owner Proficiency Assessment tool.
    3. Record the results in the Mature and Scale Product Ownership Playbook.
    4. Review the skills map to identify strengths and areas of growth.

    Output

    • Product owner capability assessment

    Participants

    • Product owners
    • Product managers

    Capture in the Mature and Scale Product Owner Proficiency Assessment.

    Capabilities: Value realization

    Key performance indicators (KPIs)

    • Usability and user satisfaction: Assess satisfaction through usage monitoring and end-user feedback.
    • Value validation: Directly measure performance against defined value proposition, goals, and predicted ROI.
    • Fit for purpose: Verify the product addresses the intended purpose better than other options.

    Financial management

    • P&L: Manage each product as if it were its own business with profit and loss statements.
    • Acquisition cost/market growth: Define the cost of acquiring a new consumer, onboarding internal users, and increasing product usage.
    • User retention/market share: Verify product usage continues after adoption and solution reaches new user groups to increase value.

    Business model

    • Defines value proposition: Dedicate your primary focus to understanding and defining the value your product will deliver.
    • Market strategy and goals: Define your acquisition, adoption, and retention plan for users.
    • Financial model: Build an end-to-end financial model and plan for the product and all related operational support.

    “The competition is anyone the customer compares you with.”

    – Thomas K. Connellan, Inside the Magic Kingdom

    Value Realization: KPIs, Financial management, Business model

    Info-Tech Insight

    Most organizations stop with on-time and on-budget. True financial alignment needs to define and manage the full lifecycle P&L.

    Use a balanced value to establish a common definition of goals and value

    Value drivers are strategic priorities aligned to our enterprise strategy and translated through our product families. Each product and change has an impact on the value driver helping us reach our enterprise goals.

    Importance of the value driver multiplied by the Impact of value score is equal to the Value score.

    Info-Tech Insight

    Your value drivers and impact helps estimate the expected value of roadmap items, prioritize roadmap and backlog items, and identify KPIs and OKRs to measure value realization and actual impact.

    Include balanced value as one criteria to guide better decisions

    Your balanced value is just one of many criteria needed to align your product goals and sequence roadmap items. Feasibility, delivery pipeline capacity, shared services, and other factors may impact the prioritization of backlog items.

    Build your balanced business value score by using four key value drivers.

    Determine your value drivers

    Competent organizations know that value cannot always be represented by revenue or reduced expenses. However, it is not always apparent how to envision the full spectrum of sources of value. Dissecting value by benefit type and the value source’s orientation allows you to see the many ways in which a product or service brings value to the organization.

    Business value matrix

    Graph with 4 quadrants representing Outward versus Inward, and Financial benefit versus Human benefit. The quadrants are Reach customers, Increase revenue/demonstrate value, Enhance services, Reduce costs.

    Financial benefits vs. improved capabilities

    Financial benefits refer to the degree to which the value source can be measured through monetary metrics and is often quite tangible.

    Human benefits refer to how a product or service can deliver value through a user’s experience.

    Inward vs. outward orientation

    Inward refers to value sources that have an internal impact and improve your organization’s effectiveness and efficiency in performing its operations.

    Outward refers to value sources that come from your interaction with external factors, such as the market or your customers.

    Exercise 3.2.4 Identify your business value drivers and sources of value

    1 hour
    1. Brainstorm the different types of business value that you produce on the sticky notes (one item per page). Draw from examples of products in your portfolio.
    2. Identify the most important value items for your organization (two to three per quadrant).
    3. Record the results in the Mature and Scale Product Ownership Workbook.

    Output

    • Product owner capability assessment

    Participants

    • Product owners
    • Product managers

    Capture in the Mature and Scale Product Ownership Workbook.

    My business value sources

    Graph with 4 quadrants representing Outward versus Inward, and Financial benefit versus Human benefit. The quadrants are Reach customers, Increase revenue/demonstrate value, Enhance services, Reduce costs.

    Capability: Value realization

    Your Score: ____

    1 - Foundational: Transitioning and Growing

    2 - Capable/Competent: Core Contributor

    3 - Influential: Gifted Improver

    4 - Transformational: Towering Strength

    • Product canvas or basic product positioning overview.
    • Simple budget or funding mechanism for changes.
    • Product demos and informal user feedback mechanisms.
    • Business value canvas or basic business model tied to roadmap funding.
    • Product funding tied to roadmap milestones and prioritization.
    • Defined KPIs /OKRs for roadmap delivery throughput and value realization measurement.
    • Business model with operating cost structures, revenue/value traceability, and market/user segments.
    • Scenario-based roadmap funding alignment.
    • Roadmap aligned KPIs /OKRs for delivery throughput and value realization measurement as a key factor in roadmap prioritization.
    • Business model tied to enterprise operating costs and value realization KPIs/OKRs.
    • P&L roadmap and cost accounting tied to value metrics.
    • Roadmap aligned enterprise and scenario-based KPIs /OKRs for delivery throughput and value realization measurement as a key factor in roadmap prioritization.

    Exercise 3.2.5 Assess your value realization capability proficiency

    1 hour
    1. Review the expectations for this capability and determine your current proficiency for each skill.
    2. Complete your assessment in the Mature and Scale Product Owner Proficiency Assessment tool.
    3. Record the results in the Mature and Scale Product Ownership Playbook.
    4. Review the skills map to identify strengths and areas of growth.

    Output

    • Product owner capability assessment

    Participants

    • Product owners
    • Product managers

    Capture in the Mature and Scale Product Owner Proficiency Assessment.

    Determine your product owner capability proficiency in regards to: Vision, Leadership, Product Lifecycle, and Value Realization

    Summary of Accomplishment

    Problem solved.

    Product ownership can be one of the most difficult challenges facing delivery and operations teams. By focusing on operational grouping and alignment of goals, organizations can improve their value realization at all levels in the organization.

    The foundation for delivering and enhancing products and services is rooted in the same capability model. Traditionally, product owners have focused on only a subset of skills and capabilities needed to properly manage and grow their products. The product owner capability model is a useful tool to ensure optimal performance from product owners and assess the right level of detail for each product within the product families.

    Congratulations. You’ve completed a significant step toward higher-value products and services.

    If you would like additional support, have our analysts guide you through other phases as apart of an Info-Tech workshop

    Contact your account representative for more information

    workshops@infotech.com
    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as apart of an Info-Tech workshop

    Contact your account representative for more information
    workshops@infotech.com 1-888-670-8889

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.1.1 Assess your real Agile skill proficiency

    Assess your skills and capabilities against the real Agile skills inventory

    2.2.3 Prioritize your stakeholders

    Build a stakeholder management strategy.

    Research Contributors and Experts

    Emily Archer

    Lead Business Analyst,
    Enterprise Consulting, authentic digital agency

    Emily Archer is a consultant currently working with Fortune 500 clients to ensure the delivery of successful projects, products, and processes. She helps increase the business value returned for organizations’ investments in designing and implementing enterprise content hubs and content operations, custom web applications, digital marketing, and e-commerce platforms.

    David Berg

    Founder & CTO
    Strainprint Technologies Inc.

    David Berg is a product commercialization expert who has spent the last 20 years delivering product management and business development services across a broad range of industries. Early in his career, David worked with product management and engineering teams to build core network infrastructure products that secure and power the internet we benefit from today. David’s experience also includes working with clean technologies in the area of clean power generation, agritech, and Internet of Things infrastructure. Over the last five years, David has been focused on his latest venture, Strainprint Technologies, a data and analytics company focused on the medical cannabis industry. Strainprint has built the largest longitudinal medical cannabis dataset in the world, with a goal to develop an understanding of treatment behavior, interactions, and chemical drivers to guide future product development.

    Research Contributors and Experts

    Kathy Borneman

    Digital Product Owner, SunTrust Bank

    Kathy Borneman is a senior product owner who helps people enjoy their jobs again by engaging others in end-to-end decision making to deliver software and operational solutions that enhance the client experience and allow people to think and act strategically.

    Charlie Campbell

    Product Owner, Merchant e-Solutions

    Charlie Campbell is an experienced problem solver with the ability to quickly dissect situations and recommend immediate actions to achieve resolution, liaise between technical and functional personnel to bridge the technology and communication gap, and work with diverse teams and resources to reach a common goal.

    Research Contributors and Experts

    Yarrow Diamond

    Sr. Director, Business Architecture
    Financial Services

    Yarrow Diamond is an experienced professional with expertise in enterprise strategy development, project portfolio management, and business process reengineering across financial services, healthcare and insurance, hospitality, and real estate environments. She has a master’s in Enterprise Architecture from Penn State University, LSSMBB, PMP, CSM, ITILv3.

    Cari J. Faanes-Blakey, CBAP, PMI-PBA

    Enterprise Business Systems Analyst,
    Vertex, Inc.

    Cari J. Faanes-Blakey has a history in software development and implementation as a Business Analyst and Project Manager for financial and taxation software vendors. Active in the International Institute of Business Analysis (IIBA), Cari participated on the writing team for the BA Body of Knowledge 3.0 and the certification exam.

    Research Contributors and Experts

    Kieran Gobey

    Senior Consultant Professional Services
    Blueprint Software Systems

    Kieran Gobey is an IT professional with 24 years of experience, focused on business, technology, and systems analysis. He has split his career between external and internal customer-facing roles, and this has resulted in a true understanding of what is required to be a Professional Services Consultant. His problem-solving skills and ability to mentor others have resulted in successful software implementations.

    Kieran’s specialties include deep system troubleshooting and analysis skills, facilitating communications to bring together participants effectively, mentoring, leadership, and organizational skills.

    Rupert Kainzbauer

    VP Product, Digital Wallets
    Paysafe Group

    Rupert Kainzbauer is an experienced senior leader with a passion for defining and delivering products that deliver real customer and commercial benefit. With a team of highly experienced and motivated product managers, he has successfully led highly complex, multi-stakeholder payments initiatives, from proposition development and solution design through to market delivery. Their domain experience is in building online payment products in high-risk and emerging markets, remittance, prepaid cards, and mobile applications.

    Research Contributors and Experts

    Saeed Khan

    Founder,
    Transformation Labs

    Saeed Khan has been working in high tech for 30 years in Canada and the US and has held several leadership roles in Product Management in that time. He speaks regularly at conferences and has been writing publicly about technology product management since 2005.

    Through Transformation Labs, Saeed helps companies accelerate product success by working with product teams to improve their skills, practices, and processes. He is a cofounder of ProductCamp Toronto and currently runs a Meetup group and global Slack community called Product Leaders; the only global community of senior level product executives.

    Hoi Kun Lo

    Product Owner
    Nielsen

    Hoi Kun Lo is an experienced change agent who can be found actively participating within the IIBA and WITI groups in Tampa, FL and a champion for Agile, architecture, diversity, and inclusion programs at Nielsen. She is currently a Product Owner in the Digital Strategy team within Nielsen Global Watch Technology.

    Research Contributors and Experts

    Abhishek Mathur

    Sr Director, Product Management
    Kasisto, Inc.

    Abhishek Mathur is a product management leader, an artificial intelligence practitioner, and an educator. He has led product management and engineering teams at Clarifai, IBM, and Kasisto to build a variety of artificial intelligence applications within the space of computer vision, natural language processing, and recommendation systems. Abhishek enjoys having deep conversations about the future of technology and helping aspiring product managers enter and accelerate their careers.

    Jeff Meister

    Technology Advisor and Product Leader

    Jeff Meister is a technology advisor and product leader. He has more than 20 years of experience building and operating software products and the teams that build them. He has built products across a wide range of industries and has built and led large engineering, design, and product organizations.

    Jeff most recently served as Senior Director of Product Management at Avanade, where he built and led the product management practice. This involved hiring and leading product managers, defining product management processes, solution shaping and engagement execution, and evangelizing the discipline through pitches, presentations, and speaking engagements.

    Jeff holds a Bachelor of Applied Science (Electrical Engineering) and a Bachelor of Arts from the University of Waterloo, an MBA from INSEAD (Strategy), and certifications in product management, project management, and design thinking.

    Research Contributors and Experts

    Vincent Mirabelli

    Principal,
    Global Project Synergy Group

    With over 10 years of experience in both the private and public sectors, Vincent Mirabelli possesses an impressive track record of improving, informing, and transforming business strategy and operations through process improvement, design and re-engineering, and the application of quality to business analysis, project management, and process improvement standards.

    Oz Nazili

    VP, Product & Growth
    TWG

    Oz Nazili is a product leader with a decade of experience in both building products and product teams. Having spent time at funded startups and large enterprises, he thinks often about the most effective way to deliver value to users. His core areas of interest include Lean MVP development and data-driven product growth.

    Research Contributors and Experts

    Mike Starkey

    Director of Engineering
    W.W. Grainger

    Mike Starkey is a Director of Engineering at W.W. Grainger, currently focusing on operating model development, digital architecture, and building enterprise software. Prior to joining W.W. Grainger, Mike held a variety of technology consulting roles throughout the system delivery lifecycle spanning multiple industries such as healthcare, retail, manufacturing, and utilities with Fortune 500 companies.

    Anant Tailor

    Cofounder and Head of Product
    Dream Payments Corp.

    Anant Tailor is a cofounder at Dream Payments where he currently serves as the COO and Head of Product, having responsibility for Product Strategy & Development, Client Delivery, Compliance, and Operations. He has 20+ years of experience building and operating organizations that deliver software products and solutions for consumers and businesses of varying sizes.

    Prior to founding Dream Payments, Anant was the COO and Director of Client Services at DonRiver Inc, a technology strategy and software consultancy that he helped to build and scale into a global company with 100+ employees operating in seven countries.

    Anant is a Professional Engineer with a Bachelor degree in Electrical Engineering from McMaster University and a certificate in Product Strategy & Management from the Kellogg School of Management at Northwestern University.

    Research Contributors and Experts

    Angela Weller

    Scrum Master, Businessolver

    Angela Weller is an experienced Agile business analyst who collaborates with key stakeholders to attain their goals and contributes to the achievement of the company’s strategic objectives to ensure a competitive advantage. She excels when mediating or facilitating teams.

    Related Info-Tech Research

    Product Delivery

    Deliver on Your Digital Product Vision

    Build a product vision your organization can take from strategy through execution.

    Deliver Digital Products at Scale

    Deliver value at the scale of your organization through defining enterprise product families.

    Build Your Agile Acceleration Roadmap

    Quickly assess the state of your Agile readiness and plan your path forward to higher value realization.

    Implement Agile Practices That Work

    Improve collaboration and transparency with the business to minimize project failure.

    Implement DevOps Practices That Work

    Streamline business value delivery through the strategic adoption of DevOps practices.

    Extend Agile Practices Beyond IT

    Further the benefits of Agile by extending a scaled Agile framework to the business.

    Build Your BizDevOps Playbook

    Embrace a team sport culture built around continuous business-IT collaboration to deliver great products.

    Embed Security Into the DevOps Pipeline

    Shift security left to get into DevSecOps.

    Spread Best Practices With an Agile Center of Excellence

    Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Enable Organization-Wide Collaboration by Scaling Agile

    Execute a disciplined approach to rolling out Agile methods in the organization.

    Related Info-Tech Research

    Application Portfolio Management

    APM Research Center

    See an overview of the APM journey and how we can support the pieces in this journey.

    Application Portfolio Management Foundations

    Ensure your application portfolio delivers the best possible return on investment.

    Streamline Application Maintenance

    Effective maintenance ensures the long-term value of your applications.

    Streamline Application Management

    Move beyond maintenance to ensuring exceptional value from your apps.

    Build an Application Department Strategy

    Delivering value starts with embracing what your department can do.

    Embrace Business-Managed Applications

    Empower the business to implement their own applications with a trusted business-IT relationship

    Optimize Applications Release Management

    Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Related Info-Tech Research

    Value, Delivery Metrics, Estimation

    Build a Value Measurement Framework

    Focus product delivery on business value–driven outcomes.

    Select and Use SDLC Metrics Effectively

    Be careful what you ask for, because you will probably get it.

    Application Portfolio Assessment: End User Feedback

    Develop data-driven insights to help you decide which applications to retire, upgrade, re-train on, or maintain to meet the demands of the business.

    Create a Holistic IT Dashboard

    Mature your IT department by measuring what matters.

    Refine Your Estimation Practices With Top-Down Allocations

    Don’t let bad estimates ruin good work.

    Estimate Software Delivery With Confidence

    Commit to achievable software releases by grounding realistic expectations.

    Reduce Time to Consensus With an Accelerated Business Case

    Expand on the financial model to give your initiative momentum.

    Optimize Project Intake, Approval, and Prioritization

    Deliver more projects by giving yourself the voice to say “no” or “not yet” to new projects.

    Enhance PPM Dashboards and Reports

    Facilitate ongoing alignment between Agile teams and the business with a set of targeted service offerings.

    Related Info-Tech Research

    Organizational Design and Performance

    Redesign Your IT Organizational Structure

    Focus product delivery on business value-driven outcomes.

    Build a Strategic IT Workforce Plan

    Have the right people, in the right place, at the right time.

    Implement a New Organizational Structure

    Reorganizations are inherently disruptive. Implement your new structure with minimal pain for staff while maintaining IT performance throughout the change.

    Build an IT Employee Engagement Program

    Don’t just measure engagement, act on it

    Set Meaningful Employee Performance Measures

    Set holistic measures to inspire employee performance.

    Bibliography (Product Management)

    “12th Annual State of Agile Report.” VersionOne, 9 April 2018. Web.

    A, Karen. “20 Mental Models for Product Managers.” Product Management Insider, Medium, 2 Aug. 2018. Web.

    Adams, Paul. “Product Teams: How to Build & Structure Product Teams for Growth.” Inside Intercom, 30 Oct. 2019. Web.

    Aghina, Handscomb, Ludolph, West, and Abby Yip, “How to select and develop individuals for successful agile teams: A practical guide” McKinsey & Company 20 Dec. 2018. Web.

    Agile Alliance. “Product Owner.” Agile Alliance. n.d. Web.

    Ambler, Scott W. "Communication on Agile Software Teams“, Agile Modeling. 2001-2022. Web.

    Ambysoft. “2018 IT Project Success Rates Survey Results.” Ambysoft. 2018. Web.

    Banfield, Richard, et al. “On-Demand Webinar: Strategies for Scaling Your (Growing) Enterprise Product Team.” Pluralsight, 31 Jan. 2018. Web.

    Beck, Beedle, van Bennekum, Cockburn, Cunningham, Fowler, Grenning, Highsmith, Hunt, Jeffries, Kern, Marick, Martin, Mellor, Schwaber, Sutherland, Thomas, "Manifesto for Agile Software Development." agilemanifesto.org. 2001

    Berez, Steve, et al. “How to Plan and budget for Agile at Scale.” Bain & Company, 08 Oct 2019. Web

    Blueprint. “10 Ways Requirements Can Sabotage Your Projects Right From the Start.” Blueprint. 2012. Web.

    Breddels, Dajo, and Paul Kuijten. “Product Owner Value Game.” Agile2015 Conference, Agile Alliance 2015. Web.

    Cagan, Martin. “Behind Every Great Product.” Silicon Valley Product Group. 2005. Web.

    Cohn, Mike. “What Is a Product?” Mountain Goat Software. 6 Sept. 2016. Web.

    Connellan, Thomas K. Inside the Magic Kingdom, Bard Press, 1997.

    Curphey, Mark. “Product Definition.” SlideShare, 25 Feb. 2007. Web.

    “Delegation Poker Product Image.” Management 3.0, n.d. Web.

    Distel, Dominic, et al. “Finding the sweet spot in product-portfolio management.’ McKinsey, 4 Dec. 2020. Web

    Eringa, Ron. “Evolution of the Product Owner.” RonEringa.com, 12 June 2016. Web.

    Fernandes, Thaisa. “Spotify Squad Framework - Part I.” PM101, Medium, 6 Mar. 2017. Web.

    Galen, Robert. “Measuring Product Ownership – What Does ‘Good’ Look Like?” RGalen Consulting, 5 Aug. 2015. Web.

    Grenny, Joseph. “The Best Teams Hold Themselves Accountable.” Harvard Business Review, 30 May 2014. Web.

    Halisky, Merland, and Luke Lackrone. “The Product Owner’s Universe.” Agile2016 Conference, Agile Alliance, 2016. Web.

    Bibliography (Product Management)

    IIBA "A Guide to the Business Analysis Body of Knowledge® (BABOK® Guide) v3" IIBA. 15 APR 2015

    Kamer, Jurriaan. “How to Build Your Own ‘Spotify Model’.” The Ready, Medium, 9 Feb. 2018. Web.

    Kendis Team. “Exploring Key Elements of Spotify’s Agile Scaling Model.” Scaled Agile Framework, Medium, 23 Jul. 2018. Web.

    Lindstrom, Lowell. “7 Skills You Need to Be a Great Product Owner.” Scrum Alliance, n.d. Web.

    Lukassen, Chris. “The Five Belts Of The Product Owner.” Xebia.com, 20 Sept. 2016. Web.

    Mankins, Michael. “The Defining Elements of a Winning Culture.” Bain, 19 Dec. 2013. Web.

    McCloskey, Heather. “Scaling Product Management: Secrets to Defeating Common Challenges.” ProductPlan, 12 July 2019. Web.

    McCloskey, Heather. “When and How to Scale Your Product Team.” UserVoice, 21 Feb. 2017. Web. Mironov, Rich. “Scaling Up Product Manager/Owner Teams.” Rich Mironov's Product Bytes, Mironov Consulting, 12 Apr. 2014. Web.

    Moore, Geoffrey A. “Crossing the Chasm, 3rd Edition.” Collins Business Essentials, 28 Jan 2014

    Oh, Paul. “How Mastering Resilience Can Help Drive Agile Transformations.” Why Innovation!, 10 Oct. 2019.

    Overeem, Barry. “A Product Owner Self-Assessment.” Barry Overeem, 6 Mar. 2017. Web.

    Overeem, Barry. “Retrospective: Using the Team Radar.” Barry Overeem, 27 Feb. 2017. Web.

    Pichler, Roman. “How to Scale the Scrum Product Owner.” Roman Pichler, 28 June 2016 . Web.

    Pichler, Roman. “Product Management Framework.” Pichler Consulting Limited, 2014. Web.

    Pichler, Roman. “Sprint Planning Tips for Product Owners.” LinkedIn, 4 Sept. 2018. Web.

    Pichler, Roman. “What Is Product Management?” Pichler Consulting Limited, 26 Nov. 2014. Web.

    PMI "The high cost of low performance: the essential role of communications“. PMI Pulse of Profession, May 2013.

    Radigan,Dan. “Putting the ‘Flow' Back in Workflow With WIP Limits.” Atlassian, n.d. Web.

    Bibliography (Product Management)

    Rouse, Margaret. “Definition: product.” TechTarget, Sept. 2005. Web.

    Schuurman, Robbin. “10 Tips for Product Owners on (Business) Value.” Scrum.org, 30 Nov. 2017. Web.

    Schuurman, Robbin. “10 Tips for Product Owners on Agile Product Management.” Scrum.org, 28 Nov. 2017. Web.

    Schuurman, Robbin. “10 Tips for Product Owners on Product Backlog Management.” Scrum.org, 5 Dec. 2017. Web.

    Schuurman, Robbin. “10 Tips for Product Owners on the Product Vision.” Scrum.org, 29 Nov. 2017. Web.

    Schuurman, Robbin. “Tips for Starting Product Owners.” Scrum.org, 27 Nov. 2017. Web.

    Sharma, Rohit. “Scaling Product Teams the Structured Way.” Monetary Musings, 28 Nov. 2016. Web.

    Shirazi, Reza. “Betsy Stockdale of Seilevel: Product Managers Are Not Afraid To Be Wrong.” Austin Voice of Product, 2 Oct. 2018. Web.

    Spitz, Enid R. “The Three Kinds of Empathy: Emotional, Cognitive, Compassionate.” The Three Kinds of Empathy: Emotional, Cognitive, Compassionate. Heartmanity. Web.

    Steiner, Anne. “Start to Scale Your Product Management: Multiple Teams Working on Single Product.” Cprime, 6 Aug. 2019. Web.

    “The Qualities of Leadership: Leading Change.” Cornelius & Associates, 2016. Web.

    “The Standish Group 2015 Chaos Report.” The Standish Group. 2015. Web.

    Theus, Andre. “When Should You Scale the Product Management Team?” ProductPlan, 7 May 2019. Web.

    Tolonen, Arto. “Scaling Product Management in a Single Product Company.” Smartly.io, 26 Apr. 2018. Web.

    Ulrich, Catherine. “The 6 Types of Product Managers. Which One Do You Need?” Medium, 19 Dec. 2017. Web.

    Verwijs, Christiaan. “Retrospective: Do The Team Radar.” The Liberators, Medium, 10 Feb. 2017. Web.

    Vlaanderen, Kevin. “Towards Agile Product and Portfolio Management”. Academia.edu. 2010. Web.

    Backlog

    2009 Business Analysis Benchmark Study.” IAG Consulting, 2009. Web.

    Armel, Kate. “Data-driven Estimation, Management Lead to High Quality.” Quantitative Software Management Inc, 2015. Web.

    Bradley, Marty. “Agile Estimation Guidance.” Leading Agile, 30 Aug. 2016. Web. Feb. 2019.

    CollabNet and VersionOne. “12th Annual State of Agile Report.” VersionOne, 9 April 2018. Web.

    Craveiro, João. “Marty meets Martin: connecting the two triads of Product Management.” Product Coalition, 18 Nov. 2017. Accessed Feb. 2019.

    “Enablers.” Scaled Agile, n.d. Web.

    “Epic.” Scaled Agile, n.d. Web.

    Fischer, Christian. “Scrum Compact.” Itemis, n.d. Web. Feb. 2019.

    Hackshall, Robin. “Product Backlog Refinement.” Scrum Alliance, 9 Oct. 2014. Accessed Feb. 2019.

    Hartman, Bob. “New to agile? INVEST in good user stories.” Agile For All, 14 May 2009. Web.

    Huether, Derek. “Cheat Sheet for Product Backlog Refinement (Grooming).” Leading Agile, 2 Nov. 2013. Accessed Feb. 2019.

    Karlsson, Johan. “Backlog Grooming: Must-Know Tips for High-Value Products.” Perforce, 18 May 2018. Accessed Feb. 2019.

    Khan, Saeed. “Good Bye ‘Product Owner’, Hello ‘Backlog Manager.’” On Product Management, 27 June 2011. Accessed Feb. 2019.

    Khan, Saeed. “Let’s End the Confusion: A Product Owner is NOT a Product Manager.” On Product Management, 14 July 2017. Accessed Feb. 2019.

    Lawrence, Richard. “New Story Splitting Resource.” Agile For All. 27 Jan. 2012. Web. Feb. 2019.

    Leffingwell, Dean. “SAFe 4.0.” Scaled Agile Inc, 2017. Accessed Feb. 2019.

    Lucero, Mario. “Product Backlog – Deep Model.” Agilelucero, 8 Oct. 2014. Web.

    “PI Planning.” Scaled Agile, n.d. Web.

    Pichler, Roman. “The Product Roadmap and the Product Backlog.” Roman Pichler, 9 Sept. 2014. Accessed Feb. 2019.

    Rubin, Kenneth S. Essential Scrum: A Practical Guide to the Most Popular Agile Process. Pearson Education, 2012.

    Schuurman, Robbin. “10 Tips for Product Owners on Product Backlog Management.” Burozeven, 20 Nov. 2017. Accessed Feb. 2019.

    Srinivasan, Vibhu. “Product Backlog Management: Tips from a Seasoned Product Owner.” Agile Alliance, n.d. Accessed Feb. 2019.

    Todaro, Dave. “Splitting Epics and User Stories.” Ascendle, n.d. Accessed Feb. 2019.

    “What Characteristics Make Good Agile Acceptance Criteria?” Segue Technologies, 3 Sept. 2015. Web. Feb. 2019.

    Bibliography (Roadmap)

    Bastow, Janna. “Creating Agile Product roadmaps Everyone Understands.” ProdPad, 22 Mar. 2017. Accessed Sept. 2018.

    Bastow, Janna. “The Product Tree Game: Our Favorite Way To Prioritize Features.” ProdPad, 21 Feb. 2016. Accessed Sept. 2018.

    Chernak, Yuri. “Requirements Reuse: The State of the Practice.” 2012 IEEE International Conference, 12 June 2012, Herzliya, Israel. Web.

    Fowler, Martin. “Application Boundary.” MartinFowler.com, 11 Sept. 2003. Accessed 20 Nov. 2017.

    Harrin, Elizabeth. “Learn What a Project Milestone Is.” The Balance Careers, 10 May 2018. Accessed Sept. 2018.

    “How to create a product roadmap.” Roadmunk, n.d. Accessed Sept. 2018.

    Johnson, Steve. “How to Master the 3 Horizons of Product Strategy.” Aha!, 24 Sept. 2015. Accessed Sept. 2018.

    Johnson, Steve. “The Product Roadmap vs. the Technology Roadmap.” Aha!, 23 June 2016. Accessed Sept. 2018

    Juncal, Shaun. “How Should You Set Your Product Roadmap Timeframes?” ProductPlan, Web. Sept. 2018.

    Leffingwell, Dean. “SAFe 4.0.” Scaled Agile, 2017. Web.

    Maurya, Ash. “What is a Minimum Viable Product (MVP).” Leanstack, 12 June 2017. Accessed Sept. 2018.

    Pichler, Roman. “10 Tips for Creating an Agile Product Roadmap.” Roman Pichler, 20 July 2016. Accessed Sept. 2018.

    Pichler, Roman. Strategize: Product Strategy and Product Roadmap Practices for the Digital Age. Pichler Consulting, 2016.

    “Product Roadmap Contents: What Should You Include?” ProductPlan, n.d. Accessed 20 Nov. 2017.

    Saez, Andrea. “Why Your Roadmap Is Not a Release Plan.” ProdPad, 23 October 2015. Accessed Sept. 2018.

    Schuurman, Robbin. “Tips for Agile product roadmaps & product roadmap examples.” Scrum.org, 7 Dec. 2017. Accessed Sept. 2018.

    Bibliography (Vision and Canvas)

    Adams, Paul. “The Future Product Canvas.” Inside Intercom, 10 Jan. 2014. Web.

    “Aligning IT Funding Models to the Pace of Technology Change.” EDUCAUSE, 14 Dec. 2015. Web.

    Altman, Igor. “Metrics: Gone Bad.” OpenView, 10 Nov. 2009. Web.

    Barry, Richard. “The Product Vision Canvas – a Strategic Tool in Developing a Successful Business.” Polymorph, 2019. Web.

    “Business Canvas – Business Models & Value Propositions.” Strategyzer, 2019. Web.

    “Business Model Canvas.” Wikipedia: The Free Encyclopedia, 4 Aug. 2019. Web.

    Charak, Dinker. “Idea to Product: The Working Model.” ThoughtWorks, 13 July 2017. Web.

    Charak, Dinker. “Product Management Canvas - Product in a Snapshot.” Dinker Charak, 29 May 2017. Web.

    Chudley, James. “Practical Steps in Determining Your Product Vision (Product Tank Bristol, Oct. 2018).” LinkedIn SlideShare. Uploaded by cxpartners, 2 Nov. 2018. Web.

    Cowan, Alex. “The 20 Minute Business Plan: Business Model Canvas Made Easy.” COWAN+, 2019. Web.

    Craig, Desiree. “So You've Decided To Become A Product Manager.” Start it up, Medium, 2 June 2019. Web.

    “Create an Aha! Business Model Canvas Strategic Model.” Aha! Support, 2019. Web.

    Eick, Stephen. “Does Code Decay? Assessing the Evidence from Change Management Data.” IEEE Transactions on Software Engineering, vol. 27, no. 1, Jan. 2001, pp. 1-12. Web.

    Eriksson, Martin. “The next Product Canvas.” Mind the Product, 22 Nov. 2013. Web.

    “Experience Canvas: a Lean Approach: Atlassian Team Playbook.” Atlassian, 2019. Web.

    Freeman, James. “How to Make a Product Canvas – Visualize Your Product Plan.” Edraw, 23 Dec. 2019. Web.

    Fuchs, Danny. “Measure What Matters: 5 Best Practices from Performance Management Leaders.” OpenGov, 8 Aug. 2018. Web.

    Gorisse, Willem. “A Practical Guide to the Product Canvas.” Mendix, 28 Mar. 2017. Web.

    Gothelf, Jeff. “The Lean UX Canvas.” Jeff Gothelf, 15 Dec. 2016. Web.

    Gottesdiener, Ellen. “Using the Product Canvas to Define Your Product: Getting Started.” EBG Consulting, 15 Jan. 2019. Web.

    Gottesdiener, Ellen. “Using the Product Canvas to Define Your Product's Core Requirements.” EBG Consulting, 4 Feb. 2019. Web.

    Gray, Mark Krishan. “Should I Use the Business Model Canvas or the Lean Canvas?” Blog, Medium.com, 2019. Web.

    Bibliography (Vision and Canvas)

    Hanby, Jeff. "Software Maintenance: Understanding and Estimating Costs." LookFar, 21 Oct. 2016. Web.

    “How do you define a product?” Scrum.org, 4 Apr 2017, Web

    Juncal, Shaun. “How to Build a Product Roadmap Based on a Business Model Canvas.” ProductPlan, 19 June 2019. Web.

    “Lean Canvas Intro - Uber Example.” YouTube, uploaded by Railsware Product Academy, 12 Oct. 2018. Web.

    “Lesson 6: Product Canvas.” ProdPad Help Center, 2019. Web.

    Lucero, Mario. “The Product Canvas.” Agilelucero.com, 22 June 2015. Web.

    Maurya, Ash. “Create a New Lean Canvas.” Canvanizer, 2019. Web.

    Maurya, Ash. “Don't Write a Business Plan. Create a Lean Canvas Instead.” LEANSTACK, 2019. Web.

    Maurya, Ash. “Why Lean Canvas vs Business Model Canvas?” Medium, 27 Feb. 2012. Web.

    Mirabelli, Vincent. “The Project Value Canvas.” Vincent Mirabelli, 2019. Web.

    Mishra, LN. “Business Analysis Canvas – The Ultimate Enterprise Architecture.” BA Times, 19 June 2019. Web.

    Muller. Jerry Z. “Why performance metrics isn’t always the best way to judge performance.” Fast Company, 3 April 2019. Web.

    Perri, Melissa. “What Is Good Product Strategy?” Melissa Perri, 14 July 2016. Web.

    Pichler, Roman. “A Product Canvas for Agile Product Management, Lean UX, Lean Startup.” Roman Pichler, 16 July 2012. Web.

    Pichler, Roman. “Introducing the Product Canvas.” JAXenter, 15 Jan. 2013. Web.

    Pichler, Roman. “Roman's Product Canvas: Introduction.” YouTube, uploaded by Roman Pichler, 3 Mar. 2017. Web.

    Pichler, Roman. “The Agile Vision Board: Vision and Product Strategy.” Roman Pichler, 10 May 2011. Web.

    Pichler, Roman. “The Product Canvas – Template.” Roman Pichler, 11 Oct. 2016. Web.

    Pichler, Roman. “The Product Canvas Tutorial V1.0.” LinkedIn SlideShare. Uploaded by Roman Pichler, 14 Feb. 2013. Web.

    Pichler, Roman. “The Product Vision Board: Introduction.” YouTube uploaded by Roman Pichler, 3 Mar. 2017. Web.

    “Product Canvas PowerPoint Template.” SlideModel, 2019. Web.

    Bibliography (Vision and Canvas)

    “Product Canvas.” SketchBubble, 2019, Web.

    “Product Canvas.” YouTube, uploaded by Wojciech Szramowski, 18 May 2016. Web.

    “Product Roadmap Software to Help You Plan, Visualize, and Share Your Product Roadmap.” Productboard, 2019. Web.

    Roggero, Giulio. “Product Canvas Step-by-Step.” LinkedIn SlideShare, uploaded by Giulio Roggero, 18 May 2013. Web.

    Royce, Dr. Winston W. “Managing the Development of Large Software Systems.” Scf.usc.edu, 1970. Web.

    Ryan, Dustin. “The Product Canvas.” Qdivision, Medium, 20 June 2017. Web.

    Snow, Darryl. “Product Vision Board.” Medium, 6 May 2017. Web.

    Stanislav, Shymansky. “Lean Canvas – a Tool Your Startup Needs Instead of a Business Plan.” Railsware, 12 Oct. 2018. Web.

    Stanislav, Shymansky. “Lean Canvas Examples of Multi-Billion Startups.” Railsware, 20 Feb. 2019. Web.

    “The Product Vision Canvas.” YouTube, Uploaded by Tom Miskin, 20 May 2019. Web.

    Tranter, Leon. “Agile Metrics: the Ultimate Guide.” Extreme Uncertainty, n.d. Web.

    “Using Business Model Canvas to Launch a Technology Startup or Improve Established Operating Model.” AltexSoft, 27 July 2018. Web.

    Veyrat, Pierre. “Lean Business Model Canvas: Examples + 3 Pillars + MVP + Agile.” HEFLO BPM, 10 Mar. 2017. Web.

    “What Are Software Metrics and How Can You Track Them?” Stackify, 16 Sept. 2017. Web

    “What Is a Product Vision?” Aha!, 2019. Web.

    Supporting Research

    Transformation topics and supporting Info-Tech research to make the journey easier, with less rework.

    Supporting research and services

    Improving IT alignment

    Build a Business-Aligned IT Strategy

    Success depends on IT initiatives clearly aligned to business goals, IT excellence, and driving technology innovation.

    Includes a "Strategy on a page" template

    Make Your IT Governance Adaptable

    Governance isn't optional, so keep it simple and make it flexible.

    Create an IT View of the Service Catalog

    Unlock the full value of your service catalog with technical components.

    Application Portfolio Management Foundations

    Ensure your application portfolio delivers the best possible return on investment.

    Supporting research and services

    Shifting toward Agile DevOps

    Agile/DevOps Resource Center

    Tools and advice you need to be successful with Agile.

    Develop Your Agile Approach for a Successful Transformation

    Understand Agile fundamentals, principles, and practices so you can apply them effectively in your organization.

    Implement DevOps Practices That Work

    Streamline business value delivery through the strategic adoption of DevOps practices.

    Perform an Agile Skills Assessment

    Being Agile isn't about processes, it's about people.

    Define the Role of Project Management in Agile and Product-Centric Delivery

    Projects and products are not mutually exclusive.

    Supporting research and services

    Shifting toward product management

    Make the Case for Product Delivery

    Align your organization on the practices to deliver what matters most.

    Deliver on Your Digital Product Vision

    Build a product vision your organization can take from strategy through execution.

    Deliver Digital Products at Scale

    Deliver value at the scale of your organization through defining enterprise product families.

    Build a Better Product Owner

    Strengthen the product owner's role in your organization by focusing on core capabilities and proper alignment.

    Supporting research and services

    Improving value and delivery metrics

    Build a Value Measurement Framework

    Focus product delivery on business value-driven outcomes.

    Create a Holistic IT Dashboard

    Mature your IT department by measuring what matters.

    Select and Use SDLC Metrics Effectively

    Be careful what you ask for because you will probably get it.

    Reduce Time to Consensus With an Accelerated Business Case

    Expand on the financial model to give your initiative momentum.

    Supporting research and services

    Improving governance, prioritization, and value

    Make Your IT Governance Adaptable

    Governance isn't optional, so keep it simple and make it flexible.

    Maximize Business Value from IT Through Benefits Realization

    Embed benefits realization into your governance process to prioritize IT spending and confirm the value of IT.

    Drive Digital Transformation With Platform Strategies

    Innovate and transform your business models with digital platforms.

    Succeed With Digital Strategy Execution

    Building a digital strategy is only half the battle: create a systematic roadmap of technology initiatives to execute the strategy and drive digital transformation.

    Build a Value Measurement Framework

    Focus product delivery on business value-driven outcomes.

    Create a Holistic IT Dashboard

    Mature your IT department by measuring what matters.

    Supporting research and services

    Improving requirements management and quality assurance

    Requirements Gathering for Small Enterprises

    Right-size the guidelines of your requirements gathering process.

    Improve Requirements Gathering

    Back to basics: great products are built on great requirements.

    Build a Software Quality Assurance Program

    Build quality into every step of your SDLC.

    Automate Testing to Get More Done

    Drive software delivery throughput and quality confidence by extending your automation test coverage.

    Manage Your Technical Debt

    Make the case to manage technical debt in terms of business impact.

    Create a Business Process Management Strategy

    Avoid project failure by keeping the "B" in BPM.

    Build a Winning Business Process Automation Playbook

    Optimize and automate your business processes with a user-centric approach.

    Create a Winning BPI Playbook

    Don't waste your time focusing on the "as is." Focus on the improvements and the "to be."

    Supporting research and services

    Improving release management

    Optimize Applications Release Management

    Build trust by right-sizing your process using appropriate governance.

    Streamline Application Maintenance

    Effective maintenance ensures the long-term value of your applications.

    Streamline Application Management

    Move beyond maintenance to ensure exceptional value from your apps.

    Optimize Change Management

    Right-size your change management process.

    Manage Your Technical Debt

    Make the case to manage technical debt in terms of business impact.

    Improve Application Development Throughput

    Drive down your delivery time by eliminating development inefficiencies and bottlenecks while maintaining high quality.

    Supporting research and services

    Business relationship management

    Embed Business Relationship Management

    Leverage knowledge of the business to become a strategic IT partner.

    Improving security

    Build an Information Security Strategy

    Create value by aligning your strategy to business goals and business risks.

    Develop and Deploy Security Policies

    Enhance your overall security posture with a defensible and prescriptive policy suite.

    Simplify Identity and Access Management

    Leverage risk- and role-based access control to quantify and simplify the IAM process.

    Supporting research and services

    Improving and supporting business-managed applications

    Embrace Business-Managed Applications

    Empower the business to implement their own applications with a trusted business-IT relationship.

    Enhance Your Solution Architecture Practices

    Ensure your software systems solution is architected to reflect stakeholders’ short-and long-term needs.

    Satisfy Digital End Users With Low- and No-Code

    Extend IT, automation, and digital capabilities to the business with the right tools, good governance, and trusted organizational relationships.

    Build Your First RPA Bot

    Support RPA delivery with strong collaboration and management foundations.

    Automate Work Faster and More Easily With Robotic Process Automation

    Embrace the symbiotic relationship between the human and digital workforce.

    Supporting research and services

    Improving business intelligence, analytics, and reporting

    Modernize Data Architecture for Measurable Business Results

    Enable the business to achieve operational excellence, client intimacy, and product leadership with an innovative, Agile, and fit-for-purpose data architecture practice.

    Build a Reporting and Analytics Strategy

    Deliver actionable business insights by creating a business-aligned reporting and analytics strategy.

    Build Your Data Quality Program

    Quality data drives quality business decisions.

    Design Data-as-a-Service

    Journey to the data marketplace ecosystems.

    Build a Robust and Comprehensive Data Strategy

    Key to building and fostering a data-driven culture.

    Build an Application Integration Strategy

    Level the table before assembling the application integration puzzle or risk losing pieces.

    Appendix

    Pulse survey results

    Pulse survey (N=18): What are the key components of product/service ownership?

    Pulse survey results: What are the key components of product/service ownership? Table shows answer options and responses in percentage.

    Pulse Survey (N=18): What are the key individual skills for a product/service owner?

    What are the key individual skills for a product/service owner? Table shows answer options and responses in percentage

    Other choices entered by respondents:

    • Anticipating client needs, being able to support delivery in all phases of the product lifecycle, adaptability, and ensuring a healthy backlog (at least two sprints’ worth of work).
    • Requirements elicitation and prioritization.
    • The key skill is being product-focused to ensure it provides value for competitive advantage.

    Pulse Survey (N=18): What are three things an outstanding product/service owner does that an average one doesn’t?

    What are three things an outstanding product/service owner does that an average one doesn't? Table shows results.

    Get Started With Artificial Intelligence

    • Buy Link or Shortcode: {j2store}345|cart{/j2store}
    • member rating overall impact (scale of 10): 9.4/10 Overall Impact
    • member rating average dollars saved: $24,469 Average $ Saved
    • member rating average days saved: 18 Average Days Saved
    • Parent Category Name: Business Intelligence Strategy
    • Parent Category Link: /business-intelligence-strategy
    • It is hard to not hear about how AI is revolutionizing the world. Across all industries, new applications for AI are changing the way humans work and how we interact with technologies that are used in modern organizations.
    • It can be difficult to see the specific applications of AI for your business. With all of the talk about the AI revolution, it can be hard to tie the rapidly changing and growing field of AI to your industry and organization and to determine which technologies are worth serious time and investment, and which ones are too early and not worth your time.

    Our Advice

    Critical Insight

    • AI is not a magic bullet. Instead, it is a tool for speeding up data-driven decision making. A more appropriate term for current AI technology is data-enabled, automated, adaptive decision support. Use when appropriate.
    • Garbage in, garbage out still applies to AI ‒ and it is even more relevant! AI technology has its foundations in data. Lots of it. Relevant, accurate, and timely data is essential to the effective use of AI.
    • AI is a rapidly evolving field – and this means that you can learn from others more effectively. Using a use case-based approach, you can learn from the successes and failures of others to more rapidly narrow down how AI can show value for you.

    Impact and Result

    • Understand what AI really means in practice.
    • Learn what others are doing in your industry to leverage AI technologies for competitive advantage.
    • Determine the use cases that best apply to your situation for maximum value from AI in your environment.
    • Define your first AI proof-of-concept (PoC) project to start exploring what AI can do for you.
    • Separate the signal from the noise when wading through the masses of marketing material around AI.

    Get Started With Artificial Intelligence Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to get up to speed with the rapid changes in AI technologies taking over the world today, review Info-Tech’s methodology, and understand the four ways we can support you on your AI journey.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Explore the possibilities

    Understand what AI really is in the modern world and how AI technologies impact the business functions.

    • Get Started With Artificial Intelligence – Phase 1: Explore the Possibilities

    2. Learn from your peers and give your AI a purpose

    Develop a good understanding of where AI is delivering value in your industry and other verticals. Determine the top three business goals to get value from your AI and give your AI a purpose.

    • Get Started With Artificial Intelligence – Phase 2: Learn From Your Peers and Give Your AI a Purpose

    3. Select your first AI PoC

    Brainstorm your AI PoC projects, prioritize and sequence your AI ideas, select your first AI PoC, and create a minimum viable business case for this use case.

    • Get Started With Artificial Intelligence – Phase 3: Select Your First AI PoC
    • Idea Reservoir Tool
    • Minimum Viable Business Case Document
    • Prototyping Workbook
    [infographic]

    Vendor Management

    • Buy Link or Shortcode: {j2store}15|cart{/j2store}
    • Related Products: {j2store}15|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.3/10
    • member rating average dollars saved: $9,627
    • member rating average days saved: 10
    • Parent Category Name: Financial Management
    • Parent Category Link: /financial-management
    That does not mean strong-arming. It means maximizing the vendor relationship value.

    Reduce Manual Repetitive Work With IT Automation

    • Buy Link or Shortcode: {j2store}458|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $34,099 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: Operations Management
    • Parent Category Link: /i-and-o-process-management
    • IT staff are overwhelmed with manual repetitive work.
    • You have little time for projects.
    • You cannot move as fast as the business wants.

    Our Advice

    Critical Insight

    • Optimize before you automate.
    • Foster an engineering mindset.
    • Build a process to iterate.

    Impact and Result

    • Begin by automating a few tasks with the highest value to score quick wins.
    • Define a process for rolling out automation, leveraging SDLC best practices.
    • Determine metrics and continually track the success of the automation program.

    Reduce Manual Repetitive Work With IT Automation Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand why you should reduce manual repetitive work with IT automation.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify automation candidates

    Select the top automation candidates to score some quick wins.

    • Reduce Manual Repetitive Work With IT Automation – Phase 1: Identify Automation Candidates
    • IT Automation Presentation
    • IT Automation Worksheet

    2. Map and optimize process flows

    Map and optimize process flows for each task you wish to automate.

    • Reduce Manual Repetitive Work With IT Automation – Phase 2: Map & Optimize Process Flows

    3. Build a process for managing automation

    Build a process around managing IT automation to drive value over the long term.

    • Reduce Manual Repetitive Work With IT Automation – Phase 3: Build a Process for Managing Automation

    4. Build automation roadmap

    Build a long-term roadmap to enhance your organization's automation capabilities.

    • Reduce Manual Repetitive Work With IT Automation – Phase 4: Build Automation Roadmap
    • IT Automation Roadmap
    [infographic]

    Workshop: Reduce Manual Repetitive Work With IT Automation

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify Automation Candidates

    The Purpose

    Identify top candidates for automation.

    Key Benefits Achieved

    Plan to achieve quick wins with automation for early value.

    Activities

    1.1 Identify MRW pain points.

    1.2 Drill down pain points into tasks.

    1.3 Estimate the MRW involved in each task.

    1.4 Rank the tasks based on value and ease.

    1.5 Select top candidates and define metrics.

    1.6 Draft project charters.

    Outputs

    MRW pain points

    MRW tasks

    Estimate of MRW involved in each task

    Ranking of tasks for suitability for automation

    Top candidates for automation & success metrics

    Project charter(s)

    2 Map & Optimize Processes

    The Purpose

    Map and optimize the process flow of the top candidate(s).

    Key Benefits Achieved

    Requirements for automation of the top task(s).

    Activities

    2.1 Map process flows.

    2.2 Review and optimize process flows.

    2.3 Clarify logic and finalize future-state process flows.

    Outputs

    Current-state process flows

    Optimized process flows

    Future-state process flows with complete logic

    3 Build a Process for Managing Automation

    The Purpose

    Develop a lightweight process for rolling out automation and for managing the automation program.

    Key Benefits Achieved

    Ability to measure and to demonstrate success of each task automation, and of the program as a whole.

    Activities

    3.1 Kick off your test plan for each automation.

    3.2 Define process for automation rollout.

    3.3 Define process to manage your automation program.

    3.4 Define metrics to measure success of your automation program.

    Outputs

    Test plan considerations

    Automation rollout process

    Automation program management process

    Automation program metrics

    4 Build Automation Roadmap

    The Purpose

    Build a roadmap to enhance automation capabilities.

    Key Benefits Achieved

    A clear timeline of initiatives that will drive improvement in the automation program to reduce MRW.

    Activities

    4.1 Build a roadmap for next steps.

    Outputs

    IT automation roadmap

    Further reading

    Reduce Manual Repetitive Work With IT Automation

    Free up time for value-adding jobs.

    ANALYST PERSPECTIVE

    Automation cuts both ways.

    Automation can be very, very good, or very, very bad.
    Do it right, and you can make your life a whole lot easier.
    Do it wrong, and you can suffer some serious pain.
    All too often, automation is deployed willy-nilly, without regard to the overall systems or business processes in which it lives.
    IT professionals should follow a disciplined and consistent approach to automation to ensure that they maximize its value for their organization.

    Derek Shank,
    Research Analyst, Infrastructure & Operations
    Info-Tech Research Group

    Executive summary

    Situation

    • IT staff are overwhelmed with manual repetitive work.
    • You have little time for projects.
    • You cannot move as fast as the business wants.

    Complication

    • Automation is simple to say, but hard to implement.
    • Vendors claim automation will solve all your problems.
    • You have no process for managing automation.

    Resolution

    • Begin by automating a few tasks with the highest value to score quick wins.
    • Define a process for rolling out automation, leveraging SDLC best practices.
    • Determine metrics and continually track the success of the automation program.

    Info-Tech Insight

    1. Optimize before you automate.The current way isn’t necessarily the best way.
    2. Foster an engineering mindset.Your team members may not be process engineers, but they should learn to think like one.
    3. Build a process to iterate.Effective automation can't be a one-and-done. Define a lightweight process to manage your program.

    Infrastructure & operations teams are overloaded with work

    • DevOps and digital transformation initiatives demand increased speed.
    • I&O is still tasked with security and compliance and audit.
    • I&O is often overloaded and unable to keep up with demand.

    Manual repetitive work (MRW) sucks up time

    • Manual repetitive work is a fact of life in I&O.
    • DevOps circles refer to this type of work simply as “toil.”
    • Toil is like treading water: it must be done, but it consumes precious energy and effort just to stay in the same place.
    • Some amount of toil is inevitable, but it's important to measure and cap toil, so it does not end up overwhelming your team's whole capacity for engineering work.

    Info-Tech Insight

    Follow our methodology to focus IT automation on reducing toil.

    Manual hand-offs create costly delays

    • Every time there is a hand-off, we lose efficiency and productivity.
    • In addition to the cost of performing manual work itself, we must also consider the impact of lost productivity caused by the delay of waiting for that work to be performed.

    Every queue is a tire fire

    Queues create waste and are extremely damaging. Like a tire fire, once you get started, they’re almost impossible to stamp out!

    Increase queues if you want

    • “More overhead”
    • “Lower quality”
    • “More variability”
    • “Less motivation”
    • “Longer cycle time”
    • “Increased risk”

    (Source: Edwards, citing Donald G. Reinersten: The Principles of Product Development Flow: Second Generation Lean Product Development )

    Increasing complexity makes I&O’s job harder

    Every additional layer of complexity multiplies points of failure. Beyond a certain level of complexity, troubleshooting can become a nightmare.

    Today, Operations is responsible for the outcomes of a full stack of a very complex, software-defined, API-enabled system running on infrastructure they may or may not own.
    – Edwards

    Growing technical debt means an ever-rising workload

    • Enterprises naturally accumulate technical debt.
    • All technology requires care and feeding.
    • I&O cannot control how much technology it’s expected to support.
    • I&O faces a larger and larger workload as technical debt accumulates.

    The systems built under each new technology paradigm never fully replace the systems built under the old paradigms. It’s not uncommon for an enterprise to have an accumulation of systems built over 10-15 years and have no budget, risk appetite, or even a viable path to replace them all. With each shift, who bares [SIC] the brunt of the responsibility for making sure the old and the new hang together? Operations, of course. With each new advance, Operations juggles more complexity and more layers of legacy technologies than ever before.
    – Edwards

    Most IT shops can’t have a dedicated engineering team

    • In most organizations, the team that builds things is best equipped to support them.
    • Often the knowledge to design systems and the knowledge to run those systems naturally co-exists in the same personnel resources.
    • When your I&O team is trying to do engineering work, they can end up frequently interrupted to perform operational tasks.
    A Venn Diagram is depicted which compares People who build things with People who run things. the two circles are almost completely overlapping, indicating the strong connection between the two groups.

    Personnel resources in most IT organizations overlap heavily between “build” and “run.”

    IT operations must become an engineering practice

    • Usually you can’t double your staff or double their hours.
    • IT professionals must become engineers.
    • We do this by automating manual repetitive work and reducing toil.
    Two scenarios are depicted. The first scenario is found at a hypothetical work camp, in which one employee performs the task of manually splitting firewood with an axe. In order to split twice as much firewood, the employee would need to spend twice the time. The second scenario is Engineering Operations. in this scenario, a wood processor is used to automate the task, allowing far more wood to be split in same amount of time.

    Build your Sys Admin an Iron Man suit

    Some CIOs see a Sys Admin and want to replace them with a Roomba. I see a Sys Admin and want to build them an Iron Man suit.
    – Deepak Giridharagopal, CTO, Puppet

    Two Scenarios are depicted. In one, an employee is replaced by automation, represented by a Roomba, reducing costs by laying off a single employee. In the second scenario, the single employee is given automated tools to do their job, represented by an iron-man suit, leading to a 10X boost in employee productivity.

    Use automation to reduce risk

    Consistency

    When we automate, we can make sure we do something the same way every time and produce a consistent result.

    Auditing and Compliance

    We can design an automated execution that will ship logs that provide the context of the action for a detailed audit trail.

    Change

    • Enterprise environments are continually changing.
    • When context changes, so does the procedure.
    • You can update your docs all you want, but you can't make people read them before executing a procedure.
    • When you update the procedure itself, you can make sure it’s executed properly.

    Follow Info-Tech’s approach: Start small and snowball

    • It’s difficult for I&O to get the staffing resources it needs for engineering work.
    • Rather than trying to get buy-in for resources using a “top down” approach, Info-Tech recommends that I&O score some quick wins to build momentum.
    • Show success while giving your team the opportunity to build their engineering chops.

    Because the C-suite relies on upwards communication — often filtered and sanitized by the time it reaches them — executives don’t see the bottlenecks and broken processes that are stalling progress.
    – Andi Mann

    Info-Tech’s methodology employs a targeted approach

    • You aren’t going to automate IT operations end-to-end overnight.
    • In fact, such a large undertaking might be more effort than it’s worth.
    • Info-Tech’s methodology employs a targeted approach to identify which candidates will score some quick wins.
    • We’ll demonstrate success, gain momentum, and then iterate for continual improvement.

    Invest in automation to reap long-term rewards

    • All too often people think of automation like a vacuum cleaner you can buy once and then forget.
    • The reality is you need to perform care and feeding for automation like for any other process or program.
    • To reap the greatest rewards you must continually invest in automation – and invest wisely.

    To get the full ROI on your automation, you need to treat it like an employee. When you hire an employee, you invest in that person. You spend time and resources training and nurturing new employees so they can reach their full potential. The investment in a new employee is no different than your investment in automation.– Edwards

    Measure the success of your automation program

    Example of How to Estimate Dollar Value Impact of Automation
    Metric Timeline Target Value
    Hours of manual repetitive work 12 months 20% reduction $48,000/yr.(1)
    Hours of project capacity 18 months 30% increase $108,000/yr.(2)
    Downtime caused by errors 6 months 50% reduction $62,500/yr.(3)

    1 15 FTEs x 80k/yr.; 20% of time on MRW, reduced by 20%
    2 15 FTEs x 80k/yr.; 30% project capacity, increased by 30%
    3 25k/hr. of downtime.; 5 hours per year of downtime caused by errors

    Automating failover for disaster recovery

    CASE STUDY

    Industry Financial Services
    Source Interview

    Challenge

    An IT infrastructure manager had established DR failover procedures, but these required a lot of manual work to execute. His team lacked the expertise to build automation for the failover.

    Solution

    The manager hired consultants to build scripts that would execute portions of the failover and pause at certain points to report on outcomes and ask the human operator whether to proceed with the next step.

    Results

    The infrastructure team reduced their achievable RTOs as follows:
    Tier 1: 2.5h → 0.5h
    Tier 2: 4h → 1.5h
    Tier 3: 8h → 2.5h
    And now, anyone on the team could execute the entire failover!

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Reduce Manual Repetitive Work With IT Automation – project overview

    1. Select Candidates 2. Map Process Flows 3. Build Process 4. Build Roadmap
    Best-Practice Toolkit

    1.1 Identify MRW pain points

    1.2 Drill down pain points into tasks

    1.3 Estimate the MRW involved in each task

    1.4 Rank the tasks based on value and ease

    1.5 Select top candidates and define metrics

    1.6 Draft project charters

    2.1 Map process flows

    2.2 Review and optimize process flows

    2.3 Clarify logic and finalize future-state process flows

    3.1 Kick off your test plan for each automation

    3.2 Define process for automation rollout

    3.3 Define process to manage your automation program

    3.4 Define metrics to measure success of your automation program

    4.1 Build automation roadmap

    Guided Implementations

    Introduce methodology.

    Review automation candidates.

    Review success metrics.

    Review process flows.

    Review end-to-end process flows.

    Review testing considerations.

    Review automation SDLC.

    Review automation program metrics.

    Review automation roadmap.

    Onsite Workshop Module 1:
    Identify Automation Candidates
    Module 2:
    Map and Optimize Processes
    Module 3:
    Build a Process for Managing Automation
    Module 4:
    Build Automation Roadmap
    Phase 1 Results:
    Automation candidates and success metrics
    Phase 2 Results:
    End-to-end process flows for automation
    Phase 3 Results:
    Automation SDLC process, and automation program management process
    Phase 4 Results:
    Automation roadmap

    Ensure Cloud Security in IaaS, PaaS, and SaaS Environments

    • Buy Link or Shortcode: {j2store}386|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Secure Cloud & Network Architecture
    • Parent Category Link: /secure-cloud-network-architecture
    • Security remains a large impediment to realizing cloud benefits. Numerous concerns still exist around the ability for data privacy, confidentiality, and integrity to be maintained in a cloud environment.
    • Even if adoption is agreed upon, it becomes hard to evaluate vendors that have strong security offerings and even harder to utilize security controls that are internally deployed in the cloud environment.

    Our Advice

    Critical Insight

    • The cloud can be secure despite unique security threats.
    • Securing a cloud environment is a balancing act of who is responsible for meeting specific security requirements.
    • Most security challenges and concerns can be minimized through our structured process (CAGI) of selecting a trusted cloud security provider (CSP) partner.

    Impact and Result

    • The business is adopting a cloud environment and it must be secured, which includes:
      • Ensuring business data cannot be leaked or stolen.
      • Maintaining privacy of data and other information.
      • Securing the network connection points.
    • Determine your balancing act between yourself and your CSP; through contractual and configuration requirements, determine what security requirements your CSP can meet and cover the rest through internal deployment.
    • This blueprint and associated tools are scalable for all types of organizations within various industry sectors.

    Ensure Cloud Security in IaaS, PaaS, and SaaS Environments Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should prioritize security in the cloud, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Determine your cloud risk profile

    Determine your organization’s rationale for cloud adoption and what that means for your security obligations.

    • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 1: Determine Your Cloud Risk Profile
    • Secure Cloud Usage Policy

    2. Identify your cloud security requirements

    Use the Cloud Security CAGI Tool to perform four unique assessments that will be used to identify secure cloud vendors.

    • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 2: Identify Your Cloud Security Requirements
    • Cloud Security CAGI Tool

    3. Evaluate vendors from a security perspective

    Learn how to assess and communicate with cloud vendors with security in mind.

    • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 3: Evaluate Vendors From a Security Perspective
    • IaaS and PaaS Service Level Agreement Template
    • SaaS Service Level Agreement Template
    • Cloud Security Communication Deck

    4. Implement your secure cloud program

    Turn your security requirements into specific tasks and develop your implementation roadmap.

    • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 4: Implement Your Secure Cloud Program
    • Cloud Security Roadmap Tool

    5. Build a cloud security governance program

    Build the organizational structure of your cloud security governance program.

    • Ensure Cloud Security in IaaS, PaaS, and SaaS Environments – Phase 5: Build a Cloud Security Governance Program
    • Cloud Security Governance Program Template
    [infographic]

    Security Priorities 2023

    • Buy Link or Shortcode: {j2store}254|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $909 Average $ Saved
    • member rating average days saved: 1 Average Days Saved
    • Parent Category Name: Security Strategy & Budgeting
    • Parent Category Link: /security-strategy-and-budgeting
    • Most people still want a hybrid work model but there is a shortage in security workforce to maintain secure remote work, which impacts confidence in the security practice.
    • Pressure of operational excellence drives organizational modernization with the consequence of higher risks of security attacks that impact not only cyber but also physical systems.
    • The number of regulations with stricter requirements and reporting is increasing, along with high sanctions for violations.
    • Accurate assessment of readiness and benefits to adopt next-gen cybersecurity technologies can be difficult. Additionally, regulation often faces challenges to keep up with next-gen cybersecurity technologies implications and risks of adoption, which may not always be explicit.
    • Software is usually produced as part of a supply chain instead in a silo. Thus, a vulnerability in any part of the supply chain can become a threat surface.

    Our Advice

    Critical Insight

    • Secure remote work still needs to be maintained to facilitate the hybrid work model post pandemic.
    • Despite all the cybersecurity risks, organizations continue modernization plans due to the long-term overall benefits. Hence, we need to secure organization modernization.
    • Organizations should use regulatory changes to improve security practices, instead of treating them as a compliance burden.
    • Next-gen cybersecurity technologies alone are not the silver bullet. A combination of technologies with skilled talent, useful data, and best practices will give a competitive advantage.

    Impact and Result

    • Use this report to help decide your 2023 security priorities by:
      • Collecting and analyzing your own related data, such as your organization 2022 incident reports. Use Info-Tech’s Security Priorities 2023 material for guidance.
      • Identifying your needs and analyzing your capabilities. Use Info-Tech's template to explain the priorities you need to your stakeholders.
      • Determining the next steps. Refer to Info-Tech's recommendations and related research.

    Security Priorities 2023 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Security Priorities 2023 Report – A report to help decide your 2023 security priorities.

    Each organization is different, so a generic list of security priorities will not be applicable to every organization. Thus, you need to:

  • Collect and analyze your own related data such as your organization 2022 incident reports. Use Info-Tech’s Security Priorities 2023 material for guidance.
  • Identify your needs and analyze your capabilities. Use Info-Tech's template to explain the priorities you need to your stakeholders.
  • Refer to Info-Tech's recommendations and related research for guidance on the next steps.
    • Security Priorities 2023 Report

    Infographic

    Further reading

    Security Priorities 2023

    How we live post pandemic

    Each organization is different, so a generic list of priorities will not be applicable to every organization.

    During 2022, ransomware campaigns declined from quarter to quarter due to the collapse of experienced groups. Several smaller groups are developing to recapture the lost ransomware market. However, ransomware is still the most worrying cyber threat.

    Also in 2022, people returned to normal activities such as traveling and attending sports or music events but not yet to the office. The reasons behind this trend can be many fold, such as employees perceive that work from home (WFH) has positive productivity effects and time flexibility for employees, especially for those with families with younger children. On the other side of the spectrum, some employers perceive that WFH has negative productivity effects and thus are urging employees to return to the office. However, employers also understand the competition to retain skilled workers is harder. Thus, the trend is to have hybrid work where eligible employees can WFH for a certain portion of their work week.

    Besides ransomware and the hybrid work model, in 2022, we saw an evolving threat landscape, regulatory changes, and the potential for a recession by the end of 2023, which can impact how we prioritize cybersecurity this year. Furthermore, organizations are still facing the ongoing issues of insufficient cybersecurity resources and organization modernization.

    This report will explore important security trends, the security priorities that stem from these trends, and how to customize these priorities for your organization.

    In Q2 2022, the median ransom payment was $36,360 (-51% from Q1 2022), a continuation of a downward trend since Q4 2021 when the ransom payment median was $117,116.
    Source: Coveware, 2022

    From January until October 2022, hybrid work grew in almost all industries in Canada especially finance, insurance, real estate, rental and leasing (+14.7%), public administration and professional services (+11.8%), and scientific and technical services (+10.8%).
    Source: Statistics Canada, Labour Force Survey, October 2022; N=3,701

    Hybrid work changes processes and infrastructure

    Investment on remote work due to changes in processes and infrastructure

    As part of our research process for the 2023 Security Priorities Report, we used the results from our State of Hybrid Work in IT Survey, which collected responses between July 10 and July 29, 2022 (total N=745, with n=518 completed surveys). This survey details what changes in processes and IT infrastructure are likely due to hybrid work.

    Process changes to support hybrid work

    A bar graph is depicted with the following dataset: None of the above - 12%; Change management - 29%; Asset management - 34%; Service request support - 41%; Incident management - 42%

    Survey respondents (n=518) were asked what processes had the highest degree of change in response to supporting hybrid work. Incident management is the #1 result and service request support is #2. This is unsurprising considering that remote work changed how people communicate, how they access company assets, and how they connect to the company network and infrastructure.

    Infrastructure changes to support hybrid work

    A bar graph is depicted with the following dataset: Changed queue management and ticketing system(s) - 11%; Changed incident and service request processes - 23%; Addition of chatbots as part of the Service Desk intake process - 29%; Reduced the need for recovery office spaces and alternative work mitigations - 40%; Structure & day-to-day operation of Service Desk - 41%; Updated network architecture - 44%

    For 2023, we believe that hybrid work will remain. The first driver is that employees still prefer to work remotely for certain days of the week. The second driver is the investment from employers on enabling WFH during the pandemic, such as updated network architecture (44%) and the infrastructure and day-to-day operations (41%) as shown on our survey.

    Top cybersecurity concerns and organizational preparedness for them

    Concerns may correspond to readiness.

    In the Info-Tech Research Group 2023 Trends and Priorities Survey of IT professionals, we asked about cybersecurity concerns and the perception about readiness to meet current and future government legislation regarding cybersecurity requirements.

    Cybersecurity issues

    A bar graph is depicted with the following dataset: Cyber risks are not on the radar of the executive leaders or board of directors - 3.19; Organization is not prepared to respond to a cyber attack - 3.08; Supply chain risks related to cyber threats - 3.18; Talent shortages leading to capacity constraints in cyber security - 3.51; New government or industry-imposed regulations - 3.15

    Survey respondents were asked how concerned they are about certain cybersecurity issues from 1 (not concerned at all) to 5 (very concerned). The #1 concern was talent shortages. Other issues with similar concerns included cyber risks not on leadership's radar, supply chain risks, and new regulations (n=507).

    Cybersecurity legislation readiness

    A bar graph is depicted with the following dataset: 1 (Not confident at all) - 2.4%; 2 - 11.2%; 3 - 39.7%; 4 - 33.3%; 5 (Very confident) - 13.4%

    When asked about how confident organizations are about being prepared to meet current and future government legislation regarding cybersecurity requirements, from 1 (not confident at all) to 5 (very confident), the #1 response was 3 (n=499).

    Unsurprisingly, the ever-changing government legislation environment in a world emerging from a pandemic and ongoing wars may not give us the highest confidence.

    We know the concerns and readiness…

    But what is the overall security maturity?

    As part of our research process for the 2023 Security Priorities Report, we reviewed results of completed Info-Tech Research Group Security Governance and Management Benchmark diagnostics (N=912). This report details what we see in our clients' security governance maturity. Setting aside the perception on readiness – what are their actual security maturity levels?

    A bar graph is depicted with the following dataset: Security Culture - 47%; Policy and Process Governance - 47%; Event and Incident Management - 58%; Vulnerability - 57%; Auditing - 52%; Compliance Management - 58%; Risk Analysis - 52%

    Overall, assessed organizations are still scoring low (47%) on Security Culture and Policy and Process Governance. This justifies why most security incidents are still due to gaps in foundational security and security awareness, not lack of advanced controls such as event and incident management (58%).

    And how will the potential recession impact security?

    Organizations are preparing for recession, but opportunities for growth during recession should be well planned too.

    As part of our research process for the 2023 Security Priorities Report, we reviewed the results of the Info-Tech Research Group 2023 Trends and Priorities Survey of IT professionals, which collected responses between August 9 and September 9, 2022 (total N=813 with n=521 completed surveys).

    Expected organizational spending on cybersecurity compared to the previous fiscal year

    A bar graph is depicted with the following dataset: A decrease of more than 10% - 2.2%; A decrease of between 1-10% - 2.6%; About the same - 41.4%; An increase of between 1-10% - 39.6%; An increase of more than 10% - 14.3%

    Keeping the same spending is the #1 result and #2 is increasing spending up to 10%. This is a surprising finding considering the survey was conducted after the middle of 2022 and a recession has been predicted since early 2022 (n=489).

    An infographic titled Cloudy with a Chance of Recession

    Source: Statista, 2022, CC BY-ND

    US recession forecast

    Contingency planning for recessions normally includes tight budgeting; however, it can also include opportunities for growth such as hiring talent who have been laid off by competitors and are difficult to acquire in normal conditions. This can support our previous findings on increasing cybersecurity spending.

    Five Security Priorities for 2023

    This image describes the Five Security Priorities for 2023.

    Maintain Secure Hybrid Work

    PRIORITY 01

    • HOW TO STRATEGICALLY ACQUIRE, RETAIN, OR UPSKILL TALENT TO MAINTAIN SECURE SYSTEMS.

    Executive summary

    Background

    If anything can be learned from COVID-19 pandemic, it is that humans are resilient. We swiftly changed to remote workplaces and adjusted people, processes, and technologies accordingly. We had some hiccups along the way, but overall, we demonstrated that our ability to adjust is amazing.

    The pandemic changed how people work and how and where they choose to work, and most people still want a hybrid work model. However, the number of days for hybrid work itself varies. For example, from our survey in July 2022 (n=516), 55.8% of employees have the option of 2-3 days per week to work offsite, 21.0% for 1 day per week, and 17.8% for 4 days per week.

    Furthermore, the investment (e.g. on infrastructure and networks) to initiate remote work was huge, and the cost doesn't end there, as we need to maintain the secure remote work infrastructure to facilitate the hybrid work model.

    Current situation

    Remote work: A 2022 survey by WFH Research (N=16,451) reports that ~14% of full-time employees are fully remote and ~29% are in a hybrid arrangement as of Summer-Fall 2022.

    Security workforce shortage: A 2022 survey by Bridewell (N=521) reports that 68% of leaders say it has become harder to recruit the right people, impacting organizational ability to secure and monitor systems.

    Confidence in the security practice: A 2022 diagnostic survey by Info-Tech Research Group (N=55) reports that importance may not correspond to confidence; for example, the most important selected cybersecurity area, namely Data Access/Integrity (93.7%), surprisingly has the lowest confidence of the practice (80.5%).

    "WFH doubled every 15 years pre-pandemic. The increase in WFH during the pandemic was equal to 30 years of pre-pandemic growth."

    Source: National Bureau of Economic Research, 2021

    Leaders must do more to increase confidence in the security practice

    Importance may not correspond to confidence

    As part of our research process for the 2023 Security Priorities Report, we analyzed results from the Info-Tech Research Group diagnostics. This report details what we see in our clients' perceived importance of security and their confidence in existing security practices.

    Cybersecurity importance

    A bar graph is depicted with the following dataset: Importance to the Organization - 94.3%; Importance to My Department	92.2%

    Cybersecurity importance areas

    A bar graph is depicted with the following dataset: Mobility (Remote & Mobile Access) - 90.2%; Regulatory Compliance - 90.1%; Desktop Computing - 90.9%; Data Access / Integrity - 93.7%

    Confidence in cybersecurity practice

    A bar graph is depicted with the following dataset: Confidence in the Organization's Overall Security - 79.4%; Confidence in Security for My Department - 79.8%

    Confidence in cybersecurity practice areas

    A bar graph is depicted with the following dataset: Mobility (Remote & Mobile Access) - 75.8%; Regulatory Compliance - 81.5%; Desktop Computing - 80.9%; Data Access / Integrity - 80.5%

    Diagnostics respondents (N=55) were asked about how important security is to their organization or department. Importance to the overall organization is 2.1 percentage points (pp) higher, but confidence in the organization's overall security is slightly lower (-0.4 pp).

    If we break down to security areas, we can see that the most important area, Data Access/Integrity (93.7%), surprisingly has the lowest confidence of the practice: 80.5%. From this data we can conclude that leaders must build a strong cybersecurity workforce to increase confidence in the security practice.

    Use this template to explain the priorities you need your stakeholders to know about.

    Maintain secure hybrid work plan

    Provide a brief value statement for the initiative.

    Build a strong cybersecurity workforce to increase confidence in the security practice to facilitate hybrid work.

    Initiative Description:

    • Description must include what organization will undertake to complete the initiative.
    • Review your security strategy for hybrid work.
    • Identify skills gaps that hinder the successful execution of the hybrid work security strategy.
    • Use the identified skill gaps to define the technical skill requirements for current and future work roles.
    • Conduct a skills assessment on your current workforce to identify employee skill gaps.
    • Decide whether to train, hire, contract, or outsource each skill gap.

    Drivers:

    List initiative drivers.

    • Employees still prefer to WFH for certain days of the week.
    • The investment on WFH during pandemic such as updated network architecture and infrastructure and day-to-day operations.
    • Tech companies' huge layoffs, e.g. Meta laid off more than 11,000 employees.

    Risks:

    List initiative risks and impacts.

    • Unskilled workers lacking certificates or years of experience who are trained and become skilled workers then quit or are hijacked by competitors.
    • Organizational and cultural changes cause friction with work-life balance.
    • Increased attack surface of remote/hybrid workforce.

    Benefits:

    List initiative benefits and align to business benefits or benefits for the stakeholder groups that it impacts.

    • Increase perceived productivity by employees and increase retention.
    • Increase job satisfaction and work-life balance.
    • Hiring talent that has been laid off who are difficult to acquire in normal conditions.

    Related Info-Tech Research:

    Recommended Actions

    1. Identify skill requirements to maintain secure hybrid work

    Review your security strategy for hybrid work.

    Determine the skill needs of your security strategy.

    2. Identify skill gaps

    Identify skills gaps that hinder the successful execution of the hybrid work security strategy.

    Use the identified skill gaps to define the technical skill requirements for work roles.

    3. Decide whether to build or buy skills

    Conduct a skills assessment on your current workforce to identify employee skill gaps.

    Decide whether to train, hire, contract, or outsource each skill gap.

    Source: Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan, Info-Tech

    Secure Organization Modernization

    PRIORITY 02

    • TRENDS SUGGEST MODERNIZATION SUCH AS DIGITAL
      TRANSFORMATION TO THE CLOUD, OPERATIONAL TECHNOLOGY (OT),
      AND THE INTERNET OF THINGS (IOT) IS RISING; ADDRESSING THE RISK
      OF CONVERGING ENVIRONMENTS CAN NO LONGER BE DEFERRED.

    Executive summary

    From computerized milk-handling systems in Wisconsin farms, to automated railway systems in Europe, to Ausgrid's Distribution Network Management System (DNMS) in Australia, to smart cities and beyond; system modernization poses unique challenges to cybersecurity.

    The threats can be safety, such as the trains stopped in Denmark during the last weekend of October 2022 for several hours due to an attack on a third-party IT service provider; economics, such as a cream cheese production shutdown that occurred at the peak of cream cheese demand in October 2021 due to hackers compromising a large cheese manufacturer's plants and distribution centers; and reliability, such as the significant loss of communication for the Ukrainian military, which relied on Viasat's services.

    Despite all the cybersecurity risks, organizations continue modernization plans due to the long-term overall benefits.

    Current situation

    • Pressure of operational excellence: Competitive markets cannot keep pace with demand without modernization. For example, in automated milking systems, the labor time saved from milking can be used to focus on other essential tasks such as the decision-making process.
    • Technology offerings: Technologies are available and affordable such as automated equipment, versatile communication systems, high-performance human machine interaction (HMI), IIoT/Edge integration, and big data analytics.
    • Higher risks of cyberattacks: Modernization enlarges attack surfaces, which are not only cyber but also physical systems. Most incidents indicate that attackers gained access through the IT network, which was followed by infiltration into OT networks.

    IIoT market size is USD 323.62 billion in 2022 and projected to be around USD 1 trillion in 2028.

    Source: Statista,
    March 2022

    Modernization brings new opportunities and new threats

    Higher risks of cyberattacks on Industrial Control System (ICS)

    Target: Australian sewage plant.

    Method: Insider attack. Impact: 265,000 gallons of untreated sewage released.

    Target: Middle East energy companies.

    Method: Shamoon.

    Impact: Overwritten Windows-based systems files.

    Target: German Steel Mill

    Method: Spear-phishing

    Impact: Blast furnace control shutdown failure.

    Target: Middle East Safety Instrumented System (SIS).

    Method: TRISIS/TRITON.

    Impact: Modified safety system ladder logic.

    Target: Viasat's KA-SAT Network.

    Method: AcidRain.

    Impact: Significant loss of communication for the Ukrainian military, which relied on Viasat's services.

    A timeline displaying the years 1903; 2000; 2010; 2012; 2013; 2014; 2018; 2019; 2021; 2022 is displayed.

    Target: Marconi wireless telegraphs presentation. Method: Morse code.

    Impact: Fake message sent "Rats, rats, rats, rats. There was a young fellow of Italy, Who diddled the public quite prettily."

    Target: Iranian uranium enrichment plant.

    Method: Stuxnet.

    Impact: Compromised programmable logic controllers (PLCs).

    Target: ICS supply chain.

    Method: Havex.

    Impact: Remote Access Trojan (RAT) collected information and uploaded data to command-and-control (C&C) servers.

    Target: Ukraine power grid.

    Method: BlackEnergy.

    Impact: Manipulation of HMI View causing 1-6 hour power outages for 230,000 consumers.

    Target: Colonial Pipeline.

    Method: DarkSide ransomware.

    Impact: Compromised billing infrastructure halted the pipeline operation.

    Sources:

    • DOE, 2018
    • CSIS, 2022
    • MIT Technology Review, 2022

    Info-Tech Insight

    Most OT incidents start with attacks against IT networks and then move laterally into the OT environment. Therefore, converging IT and OT security will help protect the entire organization.

    Use this template to explain the priorities you need your stakeholders to know about.

    Secure organization modernization

    Provide a brief value statement for the initiative.

    The systems (OT, IT, IIoT) are evolving now – ensure your security plan has you covered.

    Initiative Description:

    • Description must include what organization will undertake to complete the initiative.
    • Identify the drivers to align with your organization's business objectives.
    • Build your case by leveraging a cost-benefit analysis and update your security strategy.
    • Identify people, process, and technology gaps that hinder the modernization security strategy.
    • Use the identified skill gaps to update risks, policies and procedures, IR, DR, and BCP.
    • Evaluate and enable modernization technology top focus areas and refine security processes.
    • Decide whether to train, hire, contract, or outsource to fill the security workforce gap.

    Drivers:

    List initiative drivers.

    • Pressure of operational excellence
    • Technology offerings
    • Higher risks of cyberattacks

    Risks:

    List initiative risks and impacts.

    • Complex systems with many components to implement and manage require diligent change management.
    • Organizational and cultural changes cause friction between humans and machines.
    • Increased attack surface of cyber and physical systems.

    Benefits:

    List initiative benefits and align to business benefits or benefits for the stakeholder groups that it impacts.

    • Improve service reliability through continuous and real-time operation.
    • Enhance efficiency through operations visibility and transparency.
    • Gain cost savings and efficiency to automate operations of complex and large equipment and instrumentations.

    Related Info-Tech Research:

    Recommended Actions

    1. Identify modernization business cases to secure

    Identify the drivers to align with your organization's business objectives.

    Build your case by leveraging a cost-benefit analysis, and update your security strategy.

    2. Identify gaps

    Identify people, process, and technology gaps that hinder the modernization
    security strategy.

    Use the identified skill gaps to update risks, policies and procedures, IR, DR, and BCP.

    3. Decide whether to build or buy capabilities

    Evaluate and enable modernization technology top focus areas and refine
    security processes.

    Decide whether to train, hire, contract, or outsource to fill the security workforce gap.

    Sources:

    Industrial Control System (ICS) Modernization: Unlock the Value of Automation in Utilities, Info-Tech

    Secure IT-OT Convergence, Info-Tech

    Develop a cost-benefit analysis

    Identify a modernization business case for security.

    Benefits

    Metrics

    Operational Efficiency and Cost Savings

    • Reduction in truck rolls and staff time of manual operations of equipment or instrumentation.
    • Cost reduction in energy usage such as substation power voltage level or water treatment chemical level.

    Improve Reliability and Resilience

    • Reduction in field crew time to identify the outage locations by remotely accessing field equipment to narrow down the
      fault areas.
    • Reduction in outage time impacting customers and avoiding financial penalty in service quality metrics.
    • Improve operating reliability through continuous and real-time trend analysis of equipment performance.

    Energy & Capacity Savings

    • Optimize energy usage of operation to reduce overall operating cost and contribution to organizational net-zero targets.

    Customers & Society Benefits

    • Improve customer safety for essential services such as drinkable water consumption.
    • Improve reliability of services and address service equity issues based on data.

    Cost

    Metrics

    Equipment and Infrastructure

    Upgrade existing security equipment or instrumentation or deploy new, e.g. IPS on Enterprise DMZ and Operations DMZ.

    Implement communication network equipment and labor to install and configure.

    Upgrade or construct server room including cooling/heating, power backup, and server and rack hardware.

    Software and Commission

    The SCADA/HMI software and maintenance fee as well as lifecycle upgrade implementation project cost.

    Labor cost of field commissioning and troubleshooting.

    Integration with security systems, e.g. log management and continuous monitoring.

    Support and Resources

    Cost to hire/outsource security FTEs for ongoing managing and operating security devices, e.g. SOC.

    Cost to hire/outsource IT/OT FTEs to support and troubleshoot systems and its integrations with security systems, e.g. MSSP.

    An example of a cost-benefit analysis for ICS modernization

    Sources:

    Industrial Control System (ICS) Modernization: Unlock the Value of Automation in Utilities, Info-Tech

    Lawrence Berkeley National Laboratory, 2021

    IT-OT convergence demands new security approach and solutions

    Identify gaps

    Attack Vectors

    IT

    • User's compromised credentials
    • User's access device, e.g. laptop, smartphone
    • Access method, e.g. denial-of-service to modem, session hijacking, bad data injection

    OT

    • Site operations, e.g. SCADA server, engineering workstation, historian
    • Controls, e.g. SCADA Client, HMI, PLCs, RTUs
    • Process devices, e.g. sensors, actuators, field devices

    Defense Strategies

    • Limit exposure of system information
    • Identify and secure remote access points
    • Restrict tools and scripts
    • Conduct regular security audits
    • Implement a dynamic network environment

    (Control System Defense: Know the Opponent, CISA)

    An example of a high-level architecture of an electric utility's control system and its interaction with IT systems.

    An example of a high-level architecture of an electric utility's control system and its interaction with IT systems.

    Source: ISA-99, 2007

    RESPOND TO REGULATORY CHANGES

    PRIORITY 03

    • GOVERNMENT-ENACTED POLICY CHANGES AND INDUSTRY REGULATORY CHANGES COULD BE A COMPLIANCE BURDEN … OR PREVENT YOUR NEXT SECURITY INCIDENT.

    Executive summary

    Background

    Government-enacted regulatory changes are occurring at an ever-increasing rate these days. As one example, on November 10, 2022, the EU Parliament introduced two EU cybersecurity laws: the Network and Information Security (NIS2) Directive (applicable to organizations located within the EU and organizations outside the EU that are essential within an EU country) and the Digital Operational Resilience Act (DORA). There are also industry regulatory changes such as PCI DSS v4.0 for the payment sector and the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) for Bulk Electric Systems (BES).

    Organizations should use regulatory changes as a means to improve security practices, instead of treating them as a compliance burden. As said by lead member of EU Parliament Bart Groothuis on NIS2, "This European directive is going to help around 160,000 entities tighten their grip on security […] It will also enable information sharing with the private sector and partners around the world. If we are being attacked on an industrial scale, we need to respond on an industrial scale."

    Current situation

    Stricter requirements and reporting: Regulations such as NIS2 include provisions for incident response, supply chain security, and encryption and vulnerability disclosure and set tighter cybersecurity obligations for risk management reporting obligations.

    Broader sectors: For example, the original NIS directive covers 19 sectors such as Healthcare, Digital Infrastructure, Transport, and Energy. Meanwhile, the new NIS2 directive increases to 35 sectors by adding other sectors such as providers of public electronic communications networks or services, manufacturing of certain critical products (e.g. pharmaceuticals), food, and digital services.

    High sanctions for violations: For example, Digital Services Act (DSA) includes fines of up to 6% of global turnover and a ban on operating in the EU single market in case of repeated serious breaches.

    Approximately 100 cross-border data flow regulations exist in 2022.

    Source: McKinsey, 2022

    Stricter requirements for payments

    Obligation changes to keep up with emerging threats and technologies

    64 New requirements were added
    A total of 64 requirements have been added to version 4.0 of the PCI DSS.

    13 New requirements become effective March 31, 2024
    The other 51 new requirements are considered best practice until March 31, 2025, at which point they will become effective.

    11 New requirements only for service providers
    11 of the new requirements are applicable only to entities that provide third-party services to merchants.

    Defined roles must be assigned for requirements.

    Focus on periodically assessing and documenting scope.

    Entities may choose a defined approach or a customized approach to requirements.

    An example of new requirements for PCI DSS v4.0

    Source: Prepare for PCI DSS v4.0, Info-Tech

    Use this template to explain the priorities you need your stakeholders to know about.

    Respond to regulatory changes

    Provide a brief value statement for the initiative.

    The compliance obligations are evolving – ensure your security plan has you covered.

    Initiative Description:

    Description must include what organization will undertake to complete the initiative.

    • Identify relevant security and privacy compliance and conformance levels.
    • Identify gaps for updated obligations, and map obligations into control framework.
    • Review, update, and implement policies and strategy.
    • Develop compliance exception process and forms.
    • Develop test scripts.
    • Track status and exceptions

    Drivers:

    List initiative drivers.

    • Pressure of new regulations
    • Governance, risk & compliance (GRC) tool offerings
    • High administrative or criminal penalties of non-compliance

    Risks:

    List initiative risks and impacts.

    • Complex structures and a great number of compliance requirements
    • Restricted budget and lack of skilled workforce for organizations such as local municipalities and small or medium organizations compared to private counterparts
    • Personal liability for some regulations for non-compliance

    Benefits:

    List initiative benefits and align to business benefits or benefits for the stakeholder groups that it impacts.

    • Reduces compliance risk.
    • Reduces complexity within the control environment by using a single framework to align multiple compliance regimes.
    • Reduces costs and efforts related to managing IT audits through planning and preparation.

    Related Info-Tech Research:

    Recommended Actions

    1. Identify compliance obligations

    Identify relevant security and privacy obligations and conformance levels.

    Identify gaps for updated obligations, and map obligations into control framework.

    2. Implement compliance strategy

    Review, update, and implement policies and strategy.

    Develop compliance exception process.

    3. Track and report

    Develop test scripts to check your remediations to ensure they are effective.

    Track and report status and exceptions.

    Sources: Build a Security Compliance Program and Prepare for PCI DSS v4.0, Info-Tech

    Identify relevant security and privacy compliance obligations

    Identify obligations

    # Security Jurisdiction
    1 Network and Information Security (NIS2) Directive European Union (EU) and organizations outside the EU that are essential within an EU country
    2 North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) North American electrical utilities
    3 Executive Order (EO) 14028: Improving the Nation's Cybersecurity, The White House, 2021 United States

    #

    Privacy Jurisdiction
    1 General Data Protection Regulation (GDPR) EU and EU citizens
    2 Personal Information Protection and Electronic Documents Act (PIPEDA) Canada
    3 California Consumer Privacy Act (CCPA) California, USA
    4 Personal Information Protection Law of the People’s Republic of China (PIPL) China

    An example of security and privacy compliance obligations

    How much does it cost to become compliant?

    • It is important to understand the various frameworks and to adhere to the appropriate compliance obligations.
    • Many factors influence the cost of compliance, such as the size of organization, the size of network, and current security readiness.
    • To manage compliance obligations, it is important to use a platform that not only performs internal and external monitoring but also provides third-party vendors (if applicable) with visibility into potential threats in their organization.

    Adopt Next-Generation Cybersecurity Technologies

    PRIORITY 04

    • GOVERNMENTS AND HACKERS ARE RECOGNIZING THE IMPORTANCE OF EMERGING TECHNOLOGIES, SUCH AS ZERO TRUST ARCHITECTURE AND AI-BASED CYBERSECURITY. SO SHOULD YOUR ORGANIZATION.

    Executive summary

    Background

    The cat and mouse game between threat actors and defenders is continuing. The looming question "can defenders do better?" has been answered with rapid development of technology. This includes the automation of threat analysis (signature-based, specification-based, anomaly-based, flow-based, content-based, sandboxing) not only on IT but also on other relevant environments, e.g. IoT, IIoT, and OT based on AI/ML.

    More fundamental approaches such as post-quantum cryptography and zero trust (ZT) are also emerging.
    ZT is a principle, a model, and also an architecture focused on resource protection by always verifying transactions using the least privilege principle. Hopefully in 2023, ZT will be more practical and not just a vendor marketing buzzword.

    Next-gen cybersecurity technologies alone are not a silver bullet. A combination of skilled talent, useful data, and best practices will give a competitive advantage. The key concepts are explainable, transparent, and trustworthy. Furthermore, regulation often faces challenges to keep up with next-gen cybersecurity technologies, especially with the implications and risks of adoption, which may not always be explicit.

    Current situation

    ZT: Performing an accurate assessment of readiness and benefits to adopt ZT can be difficult due to ZT's many components. Thus, an organization needs to develop a ZT roadmap that aligns with organizational goals and focuses on access to data, assets, applications, and services; don't select solutions or vendors too early.

    Post-quantum cryptography: Current cryptographic applications, such as RSA for PKI, rely on factorization. However, algorithms such as Shor's show quantum speedup for factorization, which can break current crypto when sufficient quantum computing devices are available. Thus, threat actors can intercept current encrypted information and store it to decrypt in the future.

    AI-based threat management: AI helps in analyzing and correlating data extremely fast compared to humans. Millions of telemetries, malware samples, raw events, and vulnerability data feed into the AI system, which humans cannot process manually. Furthermore, AI does not get tired in processing this big data, thus avoiding human error and negligence.

    Data breach mitigation cost without AI: USD 6.20 million; and with AI: USD 3.15 million

    Source: IBM, 2022

    Traditional security is not working

    Alert Fatigue

    Too many false alarms and too many events to process. Evolving threat landscapes waste your analysts' valuable time on mundane tasks, such as evidence collection. Meanwhile, only limited time is spared for decisions and conclusions, which results in the fear of missing an incident and alert fatigue.

    Lack of Insight

    To report progress, clear metrics are needed. However, cybersecurity still lacks in this area as the system itself is complex and some systems work in silos. Furthermore, lessons learned are not yet distilled into insights for improving future accuracy.

    Lack of Visibility

    System integration is required to create consistent workflows across the organization and to ensure complete visibility of the threat landscape, risks, and assets. Also, the convergence of OT, IoT, and IT enhances this challenge.

    Source: IBM Security Intelligence, 2020

    A business case for AI-based cybersecurity

    Threat management

    Prevention

    Risk scores are generated by machine learning based on variables such as behavioral patterns and geolocation. Zero trust architecture is combined with machine learning. Asset management leverages visibility using machine learning. Comply with regulations by improving discovery, classification, and protection of data using machine learning. Data security and data privacy services use machine learning for data discovery.

    Detection

    AI, advanced machine learning, and static approaches, such as code file analysis, combine to automatically detect and analyze threats and prevent threats from spreading, assisted by threat intelligence.

    Response

    AI helps in orchestrating security technologies for organizations to reduce the number of security agents installed, which may not talk to each other or, worse, may conflict with each other.

    Recovery

    AI continuously tunes based on lessons learned, such as creating security policies for improving future accuracy. AI also does not get fatigue, and it assists humans in a faster recovery.

    Prevention; Detection; Response; Recovery

    AI has been around since the 1940s, but why is it only gaining traction now? Because supporting technologies are only now available, including faster GPUs for complex computations and cheaper storage for massive volumes of data.

    Use this template to explain the priorities you need your stakeholders to know about.

    Adopt next-gen cybersecurity technologies

    Use this template to explain the priorities you need your stakeholders to know about.

    Develop a practical roadmap that shows the business value of next-gen cybersecurity technologies investment.

    Initiative Description:

    Description must include what organization will undertake to complete the initiative.

    • Identify the stakeholders who will be affected by the next-gen cybersecurity technologies implementation and define responsibilities based on skillsets and the degree of support.
    • Adopt well-established data governance practices for cross-functional teams.
    • Conduct a maturity assessment of key processes and highlight interdependencies.
    • Develop a baseline and periodically review risks, policies and procedures, and business plan.
    • Develop a roadmap and deploy next-gen cybersecurity architecture and controls step by step, working with trusted technology partners.
    • Monitor metrics on effectiveness and efficiency.

    Drivers:

    List initiative drivers.

    • Pressure of attacks by sophisticated threat actors
    • Next-gen cybersecurity technologies tool offerings
    • High cost of traditional security, e.g. longer breach lifecycle

    Risks:

    List initiative risks and impacts.

    • Lack of transparency of the model or bias, leading to non-compliance with policies/regulations
    • Risks related with data quality and inadequate data for model training
    • Adversarial attacks, including, but not limited to, adversarial input and model extraction

    Benefits:

    List initiative benefits and align to business benefits or benefits for the stakeholder groups that it impacts.

    • Reduces the number of alerts, thus reduces alert fatigue.
    • Increases the identification of unknown threats.
    • Leads to faster detection and response.
    • Closes skills gap and increases productivity.

    Related Info-Tech Research:

    Recommended Actions

    1. People

    Identify the stakeholders who will be affected by the next-gen cybersecurity technologies implementation and define responsibilities based on skillsets and the degree of support.

    Adopt well-established data governance practices for cross-functional teams.

    2. Process

    Conduct a maturity assessment of key processes and highlight interdependencies.

    Develop a baseline and periodically review risks, policies and procedures, and business plan.

    3. Technology

    Develop a roadmap and deploy next-gen cybersecurity architecture and controls step by step, working with trusted technology partners.

    Monitor metrics on effectiveness and efficiency.

    Source: Leverage AI in Threat Management (keynote presentation), Info-Tech

    Secure Services and Applications

    PRIORITY 05

    • APIS ARE STILL THE #1 THREAT TO APPLICATION SECURITY.

    Executive summary

    Background

    Software is usually produced as part of a supply chain instead of in silos. A vulnerability in any part of the supply chain can become a threat surface. We have learned this from recent incidents such as Log4j, SolarWinds, and Kaseya where attackers compromised a Virtual System Administrator tool used by managed service providers to attack around 1,500 organizations.

    DevSecOps is a culture and philosophy that unifies development, security, and operations to answer this challenge. DevSecOps shifts security left by automating, as much as possible, development and testing. DevSecOps provides many benefits such as rapid development of secure software and assurance that, prior to formal release and delivery, tests are reliably performed and passed.

    DevSecOps practices can apply to IT, OT, IoT, and other technology environments, for example, by integrating a Secure Software Development Framework (SSDF).

    Current situation

    Secure Software Supply Chain: Logging is a fundamental feature of most software, and recently the use of software components, especially open source, are based on trust. From the Log4j incident we learned that more could be done to improve the supply chain by adopting ZT to identify related components and data flows between systems and to apply the least privilege principle.

    DevSecOps: A software error wiped out wireless services for thousands of Rogers customers across Canada in 2021. Emergency services were also impacted, even though outgoing 911 calls were always accessible. Losing such services could have been avoided, if tests were reliably performed and passed prior to release.

    OT insecure-by-design: In OT, insecurity-by-design is still a norm, which causes many vulnerabilities such as insecure protocols implementation, weak authentication schemes, or insecure firmware updates. Additional challenges are the lack of CVEs or CVE duplication, the lack of Software Bill of Materials (SBOM), and product supply chains issues such as vulnerable products that are certified because of the scoping limitation and emphasis on functional testing.

    Technical causes of cybersecurity incidents in EU critical service providers in 2019-2021 shows: software bug (12%) and faulty software changes/update (9%).

    Source: CIRAS Incident reporting, ENISA (N=1,239)

    Software development keeps evolving

    DOD Maturation of Software Development Best Practices

    Best Practices 30 Years Ago 15 Years Ago Present Day
    Lifecycle Years or Months Months or Weeks Weeks or Days
    Development Process Waterfall Agile DevSecOps
    Architecture Monolithic N-Tier Microservices
    Deployment & Packaging Physical Virtual Container
    Hosting Infrastructure Server Data Center Cloud
    Cybersecurity Posture Firewall + SIEM + Zero Trust

    Best practices in software development are evolving as shown on the diagram to the left. For example, 30 years ago the lifecycle was "Years or Months," while in the present day it is "Weeks or Days."

    These changes also impact security such as the software architecture, which is no longer "Monolithic" but "Microservices" normally built within the supply chain.

    The software supply chain has known integrity attacks that can happen on each part of it. Starting from bad code submitted by a developer, to compromised source control platform (e.g. PHP git server compromised), to compromised build platform (e.g. malicious behavior injected on SolarWinds build), to a compromised package repository where users are deceived into using the bad package by the similarity between the malicious and the original package name.

    Therefore, we must secure each part of the link to avoid attacks on the weakest link.

    Software supply chain guidance

    Secure each part of the link to avoid attacks on the weakest link.

    Guide for Developers

    Guide for Suppliers

    Guide for Customers

    Secure product criteria and management, develop secure code, verify third-party components, harden build environment, and deliver code.

    Define criteria for software security checks, protect software, produce well-secured software, and respond to vulnerabilities.

    Secure procurement and acquisition, secure deployment, and secure software operations.

    Source: "Securing the Software Supply Chain" series, Enduring Security Framework (ESF), 2022

    "Most software today relies on one or more third-party components, yet organizations often have little or no visibility into and understanding of how these software components are developed, integrated, and deployed, as well as the practices used to ensure the components' security."

    Source: NIST – NCCoE, 2022

    Use this template to explain the priorities you need your stakeholders to know about.

    Secure services and applications

    Provide a brief value statement for the initiative.

    Adopt recommended practices for securing the software supply chain.

    Initiative Description:

    Description must include what organization will undertake to complete the initiative.

    • Define and keep security requirements and risk assessments up to date.
    • Require visibility into provenance of product, and require suppliers' self-attestation of security hygiene.
    • Verify distribution infrastructure, product and individual components integrity, and SBOM.
    • Use multi-layered defenses, e.g. ZT for integration and control configuration.
    • Train users on how to detect and report anomalies and when to apply updates to a system.
    • Ensure updates from authorized and authenticated sources and verify the integrity of the updated SBOM.

    Drivers:

    List initiative drivers.

    • Cyberattacks exploit the vulnerabilities of weak software supply chain
    • Increased need to enhance software supply chain security, e.g. under the White House Executive Order (EO) 14028
    • OT insecure-by-design hinders OT modernization

    Risks:

    List initiative risks and impacts.

    Only a few developers and suppliers explicitly address software security in detail.

    Time pressure to deliver functionality over security.

    Lack of security awareness and lack of trained workforce.

    Benefits:

    List initiative benefits and align to business benefits or benefits for the stakeholder groups that it impacts.

    Customers (acquiring organizations) achieve secure acquisition, deployment, and operation of software.

    Developers and suppliers provide software security with minimal vulnerabilities in its releases.

    Automated processes such as automated testing avoid error-prone and labor-intensive manual test cases.

    Related Info-Tech Research:

    Recommended Actions

    1. Procurement and Acquisition

    Define and keep security requirements and risk assessments up to date.

    Perform analysis on current market and supplier solutions and acquire security evaluation.

    Require visibility into provenance of product, and require suppliers' self-attestation of security hygiene

    2. Deployment

    Verify distribution infrastructure, product and individual components integrity, and SBOM.

    Save and store the tests and test environment and review and verify the
    self-attestation mechanism.

    Use multi-layered defenses, e.g. ZT for integration and control configuration.

    3. Software Operations

    Train users on how to detect and report anomalies and when to apply updates to a system.

    Ensure updates from authorized and authenticated sources and verify the integrity of the updated SBOM.

    Apply supply chain risk management (SCRM) operations.

    Source: "Securing the Software Supply Chain" series, Enduring Security Framework (ESF), 2022

    Bibliography

    Aksoy, Cevat Giray, Jose Maria Barrero, Nicholas Bloom, Steven J. Davis, Mathias Dolls, and Pablo Zarate. "Working from Home Around the World." Brookings Papers on Economic Activity, 2022.
    Barrero, Jose Maria, Nicholas Bloom, and Steven J. Davis. "Why working from home will stick." WFH Research, National Bureau of Economic Research, Working Paper 28731, 2021.
    Boehm, Jim, Dennis Dias, Charlie Lewis, Kathleen Li, and Daniel Wallance. "Cybersecurity trends: Looking over the horizon." McKinsey & Company, March 2022. Accessed
    31 Oct. 2022.
    "China: TC260 issues list of national standards supporting implementation of PIPL." OneTrust, 8 Nov. 2022. Accessed 17 Nov. 2022.
    Chmielewski, Stéphane. "What is the potential of artificial intelligence to improve cybersecurity posture?" before.ai blog, 7 Aug. 2022. Accessed 15 Aug. 2022.
    Conerly, Bill. "The Recession Will Begin Late 2023 Or Early 2024." Forbes, 1 Nov. 2022. Accessed 8 Nov. 2022.
    "Control System Defense: Know the Opponent." CISA, 22 Sep. 2022. Accessed 17 Nov. 2022.
    "Cost of a Data Breach Report 2022." IBM, 2022.
    "Cybersecurity: Parliament adopts new law to strengthen EU-wide resilience." European Parliament News, 10 Nov. 2022. Press Release.
    "Cyber Security in Critical National Infrastructure Organisations: 2022." Bridewell, 2022. Accessed 7 Nov. 2022.
    Davis, Steven. "The Big Shift to Working from Home." NBER Macro Annual Session On
    "The Future of Work," 1 April 2022.
    "Digital Services Act: EU's landmark rules for online platforms enter into force."
    EU Commission, 16 Nov. 2022. Accessed 16 Nov. 2022.
    "DoD Enterprise DevSecOps Fundamentals." DoD CIO, 12 May 2022. Accessed 21 Nov. 2022.
    Elkin, Elizabeth, and Deena Shanker. "That Cream Cheese Shortage You Heard About? Cyberattacks Played a Part." Bloomberg, 09 Dec. 2021. Accessed 27 Oct. 2022.
    Evan, Pete. "What happened at Rogers? Day-long outage is over, but questions remain." CBC News, 21 April 2022. Accessed 15 Nov. 2022.
    "Fewer Ransomware Victims Pay, as Median Ransom Falls in Q2 2022." Coveware,
    28 July 2022. Accessed 18 Nov. 2022.
    "Fighting cybercrime: new EU cybersecurity laws explained." EU Commission, 10 Nov. 2022. Accessed 16 Nov. 2022.
    "Guide to PCI compliance cost." Vanta. Accessed 18 Nov. 2022.
    Hammond, Susannah, and Mike Cowan. "Cost of Compliance 2022: Competing priorities." Thomson Reuters, 2022. Accessed 18 Nov. 2022.
    Hemsley, Kevin, and Ronald Fisher. "History of Industrial Control System Cyber Incidents." Department of Energy (DOE), 2018. Accessed 29 Aug. 2022.
    Hofmann, Sarah. "What Is The NIS2 And How Will It Impact Your Organisation?" CyberPilot,
    5 Aug. 2022. Accessed 16 Nov. 2022.
    "Incident reporting." CIRAS Incident Reporting, ENISA. Accessed 21 Nov. 2022.
    "Introducing SLSA, an End-to-End Framework for Supply Chain Integrity." Google,
    16 June 2021. Accessed 25 Nov. 2022.
    Kovacs, Eduard. "Trains Vulnerable to Hacker Attacks: Researchers." SecurityWeek, 29 Dec. 2015. Accessed 15 Nov. 2022.
    "Labour Force Survey, October 2022." Statistics Canada, 4 Nov. 2022. Accessed 7 Nov. 2022.
    Malacco, Victor. "Promises and potential of automated milking systems." Michigan State University Extension, 28 Feb. 2022. Accessed 15 Nov. 2022.
    Maxim, Merritt, et al. "Planning Guide 2023: Security & Risk." Forrester, 23 Aug. 2022. Accessed 31 Oct. 2022.
    "National Cyber Threat Assessment 2023-2024." Canadian Centre for Cyber Security, 2022. Accessed 18 Nov. 2022.
    Nicaise, Vincent. "EU NIS2 Directive: what's changing?" Stormshield, 20 Oct. 2022. Accessed
    17 Nov. 2022.
    O'Neill, Patrick. "Russia hacked an American satellite company one hour before the Ukraine invasion." MIT Technology Review, 10 May 2022. Accessed 26 Aug. 2022.
    "OT ICEFALL: The legacy of 'insecure by design' and its implications for certifications and risk management." Forescout, 2022. Accessed 21 Nov. 2022.
    Palmer, Danny. "Your cybersecurity staff are burned out - and many have thought about quitting." ZDNet, 8 Aug. 2022. Accessed 19 Aug. 2022.
    Placek, Martin. "Industrial Internet of Things (IIoT) market size worldwide from 2020 to 2028 (in billion U.S. dollars)." Statista, 14 March 2022. Accessed 15 Nov. 2022.
    "Revised Proposal Attachment 5.13.N.1 ADMS Business Case PUBLIC." Ausgrid, Jan. 2019. Accessed 15 Nov. 2022.
    Richter, Felix. "Cloudy With a Chance of Recession." Statista, 6 April 2022. Web.
    "Securing the Software Supply Chain: Recommended Practices Guide for Developers." Enduring Security Framework (ESF), Aug. 2022. Accessed 22 Sep. 2022.
    "Securing the Software Supply Chain: Recommended Practices Guide for Suppliers." Enduring Security Framework (ESF), Sep. 2022. Accessed 21 Nov. 2022.
    "Securing the Software Supply Chain: Recommended Practices Guide for Customers." Enduring Security Framework (ESF), Oct. 2022. Accessed 21 Nov. 2022.
    "Security Guidelines for the Electricity Sector: Control System Electronic Connectivity."
    North American Electric Reliability Corporation (NERC), 28 Oct. 2013. Accessed 25 Nov. 2022.
    Shepel, Jan. "Schreiber Foods hit with cyberattack; plants closed." Wisconsin State Farmer,
    26 Oct. 2022. Accessed 15 Nov. 2022.
    "Significant Cyber Incidents." Center for Strategic and International Studies (CSIS). Accessed
    1 Sep. 2022.
    Souppaya, Murugiah, Michael Ogata, Paul Watrobski, and Karen Scarfone. "Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps." NIST - National Cybersecurity Center of Excellence (NCCoE), Nov. 2022. Accessed
    22 Nov. 2022.
    "Ten Things Will Change Cybersecurity in 2023." SOCRadar, 23 Sep. 2022. Accessed
    31 Oct. 2022.
    "The Nature of Cybersecurity Defense: Pentagon To Reveal Updated Zero-Trust Cybersecurity Strategy & Guidelines." Cybersecurity Insiders. Accessed 21 Nov. 2022.
    What Is Threat Management? Common Challenges and Best Practices." IBM Security Intelligence, 2020.
    Woolf, Tim, et al. "Benefit-Cost Analysis for Utility-Facing Grid Modernization Investments: Trends, Challenges, and Considerations." Lawrence Berkeley National Laboratory, Feb. 2021. Accessed 15 Nov. 2022.
    Violino, Bob. "5 key considerations for your 2023 cybersecurity budget planning." CSO Online,
    14 July 2022. Accessed 27 Oct. 2022

    Research Contributors and Experts

    Andrew Reese
    Cybersecurity Practice Lead
    Zones

    Ashok Rutthan
    Chief Information Security Officer (CISO)
    Massmart

    Chris Weedall
    Chief Information Security Officer (CISO)
    Cheshire East Council

    Jeff Kramer
    EVP Digital Transformation and Cybersecurity
    Aprio

    Kris Arthur
    Chief Information Security Officer (CISO)
    SEKO Logistics

    Mike Toland
    Chief Information Security Officer (CISO)
    Mutual Benefit Group

    Generative AI: Market Primer

    • Buy Link or Shortcode: {j2store}349|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Much of the organization remains in the dark for understanding what Gen AI is, complicated by ambiguous branding from vendors claiming to provide Gen AI solutions.
    • Searching the market for a Gen AI platform is nearly impossible, owing to the sheer number of vendors.
    • The evaluative criteria for selecting a Gen AI platform are unclear.

    Our Advice

    Critical Insight

    • You cannot rush Gen AI selection and implementation. Organizations with (1) FTEs devoted to making Gen AI work (including developers and business intelligence analysts), (2) trustworthy and regularly updated data, and (3) AI governance are just now reaching PoC testing.
    • Gen AI is not a software category – it is an umbrella concept. Gen AI platforms will be built on different foundational models, be trained in different ways, and provide varying modalities. Do not expect Gen AI platforms to be compared against the same parameters in a vendor quadrant.
    • Bad data is the tip of the iceberg for Gen AI risks. While Gen AI success will be heavily reliant on the quality of data it is fine-tuned on, there are independent risks organizations must prepare for, from Gen AI hallucinations and output reliability to infrastructure feasibility and handling high-volume events.
    • Prepare for ongoing instability in the Gen AI market. If your organization is unsure about where to start with Gen AI, the secure route is to examine what your enterprise providers are offering. Use this as a learning platform to confidently navigate which specialized Gen AI provider will be viable for meeting your use cases.

    Impact and Result

    • Consensus on Gen AI scope and key Gen AI capabilities
    • Identification of your readiness to leverage Gen AI applications
    • Agreement on Gen AI evaluative criteria
    • Knowledge of vendor viability

    Generative AI: Market Primer Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Generative AI: Market Primer – Contextualize the marketspace and prepare for generative AI selection.

    Use Info-Tech’s best practices for setting out a selection roadmap and evaluative criteria for narrowing down vendors – both enterprise and specialized providers.

    • Generative AI: Market Primer Storyboard
    • Data Governance Policy
    • AI Governance Storyboard
    • AI Architecture Assessment and Project Planning Tool
    • AI Architecture Assessment and Project Planning Tool – Sample
    • AI Architecture Templates
    [infographic]

    Further reading

    Generative AI: Market Primer

    Cut through Gen AI buzzwords to achieve market clarity.

    Analyst Perspective

    The generative AI (Gen AI) marketspace is complex, nascent, and unstable.

    Organizations need to get clear on what Gen AI is, its infrastructural components, and the governance required for successful platform selection.

    Thomas Randall

    The urge to be fast-moving to leverage the potential benefits of Gen AI is understandable. There are plenty of opportunities for Gen AI to enrich an organization’s use cases – from commercial to R&D to entertainment. However, there are requisites an organization needs to get right before Gen AI can be effectively applied. Part of this is ensuring data and AI governance is well established and mature within the organization. The other part is contextualizing Gen AI to know what components of this market the organization needs to invest in.

    Owing to its popularity surge, OpenAI’s ChatGPT has become near synonymous with Gen AI. However, Gen AI is an umbrella concept that encompasses a variety of infrastructural architecture. Organizations need to ask themselves probing questions if they are looking to work with OpenAI: Does ChatGPT rest on the right foundational model for us? Does ChatGPT offer the right modalities to support our organization’s use cases? How much fine-tuning and prompt engineering will we need to perform? Do we require investment in on-premises infrastructure to support significant data processing and high-volume events? And do we require FTEs to enable all this infrastructure?

    Use this market primer to quickly get up to speed on the elements your organization might need to make the most of Gen AI.

    Thomas Randall

    Advisory Director, Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Much of the organization remains in the dark for understanding what Gen AI is, complicated by ambiguous branding from vendors claiming to provide Gen AI solutions.
    • Searching the market for a Gen AI platform is near impossible, owing to the sheer number of vendors.
    • The evaluative criteria for selecting a Gen AI platform is unclear.

    Common Obstacles

    • Data governance is immature within the organization. There is no source of truth or regularly updated organizational process assets.
    • AI functionality is not well understood within the organization; there is little AI governance for monitoring and controlling its use.
    • The extent of effort and resources required to make Gen AI a success remains murky.

    Info-Tech's Solution

    This market primer for Gen AI will help you:

    1. Contextualize the Gen AI market: Learn what components of Gen AI an organization should consider to make Gen AI a success.
    2. Prepare for Gen AI selection: Use Info-Tech’s best practices for setting out a selection roadmap and evaluative criteria for narrowing down vendors – both enterprise and specialized providers.

    “We are entering the era of generative AI.
    This is a unique time in our history where the benefits of AI are easily accessible and becoming pervasive with co-pilots emerging in the major business tools we use today. The disruptive capabilities that can potentially drive dramatic benefits also introduces risks that need to be planned for.”

    Bill Wong, Principal Research Director – Data and BI, Info-Tech Research Group

    Who benefits from this project?

    This research is designed for:

    • Senior IT, developers, data staff, and project managers who:
      • Have received a mandate from their executives to begin researching the Gen AI market.
      • Need to quickly get up to speed on the state of the Gen AI market, given no deep prior knowledge of the space.
      • Require an overview of the different components to Gen AI to contextualize how vendor comparisons and selections can be made.
      • Want to gain an understanding of key trends, risks, and evaluative criteria to consider in their selection process.

    This research will help you:

    • Articulate the potential business value of Gen AI to your organization.
    • Establish which high-value use cases could be enriched by Gen AI functionality.
    • Assess vendor viability for enterprise and specialized software providers in the Gen AI marketspace.
    • Collect information on the prerequisites for implementing Gen AI functionality.
    • Develop relevant evaluative criteria to assist differentiating between shortlisted contenders.

    This research will also assist:

    • Executives, business analysts, and procurement teams who are stakeholders in:
      • Contextualizing the landscape for learning opportunities.
      • Gathering and documenting requirements.
      • Building deliverables for software selection projects.
      • Managing vendors, especially managing the relationships with incumbent enterprise software providers.

    This research will help you:

    • Identify examples of how Gen AI applications could be leveraged for your organization’s core use cases.
    • Verify the extent of Gen AI functionality an incumbent enterprise provider has.
    • Validate accuracy of Gen AI language and architecture referenced in project deliverables.

    Insight Summary

    You cannot speedrun Gen AI selection and implementation.

    Organizations with (1) FTEs devoted to making Gen AI work (including developers and business intelligence analysts), (2) trustworthy and regularly updated data, and (3) AI governance are just now reaching PoC testing.

    Gen AI is not a software category – it is an umbrella concept.

    Gen AI platforms will be built on different foundational models, be trained in different ways, and provide varying modalities. Do not expect to compare Gen AI platforms to the same parameters in a vendor quadrant.

    Bad data is the tip of the iceberg for Gen AI risks.

    While Gen AI success will be heavily reliant on the quality of data it is fine-tuned on, there are independent risks organizations must prepare for: from Gen AI hallucinations and output reliability to infrastructure feasibility to handle high-volume events.

    Gen AI use may require changes to sales incentives.

    If you plan to use Gen AI in a commercial setting, review your sales team’s KPIs. They are rewarded for sales velocity; if they are the human-in-the-loop to check for hallucinations, you must change incentives to ensure quality management.

    Prepare for ongoing instability in the Gen AI market.

    If your organization is unsure about where to start with Gen AI, the secure route is to examine what your enterprise providers are offering. Use this as a learning platform to confidently navigate which specialized Gen AI provider will be viable for meeting your use cases.

    Brace for a potential return of on-premises infrastructure to power Gen AI.

    The market trend has been for organizations to move to cloud-based products. Yet, for Gen AI, effective data processing and fine-tuning may call for organizations to invest in on-premises infrastructure (such as more GPUs) to enable their Gen AI to function effectively.

    Info-Tech’s methodology for understanding the Gen AI marketspace

    Phase Steps

    1. Contextualize the Gen AI marketplace

    1. Define Gen AI and its components.
    2. Explore Gen AI trends.
    3. Begin deriving Gen AI initiatives that align with business capabilities.

    2. Prepare for and understand Gen AI platform offerings

    1. Review Gen AI selection best practices and requisites for effective procurement.
    2. Determine evaluative criteria for Gen AI solutions.
    3. Explore Gen AI offerings with enterprise and specialized providers.
    Phase Outcomes
    1. Achieve consensus on Gen AI scope and key Gen AI capabilities.
    2. Identify your readiness to leverage Gen AI applications.
    3. Hand off to Build Your Generative AI Roadmap to complete pre-requisites for selection.
    1. Determine whether deeper data and AI governance is required; if so, hand off to Create an Architecture for AI.
    2. Gain consensus on Gen AI evaluative criteria.
    3. Understand vendor viability.

    Guided Implementation

    Phase 1

    Phase 2

    • Call #1: Discover if Gen AI is right for your organization. Understand what a Gen AI platform is and discover the art of the possible.
    • Call #2: To take advantage of Gen AI, perform a business capabilities analysis to begin deriving Gen AI initiatives.
    • Call #3: Explore whether Gen AI initiatives can be achieved either with incumbent enterprise players or via procurement of specialized solutions.
    • Call #4: Evaluate vendors and perform final due diligence.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    The Gen AI market evaluation process should be broken into segments:

    1. Gen AI market education with this primer
    2. Structured approach to selection
    3. Evaluation and final due diligence

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful"

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Software selection engagement

    Five advisory calls over a five-week period to accelerate your selection process

    • Receive expert analyst guidance over five weeks (on average) to select and negotiate software.
    • Save money, align stakeholders, speed up the process, and make better decisions.
    • Use a repeatable, formal methodology to improve your application selection process.
    • Get better, faster results guaranteed, included in membership.
    Software selection process timeline. Week 1: Awareness - 1 hour call, Week 2: Education & Discovery - 1 hour call, Week 3: Evaluation - 1 hour call, Week 4: Selection - 1 hour call, Week 5: Negotiation & Configuration - 1 hour call.

    Click here to book your selection engagement.

    Software selection workshops

    40 hours of advisory assistance delivered online.

    Select better software, faster.

    • 40 hours of expert analyst guidance
    • Project and stakeholder management assistance
    • Save money, align stakeholders, speed up the process, and make better decisions
    • Better, faster results guaranteed; 25K standard engagement fee
    Software selection process timeline. Week 1: Awareness - 5 hours of Assistance, Week 2: Education & Discovery - 10 hours of assistance, Week 3: Evaluation - 10 hours of assistance, Week 4: Selection - 10 hours of assistance, Week 5: Negotiation & Configuration - 10 hours of assistance.

    Click here to book your workshop engagement.

    Master Your Security Incident Response Communications Program

    • Buy Link or Shortcode: {j2store}321|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: $2,339 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: Threat Intelligence & Incident Response
    • Parent Category Link: /threat-intelligence-incident-response
    • When a significant security incident is discovered, usually very few details are known for certain. Nevertheless, the organization will need to say something to affected stakeholders.
    • Security incidents tend to be ongoing situations that last considerably longer than other types of crises, making communications a process rather than a one-time event.
    • Effective incident response communications require collaboration from: IT, Legal, PR, and HR – groups that often speak “different languages.”

    Our Advice

    Critical Insight

    • There’s no such thing as successful incident response communications; strive instead for effective communications. There will always be some fallout after a security incident, but it can be effectively mitigated through honesty, transparency, and accountability.
    • Effective external communications begin with effective internal communications. Security Incident Response Team members come from departments that don’t usually work closely with each other. This means they often have different ways of thinking and speaking about issues. Be sure they are familiar with each other before a crisis occurs.
    • You won’t save face by withholding embarrassing details. Lying only makes a bad situation worse, but coming clean and acknowledging shortcomings (and how you’ve fixed them) can go a long way towards restoring stakeholders’ trust.

    Impact and Result

    • Effective and efficient management of security incidents involves a formal process of preparation, detection, analysis, containment, eradication, recovery, and post-incident activities: communications must be integrated into each of these phases.
    • Understand that prior planning helps to take the guesswork out of incident response communications. By preparing for several different types of security incidents, the communications team will get used to working with each other, as well as learning what strategies are and are not effective. Remember, the communications team contains diverse members from various departments, and each may have different ideas about what information is important to release.

    Master Your Security Incident Response Communications Program Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement a security incident response communications plan, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Dive into communications planning

    This phase addresses the benefits and challenges of incident response communications and offers advice on how to assemble a communications team and develop a threat escalation protocol.

    • Master Your Security Incident Response Communications Program – Phase 1: Dive Into Communications Planning
    • Security Incident Management Plan

    2. Develop your communications plan

    This phase focuses on creating an internal and external communications plan, managing incident fallout, and conducting a post-incident review.

    • Master Your Security Incident Response Communications Program – Phase 2: Develop Your Communications Plan
    • Security Incident Response Interdepartmental Communications Template
    • Security Incident Communications Policy Template
    • Security Incident Communications Guidelines and Templates
    • Security Incident Metrics Tool
    • Tabletop Exercises Package
    [infographic]

    Tell Your Story With Data Visualization

    • Buy Link or Shortcode: {j2store}364|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Business Intelligence Strategy
    • Parent Category Link: /business-intelligence-strategy

    Analysts do not feel empowered to challenge requirements to deliver a better outcome. This alongside underlying data quality issues prevents the creation of accurate and helpful information. Graphic representations do not provide meaningful and actionable insights.

    Our Advice

    Critical Insight

    As organizations strive to become more data-driven, good storytelling with data visualization supports growing corporate data literacy and helps analysts in providing insights that improves organization's decision-making and value-driving processes, which ultimately boosts business performance.

    Impact and Result

    Follow a step-by-step guide to address the business bias of tacet experience over data facts and increase audience's understanding and acceptance toward data solutions.

    Save the lost hours and remove the challenges of reports and dashboards being disregarded due to ineffective usage.

    Gain insights from data-driven recommendations and have decision support to make informed decisions.

    Tell Your Story With Data Visualization Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Tell Your Story With Data Visualization Deck – Solve challenging business problems more effectively and improve communication with audiences by demonstrating significant insights through data storytelling with impactful visuals.

    Here is our step-by-step process of getting value out of effective storytelling with data visualization:

  • Step 1: Frame the business problem and the outcomes required.
  • Step 2: Explore the potential drivers and formulate hypotheses to test.
  • Step 3: Construct a meaningful narrative which the data supports.
    • Tell Your Story With Data Visualization Storyboard

    2. Storytelling Whiteboard Canvas Template – Plan out storytelling using Info-Tech’s whiteboard canvas template.

    This storytelling whiteboard canvas is a template that will help you create your visualization story narrative by:

  • Identifying the problem space.
  • Finding logical relationships and data identification.
  • Reviewing analysis and initial insights.
  • Building the story and logical conclusion.
    • Storytelling Whiteboard Canvas Template
    [infographic]

    Further reading

    Tell Your Story With Data Visualization

    Build trust with your stakeholders.

    Analyst Perspective

    Build trust with your stakeholders.

    Data visualization refers to graphical representations of data which help an audience understand. Without good storytelling, however, these representations can distract an audience with enormous amounts of data or even lead them to incorrect conclusions.

    Good storytelling with data visualization involves identifying the business problem, exploring potential drivers, formulating a hypothesis, and creating meaningful narratives and powerful visuals that resonate with all audiences and ultimately lead to clear actionable insights.

    Follow Info-Tech's step-by-step approach to address the business bias of tacit experience over data facts, improve analysts' effectiveness and support better decision making.

    Ibrahim Abdel-Kader, Research Analyst

    Ibrahim Abdel-Kader
    Research Analyst,
    Data, Analytics, and Enterprise Architecture

    Nikitha Patel, Research Specialist

    Nikitha Patel
    Research Specialist,
    Data, Analytics, and Enterprise Architecture

    Ruyi Sun, Research Specialist

    Ruyi Sun
    Research Specialist,
    Data, Analytics, and Enterprise Architecture

    Our understanding of the problem

    This research is designed for

    • Business analysts, data analysts, or their equivalent who (in either a centralized or federated operating model) look to solve challenging business problems more effectively and improve communication with audiences by demonstrating significant insights through visual data storytelling.

    This research will also assist

    • A CIO or business unit (BU) leader looking to improve reporting and analytics, reduce time to information, and embrace decision making.

    This research will help you

    • Identify the business problem and root causes that you are looking to address for key stakeholders.
    • Improve business decision making through effective data storytelling.
    • Focus on insight generation rather than report production.
    • Apply design thinking principles to support the collection of different perspectives.

    This research will help them

    • Understand the report quickly and efficiently, regardless of their data literacy level.
    • Grasp the current situation of data within the organization.

    Executive Summary

    Your Challenge Common Obstacles Info-Tech's Approach
    As analysts, you may experience some critical challenges when presenting a data story.
    • The graphical representation does not provide meaningful or actionable insights.
    • Difficulty selecting the right visual tools or technologies to create visual impact.
    • Lack of empowerment, where analysts don't feel like they can challenge requirements.
    • Data quality issues that prevent the creation of accurate and helpful information.
    Some common roadblocks may prevent you from addressing these challenges.
    • Lack of skills and context to identify the root cause or the insight that adds the most value.
    • Lack of proper design or over-visualization of data will mislead/confuse the audience.
    • Business audience bias, leading them to ignore reliable insights presented.
    • Lack of the right access to obtain data could hinder the process.
    • Understand and dissect the business problem through Info-Tech's guidance on root cause analysis and design thinking process.
    • Explore each potential hypothesis and construct your story's narratives.
    • Manage data visualization using evolving tools and create visual impact.
    • Inform business owners how to proceed and collect feedback to achieve continuous improvement.

    Info-Tech Insight
    As organizations strive to become more data-driven, good storytelling with data visualization supports growing corporate data literacy and helps analysts provide insights that improve organizational decision-making and value-driving processes, which ultimately boosts business performance.

    Glossary

    • Data: Facts or figures, especially those stored in a computer, that can be used for calculating, reasoning, or planning. When data is processed, organized, structured, or presented in a given context to make it useful, it is called information. Data leaders are accountable for certain data domains and sets.
    • Data storytelling: The ability to create a narrative powered by data and analytics that supports the hypothesis and intent of the story. Narrators of the story should deliver a significant view of the message in a way easily understood by the target audience. Data visualization can be used as a tactic to enhance storytelling.
    • Data visualization: The ability to visually represent a complete story to the target audience powered by data & analytics, using data storytelling as an enabling mechanism to convey narratives. Typically, there are two types of visuals used as part of data visualization: explanatory/informative visuals (the entire story or specific aspects delivered to the audience) and exploratory visuals (the collected data used to clarify what questions must be answered).
    • Data literacy: The ability to read, work with, analyze, and argue with data. Easy access to data is essential to exercising these skills. All organizational employees involved with data-driven decisions should learn to think critically about the data they use for analytics and how they assess and interpret the results of their work.
    • Data quality: A measure of the condition of data based on factors such as accuracy, completeness, consistency, reliability, and being up-to-date. This is about how well-suited a data set is to serve its intended purpose, therefore business users and stakeholders set the standards for what is good enough. The governance function along with IT ensures that data quality measures are applied, and corrective actions taken.
    • Analytics/Business intelligence (BI): A technology-driven process for analyzing data and delivering actionable information that helps executives, managers, and workers make informed business decisions. As part of the BI process, organizations collect data from internal IT systems and external sources, prepare it for analysis, run queries against the data, and create data visualizations.
      Note: In some frameworks, analytics and BI refer to different types of analyses (i.e. analytics predict future outcomes, BI describes what is or has been).

    Getting value out of effective storytelling with data visualization

    Data storytelling is gaining wide recognition as a tool for supporting businesses in driving data insights and making better strategic decisions.

    92% of respondents agreed that data storytelling is an effective way of communicating or delivering data and analytics results.

    87% of respondents agreed that if insights were presented in a simpler/clearer manner, their organization's leadership team would make more data-driven decisions.

    93% of respondents agreed that decisions made based on successful data storytelling could potentially help increase revenue.

    Source: Exasol, 2021

    Despite organizations recognizing the value of data storytelling, issues remain which cannot be remedied solely with better technology.

    61% Top challenges of conveying important insights through dashboards are lack of context (61%), over-communication (54%), and inability to customize contents for intended audiences (46%).

    49% of respondents feel their organizations lack storytelling skills, regardless of whether employees are data literate.

    Source: Exasol, 2021

    Info-Tech Insight
    Storytelling is a key component of data literacy. Although enterprises are increasingly investing in data analytics software, only 21% of employees are confident with their data literacy skills. (Accenture, 2020)

    Prerequisite Checklist

    Before applying Info-Tech's storytelling methodology, you should have addressed the following criteria:

    • Select the right data visualization tools.
    • Have the necessary training in statistical analysis and data visualization technology.
    • Have competent levels of data literacy.
    • Good quality data founded on data governance and data architecture best practices.

    To get a complete view of the field you want to explore, please refer to the following Info-Tech resources:

    Select and Implement a Reporting and Analytics Solution

    Build a Data Architecture Roadmap

    Establish Data Governance

    Build Your Data Quality Program

    Foster Data-Driven Culture With Data Literacy

    Info-Tech's Storytelling With Data Visualization Framework

    Data Visualization Framework

    Info-Tech Insight
    As organizations strive to become more data-driven, good storytelling with data visualization supports growing corporate data literacy and helps analysts provide insights that improve organizational decision-making and value-driving processes, which ultimately boosts business performance.

    Research Benefits

    Member Benefits Business Benefits
    • Reduce time spent on getting your audience in the room and promote business involvement with the project.
    • Eliminate ineffectively used reports and dashboards being disregarded for lack of storytelling skills, resulting in real-time savings and monetary impact.
    • Example: A $50k reporting project has a 49% risk of the company being unable to communicate effective data stories (Exasol, 2021). Therefore, a $50k project has an approx. 50% chance of being wasted. Using Info-Tech's methodology, members can remove the risk, saving $25k and the time required to produce each report.
    • Address the common business bias of tacit experience over data-supported facts and increase audience understanding and acceptance of data-driven solutions.
    • Clear articulation of business context and problem.
    • High-level improvement objectives and return on investment (ROI).
    • Gain insights from data-driven recommendations to assist with making informed decisions.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit Guided Implementation Workshop Consulting
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    IT Organizational Design

    • Buy Link or Shortcode: {j2store}32|cart{/j2store}
    • Related Products: {j2store}32|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.1/10
    • member rating average dollars saved: $83,392
    • member rating average days saved: 21
    • Parent Category Name: People and Resources
    • Parent Category Link: /people-and-resources

    The challenge

    • IT can ensure full business alignment through an organizational redesign.
    • Finding the best approach for your company is difficult due to many frameworks and competing priorities.
    • External competitive influences and technological trends exacerbate this.

    Our advice

    Insight

    • Your structure is the critical enabler of your strategic direction. Structure dictates how people work together and how they can fill in their roles to create the desired business value. 
    • Constant change is killing for an organization. You need to adapt, but you need a stable baseline and make sure the change is in line with the overall strategy and company context.
    • A redesign is only successful if it really happens. Shifting people into new positions is not enough to implement a redesign. 

    Impact and results 

    • Define your redesign principles. They will act as a manifesto to your change. It also provides for a checklist, ensuring that the structure does not deviate from the business strategy.
    • Visualize the new design with a customized operating model for your company. It must demonstrate how IT creates value and supports the business value creation chains.
    • Define the future-state roles, functions, and responsibilities to enable your IT department to support the business effectively.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief explains to you the challenges associated with the organizational redesign. We'll show you our methodology and the ways we can help you in completing this.

    Define your organizational design principles and select your operating model

    The design principles will govern your organizational redesign; Align the principles with your business strategy.

    • Redesign Your IT Organizational Structure – Phase 1: Craft Organizational Design Principles and Select an IT Operating Model (ppt)
    • Organizational Design Communications Deck (ppt)

    Customize the selected IT operating model to your company

    Your operating model must account for the company's nuances and culture.

    • Redesign Your IT Organizational Structure – Phase 2: Customize the IT Operating Model (ppt)
    • Operating Models and Capability Definition List (ppt)

    Design the target-state of your IT organizational structure

    Go from an operating model to the structure fit for your company.

    • Redesign Your IT Organizational Structure – Phase 3: Architect the Target-State IT Organizational Structure (ppt)
    • Organizational Design Capability RACI Chart (xls)
    • Work Unit Reference Structures (Visio)
    • Work Unit Reference Structures (pdf)

    Communicate the benefits of the new structure

    Change does not come easy. People will be anxious. Craft your communications to address critical concerns and obtain buy-in from the organization. If the reorganization will be painful, be up-front on that, and limit the time in which people are uncertain.

    • Redesign Your IT Organizational Structure – Phase 4: Communicate the Benefits of the New Organizational Structure (ppt)

     

    Define Your Digital Business Strategy

    • Buy Link or Shortcode: {j2store}55|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $83,641 Average $ Saved
    • member rating average days saved: 26 Average Days Saved
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • Your organizational digital business strategy sits on the shelf because it fails to guide implementation.
    • Your organization has difficulty adapting new technologies or rethinking their existing business models.
    • Your organization lacks a clear vision for the digital customer journey.
    • Your management team lacks a framework to rethink how your organization delivers value today, which causes annual planning to become an ideation session that lacks focus.

    Our Advice

    Critical Insight

    • Pre-pandemic digital strategies have been primarily focused on automation. However, your post-pandemic digital strategy must focus on driving resilience for growth opportunities.

    Impact and Result

    • Design a strategy that applies innovation to your business model, streamline and transform processes, and make use of technologies to enhance interactions with customers and employees.
    • Use digital for transforming non-routine cognitive activities and for derisking key elements of the value chain.
    • Create a balanced roadmap that improves digital maturity and prepares you for long-term success in a digital economy.

    Define Your Digital Business Strategy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Digital Business Strategy Deck – A step-by-step document that walks you through how to identify top value chains and a digitally enabled growth opportunity, transform stakeholder journeys, and build a digital transformation roadmap.

    This blueprint guides you through a value-driven approach to digital transformation that allows you to identify what aspects of the business to transform, what technologies to embrace, what processes to automate, and what new business models to create. This approach to digital transformation unifies digital possibilities with your customer experiences.

    • Define Your Digital Business Strategy – Phases 1-4

    2. Digital Business Strategy Workbook – A tool to guide you in planning and prioritizing projects to build an effective digital business strategy.

    This tool guides you in planning and prioritizing projects to build an effective digital business strategy. Key activities include conducting a horizon scan, conducting a journey mapping exercise, prioritizing opportunities from a journey map, expanding opportunities into projects, and lastly, building the digital transformation roadmap using a Gantt chart visual to showcase project execution timelines.

    • Digital Strategy Workbook

    3. Digital Business Strategy Final Report Template – Use this template to capture the synthesized content from outputs of the activities.

    This deck is a visual presentation template for this blueprint. The intent is to capture the contents of the activities in a presentation PowerPoint. It uses sample data from “City of X” to demonstrate the digital business strategy.

    • Digital Business Strategy Final Report Template
    [infographic]

    Workshop: Define Your Digital Business Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify Two Existing Value Chains

    The Purpose

    Understand how your organization creates value today.

    Key Benefits Achieved

    Identify opportunities for digital transformation in how you currently deliver value today.

    Activities

    1.1 Validate business context.

    1.2 Assess business ecosystem.

    1.3 Identify and prioritize value streams.

    1.4 Break down value stream into value chains.

    Outputs

    Business context

    Overview of business ecosystem

    Value streams and value chains

    2 Identify a Digitally Enabled Growth Opportunity

    The Purpose

    Leverage strategic foresight to evaluate how complex trends can evolve over time and identify opportunities to leapfrog competitors.

    Key Benefits Achieved

    Identify a leapfrog idea to sidestep competitors.

    Activities

    2.1 Conduct a horizon scan.

    2.2 Identify leapfrog ideas.

    2.3 Identify impact to existing or new value chains.

    Outputs

    One leapfrog idea

    Corresponding value chain

    3 Transform Stakeholder Journeys

    The Purpose

    Design a journey map to empathize with your customers and identify opportunities to streamline or enhance existing and new experiences.

    Key Benefits Achieved

    Identify a unified view of customer experience.

    Identify opportunities to automate non-routine cognitive tasks.

    Identify gaps in value delivery.

    Improve customer journey.

    Activities

    3.1 Identify stakeholder persona.

    3.2 Identify journey scenario.

    3.3 Conduct one journey mapping exercise.

    3.4 Identify opportunities to improve stakeholder journey.

    3.5 Break down opportunities into projects.

    Outputs

    Stakeholder persona

    Stakeholder scenario

    Journey map

    Journey-based projects

    4 Build a Digital Transformation Roadmap

    The Purpose

    Build a customer-centric digital transformation roadmap.

    Key Benefits Achieved

    Keep your team on the same page with key projects, objectives, and timelines.

    Activities

    4.1 Prioritize and categorize initiatives.

    4.2 Build roadmap.

    Outputs

    Digital goals

    Unified roadmap

    Further reading

    Define Your Digital Business Strategy

    After a major crisis, find your place in the digital economy.

    Info-Tech Research Group

    Info-Tech is a provider of best-practice IT research advisory services that make every IT leader’s job easier.

    35,000 members sharing best practices you can leverage

    Millions spent developing tools and templates annually

    Leverage direct access to over 100 analysts as an extension of your team

    Use our massive database of benchmarks and vendor assessments

    Get up to speed in a fraction of the time

    Analyst Perspective

    Build business resilience and prepare for a digital economy.

    This is a picture of Senior Research Analyst, Dana Daher

    Dana Daher
    Senior Research Analyst

    To survive one of the greatest economic downturns since the Great Depression, organizations had to accelerate their digital transformation by engaging with the Digital Economy. To sustain growth and thrive as the pandemic eases, organizations must focus their attention on building business resilience by transforming how they deliver value today.
    This requires a value-driven approach to digital transformation that is capable of identifying what aspects of the business to transform, what technologies to embrace, what processes to automate, and what new business models to create. And most importantly, it needs to unify digital possibilities with your customer experiences.
    If there was ever a time for an organization to become a digital business, it is today.

    Executive Summary

    Your Challenge

    • Your organization has difficulty adapting new technologies or rethinking the existing business models.
    • Your management lacks a framework to rethink how your organization delivers value today, which causes annual planning to become an ideation session that lacks focus.
    • There is uncertainty on how to meet evolving customer needs and how to compete in a digital economy.

    Common Obstacles

    • Your organization might approach digital transformation as if we were still in 2019, not recognizing that the pandemic resulted in a major shift to an end-to-end digital economy.
    • Your senior-most leadership thinks digital is "IT's problem" because digital is viewed synonymously with technology.
    • On the other hand, your IT team lacks the authority to make decisions without the executives’ involvement in the discussion around digital.

    Info-Tech’s Approach

    • Design a strategy that applies innovation to your business model, streamline and transform processes, and make use of technologies to enhance interactions with customers and employees.
    • Use digital for transforming non-routine cognitive activities and for de-risking key elements of the value chain.
    • Create a balanced roadmap that improves digital maturity and prepares you for long-term success in a digital economy.

    Info-Tech Insight

    After a major crisis, focus on restarting the growth engine and bolstering business resilience.

    Your digital business strategy aims to transform the business

    Digital Business Strategy

    • Looks for ways to transform the business by identifying what technologies to embrace, what processes to automate, and what new business models to create.
    • Unifies digital possibilities with your customer experiences.
    • Accountability lies with the executive leadership.
    • Must involve cross-functional participation from senior management from the different areas of the organization.

    IT Strategy

    • Aims to identify how to change, fix, or improve technology in support of the organization’s business strategy.
    • Accountability lies with the CIO.
    • Must involve IT management and gather strategic input from the business.

    Becoming a digital business

    Automate tasks to free up time for innovation.

    Business activities (tasks, procedures, and processes, etc.) are used to create, sell, buy, and deliver goods and services.

    When we convert information into a readable format used by computers, we call this digitization (e.g. converting paper into digital format). When we convert these activities into a format to be processed by a computer, we have digitalization (e.g. scheduling appointments online).

    These two processes alter how work takes place in an organization and form the foundation of the concept digital transformation.

    We maintain that digital transformation is all about becoming a “digital business” – an organization that performs more than 66% of all work activities via executable code.

    As organizations take a step closer to this optimal state, new avenues are open to identify advances to promote growth, enhance customer experiences, secure sustainability, drive operational efficiencies, and unearth potential future business ventures.

    Key Concepts:

    Digital: The representation of a physical item in a format used by computers

    Digitization: Conversion of information and processes into a digital format

    Digitalization: Conversion of information into a format to be processed by a computer

    Why transform your business?

    COVID-19 has irrefutably changed livelihoods, businesses, and the economy. During the pandemic, digital tools have acted as a lifeline, helping businesses and economies survive, and in the process, have acted as a catalyst for digital transformation.

    As organizations continue to safeguard business continuity and financial recovery, in the long term, recovery won’t be enough.

    Although many pandemic/recession recovery periods have occurred before, this next recovery period will present two first-time challenges no one has faced before. We must find ways to:

    • Recover from the COVID-19 recession.
    • Compete in a digital economy.

    To grow and thrive in this post-pandemic world, organizations must provide meaningful and lasting changes to brace for a future defined by digital technologies. – Dana Daher, Info-Tech Research Group

    We are amid an economic transformation

    What we are facing today is a paradigm shift transforming the ways in which we work, live, and relate to one another.

    In the last 60 years alone, performance and productivity have been vastly improved by IT in virtually all economic activities and sectors. And today, digital technologies continue to advance IT's contribution even further by bringing unprecedented insights into economic activities that have largely been untouched by IT.

    As technological innovation and the digitalization of products and services continue to support economic activities, a fundamental shift is occurring that is redefining how we live, work, shop, and relate to one another.

    These rapid changes are captured in a new 21st century term:

    The Digital Economy.

    90% of CEOs believe the digital economy will impact their industry. But only 25% have a plan in place. – Paul Taylor, Forbes, 2020

    Analyst Perspective

    Become a Digital Business

    this is a picture of Research Fellow, Kenneth McGee

    Kenneth McGee
    Research Fellow

    Today, the world faces two profoundly complex, mega-challenges simultaneously:

    1. Ending the COVID-19 pandemic and recession.
    2. Creating strategies for returning to business growth.

    Within the past year, healthcare professionals have searched for and found solutions that bring real hope to the belief the global pandemic/recession will soon end.

    As progress towards ending COVID-19 continues, business professionals are searching for the most effective near-term and long-term methods of restoring or exceeding the rates of growth they were enjoying prior to 2020.

    We believe developing a digital business strategy can deliver cost savings to help achieve near-term business growth while preparing an enterprise for long-term business growth by effectively competing within the digital economy of the future.

    The Digital Economy

    The digital economy refers to a concept in which all economic activity is facilitated or managed through digital technologies, data, infrastructure, services, and products (OECD, 2020).

    The digital economy captures decades of digital trends including:

    • Declining enterprise computing costs
    • Improvements in computing power and performance; unprecedent analytic capabilities
    • Rapid growth in network speeds, affordability, and geographic reach
    • High adoption rates of PCs, mobile, and other computing devices

    These trends among others have set the stage to permanently alter how buying and selling will take place within and between local, regional, national, and international economies.

    The emerging digital economy concept is so compelling that the world economists, financial experts, and others are currently investigating how they must substantially rewrite the rules governing how taxes, trade, tangible and intangible assets, and countless other financial issues will be assessed and valued in a digital economy.

    Download Info-Tech’s Digital Economy Report

    Signals of Change

    60%
    of People on Earth Use the Internet
    (DataReportal, 2021)
    20%
    of Global Retail Sales Performed via E-commerce
    (eMarketer, 2021)
    6.64T
    Global Business-to-Business
    E-commerce Market
    (Derived from The Business Research Company, 2021)
    9.6%
    of US GDP ($21.4T) accounted for by the digital economy ($2.05T)
    (Bureau of Economic Analysis, 2021)

    The digital economy captures technological developments transforming the way in which we live, work, and socialize

    Technological evolution

    this image contains a timeline of technological advances, from computers and information technology, to the digital economy of the future

    Info-Tech’s approach to digital business strategy

    A path to thrive in a digital economy.

    1. Identify top value chains to be transformed
    2. Identify a digitally enabled growth opportunity
    3. Transform stakeholder journeys
    4. Build a digital transformation roadmap

    Info-Tech Insight

    Pre-pandemic digital strategies have been primarily focused on automation. However, your post-pandemic digital strategy must focus on driving resilience for growth opportunities.

    The Info-Tech difference:

    • Understand how your organization creates value today to identify opportunities for digital transformation.
    • Leverage strategic foresight to evaluate how complex trends can evolve over time and identify opportunities to leapfrog competitors.
    • Design a journey map to empathize with your customers and identify opportunities to streamline or enhance existing and new experiences.
    • Create a balanced roadmap that improves digital maturity and prepares you for long-term success in a digital economy.

    A digital transformation starts by transforming how you deliver value today

    As digital transformation is an effort to transform how you deliver value today, it is important to understand the different value-generating activities that deliver an outcome for and from your customers.

    We do this by looking at value streams –which refer to the specific set of activities an industry player undertakes to create and capture value for and from the end consumer (and so the question to ask is, how do you make money as an organization?).

    Our approach helps you to digitally transform those value streams that generate the most value for your organization.

    Higher Education Value stream

    Recruitment → Admission → Student Enrolment → Instruction & Research → Graduation → Advancement

    Local Government Value Stream

    Sustain Land, Property, and the Environment → Facilitate Civic Engagement → Protect Local Health and Safety → Grow the Economy → Provide Regional Infrastructure

    Manufacturing Value Stream

    Design Product → Produce Product → Sell Product

    Visit Info-Tech’s Industry Coverage Research to identify your industry’s value streams

    Assess your external environment to identify new value generators

    Assessing your external environment allows you to identify trends that will have a high impact on how you deliver value today.

    Traditionally, a PESTLE analysis is used to assess the external environment. While this is a helpful tool, it is often too broad as it identifies macro trends that are not relevant to an organization's addressable market. That is because not every factor that affects the macro environment (for example, the country of operation) affects a specific organization’s industry in the same way.

    And so, instead of simply assessing the macro environment and trying to project its evolution along the PESTLE factors, we recommend to:

    • Conduct a PESTLE first and deduce, from the analysis, what are possible shifts in six characteristics of an organization’s industry, or
    • Proceed immediately with identifying evolutionary trends that impact the organization’s direct market.

    the image depicts the relationship of factors from the Macro Environment, to the Industry/Addressable Market, to the Organization. the macro environmental factors are Political; Economic; Social; Technological; Legal; and Environmental. the Industry/addressable market factors are the Customer; Talent; Regulation; technology and; Supply chain.

    Info-Tech Insight

    While PESTLE is helpful to scan the macro environment, the analysis often lacks relevance to an organization’s industry.

    An analysis of evolutionary shifts in five industry-specific characteristics would be more effective for identifying trends that impact the organization

    A Market Evolution Trend Analysis (META) identifies changes in prevailing market conditions that are directly relevant to an organization’s industry, and thus provides some critical input to the strategy design process, since these trends can bring about strategic risks or opportunities.
    Shifts in these five characteristics directly impact an organization:

    ORGANIZATION

    • Customer Expectations
    • Talent Availability
    • Regulatory System
    • Supply Chain Continuity
    • Technological Landscape

    Capture existing and new value generators through a customer journey map

    As we prioritize value streams, we break them down into value chains – that is the “string” of processes that interrelate that work.

    However, once we identify these value chains and determine what parts we wish to digitally transform, we take on the perspective of the user, as the way they interact with your products and services will be different to the view of those within the organization who implement and provide those services.

    This method allows us to build an empathetic and customer-centric lens, granting the capability to uncover challenges and potential opportunities. Here, we may define new experiences or redesign existing ones.

    This image contains an example of how a school might use a value chain and customer journey map. the value streams listed include: Recruitment; Admission; Student Enrolment; Instruction& Research; Graduation; and Advancement. the Value chain for the Instruction and Research Value stream. The value chain includes: Research; Course Creation, Delivery, and assessment. The Customer journey map for curricula delivery includes: Understanding the needs of students; Construct the course material; Deliver course material; Conduct assessment and; Upload Grades into system

    A digital transformation is not just about customer journeys but also about building business resilience

    Pre-pandemic, a digital transformation was primarily focused around improving customer experiences. Today, we are facing a paradigm shift in the way in which we capture the priorities and strategies for a digital transformation.

    As the world grows increasingly uncertain, organizations need to continue to focus on improving customer experience while simultaneously protecting their enterprise value.

    Ultimately, a digital transformation has two purposes:

    1. The classical model – whereby there is a focus on improving digital experiences.
    2. Value protection or the reduction of enterprise risk by systematically identifying how the organization delivers value and digitally transforming it to protect future cashflows and improve the overall enterprise value.
    Old Paradigm New Paradigm
    Predictable regulatory changes with incremental impact Unpredictable regulatory changes with sweeping impact
    Reluctance to use digital collaboration Wide acceptance of digital collaboration
    Varied landscape of brick-and-mortar channels Last-mile consolidation
    Customers value brand Customers value convenience/speed of fulfilment
    Intensity of talent wars depends on geography Broadened battlefields for the war for talent
    Cloud-first strategies Cloud-only strategies
    Physical assets Aggressive asset decapitalization
    Digitalization of operational processes Robotization of operational processes
    Customer experience design as an ideation mechanism Business resilience for value protection and risk reduction

    Key deliverable:

    Digital Business Strategy Presentation Template

    A highly visual and compelling presentation template that enables easy customization and executive-facing content.

    three images are depicted, which contain slides from the Digital Business Strategy presentation template, which will be available in 2022.

    *Coming in 2022

    Blueprint deliverables

    The Digital Business Strategy Workbook supports each step of this blueprint to help you accomplish your goals:

    Initiative Prioritization

    A screenshot from the Initiative Prioritization blueprint is depicted, no words are legible in the image.

    Use the weighted scorecard approach to evaluate and prioritize your opportunities and initiatives.

    Roadmap Gantt Chart

    A screenshot from the Roadmap Gantt Chart blueprint is depicted, no words are legible in the image.

    Populate your Gantt chart to visually represent your key initiative plan over the next 12 months.

    Journey Mapping Workbook

    A screenshot from the Journey Mapping Workbook blueprint is depicted, no words are legible in the image.

    Populate the journey maps to evaluate a user experience over its end-to-end journey.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 0 Phase 1 Phase 2 Phase 3 Phase 4
    Call #1:
    Discuss business context and customize your organization’s capability map.
    Call #2:
    Assess business ecosystem.
    Call #3:
    Perform horizon scanning and trends identification.
    Call #5:
    Identify stakeholder personas and scenarios.
    Call #7:
    Discuss initiative generation and inputs into roadmap.
    Call #3:
    Identify how your organization creates value.
    Call #4:
    Discuss value chain impact.
    Call #6:
    Complete journey mapping exercise.
    Call #8:
    Summarize results and plan next steps.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.
    A typical GI is between 8 to 12 calls over the course of 2 to 4 months.

    Workshop Requirements

    Business Inputs

    Gather business strategy documents and find information on:

    • Business goals
    • Current transformation initiatives
    • Business capabilities to create or enhance
    • Identify top ten revenue and expense generators
    • Identify stakeholders

    Interview the following stakeholders to uncover business context information:

    • CEO
    • CIO

    Download the Business Context Discovery Tool

    Optional Diagnostic

    • Assess your digital maturity (Concierge Service)

    Visit Assess Your Digital Maturity

    Phase 1

    Identify top value chains to be transformed

    • Understand the business
    • Assess your business ecosystem
    • Identify two value chains for transformation

    This phase will walk you through the following activities:

    Understand how your organization delivers value today and identify value chains to be transformed.

    This phase involves the following participants:

    A cross-functional cohort across all levels of the organization.

    Outcomes

    • Business ecosystem
    • Existing value chains to be transformed

    Step 1.1

    Understand the business

    Activities

    • Review business documents.

    Identify top value chains to be transformed

    This step will walk you through the following activities:

    In this section you will gain an understanding of the business context for your strategy.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    Business Context

    Understand the business context

    Understanding the business context is a must for all strategic initiatives. A pre-requisite to all strategic planning should be to elicit the business context from your business stakeholders.

    Inputs Document(s)/ Method Outputs
    Key stakeholders Strategy Document Stakeholders that are actively involved in, affected by or influence outcome of the organization, e.g. employers, customers, vendors.
    Vision and mission of the organization Website Strategy Document What the organization wants to achieve and how it strives to accomplish those goals.
    Business drivers CEO Interview Inputs and activities that drive the operational and financial results of the organization.
    Key targets CEO Interview Quantitative benchmarks to support strategic goals, e.g. double the enterprise EBITD, improve top-of-mind brand awareness by 15%,
    Strategic investment goals CFO Interview
    Digital Strategy
    Financial investments corresponding with strategic objectives of the organization, e.g. geographic expansion, digital investments.
    Top three value-generating lines of business Financial Document Identification of your top three value-generating products and services or lines of business.
    Goals of the organization over the next 12 months Strategy Document
    Corporate Retreat Notes
    Strategic goals to support the vision, e.g. hire 100 new sales reps, improve product management and marketing.
    Top business initiatives over the next 12 months Strategy Document
    CEO Interview
    Internal campaigns to support strategic goals, e.g. invest in sales team development, expand the product innovation team.
    Business model Strategy Document Products or services that the organization plans to sell, the identified market and customer segments, price points, channels and anticipated expenses.
    Competitive landscape Internal Research Analysis Who your typical or atypical competitors are.

    1.1 Understand the business context

    Objective: Elicit the business context with a careful review of business and strategy documents.

    1. Gather the strategy creation team and review your business context documents. This includes business strategy documents, interview notes from executive stakeholders, and other sources for uncovering the business strategy.
    2. Brainstorm in smaller groups answers to the question you were assigned:
      • What are the strengths and weaknesses of the organization?
      • What are some areas of improvement or opportunity?
      • What does it mean to have a digital business strategy?
    3. Discuss the questions above with participants and document key findings. Share with the group and work through the balanced scorecard questions to complete this exercise.
    4. Document your findings.

    Assess your digital readiness with Info-Tech’s Digital Maturity Assessment

    Input

    • Business Strategy Documents
    • Executive Stakeholder Interviews

    Output

    • Business Context Information

    Materials

    • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

    Participants

    • Executive Team

    Step 1.2

    Assess your business ecosystem

    Activities

    • Identify disruptors and incumbents.

    Info-Tech Insight

    Your digital business strategy cannot be formulated without a clear vision of the evolution of your industry.

    Identify top value chains to be transformed

    This step will walk you through the following activities:

    In this section, we will assess who the incumbents and disruptors are in your ecosystem and identify who your stakeholders are.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    Business Ecosystem

    Assess your business ecosystem

    Understand the nature of your competition.

    Learn what your competitors are doing.

    To survive, grow, or transform in today's digital era, organizations must first have a strong pulse on their business ecosystem. Learning what your competitors are doing to grow their bottom line is key to identifying how to grow your own. Start by understanding who the key incumbents and disruptors in your industry are to identify where your industry is heading.

    Incumbents: These are established leaders in the industry that possess the largest market share. Incumbents often focus their attention to their most demanding or profitable customers and neglect the needs of those down market.

    Disruptors: Disruptors are primarily new entrants (typically startups) that possess the ability to displace the existing market, industry, or technology. Disruptors are often focused on smaller markets that the incumbents aren’t focused on. (Clayton Christenson, 1997)

    An image is shown demonstrating the relationship within an industry between incumbents, disruptors, and the organization. The incumbents are represented by two large purple circles. The disruptors are represented by 9 smaller blue circles, which represent smaller individual customer bases, but overall account for a larger portion of the industry.

    ’Disruption’ specifically refers to what happens when the incumbents are so focused on pleasing their most profitable customers that they neglect or misjudge the needs of their other segments.– Ilan Mochari, Inc., 2015

    Example Business Ecosystem Analysis

    Business Target Market & Customer Product/Service & Key Features Key Differentiators Market Positioning
    University XYZ
    • Local Students
    • Continuous Learner
    • Certificate programs
    • Associate degrees
    • Strong engineering department with access to high-quality labs
    • Strong community impact
    Affordable education with low tuition cost and access to bursaries & scholarships.
    University CDE University CDE
    • Local students
    • International students
    • Continuous learning students
    • Continuous learning offerings (weekend classes)
    • Strong engineering program
    • Strong continuous learning programs
    Outcome focused university with strong co-ops/internship programs and career placements for graduates
    University MNG
    • Local students
    • Non degree, freshman and continuous learning adults
    • Associate degrees
    • Certificate programs (IT programs)
    • Dual credit program
    • More locations/campuses
    • Greater physical presence
    • High web presence
    Nurturing university with small student population and classroom sizes. University attractive to adult learners.
    Disruptors Online Learning Company EFG
    • Full-time employees & executives– (online presence important)
    • Shorter courses
    • Full-time employees & executives– (online presence important)
    Competitive pricing with an open acceptance policy
    University JKL Online Credential Program
    • High school
    • University students
    • Adult learners
    • Micro credentials
    • Ability to acquire specific skills
    Borderless and free (or low cost) education

    1.2 Understand your business ecosystem

    Objective: Identify the incumbents and disruptors in your business ecosystem.

    1. Identify the key incumbents and disruptors in your business ecosystem.
      • Incumbents: These are established leaders in the industry that possess the largest market share.
      • Disruptors: Disruptors are primarily new entrants (startups) that possess the ability to displace the existing market, industry, or technology.
    2. Identify target market and key customers. Who are the primary beneficiaries of your products or service offerings? Your key customers are those who keep you in business, increase profits, and are impacted by your operations.
    3. Identify what their core products or services are. Assess what core problem their products solve for key customers and what key features of their solution support this.
    4. Assess what the competitors' key differentiators are. There are many differentiators that an organization can have, examples include product, brand, price, service, or channel.
    5. Identify what the organization’s value proposition is. Why do customers come to them specifically? Leverage insights from the key differentiators to derive this.
    6. Finally, assess how your organization derives value relative to your competitors.

    Input

    • Market Assessment

    Output

    • Key Incumbents and Disruptors

    Materials

    • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

    Participants

    • Executive Team

    Step 1.3

    Value-chain prioritization

    Activities

    • Identify and prioritize value chains for innovation.

    Identify top value chains to be transformed

    This step will walk you through the following activities:

    Identify and prioritize how your organization currently delivers value today and identify value chains to be transformed.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    Prioritized Value Chains

    Determine what value the organization creates

    Identify areas for innovation.

    Value streams and value chains connect business goals to the organization’s value realization activities. They enable an organization to create and capture value in the market place by engaging in a set of interconnected activities. Those activities are dependent on the specific industry segment an organization operates within.

    Different types of value your organization creates

    This an example of a value chain which a school would use to analyze how their organization creates value. The value streams listed include: Recruitment; Admission; Student Enrolment; Instruction& Research; Graduation; and Advancement. the Value chain for the Student enrolment stream is displayed. The value chain includes: Matriculation; Enrolment into a Program and; Unit enrolment.

    Value Streams

    A value stream refers to the specific set of activities an industry player undertakes to create and capture value for and from the end consumer.

    Value Chains

    A value chain is a ”string” of processes within a company that interrelate and work together to meet market demand. Examining the value chain of a company will reveal how it achieves competitive advantage.

    Visit Info-Tech’s Industry Coverage Research to identify value streams

    Begin with understanding your industry’s value streams

    Value Streams

    Recruitment

    • The promotion of the institution and the communication with prospective students is accommodated by the recruitment component.
    • Prospective students are categorized as domestic and international, undergraduate and graduate. Each having distinct processes.

    Admission

    • Admission into the university involves processes distinct from recruitment. Student applications are processed and evaluated and the students are informed of the decision.
    • This component is also concerned with transfer students and the approval of transfer credits.

    Student Enrolment

    • Student enrolment is concerned with matriculation when the student first enters the institution, and subsequent enrolment and scheduling of current students.
    • The component is also concerned with financial aid and the ownership of student records.

    Instruction & Research

    • Instruction involves program development, instructional delivery and assessment, and the accreditation of courses of study.
    • The research component begins with establishing policy and degree fundamentals and concerns the research through to publication and impact assessment.

    Graduation

    • Graduation is not only responsible for the ceremony but also the eligibility of the candidate for an award and the subsequent maintenance of transcripts.

    Advancement

    • Alumni relations are the first responsibility of advancement. This involves the continual engagement with former students.
    • Fundraising is the second responsibility. This includes the solicitation and stewardship of gifts from alumni and other benefactors.

    Value stream defined…

    Value streams connect business goals to the organization’s value realization activities in the marketplace. Those activities are dependent on the specific industry segment in which an organization operates.

    There are two types of value streams: core value streams and support value streams.

    • Core value streams are mostly externally facing. They deliver value to either an external or internal customer and they tie to the customer perspective of the strategy map.
    • Support value streams are internally facing and provide the foundational support for an organization to operate.

    An effective method for ensuring all value streams have been considered is to understand that there can be different end-value receivers.

    Leverage your industry’s capability maps to identify value chains

    Business Capability Map Defined

    A business capability defines what a business does to enable value creation, rather than how. Business capabilities:

    • Represent stable business functions.
    • Are unique and independent of each other.
    • Typically, will have a defined business outcome.

    A capability map is a great starting point to identify value chains within an organization as it is a strong indicator of the processes involved to deliver on the value streams.

    this image contains an example of a business capability map using the value streams identified earlier in this blueprint.

    Info-Tech Insight

    Leverage your industry reference architecture to define value streams and value chains.

    Visit Info-Tech’s Industry Coverage Research to identify value streams

    Prioritize value streams to be supported or enhanced

    Use an evaluation criteria that considers both the human and business value generators that these streams provide.

    two identical value streams are depicted. The right most value stream has Student Enrolment and Instruction Research highlighted in green. between the two streams, are two boxes. In these boxes is the following: Business Value: Profit; Enterprise Value; Brand value. Human Value: Faculty satisfaction; Student satisfaction; Community impact.

    Info-Tech Insight

    To produce maximum impact, focus on value streams that provide two-thirds of your enterprise value.

    Business Value

    Assess the value generators to the business, e.g. revenue dollars, enterprise value, cost or differentiation (competitiveness), etc.

    Human Value

    Assess the value generators to people, e.g. student/faculty satisfaction, well-being, and social cohesion.

    Identify value chains for transformation

    Value chains, pioneered by the academic Michael Porter, refer to the ”string” of processes within a company that interrelate and work together to meet market demand. An organization’s value chain is connected to the larger part of the value stream. This perspective of how value is generated encourages leaders to see each activity as a part of a series of steps required deliver value within the value stream and opens avenues to identify new opportunities for value generation.

    this image depicts two sample value chains for the value streams: student enrolment and Instruction & Research. Each value chain has a stakeholder associated with it. This is the primary stakeholder that seeks to gain value from that value chain.

    Prioritize value chains for transformation

    Once we have identified the key value chains within each value stream element, evaluate the individual processes within the value chain to identify opportunities for transformation. Evaluate the value chain processes based on the level of pain experienced by a stakeholder to accomplish that task, and the financial impact that level of the process has on the organization.

    this image depicts the same value chains as the image above, with a legend showing which steps have a financial impact, which steps have a high degree of risk, and which steps are prioritized for transformation. Matriculation and publishing are shown to have a financial impact. Research foundation is shown to have a high degree of risk, and enrollment into a program and conducting research are prioritized for transformation.

    1.3 Value chain analysis

    Objective: Determine how the organization creates value, and prioritize value chains for innovation.

    1. The first step of delivering value is defining how it will happen. Use the organization’s industry segment to start a discussion on how value is created for customers. Working back from the moment value is realized by the customer, consider the sequential steps required to deliver value in your industry segment.
    2. Define and validate the organization’s value stream. Write a short description of the value stream that includes a statement about the value provided and a clear start and end for the value stream.
    3. Prioritize the value streams based on an evaluation criteria that reflects business and human value generators to the organization.
    4. Identify value chains that are associated with each value stream. The value chains refer to a string of processes within the value stream element. Each value chain also captures a particular stakeholder that benefits from the value chain.
    5. Once we have identified the key value chains within each value stream element, evaluate the individual processes within the value chain and identify areas for transformation. Evaluate the value chain processes based on the level of pain or exposure to risk experienced by a stakeholder to accomplish that task and the financial impact that level of the process has on the organization.

    Visit Info-Tech’s Industry Coverage Research to identify value streams and capability maps

    Input

    • Market Assessment

    Output

    • Key Incumbents and Disruptors

    Materials

    • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

    Participants

    • Executive Team

    Phase 2

    Identify a digitally enabled growth opportunity

    • Conduct horizon scan
    • Identify leapfrog idea
    • Conduct value chain impact analysis

    This phase will walk you through the following activities:

    Assess trends that are impacting your industry and identify strategic growth opportunities.

    This phase involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes

    Identify new growth opportunities and value chains impacted

    Phase 2.1

    Horizon scanning

    Activities

    • Scan the internal and external environment for trends.

    Info-Tech Insight

    Systematically scan your environment to identify avenues or opportunities to skip one or several stages of technological development and stay ahead of disruption.

    Identify a digitally enabled growth opportunity

    This step will walk you through the following activities:

    Scan the environment for external environment for megatrends, trends, and drivers. Prioritize trends and build a trends radar to keep track of trends within your environment.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    Growth opportunity

    Horizon scanning

    Understand how your industry is evolving.

    Horizon scanning is a systematic analysis of detecting early signs of future changes or threats.

    Horizon scanning involves scanning, analyzing, and communicating changes in an organization’s environment to prepare for potential threats and opportunities. Much of what we know about the future is based around the interactions and trajectory of macro trends, trends, and drivers. These form the foundations for future intelligence.

    Macro Trends

    A macro trend captures a large-scale transformative trend that could impact your addressable market.

    Trends

    A trend captures a business use case of the macro trend. Consider trends in relation to competitors in your industry.

    Drivers

    A driver is an underlying force causing the trend to occur. There can be multiple causal forces, or drivers, that influence a trend, and multiple trends can be influenced by the same causal force.

    Identify signals of change in the present and their potential future impacts.

    Identifying macro trends

    A macro trend captures a large-scale transformative trend that could change the addressable market. Here are some examples of macro trends to consider when horizon scanning for your own organization:

    Talent Availability

    • Decentralized workforce
    • Hybrid workforce
    • Diverse workforce
    • Skills gap
    • Digital workforce
    • Multigenerational workforce

    Customer Expectations

    • Personalization
    • Digital experience
    • Data ownership
    • Transparency
    • Accessibility

    Technological Landscape

    • AI & robotics
    • Virtual world
    • Ubiquitous connectivity,
    • Genomics
    • Materials (smart, nano, bio)

    Regulatory System

    • Market control
    • Economic shifts
    • Digital regulation
    • Consumer protection
    • Global green

    Supply Chain Continuity

    • Resource scarcity
    • Sustainability
    • Supply chain digitization
    • Circular supply chains
    • Agility

    Identifying trends and drivers

    A trend captures a business use case of a macro trend. Assessing trends can reduce some uncertainties about the future and highlight potential opportunities for your organization. A driver captures the internal or external forces that lead the trend to occur. Understanding and capturing drivers is important to understanding why these trends are occurring and the potential impacts to your value chains.

    This image contains a flow chart, demonstrating the relationship between Macro trends, Trends, and Drivers. in this example, the macro trend is Accessibility. The Trends, or patterns of change, are an increase in demands for micro-credentials, and Preference for eLearning. The Drivers, or the why, are addressing skill gaps for increase in demand for micro-credentials, and Accommodating adult/working learners- for Preference for eLearning.

    Leverage industry roundtables and trend reports to understand the art of the possible

    Uncover important business and industry trends that can inform possibilities for technology innovation.

    Explore trends in areas such as:

    • Machine Learning
    • Citizen Dev 2.0
    • Venture Architecture
    • Autonomous Organizations
    • Self-Sovereign Cloud
    • Digital Sustainability

    Market research is critical in identifying factors external to your organization and identifying technology innovation that will provide a competitive edge. It’s important to evaluate the impact each trend or opportunity will have in your organization and market.

    Visit Info-Tech’s Trends & Priorities Research Center

    Visit Info-Tech’s Industry Coverage Research to identify your industry’s value streams

    this image contains three screenshots from Rethinking Higher Education Report and 2021 Tech Trends Report

    Images are from Info-Tech’s Rethinking Higher Education Report and 2021 Tech Trends Report

    Example horizon scanning activity

    Macro Trends Trends Drivers
    Talent Availability Diversity Inclusive campus culture Systemic inequities
    Hybrid workforce Online learning staff COVID-19 and access to physical institutions
    Customer Expectations Digital experience eLearning for working learners Accommodate adult learners
    Accessibility Micro-credentials for non-traditional students Addressing skills gap
    Technological Landscape Artificial intelligence and robotics AI for personalized learning Hyper personalization
    IoT IoT for monitoring equipment Asset tracking
    Augmented reality Immersive education AR and VR Personalized experiences
    Regulatory System Regulatory System Alternative funding for research Changes in federal funding
    Global Green Environmental and sustainability education curricula Regulatory and policy changes
    Supply Chain Continuity Circular supply chains Vendors recycling outdated technology Sustainability
    Cloud-based solutions Cloud-based eLearning software Convenience and accessibility

    Visit Info-Tech’s Industry Coverage Research to identify your industry’s value streams

    Prioritize trends

    Develop a cross-industry holistic view of trends.

    Visualize emerging and prioritize action.

    Moving from horizon scanning to action requires an evaluation process to determine which trends can lead to growth opportunities. First, we need to make a short list of trends to analyze. For your digital strategy, consider trends on the time horizon that are under 24 months. Next, we need to evaluate the shortlisted opportunities by a second set of criteria: relevance to your organization and impact on industry.

    Timing

    The estimated time to disruption this trend will have for your industry. Assess whether the trend will require significant developments to support its entry into the ecosystem.

    Relevance

    The relevance of the trend to your organization. Does the trend fulfil the vision or goals of the organization?

    Impact

    The degree of impact the trend will have on your industry. A trend with high impact will drive new business models, products, or services.

    Prioritize trends to adopt into your organization

    Prioritize trends based on timing, impact, and relevance.

    Trend Timing
    (S/M/L)
    Impact
    (1-5)
    Relevance
    ( 1-5)
    1. Micro-credentialing S 5 5
    2. IoT-connected devices for personalized experience S 1 3
    3. International partnerships with educational institutions M
    4. Use of chatbots throughout enrollment process L
    5. IoT for energy management of campus facilities L
    6. Gamification of digital course content M
    7. Flexible learning curricula S 4 3
    Deprioritize trends
    that have a time frame
    to disruption of more
    than 24 months.
    this image contains a graph demonstrating the relationship between relevance (x axis) and Impact (Y axis).

    2.1 Scanning the horizon

    Objective: Generate trends

    60 minutes

    • Start by selecting macro trends that are occurring in your environment using the five categories. These are the large-scale transformative trends that impact your addressable market. Macro trends have three key characteristics:
      • They span over a long period of time.
      • They impact all geographic regions.
      • They impact governments, individuals, and organizations.
    • Begin to break down these macro trends into trends. Trends should reflect the direction of a macro trend and capture the pattern in events. Consider trends that directly impact your organization.
    • Understand the drivers behind these trends. Why are they occurring? What is driving them? Understanding the drivers helps us understand the value they may generate.
    • Deprioritize trends that are expected to happen beyond 24 months.
    • Prioritize trends that have a high impact and relevance to the organization.
    • If you identify more than one trend, discuss with the group which trend you would like to pursue and limit it to one opportunity.

    Input

    • Macro Trends
    • Trends

    Output

    • Trends Prioritization

    Materials

    • Digital Strategy Workbook

    Participants

    • Executive Team

    Step 2.2

    Leapfrogging ideation

    Activities

    • Identify leapfrog ideas.
    • Identify impact to value chain.

    Info-Tech Insight

    A systematic approach to leapfrog ideation is one of the most critical ways in which an organization can build the capacity for resilient innovation.

    This step will walk you through the following activities:

    Evaluate trend opportunities and determine the strategic opportunities they pose. You will also work towards identifying the impact the trend has on your value chain.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    • Strategic growth opportunities
    • Value chain impact

    Leapfrog into the future

    Turn trends into growth opportunities.

    To thrive in the digital age, organizations must innovate big, leverage internal creativity, and prepare for flexibility.

    In this digital era, organizations are often playing catch up to a rapidly evolving technological landscape and following a strict linear approach to innovation. However, this linear catch-up approach does not help companies get ahead of competitors. Instead, organizations must identify avenues to skip one or several stages of technological development to leapfrog ahead of their competitors.

    The best way to predict the future is to invent it. – Alan Kay

    Leapfrogging takes place when an organization introduces disruptive innovation into the market and sidesteps competitors who are unable to mobilize to respond to the opportunities.

    Case Study

    Classroom of the Future

    Higher Education: Barco’s Virtual Classroom at UCL

    University College London (UCL), in the United Kingdom, selected Barco weConnect virtual classroom technology for its continuing professional development medical education offering. UCL uses the platform for synchronous teaching, where remote students can interact with a lecturer.

    One of the main advantages of the system is that it enables direct interaction with students through polls, questions, and whiteboarding. The system also allows you to track student engagement in real time.

    The system has also been leveraged for scientific research and publications. In their “Delphi” process, key opinion leaders were able to collaborate in an effective way to reach consensus on a subject matter. The processes that normally takes months were successfully completed in 48 hours (McCann, 2020).

    Results

    The system has been largely successful and has supported remote, real-time teaching, two-way engagement, engagement with international staff, and an overall enriched teaching experience.

    Funnel trends into leapfrog ideas

    Go from trend insights into ideas.

    Brainstorm ways of generating leapfrog ideas from trend insights.

    Dealing with trends is one of the most important tasks for innovation. It provides the basis of developing the future orientation of the organization. However, being aware of a trend is one thing, to develop strategies for response is another.

    To identify the impact the trend has on the organization, consider the four areas of growth strategies for the organization:

    1. New Customers: Leverage the trend to target new customers for existing products or services.
    2. New Business Models: Adjust the business model to capture a change in how the organization delivers value.
    3. New Markets: Enter or create new markets by applying existing products or services to different problems.
    4. New Product or Service Offerings: Introduce new products or services to the existing market.
    A funnel shaped image is depicted. At the top, at the entrance of the funnel, is the word Trend. At the bottom of the image, at the output of the funnel, is the word Opportunity.

    From trend to leapfrog ideas

    Trend New Customer New Market New Business Model New Product or Service
    What trends pose a high-immediate impact to the organization? Target new customers for existing products or services Enter or create new markets by applying existing products or services to different problems Adjust the business model to capture a change in how the organization delivers value Introduce new products or services to the existing market
    Micro-credentials for non-traditional students Target non-traditional learners/students - Online delivery Introduce mini MBA program

    2.2 Identify and prioritize opportunities

    60 minutes

    1. Gather the prioritized trend identified in the horizon scanning exercise (the trend identified to be “adopted” within the organization).
    2. Analyze each trend identified and assess whether the trend provides an opportunity for a new customers, new markets, new business models, or new products and services.

    Input

    • “Adopt” Trends

    Output

    • Trends to pursue
    • Breakdown of strategic opportunities that the trends pose

    Materials

    • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

    Participants

    • Executive Team

    Step 2.3

    Value chain impact

    Activities

    • Identify impact to value chain.

    This step will walk you through the following activities:

    Evaluate trend opportunities and determine the strategic opportunities they pose. Prioritize the opportunities and identify impact to your value chain.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    • Strategic growth opportunities

    Value chain analysis

    Identify implications of strategic growth opportunities to the value chains.

    As we identify and prioritize the opportunities available to us, we need to assess their impacts on value chains. Does the opportunity directly impact an existing value chain? Or does it open us to the creation of a new value chain?

    The value chain perspective allows an organization to identify how to best minimize or enhance impacts and generate value.
    As we move from opportunity to impact, it is important to break down opportunities into the relevant pieces so we can see a holistic picture of the sources of differentiation.

    this image depicts the value chain for the value stream, student enrolment.

    2.3 Value chain impact

    Objective: Identify impacts to the value chain from the opportunities identified.
    60 minutes

    1. Once you have identified the opportunity, turn back to the value stream, and with the working group, identify the value stream impacted most by the opportunity. Leverage the human impact/business impact criteria to support the identification of the value stream to be impacted.
    2. Within the value stream, brainstorm what parts of the value chain will be impacted by the new opportunity. Or ask whether this new opportunity provides you with a new value chain to be created.
    3. If this opportunity will require a new value chain, identify what set of new processes or steps will be created to support this new entrant.
    4. Identify any critical value chains that will be impacted by the new opportunity. What areas of the value chain pose the greatest risk? And where can we estimate the financial revenue will be impacted the most?

    Input

    • Opportunity

    Output

    • Value chains impacted

    Materials

    • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

    Participants

    • Executive Team

    Phase 3

    Transform stakeholder journeys

    • Identify stakeholder personas and scenarios
    • Conduct journey map
    • Identify projects

    This phase will walk you through the following activities:

    Take the prioritized value chains and create a journey map to capture the end-to-end experience of a stakeholder.

    Through a journey mapping exercise, you will identify opportunities to digitize parts of the journey. These opportunities will be broken down into functional initiatives to tackle in your strategy.

    This phase involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes

    1. Stakeholder persona
    2. Stakeholder scenario
    3. Stakeholder journey map
    4. Opportunities

    Step 3.1

    Identify stakeholder persona and journey scenario

    Activities

    • Identify stakeholder persona.
    • Identify stakeholder journey scenario.

    Transform stakeholder journeys

    This step will walk you through the following activities:

    In this step, you with identify stakeholder personas and scenarios relating to the prioritized value chains.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    • A taxonomy of critical stakeholder journeys.

    Identify stakeholder persona and journey scenario

    From value chain to journey scenario.

    Stakeholder personas and scenarios help us build empathy towards our customers. It helps put us into the shoes of a stakeholder and relate to their experience to solve problems or understand how they experience the steps or processes required to accomplish a goal. A user persona is a valuable basis for stakeholder journey mapping.

    A stakeholder scenario describes the situation the journey map addresses. Scenarios can be real (for existing products and services) or anticipated.

    A stakeholder persona is a fictitious profile to represent a customer or a user segment. Creating this persona helps us understand who your customers really are and why they are using your service or product.

    Learn more about applying design thinking methodologies

    Identify stakeholder scenarios to map

    For your digital strategy, leverage the existing and opportunity value chains identified in phase 1 and 2 for journey mapping.

    Identify two existing value chains to be transformed.
    In section 1, we identified existing value chains to be transformed. For example, your stakeholder persona is a member of the faculty (engineering), and the scenario is the curricula design process.
    this image contains the value chains for instruction (engineering) and enrolment of engineering student. the instruction(engineering) value chain includes curricula research, curricula design, curricula delivery, and Assessment for the faculty-instructor. The enrolment of engineering student value chain includes matriculation, enrolment into a program, and unit enrolment for the student. In the instruction(engineering) value chain, curricula design is highlighted in blue. In the enrolment of engineering student value chain, Enrolment into a program is highlighted.
    Identify one new value chain.
    In section 2, we identified a new value chain. However, for a new opportunity, the scenario is more complex as it may capture many different areas of a value chain. Subsequently, a journey map for a new opportunity may require mapping all parts of the value chain.
    this image contains an example of a value chain for micro-credentialing (mini online MBA)

    Identify stakeholder persona

    Who are you transforming for?

    To define a stakeholder scenario, we need to understand who we are mapping for. In each value chain, we identified a stakeholder who gains value from that value chain. We now need to develop a stakeholder persona: a representation of the end user to gain a strong understanding of who they are, what they need, and their pains and gains.

    One of the best ways to flesh out your stakeholder persona is to engage with the stakeholders directly or to gather the input of those who may engage with them within the organization.

    For example, if we want to define a journey map for a student, we might want to gather the input of students or teaching faculty that have firsthand encounters with different student types and are able to define a common student type.

    Info-Tech Insight

    Run a survey to understand your end users and develop a stronger picture of who they are and what they are seeking to gain from your organization.

    Example Stakeholder Persona

    Name: Anne
    Age: 35
    Occupation: Engineering Faculty
    Location: Toronto, Canada

    Pains

    What are their frustrations, fears, and anxieties?

    • Time restraints
    • Using new digital tools
    • Managing a class while incorporating individual learning
    • Varying levels within the same class
    • Unmotivated students

    What do they need to do?

    What do they want to get done? How will they know they are successful?

    • Design curricula in a hybrid mode without loss of quality of experience of in-classroom learning.

    Gains

    What are their wants, needs, hopes, and dreams?

    • Interactive content for students
    • Curriculum alignment
    • Ability to run a classroom lab (in hybrid format)
    • Self-paced and self-directed learning opportunities for students

    (Adapted from Osterwalder, et al., 2014)

    Define a journey statement for mapping

    Now that we understand who we are mapping for, we need to define a journey statement to capture the stakeholder journey.
    Leverage the following format to define the journey statement.
    As a [stakeholder], I need to [prioritized value chain task], so that I can [desired result or overall goal].

    this image contains the instruction(engineering) value chain shown above. next to it is a stakeholder journey statement, which states: As an engineering faculty member, I want to design my curricula in a hybrid mode of delivery so that I can simulate in-classroom experiences.

    3.1 Identify stakeholder persona and journey scenario

    Objective: Identify stakeholder persona and journey scenario statement for journey mapping exercise.

    1. Start by identifying who your stakeholder is. Give your stakeholder a demographic profile – capture a typical stakeholder for this value chain.
    2. Identify what the gains and pains are during this value chain and what the stakeholder is seeking to accomplish.
    3. Looking at the value chain, create a statement that captures the goals and needs of the stakeholder. Use the following format to create a statement:
      As a [stakeholder], I need to [prioritized value chain task], so that I can [desired result or overall goal].

    Input

    • Prioritized Value Chains (existing and opportunity)

    Output

    • Stakeholder Persona
    • Stakeholder Journey Statement

    Materials

    • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)
    • Stakeholder Persona Canvas

    Participants

    • Executive Team
    • Stakeholders (if possible)
    • Individual who works directly with stakeholders

    Step 3.2

    Map stakeholder journeys

    Activities

    • Map stakeholder journeys.

    Transform stakeholder journeys

    This step will walk you through the following activities:

    Prioritize the journeys by focusing on what matters most to the stakeholders and estimating the organizational effort to improve those experiences.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    • Candidate journeys identified for redesign or build.

    Leverage customer journey mapping to capture value chains to be transformed

    Conduct a journey mapping exercise to identify opportunities for innovation or automation.

    A journey-based approach helps an organization understand how a stakeholder moves through a process and interacts with the organization in the form of touch points, channels, and supporting characters. By identifying pain points in the journey and the activity types, we can identify opportunities for innovation and automation along the journey.

    Embrace design thinking methodologies to elevate the stakeholder journey and to build a competitive advantage for your organization.

    this image contains an example of the result of a journey mapping exercise. the main headings are Awareness, Consideration, Acquisition, Service and, Loyalty.

    Internal vs. external stakeholder perspective

    In journey mapping, we always start with the stakeholder's perspective, then eventually transition into what the organization does business-wise to deliver value to each stakeholder. It is important to keep in mind both perspectives while conducting a journey mapping exercise as there are often different roles, processes, and technologies associated with each of the journey steps.

    Stakeholder Journey
    (External Perspective)

    • Awareness
    • Consideration
    • Selecting
    • Negotiating
    • Approving

    Business Processes
    (Internal Perspective)

    • Preparation
    • Prospecting
    • Presentation
    • Closing
    • Follow-Up

    Info-Tech Insight

    Take the perspective of an end user, who interacts with your products and services, as it is different from the view of those inside the organization, who implement and provide those services.

    Build a stakeholder journey map

    A stakeholder journey map is a tool used to illustrate the user’s perceptions, emotions, and needs as they move through a process and interact with the organization in the form of touch points, channels, and supporting characters.

    this image depicts an example of a stakeholder journey map, the headings in the map are: Journey Activity; Touch Points; Metrics; Nature of Activity; Key Moments & Pain Points; Opportunities

    Stakeholder Journey Map: Journey Activity

    The journey activity refers to the steps taken to accomplish a goal.

    The journey activity comprises the steps or sequence of tasks the stakeholder takes to accomplish their goal. These steps reflect the high-level process your candidates perform to complete a task or solve a problem.

    Stakeholder Journey Map: Touch Points

    Touch points are the points of interaction between a stakeholder and the organization.

    A touch point refers to any time a stakeholder interacts with your organization or brand. Consider three main points of interaction with the customer in the journey:

    • Before: How did they find out about you? How did they first contact you to start this journey? What channels or mediums were used?
      • Social media
      • Rating & reviews
      • Word of mouth
      • Advertising
    • During: How was the sale or service accomplished?
      • Website
      • Catalog
      • Promotions
      • Point of sale
      • Phone system
    • After: What happened after the sale or service?
      • Billing
      • Transactional emails
      • Marketing emails
      • Follow-ups
      • Thank-you emails

    Stakeholder Journey Map: Nature of Activity

    The nature of activity refers to the type of task the journey activity captures.

    We categorize the activity type to identify opportunities for automation. There are four main types of task types, which in combination (as seen in the table below) capture a task or job to be automated.

    Routine Non-Routine
    Cognitive Routine Cognitive: repeatable tasks that rely on knowledge work, e.g. sales, administration
    Prioritize for automation (2)
    Non-Routine Cognitive: infrequent tasks that rely on knowledge work, e.g. driving, fraud detection
    Prioritize for automation (3)
    Non-Routine Cognitive: infrequent tasks that rely on knowledge work, e.g. driving, fraud detection Prioritize for automation (3) Routine Manual: repeatable tasks that rely on physical work, e.g. manufacturing, production
    Prioritize for automation (1)
    Non-Routine Manual: infrequent tasks that rely on physical work, e.g. food preparation
    Not mature for automation

    Info-Tech Insight

    Where automation makes sense, routine manual activities should be transformed first, followed by routine cognitive activities. Non-routine cognitive activities are the final frontier.

    Stakeholder Journey Map: Metrics

    Metrics are a quantifiable measurement of a process, activity, or initiative.

    Metrics are crucial to justify expenses and to estimate growth for capacity planning and resourcing. There are multiple benefits to identifying and implementing metrics in a journey map:

    • Metrics provide accurate indicators for accurate IT and business decisions.
    • Metrics help you identify stakeholder touch point efficiencies and problems and solve issues before they become more serious.
    • Active metrics tracking makes root cause analysis of issues much easier.

    Example of journey mapping metrics: Cost, effort, turnaround time, throughput, net promoter score (NPS), satisfaction score

    Stakeholder Journey Map: Key Moments & Pain Points

    Key moments and pain points refer to the emotional status of a stakeholder at each stake of the customer journey.

    The key moments are defining pieces or periods in a stakeholder's experience that create a critical turning point or memory.

    The pain points are the critical problems that the stakeholder is facing during the journey or business continuity risks. Prioritize identifying pain points around key moments.

    Info-Tech Insight

    To identify key moments, look for moments that can dramatically influence the quality of the journey or end the journey prematurely. To improve the experience, analyze the hidden needs and how they are or aren’t being met.

    Stakeholder Journey Map: Opportunities

    An opportunity is an investment into people, process, or technology for the purposes of building or improving a business capability and accomplishing a specific organizational objective.

    An opportunity refers to the initiatives or projects that should address a stakeholder pain. Opportunities should also produce a demonstrable financial impact – whether direct (e.g. cost reduction) or indirect (e.g. risk mitigation) – and be evaluated based on how technically difficult it will be to implement.

    Customer

    Create new or different experiences for customers

    Workforce

    Generate new organizational skills or new ways of working

    Operations

    Improve responsiveness and resilience of operations

    Innovation

    Develop different products or services

    Example of stakeholder journey output: Higher Education

    Stakeholder: A faculty member
    Journey: As an engineering faculty member, I want to design my curricula in a hybrid mode of delivery so that I can simulate in-classroom experiences

    Journey activity Understanding the needs of students Construct the course material Deliver course material Conduct assessments Upload grades into system
    Touch Points
    • Research (primary or secondary)
    • Teaching and learning center
    • Training on tools
    • Office suite
    • Video tools
    • PowerPoint live
    • Chat (live)
    • Forum (FAQ
    • Online assessment tool
    • ERP
    • LMS
    Nature of Activity Non-routine cognitive Non-routine cognitive Non-routine cognitive Routine cognitive Routine Manual
    Metrics
    • Time to completion
    • Time to completion
    • Student satisfaction
    • Student satisfaction
    • Student scores
    Ken Moments & Pain Points Lack of centralized repository for research knowledge
    • Too many tools to use
    • Lack of Wi-Fi connectivity for students
    • Loss of social aspects
    • Adjusting to new forms of assessments
    No existing critical pain points; process already automated
    Opportunities
    • Centralized repository for research knowledge
    • Rationalize course creation tool set
    • Connectivity self-assessment/checklist
    • Forums for students
    • Implement an online proctoring tool

    3.2 Stakeholder journey mapping

    Objective: Conduct journey mapping exercise for existing value chains and for opportunities.

    1. Gather the working group and, with the journey mapping workbook, begin to map out the journey scenario statements identified in the value chain analysis. In total, there should be three journey maps:
      • Two for the existing value chains. Map out the specific point in the value chain that is to be transformed.
      • One for the opportunity value chain. Map out all parts of the value chain to be impacted by the new opportunity.
    2. Start with the journey activity and map out the steps involved to accomplish the goal of the stakeholder.
    3. Identify the touch points involved in the value chain.
    4. Categorize the nature of the activity in the journey activity.
    5. Identify metrics for the journey. How can we measure the success of the journey?
    6. Identify pain points and opportunities in parallel with one another.

    Input

    • Value Chain Analysis
    • Stakeholder Personas
    • Journey Mapping Scenario

    Output

    • Journey Map

    Materials

    • Digital Strategy Workbook, Stakeholder Journey tab

    Participants

    • Executives
    • Individuals in the organization that have a direct interaction with the stakeholders

    Info-Tech Insight

    Aim to build out 90% of the stakeholder journey map with the working team; validate the last 10% with the stakeholder themselves.

    Step 3.3

    Prioritize opportunities

    Activities

    • Prioritize opportunities.

    Transform stakeholder journeys

    This step will walk you through the following activities:

    Prioritize the opportunities that arose from the stakeholder journey mapping exercise.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    Prioritized opportunities

    Prioritization of opportunities

    Leverage design-thinking methods to prioritize opportunities.

    As there may be many opportunities arising from the journey map, we need to prioritize ideas to identify which ones we can tackle first – or at all. Leverage IDEO’s design-thinking “three lenses of innovation” to support prioritization:

    • Feasibility: Do you currently have the capabilities to deliver on this opportunity? Do we have the right partners, resources, or technology?
    • Desirability: Is this a solution the stakeholder needs? Does it solve a known pain point?
    • Viability: Does this initiative have an impact on the financial revenue of the organization? Is it a profitable solution that will support the business model? Will this opportunity require a complex cost structure?
    Opportunities Feasibility
    (L/M/H)
    Desirability
    (L/M/H)
    Viability
    (L/M/H)
    Centralized repository for research knowledge H H H
    Rationalize course creation tool set H H H
    Connectivity self-assessment/ checklist H M H
    Forums for students M H H
    Exam preparation (e.g. education or practice exams) H H H

    3.3 Prioritization of opportunities

    Objective: Prioritize opportunities for creating a roadmap.

    1. Gather the opportunities identified in the journey mapping exercise
    2. Assess the opportunities based on IDEO’s three lenses of innovation:
      • Feasibility: Do you currently have the capabilities to deliver on this opportunity? Do we have the right partners, resources, or technology?
      • Viability: Does this initiative have an impact on the financial revenue of the organization? Is it a profitable solution that will support the business model? Will this opportunity require a complex cost structure?
      • Desirability: Is this a solution the stakeholder needs? Does it solve a known pain point?
    3. Opportunities that score high in all three areas are prioritized for the roadmap.

    Input

    • Opportunities From Journey Map

    Output

    • Prioritized Opportunities

    Materials

    • Digital Strategy Workbook

    Participants

    • Executives

    Step 3.4

    Define digital goals

    Activities

    Transform stakeholder journeys

    This step will walk you through the following activities:

    Define a digital goal as it relates to the prioritized opportunities and the stakeholder journey map.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    Digital goals

    Define digital goals

    What digital goals can be derived from the stakeholder journey?

    With the prioritized set of opportunities for each stakeholder journey, take a step back and assess what the sum of these opportunities mean for the journey. What is the overall goal or objective of these opportunities? How do these opportunities change or facilitate the journey experience? From here, identify a single goal statement for each stakeholder journey.

    Stakeholder Scenario Prioritized Opportunities Goal
    Faculty (Engineering) As a faculty (Engineering), I want to prepare and teach my course in a hybrid mode of delivery Centralized repository for research knowledge
    Rationalized course creation tool set
    Support hybrid course curricula development through value-driven toolsets and centralized knowledge

    3.4 Define digital goals

    Objective: Identify digital goals derived from the journey statements.

    1. With the prioritized set of opportunities for each stakeholder journey (the two existing journeys and one opportunity journey) take a step back and assess what the sum of these opportunities means for each journey.
      • What is the overall goal or objective of these opportunities?
      • How do these opportunities change or facilitate the journey experience?
    2. From here, identify a single goal for each stakeholder journey.

    Input

    • Opportunities From Journey Map
    • Stakeholder Persona

    Output

    • Digital Goals

    Materials

    • Prioritization Matrix

    Participants

    • Executives

    Step 3.5

    Breakdown opportunities into series of initiatives

    Activities

    • Identify initiatives from the opportunities.

    Transform stakeholder journeys

    This step will walk you through the following activities:

    Identify people, process, and technology initiatives for the opportunities identified.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    • People, process, and technology initiatives

    Break down opportunities into a series of initiatives

    Brainstorm initiatives for each high-priority opportunity using the framework below. Describe each initiative as a plan or action to take to solve the problem.

    Opportunity → Initiatives:

    People: What initiatives are required to manage people, data, and other organizational factors that are impacted by this opportunity?

    Process: What processes must be created, changed, or removed based on the data?

    Technology: What systems are required to support this opportunity?

    Break down opportunities into a series of initiatives

    Initiatives
    Centralized repository for research knowledge Technology Acquire and implement knowledge management application
    People Train researchers on functionality
    Process Periodically review and validate data entries into repository
    Initiatives
    Rationalize course creation toolset Technology Retire duplicate or under-used tools
    People Provide training on tool types and align to user needs
    Process Catalog software applications and tools across the organization
    Identify under-used or duplicate tools/applications

    Info-Tech Insight

    Ruthlessly evaluate if a initiative should stand alone or if it can be rolled up with another. Fewer initiatives or opportunities increases focus and alignment, allowing for better communication.

    3.5 Break down opportunities into initiatives

    Objective: Break down opportunities into people, process, and technology initiatives.

    1. Split into groups and identify initiatives required to deliver on each opportunity. Document each initiative on sticky notes.
    2. Have each team answer the following questions to identify initiatives for the prioritized opportunities:
      • People: What initiatives are required to manage people, data, and other organizational factors that are impacted by this opportunity?
      • Process: What processes must be created, changed, or removed based on the data?
      • Technology: What systems are required to support this opportunity?
    3. Document findings in the Digital Strategy Workbook.

    Input

    • Opportunities

    Output

    • Opportunity initiatives categorized by people, process and technology

    Materials

    • Digital Strategy Workbook

    Participants

    • Executive team

    Phase 4

    Build a digital transformation roadmap

    • Detail initiatives
    • Build a unified roadmap roadmap

    This phase will walk you through the following activities:

    Build a digital transformation roadmap that captures people, process, and technology initiatives.

    This phase involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes

    • Digital transformation roadmap

    Step 4.1

    Detail initiatives

    Activities

    • Detail initiatives.

    Build a digital transformation roadmap

    This step will walk you through the following activities:

    Detail initiatives for each priority initiative on your horizon.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    • A roadmap for your digital business strategy.

    Create initiative profiles for each high-priority initiative on your strategy

    this image contains a screenshot of an example initiative profile

    Step 4.2

    Build a roadmap

    Activities

    • Create a roadmap of initiatives.

    Build a digital transformation roadmap

    Info-Tech Insight

    A roadmap that balances growth opportunities with business resilience will transform your organization for long-term success in the digital economy.

    This step will walk you through the following activities:

    Identify timing of initiatives and build a Gantt chart roadmap.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    • A roadmap for your digital transformation and the journey canvases for each of the prioritized journeys.

    Build a roadmap to visualize your key initiative plan

    Visual representations of data are more compelling than text alone.

    Develop a high-level document that travels with the initiative from inception through executive inquiry, project management, and finally execution.

    A initiative needs to be discrete: able to be conceptualized and discussed as an independent item. Each initiative must have three characteristics:

    • Specific outcome: Describe an explicit change in the people, processes, or technology of the enterprise.
    • Target end date: When the described outcome will be in effect.
    • Owner: Who on the IT team is responsible for executing on the initiative.
    this image contains screenshots of a sample roadmap for supporting hybrid course curricula development through value-driven toolsets and centralized knowledge.

    4.2 Build your roadmap (30 minutes)

    1. For the Gantt chart:
      • Input the Roadmap Start Year date.
      • Change the months and year in the Gantt chart to reflect the same roadmap start year.
      • Populate the planned start and planned end date for the pre-populated list of high-priority initiatives in each category (people, process, and technology).

    Input

    • Initiatives
    • Initiative start & end dates
    • Initiative category

    Output

    • Digital strategy roadmap visual

    Materials

    • Digital Strategy Workbook

    Participants

    • Senior Executive

    Learn more about project portfolio management strategy

    Step 4.3

    Create a refresh strategy

    Activities

    • Refresh your strategy.

    Build a digital transformation roadmap

    Info-Tech Insight

    A digital strategy is a design process, it must be revisited to pressure test and account for changes in the external environment.

    This step will walk you through the following activities:

    Detail a refresh strategy.

    This step involves the following participants:

    A cross-functional cohort across levels in the organization.

    Outcomes of this step

    • Refresh strategy

    Create a refresh strategy

    It is important to dedicate time to your strategy throughout the year. Create a refresh plan to assess for the changing business context and its impact on the digital business strategy. Make sure the regular planning cycle is not the primary trigger for strategy review. Put a process in place to review the strategy and make your organization proactive. Start by examining the changes to the business context and how the effect would trickle downwards. It’s typical for organizations to build a refresh strategy around budget season and hold planning and touch points to accommodate budget approval time.
    Example:

    this image contains an example of a refresh strategy.

    4.3 Create a refresh strategy (30 minutes)

    1. Work with the digital strategy creation team to identify the time frequencies the organization should consider to refresh the digital business strategy. Time frequencies can also be events that trigger a review (i.e. changing business goals). Record the different time frequencies in the Refresh of the Digital Business Strategy slide of the section.
    2. Discuss with the team the different audience members for each time frequency and the scope of the refresh. The scope represents what areas of the digital business strategy need to be re-examined and possibly changed.

    Example:

    Frequency Audience Scope Date
    Annually Executive Leadership Resurvey, review/ validate, update schedule Pre-budget
    Touch Point Executive Leadership Status update, risks/ constraints, priorities Oct 2021
    Every Year (Re-build) Executive Leadership Full planning Jan 2022

    Input

    • Digital Business Strategy

    Output

    • Refresh Strategy

    Materials

    • Digital Business Strategy Presentation Template
    • Collaboration/ Brainstorming Tool (whiteboard, flip chart, digital equivalent)

    Participants

    • Executive Leaders

    Related Info-Tech Research

    Design a Customer-Centric Digital Operating Model

    Design a Customer-Centric Digital Operating Model

    Establish a new way of working to deliver value on your digital transformation initiatives.

    Develop a Project Portfolio Management Strategy

    Develop a Project Portfolio Management Strategy

    Drive project throughput by throttling resource capacity.

    Adopt Design Thinking in Your Organization

    Adopt Design Thinking in Your Organization

    Innovation needs design thinking.

    Digital Maturity Improvement Service

    Digital Maturity Improvement Service

    Prepare your organization for digital transformation – or risk falling behind.

    Research Contributors and Experts

    Kenneth McGee

    this is a picture of Research Fellow, Kenneth McGee

    Research Fellow
    Info-Tech Research Group

    Kenneth McGee is a Research Fellow within the CIO practice at Info-Tech Research Group and is focused on IT business and financial management issues, including IT Strategy, IT Budgets and Cost Management, Mergers & Acquisitions (M&A), and Digital Transformation. He also has extensive experience developing radical IT cost reduction and return-to-growth initiatives during and following financial recessions.

    Ken works with CIOs and IT leaders to help establish twenty-first-century IT organizational charters, structures, and responsibilities. Activities include IT organizational design, IT budget creation, chargeback, IT strategy formulation, and determining the business value derived from IT solutions. Ken’s research has specialized in conducting interviews with CEOs of some of the world’s largest corporations. He has also interviewed a US Cabinet member and IT executives at the White

    House. He has been a frequent keynote speaker at industry conventions, client sales kick-off meetings, and IT offsite planning sessions.

    Ken obtained a BA in Cultural Anthropology from Dowling College, Oakdale, NY, and has pursued graduate studies at Polytechnic Institute (now part of NYU University). He has been an adjunct instructor at State University of New York, Westchester Community College.

    Jack Hakimian

    this is a picture of Vice President of the Info-Tech Research Group, Jack Hakimian

    Vice President
    Info-Tech Research Group

    Jack has more than 25 years of technology and management consulting experience. He has served multi-billion dollar organizations in multiple industries including Financial Services and Telecommunications. Jack also served a number of large public sector institutions.

    Prior to joining the Info-Tech Research Group, he worked for leading consulting players such as Accenture, Deloitte, EY, and IBM.

    Jack led digital business strategy engagements as well as corporate strategy and M&A advisory services for clients across North America, Europe, the Middle East, and Africa. He is a seasoned technology consultant who has developed IT strategies and technology roadmaps, led large business transformations, established data governance programs, and managed the deployment of mission-critical CRM and ERP applications.

    He is a frequent speaker and panelist at technology and innovation conferences and events and holds a Master’s degree in Computer Engineering as well as an MBA from the ESCP-EAP European School of Management.

    Bibliography

    Abrams, Karin von. “Global Ecommerce Forecast 2021.” eMarketer, Insider Intelligence, 7 July 2021. Web.

    Christenson, Clayton. The Innovator's Dilemma: When New Technologies Cause Great Firms to Fail. Harvard Business School, 1997. Book.

    Drucker, Peter F., and Joseph A. Maciariello. Innovation and Entrepreneurship. Routledge, 2015.

    Eagar, Rick, David Boulton, and Camille Demyttenaere. “The Trends in Megatrends.” Arthur D Little, Prism, no. 2, 2014. Web.

    Enright, Sara, and Allison Taylor. “The Future of Stakeholder Engagement.” The Business of a Better World, October 2016. Web.

    Hatem, Louise, Daniel Ker, and John Mitchell. “A roadmap toward a common framework for measuring the digital economy.” Report for the G20 Digital Economy Task Force, OECD, 2020. Web.

    Kemp, Simon. “Digital 2021 April Statshot Report.” DataReportal, Global Digital Insights, 21 Apr. 2021. Web.

    Larson, Chris. “Disruptive Innovation Theory: 4 Key Concepts.” Business Insights, Harvard Business School, HBS Online, 15 Nov. 2016. Web.

    McCann, Leah. “Barco's Virtual Classroom at UCL: A Case Study for the Future of All University Classrooms?” rAVe, 2 July 2020. Web.

    Mochari, Ilan. “The Startup Buzzword Almost Everyone Uses Incorrectly.” Inc., 19 Nov. 2015. Web.

    Osterwalder, Alexander, et al. Value Proposition Design. Wiley, 2014.

    Reed, Laura. “Artificial Intelligence: Is Your Job at Risk?” Science Node, 9 August 2017.

    Rodeck, David. “Alphabet Soup: Understanding the Shape of a Covid-19 Recession.” Forbes, 8 June 2020. Web.

    Tapscott, Don. Wikinomics. Atlantic Books, 2014.

    Taylor, Paul. “Don't Be A Dodo: Adapt to the Digital Economy.” Forbes, 27 Aug. 2015. Web.

    The Business Research Company. "Wholesale Global Market Report 2021: COVID-19 Impact and Recovery to 2030." Research and Markets, January 2021. Press Release.

    “Topic 1: Megatrends and Trends.” BeFore, 11 October 2018.

    “Updated Digital Economy Estimates – June 2021.” Bureau of Economic Analysis, June 2021. Web.

    Williamson, J. N. The Leader Manager. John Wiley & Sons, 1984.

    Develop an Availability and Capacity Management Plan

    • Buy Link or Shortcode: {j2store}500|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: $2,840 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Availability & Capacity Management
    • Parent Category Link: /availability-and-capacity-management
    • It is crucial for capacity managers to provide capacity in advance of need to maximize availability.
    • In an effort to ensure maximum uptime, organizations are overprovisioning (an average of 59% for compute, and 48% for storage). With budget pressure mounting (especially on the capital side), the cost of this approach can’t be ignored.
    • Half of organizations have experienced capacity-related downtime, and almost 60% wait more than three months for additional capacity.

    Our Advice

    Critical Insight

    • All too often capacity management is left as an afterthought. The best capacity managers bake capacity management into their organization’s business processes, becoming drivers of value.
    • Communication is key. Build bridges between your organization’s silos, and involve business stakeholders in a dialog about capacity requirements.

    Impact and Result

    • Map business metrics to infrastructure component usage, and use your organization’s own data to forecast demand.
    • Project future needs in line with your hardware lifecycle. Never suffer availability issues as a result of a lack of capacity again.
    • Establish infrastructure as a driver of business value, not a “black hole” cost center.

    Develop an Availability and Capacity Management Plan Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build a capacity management plan, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Develop an Availability and Capacity Management Plan – Phases 1-4

    1. Conduct a business impact analysis

    Determine the most critical business services to ensure availability.

    • Develop an Availability and Capacity Management Plan – Phase 1: Conduct a Business Impact Analysis
    • Business Impact Analysis Tool

    2. Establish visibility into core systems

    Craft a monitoring strategy to gather usage data.

    • Develop an Availability and Capacity Management Plan – Phase 2: Establish Visibility into Core Systems
    • Capacity Snapshot Tool

    3. Solicit and incorporate business needs

    Integrate business stakeholders into the capacity management process.

    • Develop an Availability and Capacity Management Plan – Phase 3: Solicit and Incorporate Business Needs
    • Capacity Plan Template

    4. Identify and mitigate risks

    Identify and mitigate risks to your capacity and availability.

    • Develop an Availability and Capacity Management Plan – Phase 4: Identify and Mitigate Risks

    [infographic]

    Workshop: Develop an Availability and Capacity Management Plan

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Conduct a Business Impact Analysis

    The Purpose

    Determine the most important IT services for the business.

    Key Benefits Achieved

    Understand which services to prioritize for ensuring availability.

    Activities

    1.1 Create a scale to measure different levels of impact.

    1.2 Evaluate each service by its potential impact.

    1.3 Assign a criticality rating based on the costs of downtime.

    Outputs

    RTOs/RPOs

    List of gold systems

    Criticality matrix

    2 Establish Visibility Into Core Systems

    The Purpose

    Monitor and measure usage metrics of key systems.

    Key Benefits Achieved

    Capture and correlate data on business activity with infrastructure capacity usage.

    Activities

    2.1 Define your monitoring strategy.

    2.2 Implement your monitoring tool/aggregator.

    Outputs

    RACI chart

    Capacity/availability monitoring strategy

    3 Develop a Plan to Project Future Needs

    The Purpose

    Determine how to project future capacity usage needs for your organization.

    Key Benefits Achieved

    Data-based, systematic projection of future capacity usage needs.

    Activities

    3.1 Analyze historical usage trends.

    3.2 Interface with the business to determine needs.

    3.3 Develop a plan to combine these two sources of truth.

    Outputs

    Plan for soliciting future needs

    Future needs

    4 Identify and Mitigate Risks

    The Purpose

    Identify potential risks to capacity and availability.

    Develop strategies to ameliorate potential risks.

    Key Benefits Achieved

    Proactive approach to capacity that addresses potential risks before they impact availability.

    Activities

    4.1 Identify capacity and availability risks.

    4.2 Determine strategies to address risks.

    4.3 Populate and review completed capacity plan.

    Outputs

    List of risks

    List of strategies to address risks

    Completed capacity plan

    Further reading

    Develop an Availability and Capacity Management Plan

    Manage capacity to increase uptime and reduce costs.

    ANALYST PERSPECTIVE

    The cloud changes the capacity manager’s job, but it doesn’t eliminate it.

    "Nobody doubts the cloud’s transformative power. But will its ascent render “capacity manager” an archaic term to be carved into the walls of datacenters everywhere for future archaeologists to puzzle over? No. While it is true that the cloud has fundamentally changed how capacity managers do their jobs , the process is more important than ever. Managing capacity – and, by extent, availability – means minimizing costs while maximizing uptime. The cloud era is the era of unlimited capacity – and of infinite potential costs. If you put the infinity symbol on a purchase order… well, it’s probably not a good idea. Manage demand. Manage your capacity. Manage your availability. And, most importantly, keep your stakeholders happy. You won’t regret it."

    Jeremy Roberts,

    Consulting Analyst, Infrastructure Practice

    Info-Tech Research Group

    Availability and capacity management transcend IT

    This Research Is Designed For:

    ✓ CIOs who want to increase uptime and reduce costs

    ✓ Infrastructure managers who want to deliver increased value to the business

    ✓ Enterprise architects who want to ensure stability of core IT services

    ✓ Dedicated capacity managers

    This Research Will Help You:

    ✓ Develop a list of core services

    ✓ Establish visibility into your system

    ✓ Solicit business needs

    ✓ Project future demand

    ✓ Set SLAs

    ✓ Increase uptime

    ✓ Optimize spend

    This Research Will Also Assist:

    ✓ Project managers

    ✓ Service desk staff

    This Research Will Help Them:

    ✓ Plan IT projects

    ✓ Better manage availability incidents caused by lack of capacity

    Executive summary

    Situation

    • IT infrastructure leaders are responsible for ensuring that the business has access to the technology needed to keep the organization humming along. This requires managing capacity and availability.
    • Dependencies go undocumented. Services are provided on an ad hoc basis, and capacity/availability are managed reactively.

    Complication

    • Organizations are overprovisioning an average of 59% for compute, and 48% for storage. This is expensive. With budget pressure mounting, the cost of this approach can’t be ignored.
    • Lead time to respond to demand is long. Half of organizations have experienced capacity-related downtime, and almost 60% wait 3+ months for additional capacity. (451 Research, 3)

    Resolution

    • Conduct a business impact analysis to determine which of your services are most critical, and require active capacity management that will reap more in benefits than it produces in costs.
    • Establish visibility into your system. You can’t track what you can’t see, and you can’t see when you don’t have proper monitoring tools in place.
    • Develop an understanding of business needs. Use a combination of historical trend analyses and consultation with line of business and project managers to separate wants from needs. Overprovisioning used to be necessary, but is no longer required.
    • Project future needs in line with your hardware lifecycle. Never suffer availability issues as a result of a lack of capacity again.

    Info-Tech Insight

    1. Components are critical. The business doesn’t care about components. You, however, are not so lucky…
    2. Ask what the business is working on, not what they need. If you ask them what they need, they’ll tell you – and it won’t be cheap. Find out what they’re going to do, and use your expertise to service those needs.
    3. Cloud shmoud. The role of the capacity manager is changing with the cloud, but capacity management is as important as ever.

    Save money and drive efficiency with an effective availability and capacity management plan

    Overprovisioning happens because of the old style of infrastructure provisioning (hardware refresh cycles) and because capacity managers don’t know how much they need (either as a result of inaccurate or nonexistent information).

    According to 451 Research, 59% of enterprises have had to wait 3+ months for new capacity. It is little wonder, then, that so many opt to overprovision. Capacity management is about ensuring that IT services are available, and with lead times like that, overprovisioning can be more attractive than the alternative. Fortunately there is hope. An effective availability and capacity management plan can help you:

    • Identify your gold systems
    • Establish visibility into them
    • Project your future capacity needs

    Balancing overprovisioning and spending is the capacity manager’s struggle.

    Availability and capacity management go together like boots and feet

    Availability and capacity are not the same, but they are related and can be effectively managed together as part of a single process.

    If an IT department is unable to meet demand due to insufficient capacity, users will experience downtime or a degradation in service. To be clear, capacity is not the only factor in availability – reliability, serviceability, etc. are significant as well. But no organization can effectively manage availability without paying sufficient attention to capacity.

    "Availability Management is concerned with the design, implementation, measurement and management of IT services to ensure that the stated business requirements for availability are consistently met."

    – OGC, Best Practice for Service Delivery, 12

    "Capacity management aims to balance supply and demand [of IT storage and computing services] cost-effectively…"

    – OGC, Business Perspective, 90

    Integrate the three levels of capacity management

    Successful capacity management involves a holistic approach that incorporates all three levels.

    Business The highest level of capacity management, business capacity management, involves predicting changes in the business’ needs and developing requirements in order to make it possible for IT to adapt to those needs. Influx of new clients from a failed competitor.
    Service Service capacity management focuses on ensuring that IT services are monitored to determine if they are meeting pre-determined SLAs. The data gathered here can be used for incident and problem management. Increased website traffic.
    Component Component capacity management involves tracking the functionality of specific components (servers, hard drives, etc.), and effectively tracking their utilization and performance, and making predictions about future concerns. Insufficient web server compute.

    The C-suite cares about business capacity as part of the organization’s strategic planning. Service leads care about their assigned services. IT infrastructure is concerned with components, but not for their own sake. Components mean services that are ultimately designed to facilitate business.

    A healthcare organization practiced poor capacity management and suffered availability issues as a result

    CASE STUDY

    Industry: Healthcare

    Source: Interview

    New functionalities require new infrastructure

    There was a project to implement an elastic search feature. This had to correlate all the organization’s member data from an Oracle data source and their own data warehouse, and pool them all into an elastic search index so that it could be used by the provider portal search function. In estimating the amount of space needed, the infrastructure team assumed that all the data would be shared in a single place. They didn’t account for the architecture of elastic search in which indexes are shared across multiple nodes and shards are often split up separately.

    Beware underestimating demand and hardware sourcing lead times

    As a result, they vastly underestimated the amount of space that was needed and ended up short by a terabyte. The infrastructure team frantically sourced more hardware, but the rush hardware order arrived physically damaged and had to be returned to the vendor.

    Sufficient budget won’t ensure success without capacity planning

    The project’s budget had been more than sufficient to pay for the extra necessary capacity, but because a lack of understanding of the infrastructure impact resulted in improper forecasting, the project ended up stuck in a standstill.

    Manage availability and keep your stakeholders happy

    If you run out of capacity, you will inevitably encounter availability issues like downtime and performance degradation . End users do not like downtime, and neither do their managers.

    There are three variables that are monitored, measured, and analyzed as part of availability management more generally (Valentic).

      1. Uptime:

    The availability of a system is the percentage of time the system is “up,” (and not degraded) which can be calculated using the following formula: uptime/(uptime + downtime) x 100%. The more components there are in a system, the lower the availability, as a rule.

      1. Reliability:

    The length of time a component/service can go before there is an outage that brings it down, typically measured in hours.

      1. Maintainability:

    The amount of time it takes for a component/service to be restored in the event of an outage, also typically measured in hours.

    Enter the cloud: changes in the capacity manager role

    There can be no doubt – the rise of the public cloud has fundamentally changed the nature of capacity management.

    Features of the public cloudImplications for capacity management
    Instant, or near-instant, instantiation Lead times drop; capacity management is less about ensuring equipment arrives on time.
    Pay-as-you go services Capacity no longer needs to be purchased in bulk. Pay only for what you use and shut down instances that are no longer necessary.
    Essentially unlimited scalability Potential capacity is infinite, but so are potential costs.
    Offsite hosting Redundancy, but at the price of the increasing importance of your internet connection.

    Vendors will sell you the cloud as a solution to your capacity/availability problems

    The image contains two graphs. The first graph on the left is titled: Reactive Management, and shows the struggling relationship between capacity and demand. The second graph on the right is titled: Cloud future (ideal), which demonstrates a manageable relationship between capacity and demand over time.

    Traditionally, increases in capacity have come in bursts as a reaction to availability issues. This model inevitably results in overprovisioning, driving up costs. Access to the cloud changes the equation. On-demand capacity means that, ideally, nobody should pay for unused capacity.

    Reality check: even in the cloud era, capacity management is necessary

    You will likely find vendors to nurture the growth of a gap between your expectations and reality. That can be damaging.

    The cloud reality does not look like the cloud ideal. Even with the ostensibly elastic cloud, vendors like the consistency that longer-term contracts offer. Enter reserved instances: in exchange for lower hourly rates, vendors offer the option to pay a fee for a reserved instance. Usage beyond the reserved will be billed at a higher hourly rate. In order to determine where that line should be drawn, you should engage in detailed capacity planning. Unfortunately, even when done right, this process will result in some overprovisioning, though it does provide convenience from an accounting perspective. The key is to use spot instances where demand is exceptional and bounded. Example: A university registration server that experiences exceptional demand at the start of term but at no other time.

    The image contains an example of cloud reality not matching with the cloud ideal in the form of a graph. The graph is split horizontally, the top half is red, and there is a dotted line splitting it from the lower half. The line is labelled: Reserved instance ceiling. In the bottom half, it is the colour green and has a curving line.

    Use best practices to optimize your cloud resources

    The image contains two graphs. The graph on the left is labelled: Ineffective reserve capacity. At the top of the graph is a dotted line labelled: Reserved Instance ceiling. The graph is measuring capacity requirements over time. There is a curved line on the graph that suddenly spikes and comes back down. The spike is labelled unused capacity. The graph on the right is labelled: Effective reserve capacity. The reserved instance ceiling is about halfway down this graph, and it is comparing capacity requirements over time. This graph has a curved line on it, also has a spike and is labelled: spot instance.

    Even in the era of elasticity, capacity planning is crucial. Spot instances – the spikes in the graph above – are more expensive, but if your capacity needs vary substantially, reserving instances for all of the space you need can cost even more money. Efficiently planning capacity will help you draw this line.

    Evaluate business impact; not all systems are created equal

    Limited resources are a reality. Detailed visibility into every single system is often not feasible and could be too much information.

    Simple and effective. Sometimes a simple display can convey all of the information necessary to manage critical systems. In cars it is important to know your speed, how much fuel is in the tank, and whether or not you need to change your oil/check your engine.

    Where to begin?! Specialized information is sometimes necessary, but it can be difficult to navigate.

    Take advantage of a business impact analysis to define and understand your critical services

    Ideally, downtime would be minimal. In reality, though, downtime is a part of IT life. It is important to have realistic expectations about its nature and likelihood.

    STEP 1

    STEP 2

    STEP 3

    STEP 4

    STEP 5

    Record applications and dependencies

    Utilize your asset management records and document the applications and systems that IT is responsible for managing and recovering during a disaster.

    Define impact scoring scale

    Ensure an objective analysis of application criticality by establishing a business impact scale that applies to all applications.

    Estimate impact of downtime

    Leverage the scoring criteria from the previous step and establish an estimated impact of downtime for each application.

    Identify desired RTO and RPO

    Define what the RTOs/RPOs should be based on the impact of a business interruption and the tolerance for downtime and data loss.

    Determine current RTO/RPO

    Conduct tabletop planning and create a flowchart of your current capabilities. Compare your current state to the desired state from the previous step.

    Info-Tech Insight

    According to end users, every system is critical and downtime is intolerable. Of course, once they see how much totally eliminating downtime can cost, they might change their tune. It is important to have this discussion to separate the critical from the less critical – but still important – services.

    Establish visibility into critical systems

    You may have seen “If you can’t measure it, you can’t manage it” or a variation thereof floating around the internet. This adage is consumable and makes sense…doesn’t it?

    "It is wrong to suppose that if you can’t measure it, you can’t manage it – a costly myth."

    – W. Edwards Deming, statistician and management consultant, author of The New Economics

    While it is true that total monitoring is not absolutely necessary for management, when it comes to availability and capacity – objectively quantifiable service characteristics – a monitoring strategy is unavoidable. Capturing fluctuations in demand, and adjusting for those fluctuations, is among the most important functions of a capacity manager, even if hovering over employees with a stopwatch is poor management.

    Solicit needs from line of business managers

    Unless you head the world’s most involved IT department (kudos if you do) you’re going to have to determine your needs from the business.

    Do

    Do not

    ✓ Develop a positive relationship with business leaders responsible for making decisions.

    ✓ Make yourself aware of ongoing and upcoming projects.

    ✓ Develop expertise in organization-specific technology.

    ✓ Make the business aware of your expenses through chargebacks or showbacks.

    ✓ Use your understanding of business projects to predict business needs; do not rely on business leaders’ technical requests alone.

    X Be reactive.

    X Accept capacity/availability demands uncritically.

    X Ask line of business managers for specific computing requirements unless they have the technical expertise to make informed judgments.

    X Treat IT as an opaque entity where requests go in and services come out (this can lead to irresponsible requests).

    Demand: manage or be managed

    You might think you can get away with uncritically accepting your users’ demands, but this is not best practice. If you provide it, they will use it.

    The company meeting

    “I don’t need this much RAM,” the application developer said, implausibly. Titters wafted above the assembled crowd as her IT colleagues muttered their surprise. Heads shook, eyes widened. In fact, as she sat pondering her utterance, the developer wasn’t so sure she believed it herself. Noticing her consternation, the infrastructure manager cut in and offered the RAM anyway, forestalling the inevitable crisis that occurs when seismic internal shifts rock fragile self-conceptions. Until next time, he thought.

    "Work expands as to fill the resources available for its completion…"

    – C. Northcote Parkinson, quoted in Klimek et al.

    Combine historical data with the needs you’ve solicited to holistically project your future needs

    Predicting the future is difficult, but when it comes to capacity management, foresight is necessary.

    Critical inputs

    In order to project your future needs, the following inputs are necessary.

    1. Usage trends: While it is true that past performance is no indication of future demand, trends are still a good way to validate requests from the business.
    2. Line of business requests: An understanding of the projects the business has in the pipes is important for projecting future demand.
    3. Institutional knowledge: Read between the lines. As experts on information technology, the IT department is well-equipped to translate needs into requirements.
    The image contains a graph that is labelled: Projected demand, and graphs demand over time. There is a curved line that passes through a vertical line labelled present. There is a box on top of the graph that contains the text: Note: confidence in demand estimates will very by service and by stakeholder.

    Follow best practice guidelines to maximize the efficiency of your availability and capacity management process

    The image contains Info-Tech's IT Management & Governance Framework. The framework displays many of Info-Tech's research to help optimize and improve core IT processes. The name of this blueprint is under the Infrastructure & Operations section, and has been circled to point out where it is in the framework.

    Understand how the key frameworks relate and interact

    The image contains a picture of the COBIT 5 logo.

    BA104: Manage availability and capacity

    • Current state assessment
    • Forecasting based on business requirements
    • Risk assessment of planning and implementation of requirements
    The image contains a picture of the ITIL logo

    Availability management

    • Determine business requirements
    • Match requirements to capabilities
    • Address any mismatch between requirements and capabilities in a cost-effective manner

    Capacity management

    • Monitoring services and components
    • Tuning for efficiency
    • Forecasting future requirements
    • Influencing demand
    • Producing a capacity plan
    The image contains a picture of Info-Tech Research Group logo.

    Availability and capacity management

    • Conduct a business impact analysis
    • Establish visibility into critical systems
    • Solicit and incorporate business needs
    • Identify and mitigate risks

    Disaster recovery and business continuity planning are forms of availability management

    The scope of this project is managing day-to-day availability, largely but not exclusively, in the context of capacity. For additional important information on availability, see the following Info-Tech projects.

      • Develop a Business Continuity Plan

    If your focus is on ensuring process continuity in the event of a disaster.

      • Establish a Program to Enable Effective Performance Monitoring

    If your focus is on flow mapping and transaction monitoring as part of a plan to engage APM vendors.

      • Create a Right-Sized Disaster Recovery Plan

    If your focus is on hardening your IT systems against major events.

    Info-Tech’s approach to availability and capacity management is stakeholder-centered and cloud ready

    Phase 1:

    Conduct a business impact analysis

    Phase 2:

    Establish visibility into core systems

    Phase 3:

    Solicit and incorporate business needs

    Phase 4:

    Identify and mitigate risks

    1.1 Conduct a business impact analysis

    1.2 Assign criticality ratings to services

    2.1 Define your monitoring strategy

    2.2 Implement monitoring tool/aggregator

    3.1 Solicit business needs

    3.2 Analyze data and project future needs

    4.1 Identify and mitigate risks

    Deliverables

    • Business impact analysis
    • Gold systems
    • Monitoring strategy
    • List of stakeholders
    • Business needs
    • Projected capacity needs
    • Risks and mitigations
    • Capacity management summary cards

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Availability & capacity management – project overview

     

    Conduct a business impact analysis

    Establish visibility into core systems

    Solicit and incorporate business needs

    Identify and
    mitigate risks

    Best-Practice Toolkit

    1.1 Create a scale to measure different levels of impact

    1.2 Assign criticality ratings to services

    2.1 Define your monitoring strategy

    2.2 Implement your monitoring tool/aggregator

    3.1 Solicit business needs and gather data

    3.2 Analyze data and project future needs

    4.1 Identify and mitigate risks

    Guided Implementations

    Call 1: Conduct a business impact analysis Call 1: Discuss your monitoring strategy

    Call 1: Develop a plan to gather historical data; set up plan to solicit business needs

    Call 2: Evaluate data sources

    Call 1: Discuss possible risks and strategies for risk mitigation

    Call 2: Review your capacity management plan

    Onsite Workshop

    Module 1:

    Conduct a business impact analysis

    Module 2:

    Establish visibility into core systems

    Module 3:

    Develop a plan to project future needs

    Module 4:

    Identify and mitigate risks

     

    Phase 1 Results:

    • RTOs/RPOs
    • List of gold systems
    • Criticality matrix

    Phase 2 Results:

    • Capacity/availability monitoring strategy

    Phase 3 Results:

    • Plan for soliciting future needs
    • Future needs

    Phase 4 Results:

    • Strategies for reducing risks
    • Capacity management plan

    Workshop overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

     

    Workshop Day 1

    Workshop Day 2

    Workshop Day 3

    Workshop Day 4

     

    Conduct a business
    impact analysis

    Establish visibility into
    core systems

    Solicit and incorporate business needs

    Identify and mitigate risks

    Activities

    1.1 Conduct a business impact analysis

    1.2 Create a list of critical dependencies

    1.3 Identify critical sub-components

    1.4 Develop best practices to negotiate SLAs

    2.1 Determine indicators for sub-components

    2.2 Establish visibility into components

    2.3 Develop strategies to ameliorate visibility issues

    3.1 Gather relevant business-level data

    3.2 Gather relevant service-level data

    3.3 Analyze historical trends

    3.4 Build a list of business stakeholders

    3.5 Directly solicit requirements from the business

    3.6 Map business needs to technical requirements

    3.7 Identify inefficiencies and compare historical data

    • 4.1 Brainstorm potential causes of availability and capacity risk
    • 4.2 Identify and mitigate capacity risks
    • 4.3 Identify and mitigate availability risks

    Deliverables

    1. Business impact analysis
    2. List of gold systems
    3. SLA best practices
    1. Sub-component metrics
    2. Strategy to establish visibility into critical sub-components
    1. List of stakeholders
    2. Business requirements
    3. Technical requirements
    4. Inefficiencies
    1. Strategies for mitigating risks
    2. Completed capacity management plan template

    PHASE 1

    Conduct a Business Impact Analysis

    Step 1.1: Conduct a business impact analysis

    This step will walk you through the following activities:

    • Record applications and dependencies in the Business Impact Analysis Tool.
    • Define a scale to estimate the impact of various applications’ downtime.
    • Estimate the impact of applications’ downtime.

    This involves the following participants:

    • Capacity manager
    • Infrastructure team

    Outcomes of this step

    • Estimated impact of downtime for various applications

    Execute a business impact analysis (BIA) as part of a broader availability plan

    1.1a Business Impact Analysis Tool

    Business impact analyses are an invaluable part of a broader IT strategy. Conducting a BIA benefits a variety of processes, including disaster recovery, business continuity, and availability and capacity management

    STEP 1

    STEP 2

    STEP 3

    STEP 4

    STEP 5

    Record applications and dependencies

    Utilize your asset management records and document the applications and systems that IT is responsible for managing and recovering during a disaster.

    Define impact scoring scale

    Ensure an objective analysis of application criticality by establishing a business impact scale that applies to all applications.

    Estimate impact of downtime

    Leverage the scoring criteria from the previous step and establish an estimated impact of downtime for each application.

    Identify desired RTO and RPO

    Define what the RTOs/RPOs should be based on the impact of a business interruption and the tolerance for downtime and data loss.

    Determine current RTO/RPO

    Conduct tabletop planning and create a flowchart of your current capabilities. Compare your current state to the desired state from the previous step.

    Info-Tech Insight

    Engaging in detailed capacity planning for an insignificant service draws time and resources away from more critical capacity planning exercises. Time spent tracking and planning use of the ancient fax machine in the basement is time you’ll never get back.

    Control the scope of your availability and capacity management planning project with a business impact analysis

    Don’t avoid conducting a BIA because of a perception that it’s too onerous or not necessary. If properly managed, as described in this blueprint, the BIA does not need to be onerous and the benefits are tangible.

    A BIA enables you to identify appropriate spend levels, continue to drive executive support, and prioritize disaster recovery planning for a more successful outcome. For example, an Info-Tech survey found that a BIA has a significant impact on setting appropriate recovery time objectives (RTOs) and appropriate spending.

    The image contains a graph that is labelled: BIA Impact on Appropriate RTOS. With no BIA, there is 59% RTOs are appropriate. With BIA, there is 93% RTOS being appropriate. The image contains a graph that is labelled: BIA Impact on Appropriate Spending. No BIA has 59% indication that BCP is cost effective. With a BIA there is 86% indication that BCP is cost effective.

    Terms

    No BIA: lack of a BIA, or a BIA bases solely on the perceived importance of IT services.

    BIA: based on a detailed evaluation or estimated dollar impact of downtime.

    Source: Info-Tech Research Group; N=70

    Select the services you wish to evaluate with the Business Impact Analysis Tool

    1.1b 1 hour

    In large organizations especially, collating an exhaustive list of applications and services is going to be onerous. For the purposes of this project, a subset should suffice.

    Instructions

    1. Gather a diverse group of IT staff and end users in a room with a whiteboard.
    2. Solicit feedback from the group. Questions to ask:
    • What services do you regularly use? What do you see others using? (End users)
    • Which service inspires the greatest number of service calls? (IT)
    • What services are you most excited about? (Management)
    • What services are the most critical for business operations? (Everybody)
  • Record these applications in the Business Impact Analysis Tool.
  • Input

    • Applications/services

    Output

    • Candidate applications for the business impact analysis

    Materials

    • Whiteboard
    • Markers

    Participants

    • Infrastructure manager
    • Enterprise architect
    • Application owners
    • End users

    Info-Tech Insight

    Include a variety of services in your analysis. While it might be tempting to jump ahead and preselect important applications, don’t. The process is inherently valuable, and besides, it might surprise you.

    Record the applications and dependencies in the BIA tool

    1.1c Use tab 1 of the Business Impact Analysis Tool

    1. In the Application/System column, list the applications identified for this pilot as well as the Core Infrastructure category. Also indicate the Impact on the Business and Business Owner.
    2. List the dependencies for each application in the appropriate columns:
    • Hosted On-Premises (In-House) – If the physical equipment is in a facility you own, record it here, even if it is managed by a vendor.
    • Hosted by a Co-Lo/MSP – List any dependencies hosted by a co-lo/MSP vendor.
    • Cloud (includes "as a Service”) – List any dependencies hosted by a cloud vendor.

    Note: If there are no dependencies for a particular category, leave it blank.

  • If you wish to highlight specific dependencies, put an asterisk in front of them (e.g. *SAN). This will cause the dependency to be highlighted in the remaining tabs in this tool.
  • Add comments as needed in the Notes columns. For example, for equipment that you host in-house but is remotely managed by an MSP, specify this in the notes. Similarly, note any DR support services.
  • Example

    The image contains a screenshot of Info-Tech's Business Impact Analysis Tool specifically tab 1.

    ID is optional. It is a sequential number by default.

    In-House, Co-Lo/MSP, and Cloud dependencies; leave blank if not applicable.

    Add notes as applicable – e.g. critical support services.

    Define a scoring scale to estimate different levels of impact

    1.1d Use tab 2 of the Business Impact Analysis Tool

    Modify the Business Impact Scales headings and Overall Criticality Rating terminology to suit your organization. For example, if you don’t have business partners, use that column to measure a different goodwill impact or just ignore that column in this tool (i.e. leave it blank). Estimate the different levels of potential impact (where four is the highest impact and zero is no impact) and record these in the Business Impact Scales columns.

    The image contains a screenshot of Info-Tech's Business Impact Analysis Tool, specifically tab 2.

    Estimate the impact of downtime for each application

    1.1e Use tab 3 of the Business Impact Analysis Tool

    In the BIA tab columns for Direct Costs of Downtime, Impact on Goodwill, and Additional Criticality Factors, use the drop-down menu to assign a score of zero to four based on levels of impact defined in the Scoring Criteria tab. For example, if an organization’s ERP is down, and that affects call center sales operations (e.g. ability to access customer records and process orders), the impact might be as described below:

      • Loss of Revenue might score a two or three depending on the proportion of overall sales lost due to the downtime.
      • The Impact on Customers might be a one or two depending on the extent that existing customers might be using the call center to purchase new products or services, and are frustrated by the inability to process orders.
      • The Legal/Regulatory Compliance and Health or Safety Risk might be a zero.

    On the other hand, if payroll processing is down, this may not impact revenue, but it certainly impacts internal goodwill and productivity.

    Rank service criticality: gold, silver, and bronze

    Gold

    Mission critical services. An outage is catastrophic in terms of cost or public image/goodwill. Example: trading software at a financial institution.

    Silver

    Important to daily operations, but not mission critical. Example: email services at any large organization.

    Bronze

    Loss of these services is an inconvenience more than anything, though they do serve a purpose and will be missed if they are never brought back online. Example: ancient fax machines.

    Info-Tech Best Practice

    Info-Tech recommends gold, silver, and bronze because of this typology’s near universal recognition. If you would prefer a particular designation (it might help with internal comprehension), don’t hesitate to use that one instead.

    Use the results of the business impact analysis to sort systems based on their criticality

    1.1f 1 hour

    Every organization has its own rules about how to categorize service importance. For some (consumer-facing businesses, perhaps) reputational damage may trump immediate costs.

    Instructions

    1. Gather a group of key stakeholders and project the completed Business Impact Analysis Tool onto a screen for them.
    2. Share the definitions of gold, silver, and bronze services with them (if they are not familiar), and begin sorting the services by category,
    • How long would it take to notice if a particular service went out?
    • How important are the non-quantifiable damages that could come with an outage?
  • Sort the services into gold, silver, and bronze on a whiteboard, with sticky notes, or with chart paper.
  • Verify your findings and record them in section 2.1 of the Capacity Plan Template.
  • Input

    • Results of the business impact analysis exercise

    Output

    • List of gold, silver, and bronze systems

    Materials

    • Projector
    • Business Impact Analysis Tool
    • Capacity Plan Template

    Participants

    • Infrastructure manager
    • Enterprise architect

    Leverage the rest of the BIA tool as part of your disaster recovery planning

    Disaster recovery planning is a critical activity, and while it is a sort of availability management, it is beyond this project’s scope. You can complete the business impact analysis (including RTOs and RPOs) for the complete disaster recovery package.

    See Info-Tech’s Create a Right-Sized Disaster Recovery Plan blueprint for instructions on how to complete your business impact analysis.

    Step 1.2: Assign criticality ratings to services

    This step will walk you through the following activities:

    • Create a list of dependencies for your most important applications.
    • Identify important sub-components.
    • Use best practices to develop and negotiate SLAs.

    This involves the following participants:

    • Capacity manager
    • Infrastructure team

    Outcomes of this step

    • List of dependencies of most important applications
    • List of important sub-components
    • SLAs based on best practices

    Determine the base unit of the capacity you’re looking to purchase

    Not every IT organization should approach capacity the same way. Needs scale, and larger organizations will inevitably deal in larger quantities.

    Large cloud provider

    Local traditional business

    • Thousands of servers housed in a number of datacenters around the world.
    • Dedicated capacity manager.
    • Purchases components from OEMs in bulk as part of bespoke contracts that are worth many millions of dollars over time.
    • May deal with components at a massive scale (dozens of servers at once, for example).
    • A small server room that runs non-specialized services (email, for example).
    • Barely even a dedicated IT person, let alone an IT capacity manager.
    • Purchases new components from resellers or even retail stores.
    • Deals with components at a small scale (a single switch here, a server upgrade there).

    "Cloud capacity management is not exactly the same as the ITIL version because ITIL has a focus on the component level. I actually don’t do that, because if I did I’d go crazy. There’s too many components in a cloud environment."

    – Richie Mendoza, IT Consultant, SMITS Inc.

    Consider the relationship between component capacity and service capacity

    End users’ thoughts about IT are based on what they see. They are, in other words, concerned with service availability: does the organization have the ability to provide access to needed services?

    Service

    • Email
    • CRM
    • ERP

    Component

    • Switch
    • SMTP server
    • Archive database
    • Storage

    "You don’t ask the CEO or the guy in charge ‘What kind of response time is your requirement?’ He doesn’t really care. He just wants to make sure that all his customers are happy."

    – Todd Evans, Capacity and Performance Management SME, IBM.

    One telco solved its availability issues by addressing component capacity issues

    CASE STUDY

    Industry: Telecommunications

    Source: Interview

    Coffee and Wi-Fi – a match made in heaven

    In tens of thousands of coffee shops around the world, patrons make ample use of complimentary Wi-Fi. Wi-Fi is an important part of customers’ coffee shop experience, whether they’re online to check their email, do a YouTube, or update their Googles. So when one telco that provided Wi-Fi access for thousands of coffee shops started encountering availability issues, the situation was serious.

    Wi-Fi, whack-a-mole, and web woes

    The team responsible for resolving the issue took an ad hoc approach to resolving complaints, fixing issues as they came up instead of taking a systematic approach.

    Resolution

    Looking at the network as a whole, the capacity manager took a proactive approach by using data to identify and rank the worst service areas, and then directing the team responsible to fix those areas in order of the worst first, then the next worst, and so on. Soon the availability of Wi-Fi service was restored across the network.

    Create a list of dependencies for your most important applications

    1.2a 1.5 hours

    Instructions

    1. Work your way down the list of services outlined in step 1, starting with your gold systems. During the first iteration of this exercise select only 3-5 of your most important systems.
    2. Write the name of each application on a sticky note or at the top of a whiteboard (leaving ample space below for dependency mapping).
    3. In the first tier below the application, include the specific services that the general service provides.
    • This will vary based on the service in question, but an example for email is sending, retrieving, retrieving online, etc.
  • For each of the categories identified in step 3, identify the infrastructure components that are relevant to that system. Be broad and sweeping; if the component is involved in the service, include it here. The goal is to be exhaustive.
  • Leave the final version of the map intact. Photographing or making a digital copy for posterity. It will be useful in later activities.
  • Input

    • List of important applications

    Output

    • List of critical dependencies

    Materials

    • Whiteboard
    • Markers
    • Sticky notes

    Participants

    • Infrastructure manager
    • Enterprise architect

    Info-Tech Insight

    Dependency mapping can be difficult. Make sure you don’t waste effort creating detailed dependency maps for relatively unimportant services.

    Dependency mapping can be difficult. Make sure you don’t waste effort creating detailed dependency maps for relatively unimportant services.

    The image contains a sample dependency map on ride sharing. Ride Sharing has been split between two categories: Application and Drivers. Under drivers it branches out to: Availability, Car, and Pay. Under Application, it branches out to: Compute, Network, Edge devices, Q/A maintenance, and Storage. Compute branches out to Cloud Services. Network branches out to Cellular network and Local. Edge Devices branch out to Drivers and Users. Q/A maintenance does not have a following branch. Storage branches out to Storage (Enterprise) and Storage (local).

    Ride sharing cannot work, at least not at maximum effectiveness, without these constituent components. When one or more of these components are absent or degraded, the service will become unavailable. This example illustrates some challenges of capacity management; some of these components are necessary, but beyond the ride-sharing company’s control.

    Leverage a sample dependency tree for a common service

    The image contains a sample dependency tree for the Email service. Email branches out to: Filtering, Archiving, Retrieval, and Send/receive. Filtering branches out to security appliance which then branches out to CPU, Storage, and Network. Archiving branches to Archive server, which branches out to CPU, Storage, and Network. Retrieval branches out to IMAP/PoP which branches out to CPU, Storage, and Network. Send/receive branches out to IMAP/PoP and SMTP. SMTP branches out to CPU, Storage and Network.

    Info-Tech Best Practice

    Email is an example here not because it is necessarily a “gold system,” but because it is common across industries. This is a useful exercise for any service, but it can be quite onerous, so it should be conducted on the most important systems first.

    Separate the wheat from the chaff; identify important sub-components and separate them from unimportant ones

    1.2b 1.5 hours

    Use the bottom layer of the pyramid drawn in step 1.2a for a list of important sub-components.

    Instructions

    1. Record a list of the gold services identified in the previous activity. Leave space next to each service for sub-components.
    2. Go through each relevant sub-component. Highlight those that are critical and could reasonably be expected to cause problems.
    • Has this sub-component caused a problem in the past?
    • Is this sub-component a bottleneck?
    • What could cause this component to fail? Is it such an occurrence feasible?
  • Record the results of the exercise (and the service each sub-component is tied to) in tab 2 (columns B &C) of the Capacity Snapshot Tool.
  • Input

    • List of important applications

    Output

    • List of critical dependencies

    Materials

    • Whiteboard
    • Markers

    Participants

    • Infrastructure manager
    • Enterprise architect

    Understand availability commitments with SLAs

    With the rise of SaaS, cloud computing, and managed services, critical services and their components are increasingly external to IT.

    • IT’s lack of access to the internal working of services does not let them off the hook for performance issues (as much as that might be the dream).
    • Vendor management is availability management. Use the dependency map drawn earlier in this phase to highlight the components of critical services that rely on capacity that cannot be managed internally.
    • For each of these services ensure that an appropriate SLA is in place. When acquiring new services, ensure that the vendor SLA meets business requirements.

    The image contains a large blue circle labelled: Availability. Also in the blue circle is a small red circle labelled: Capacity.

    In terms of service provision, capacity management is a form of availability management. Not all availability issues are capacity issues, but the inverse is true.

    Info-Tech Insight

    Capacity issues will always cause availability issues, but availability issues are not inherently capacity issues. Availability problems can stem from outages unrelated to capacity (e.g. power or vendor outages).

    Use best practices to develop and negotiate SLAs

    1.2c 20 minutes per service

    When signing contracts with vendors, you will be presented with an SLA. Ensure that it meets your requirements.

    1. Use the business impact analysis conducted in this project’s first step to determine your requirements. How much downtime can you tolerate for your critical services?
    2. Once you have been presented with an SLA, be sure to scour it for tricks. Remember, just because a vendor offers “five nines” of availability doesn’t mean that you’ll actually get that much uptime. It could be that the vendor is comfortable eating the cost of downtime or that the contract includes provisions for planned maintenance. Whether or not the vendor anticipated your outage does little to mitigate the damage an outage can cause to your business, so be careful of these provisions.
    3. Ensure that the person ultimately responsible for the SLA (the approver) understands the limitations of the agreement and the implications for availability.

    Input

    • List of external component dependencies

    Output

    • SLA requirements

    Materials

    • Whiteboard
    • Markers

    Participants

    • Infrastructure manager
    • Enterprise architect

    Info-Tech Insight

    Vendors are sometimes willing to eat the cost of violating SLAs if they think it will get them a contract. Be careful with negotiation. Just because the vendor says they can do something doesn’t make it true.

    Negotiate internal SLAs using Info-Tech’s rigorous process

    Talking past each other can drive misalignment between IT and the business, inconveniencing all involved. Quantify your needs through an internal SLA as part of a comprehensive availability management plan.

    See Info-Tech’s Improve IT-Business Alignment Through an Internal SLA blueprint for instructions on why you should develop internal SLAs and the potential benefits they bring.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop.

    The image contains a picture of an Info-Tech analyst.

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.2

    The image contains a screenshot of activity 1.2 as previously described above.

    Create a list of dependencies for your most important applications

    Using the results of the business impact analysis, the analyst will guide workshop participants through a dependency mapping exercise that will eventually populate the Capacity Plan Template.

    Phase 1 Guided Implementation

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Conduct a business impact analysis

    Proposed Time to Completion: 1 week

    Step 1.1: Create a scale to measure different levels of impact

    Review your findings with an analyst

    Discuss how you arrived at the rating of your critical systems and their dependencies. Consider whether your external SLAs are appropriate.

    Then complete these activities…

    • Use the results of the business impact analysis to sort systems based on their criticality

    With these tools & templates:

    Business Impact Analysis Tool

    Step 1.2: Assign criticality ratings to services

    Review your findings with an analyst

    Discuss how you arrived at the rating of your critical systems and their dependencies. Consider whether your external SLAs are appropriate.

    Then complete these activities…

    • Create a list of dependencies for your most important applications
    • Identify important sub-components
    • Use best practices to develop and negotiate SLAs

    With these tools & templates:

    Capacity Snapshot Tool

    Phase 1 Results & Insights:

    • Engaging in detailed capacity planning for an insignificant service is a waste of resources. Focus on ensuring availability for your most critical systems.
    • Carefully evaluate vendors’ service offerings. Make sure the SLA works for you, and approach pie-in-the-sky promises with skepticism.

    PHASE 2

    Establish Visibility Into Core Systems

    Step 2.1: Define your monitoring strategy

    This step will walk you through the following activities:

    • Determine the indicators you should be tracking for each sub-component.

    This involves the following participants:

    • Capacity manager
    • Infrastructure team

    Outcomes of this step

    • List of indicators to track for each sub-component

    Data has its significance—but also its limitations

    The rise of big data can be a boon for capacity managers, but be warned: not all data is created equal. Bad data can lead to bad decisions – and unemployed capacity managers.

    Your findings are only as good as your data. Remember: garbage in, garbage out. There are three characteristics of good data:*

    1. Accuracy: is the data exact and correct? More detail and confidence is better.
    2. Reliability: is the data consistent? In other words, if you run the same test twice will you get the same results?
    3. Validity: is the information gleaned believable and relevant?

    *National College of Teaching & Leadership, “Reliability and Validity”

    "Data is king. Good data is absolutely essential to [the capacity manager] role."

    – Adrian Blant, Independent Capacity Consultant, IT Capability Solutions

    Info-Tech Best Practice

    Every organization’s data needs are different; your data needs are going to be dictated by your services, delivery model, and business requirements. Make sure you don’t confuse volume with quality, even if others in your organization make that mistake.

    Take advantage of technology to establish visibility into your systems

    Managing your availability and capacity involves important decisions about what to monitor and how thresholds should be set.

    • Use the list of critical applications developed through the business impact analysis and the list of components identified in the dependency mapping exercise to produce a plan for effectively monitoring component availability and capacity.
    • The nature of IT service provision – the multitude of vendors providing hardware and services necessary for even simple IT services to work effectively – means that it is unlikely that capacity management will be visible through a single pane of glass. In other words, “email” and “CRM” don’t have a defined capacity. It always depends.
    • Establishing visibility into systems involves identifying what needs to be tracked for each component.

    Too much monitoring can be as bad as the inverse

    In 2013, a security breach at US retailer Target compromised more than 70 million customers’ data. The company received an alert, but it was thought to be a false positive because the monitoring system produced so many false and redundant alerts. As a result of the daily deluge, staff did not respond to the breach in time.

    Info-Tech Insight

    Don’t confuse monitoring with management. While establishing visibility is a crucial step, it is only part of the battle. Move on to this project’s next phase to explore opportunities to improve your capacity/availability management process.

    Determine the indicators you should be tracking for each sub-component

    2.1a Tab 3 of the Capacity Snapshot Tool

    It is nearly impossible to overstate the importance of data to the process of availability and capacity management. But the wrong data will do you no good.

    Instructions

    1. Open the Capacity Snapshot Tool to tab 2. The tool should have been populated in step 1.2 as part of the component mapping exercise.
    2. For each service, determine which metric(s) would most accurately tell the component’s story. Consider the following questions when completing this activity (you may end up with more than one metric):
    • How would the component’s capacity be measured (storage space, RAM, bandwidth, vCPUs)?
    • Is the metric in question actionable?
  • Record each metric in the Metric column (D) of the Capacity Snapshot Tool. Use the adjacent column for any additional information on metrics.
  • Info-Tech Insight

    Bottlenecks are bad. Use the Capacity Snapshot Tool (or another tool like it) to ensure that when the capacity manager leaves (on vacation, to another role, for good) the knowledge that they have accumulated does not leave as well.

    Understand the limitations of this approach

    Although we’ve striven to make it as easy as possible, this process will inevitably be cumbersome for organizations with a complicated set of software, hardware, and cloud services.

    Tracking every single component in significant detail will produce a lot of noise for each bit of signal. The approach outlined here addresses that concern in two ways:

    • A focus on gold services
    • A focus on sub-components that have a reasonable likelihood of being problematic in the future.

    Despite this effort, however, managing capacity at the component level is a daunting task. Ultimately, tools provided by vendors like SolarWinds and AppDynamics will fill in some of the gaps. Nevertheless, an understanding of the conceptual framework underlying availability and capacity management is valuable.

    Step 2.2: Implement your monitoring tool/aggregator

    This step will walk you through the following activities:

    • Clarify visibility.
    • Determine whether or not you have sufficiently granular visibility.
    • Develop strategies to .any visibility issues.

    This involves the following participants:

    • Capacity manager
    • Infrastructure team
    • Applications personnel

    Outcomes of this step

    • Method for measuring and monitoring critical sub-components

    Companies struggle with performance monitoring because 95% of IT shops don’t have full visibility into their environments

    CASE STUDY

    Industry: Financial Services

    Source: AppDynamics

    Challenge

    • Users are quick to provide feedback when there is downtime or application performance degradation.
    • The challenge for IT teams is that while they can feel the pain, they don’t have visibility into the production environment and thus cannot identify where the pain is coming from.
    • The most common solution that organizations rely on is leveraging the log files for issue diagnosis. However, this method is slow and often unable to pinpoint the problem areas, leading to delays in problem resolution.

    Solution

    • Application and infrastructure teams need to work together to develop infrastructure flow maps and transaction profiles.
    • These diagrams will highlight the path that each transaction travels across your infrastructure.
    • Ideally at this point, teams will also capture latency breakdowns across every tier that the business transaction flows through.
      • This will ultimately kick start the baselining process.

    Results

    • Ninety-five percent of IT departments don’t have full visibility into their production environment. As a result, a slow business transaction will often require a war-room approach where SMEs from across the organization gather to troubleshoot.
    • Having visibility into the production environment through infrastructure flow mapping and transaction profiling will help IT teams pinpoint problems.
      • At the very least, teams will be able to identify common problem areas and expedite the root-cause analysis process.

    Source: “Just how complex can a Login Transaction be? Answer: Very!,” AppDynamics

    Monitor your critical sub-components

    Establishing a monitoring plan for your capacity involves answering two questions: can I see what I need to see, and can I see it with sufficient granularity?

    • Having the right tool for the job is an important step towards effective capacity and availability management.
    • Application performance management tools (APMs) are essential to the process, but they tend to be highly specific and vertically oriented, like using a microscope.
    • Some product families can cover a wider range of capacity monitoring functions (SolarWinds, for example). It is still important, however, to codify your monitoring needs.

    "You don’t use a microscope to monitor an entire ant farm, but you might use many microscopes to monitor specific ants."

    – Fred Chagnon, Research Director, Infrastructure Practice, Info-Tech Research Group

    Monitor your sub-components: clarify visibility

    2.2a Tab 2 of the Capacity Snapshot Tool

    The next step in capacity management is establishing whether or not visibility (in the broad sense) is available into critical sub-components.

    Instructions

    1. Open the Capacity Snapshot Tool and record the list of sub-components identified in the previous step.
    2. For each sub-component answer the following question:
    • Do I have easy access to the information I need to monitor to ensure this component remains available?
  • Select “Yes” or “No” from the drop-down menus as appropriate. In the adjacent column record details about visibility into the component.
    • What tool provides the information? Where can it be found?

    The image contains a screenshot of Info-Tech's Capacity Snapshot Tool, Tab 2.

    Monitor your sub-components; determine whether or not you have sufficient granular visibility

    2.2b Tab 2 of the Capacity Snapshot Tool

    Like ideas and watches, not all types of visibility are created equal. Ensure that you have access to the right information to make capacity decisions.

    Instructions

    1. For each of the sub-components clarify the appropriate level of granularity for the visibility gained to be useful. In the case of storage, for example, is raw usage (in gigabytes) sufficient, or do you need a breakdown of what exactly is taking up the space? The network might be more complicated.
    2. Record the details of this ideation in the adjacent column.
    3. Select “Yes” or “No” from the drop-down menu to track the status of each sub-component.

    The image contains a picture of an iPhone storage screen where it breaks down the storage into the following categories: apps, media, photos, and other.

    For most mobile phone users, this breakdown is sufficient. For some, more granularity might be necessary.

    Info-Tech Insight

    Make note of monitoring tools and strategies. If anything changes, be sure to re-evaluate the visibility status. An outdated spreadsheet can lead to availability issues if management is unaware of looming problems.

    Develop strategies to ameliorate any visibility issues

    2.2c 1 hour

    The Capacity Snapshot Tool color-codes your components by status. Green – visibility and granularity are both sufficient; yellow – visibility exists, though not at sufficient granularity; and red – visibility does not exist at all.

    Instructions

    1. Write each of the yellow and red sub-components on a whiteboard or piece of chart paper.
    2. Brainstorm amelioration strategies for each of the problematic sub-components.
    • Does the current monitoring tool have sufficient functionality?
    • Does it need to be further configured/customized?
    • Do we need a whole new tool?
  • Record these strategies in the Amelioration Strategy column on tab 4 of the tool.
  • Input

    • Sub-components
    • Capacity Snapshot Tool

    Output

    • Amelioration strategies

    Materials

    • Whiteboard
    • Markers
    • Capacity Snapshot Tool

    Participants

    • Infrastructure manager

    Info-Tech Best Practice

    It might be that there is no amelioration strategy. Make note of this difficulty and highlight it as part of the risk section of the Capacity Plan Template.

    See Info-Tech’s projects on storage and network modernization for additional details

    Leverage other products for additional details on how to modernize your network and storage services.

    The process of modernizing the network is fraught with vestigial limitations. Develop a program to gather requirements and plan.

    As part of the blueprint, Modernize Enterprise Storage, the Modernize Enterprise Storage Workbook includes a section on storage capacity planning.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop.

    The image contains a picture of an Info-Tech analyst.

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    2.2

    The image contains a screenshot of activity 2.2.

    Develop strategies to ameliorate visibility issues

    The analyst will guide workshop participants in brainstorming potential solutions to visibility issues and record them in the Capacity Snapshot Tool.

    Phase 2 Guided Implementation

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Establish visibility into core systems

    Proposed Time to Completion: 3 weeks

    Step 2.1: Define your monitoring strategy

    Review your findings with an analyst

    Discuss your monitoring strategy and ensure you have sufficient visibility for the needs of your organization.

    Then complete these activities…

    • Determine the indicators you should be tracking for each sub-component

    With these tools & templates:

    • Capacity Snapshot Tool

    Step 2.2: Implement your monitoring tool/aggregator

    Review your findings with an analyst

    Discuss your monitoring strategy and ensure you have sufficient visibility for the needs of your organization.

    Then complete these activities…

    • Clarify visibility
    • Determine whether or not you have sufficiently granular visibility
    • Develop strategies to ameliorate any visibility issues

    With these tools & templates:

    • Capacity Snapshot Tool

    Phase 2 Results & Insights:

    • Every organization’s data needs are different. Adapt data gathering, reporting, and analysis according to your services, delivery model, and business requirements.
    • Don’t confuse monitoring with management. Build a system to turn reported data into useful information that feeds into the capacity management process.

    PHASE 3

    Solicit and Incorporate Business Needs

    Step 3.1: Solicit business needs and gather data

    This step will walk you through the following activities:

    • Build relationships with business stakeholders.
    • Analyze usage data and identify trends.
    • Correlate usage trends with business needs.

    This involves the following participants:

    • Capacity manager
    • Infrastructure team members
    • Business stakeholders

    Outcomes of this step

    • System for involving business stakeholders in the capacity planning process
    • Correlated data on business level, service level, and infrastructure level capacity usage

    Summarize your capacity planning activities in the Capacity Plan Template

    The availability and capacity management summary card pictured here is a handy way to capture the results of the activities undertaken in the following phases. Note its contents carefully, and be sure to record specific outputs where appropriate. One such card should be completed for each of the gold services identified in the project’s first phase. Make note of the results of the activities in the coming phase, and populate the Capacity Snapshot Tool. These will help you populate the tool.

    The image contains a screenshot of Info-Tech's Capacity Plan Template.

    Info-Tech Best Practice

    The Capacity Plan Template is designed to be a part of a broader mapping strategy. It is not a replacement for a dedicated monitoring tool.

    Analyze historical trends as a crucial source of data

    The first place to look for information about your organization is not industry benchmarks or your gut (though those might both prove useful).

    • Where better to look than internally? Use the data you’ve gathered from your APM tool or other sources to understand your historical capacity needs and to highlight any periods of unavailability.
    • Consider monitoring the status of the capacity of each of your crucial components. The nature of this monitoring will vary based on the component in question. It can range from a rough Excel sheet all the way to a dedicated application performance monitoring tool.

    "In all cases the very first thing to do is to look at trending…The old adage is ‘you don’t steer a boat by its wake,’ however it’s also true that if something is growing at, say, three percent a month and it has been growing at three percent a month for the last twelve months, there’s a fairly good possibility that it’s going to carry on going in that direction."

    – Mike Lynch, Consultant, CapacityIQ

    Gather relevant data at the business level

    3.1a 2 hours per service

    A holistic approach to capacity management involves peering beyond the beaded curtain partitioning IT from the rest of the organization and tracking business metrics.

    Instructions

    1. Your service/application owners know how changes in business activities impact their systems. Business level capacity management involves responding to those changes. Ask service/application owners what changes will impact their capacity. Examples include:
    • Business volume (net new customers, number of transactions)
    • Staff changes (new hires, exits, etc.)
  • For each gold service, brainstorm relevant metrics. How can you capture that change in business volume?
  • Record these metrics in the summary card of the Capacity Plan Template.
  • In the notes section of the summary card record whether or not you have access to the required business metric.
  • Input

    • Brainstorming
    • List of gold services

    Output

    • Business level data

    Materials

    • In-house solution or commercial tool

    Participants

    • Capacity manager
    • Application/service owners

    Gather relevant data at the service level

    3.1b 2 hours per service

    One level of abstraction down is the service level. Service level capacity management, recall that service level capacity management is about ensuring that IT is meeting SLAs in its service provision.

    Instructions

    1. There should be internal SLAs for each service IT offers. (If not, that’s a good place to start. See Info-Tech’s research on the subject.) Prod each of your service owners for information on the metrics that are relevant for their SLAs. Consider the following:
    • Peak hours, requests per second, etc.
    • This will usually include some APM data.
  • Record these metrics in the summary card of the Capacity Plan Template.
  • Include any visibility issues in the notes in a similar section of the Capacity Plan Template.
  • Input

    • Brainstorming
    • List of gold services

    Output

    • Service level data

    Materials

    • In-house solution or commercial tool

    Participants

    • Capacity manager
    • Application/service owners

    Leverage the visibility into your infrastructure components and compare all of your data over time

    You established visibility into your components in the second phase of this project. Use this data, and that gathered at the business and service levels, to begin analyzing your demand over time.

    • Different organizations will approach this issue differently. Those with a complicated service catalog and a dedicated capacity manager might employ a tool like TeamQuest. If your operation is small, or you need to get your availability and capacity management activities underway as quickly as possible, you might consider using a simple spreadsheet software like Excel.
    • If you choose the latter option, select a level of granularity (monthly, weekly, etc.) and produce a line graph in Excel.
    • Example: Employee count (business metric)

    Jan

    Feb

    Mar

    Apr

    May

    June

    July

    74

    80

    79

    83

    84

    100

    102

    The image contains a graph using the example of employee count described above.

    Note: the strength of this approach is that it is easy to visualize. Use the same timescale to facilitate simple comparison.

    Manage, don’t just monitor; mountains of data need to be turned into information

    Information lets you make a decision. Understand the questions you don’t need to ask, and ask the right ones.

    "Often what is really being offered by many analytics solutions is just more data or information – not insights."

    – Brent Dykes, Director of Data Strategy, Domo

    Info-Tech Best Practice

    You can have all the data in the world and absolutely nothing valuable to add. Don’t fall for this trap. Use the activities in this phase to structure your data collection operation and ensure that your organization’s availability and capacity management plan is data driven.

    Analyze historical trends and track your services’ status

    3.1c Tab 3 of the Capacity Snapshot Tool

    At-a-glance – it’s how most executives consume all but the most important information. Create a dashboard that tracks the status of your most important systems.

    Instructions

    1. Consult infrastructure leaders for information about lead times for new capacity for relevant sub-components and include that information in the tool.
    • Look to historical lead times. (How long does it traditionally take to get more storage?)
    • If you’re not sure, contact an in-house expert, or speak to your vendor
  • Use tab 3 of the tool to record whether your existing capacity will be exceeded before you can stand more hardware up (red), you have a plan to ameliorate capacity issues but new capacity is not yet in place (yellow), or if you are not slated to run out of capacity any time soon (green).
  • Repeat the activity regularly. Include notes about spikes that might present capacity challenges, and information about when capacity may run out.
  • This tool collates and presents information gathered from other sources. It is not a substitute for a performance monitoring tool.

    Build a list of key business stakeholders

    3.1d 10 minutes

    Stakeholder analysis is crucial. Lines of authority can be diffuse. Understand who needs to be involved in the capacity management process early on.

    Instructions

    1. With the infrastructure team, brainstorm a group of departments, roles, and people who may impact demand on capacity.
    2. Go through the list with your team and identify stakeholders from two groups:
    • Line of business: who in the business makes use of the service?
    • Application owner: who in IT is responsible for ensuring the service is up?
  • Insert the list into section 3 of the Capacity Plan Template, and update as needed.
  • Input

    • Gold systems
    • Personnel Information

    Output

    • List of key business stakeholders

    Materials

    • Whiteboard
    • Markers

    Participants

    • Capacity manager
    • Infrastructure staff

    Info-Tech Best Practice

    Consider which departments are most closely aligned with the business processes that fuel demand. Prioritize those that have the greatest impact. Consider the stakeholders who will make purchasing decisions for increasing infrastructure capacity.

    Organize stakeholder meetings

    3.1e 10 hours

    Establishing a relationship with your stakeholders is a necessary step in managing your capacity and availability.

    Instructions

    1. Gather as many of the stakeholders identified in the previous activity as you can and present information on availability and capacity management
    • If you can’t get everyone in the same room, a virtual meeting or even an email blast could get the job done.
  • Explain the importance of capacity and availability management
    • Consider highlighting the trade-offs between cost and availability.
  • Field any questions the stakeholders might have about the process. Be honest. The goal of this meeting is to build trust. This will come in handy when you’re gathering business requirements.
  • Propose a schedule and seek approval from all present. Include the results in section 3 of the Capacity Plan Template.
  • Input

    • List of business stakeholders
    • Hard work

    Output

    • Working relationship, trust
    • Regular meetings

    Materials

    • Work ethic
    • Executive brief

    Participants

    • Capacity manager
    • Business stakeholders

    Info-Tech Insight

    The best capacity managers develop new business processes that more closely align their role with business stakeholders. Building these relationships takes hard work, and you must first earn the trust of the business.

    Bake stakeholders into the planning process

    3.1f Ongoing

    Convince, don’t coerce. Stakeholders want the same thing you do. Bake them into the planning process as a step towards this goal.

    1. Develop a system to involve stakeholders regularly in the capacity planning process.
    • Your system will vary depending on the structure and culture of your organization.
    • See the case study on the following slide for ideas.
    • It may be as simple as setting a recurring reminder in your own calendar to touch base with stakeholders.
  • Liaise with stakeholders regularly to keep abreast of new developments.
    • Ensure stakeholders have reasonable expectations about IT’s available resources, the costs of providing capacity, and the lead times required to source additional needed capacity.
  • Draw on these stakeholders for the step “Gather information on business requirements” later in this phase.
  • Input

    • List of business stakeholders
    • Ideas

    Output

    • Capacity planning process that involves stakeholders

    Materials

    • Meeting rooms

    Participants

    • Capacity manager
    • Business stakeholders
    • Infrastructure team

    A capacity manager in financial services wrangled stakeholders and produced results

    CASE STUDY

    Industry: Financial Services

    Source: Interview

    In financial services, availability is king

    In the world of financial services, availability is absolutely crucial. High-value trades occur at all hours, and any institution that suffers outages runs the risk of losing tens of thousands of dollars, not to mention reputational damage.

    People know what they want, but sometimes they have to be herded

    While line of business managers and application owners understand the value of capacity management, it can be difficult to establish the working relationship necessary for a fruitful partnership.

    Proactively building relationships keeps services available

    He built relationships with all the department heads on the business side, and all the application owners.

    • He met with department heads quarterly.
    • He met with application owners and business liaisons monthly.

    He established a steering committee for capacity.

    He invited stakeholders to regular capacity planning meetings.

    • The first half of each meeting was high-level outlook, such as business volume and IT capacity utilization, and included stakeholders from other departments.
    • The second half of the meeting was more technical, serving the purpose for the infrastructure team.

    He scheduled lunch and learn sessions with business analysts and project managers.

    • These are the gatekeepers of information, and should know that IT needs to be involved when things come down the pipeline.

    Step 3.2: Analyze data and project future needs

    This step will walk you through the following activities:

    • Solicit needs from the business.
    • Map business needs to technical requirements, and technical requirements to infrastructure requirements.
    • Identify inefficiencies in order to remedy them.
    • Compare the data across business, component, and service levels, and project your capacity needs.

    This involves the following participants:

    • Capacity manager
    • Infrastructure team members
    • Business stakeholders

    Outcomes of this step

    • Model of how business processes relate to technical requirements and their demand on infrastructure
    • Method for projecting future demand for your organization’s infrastructure
    • Comparison of current capacity usage to projected demand

    “Nobody tells me anything!” – the capacity manager’s lament

    Sometimes “need to know” doesn’t register with sales or marketing. Nearly every infrastructure manager can share a story about a time when someone has made a decision that has critically impacted IT infrastructure without letting anyone in IT in on the “secret.”

    In brief

    The image contains a picture of a man appearing to be overwhelmed.

    Imagine working for a media company as an infrastructure capacity manager. Now imagine that the powers that be have decided to launch a content-focused web service. Seems like something they would do, right? Now imagine you find out about it the same way the company’s subscribers do. This actually happened – and it shouldn’t have. But a similar lack of alignment makes this a real possibility for any organization. If you don’t establish a systematic plan for soliciting and incorporating business requirements, prepare to lose a chunk of your free time. The business should never be able to say, in response to “nobody tells me anything,” “nobody asked.”

    Pictured: an artist’s rendering of the capacity manager in question.

    Directly solicit requirements from the business

    3.2a 30 minutes per stakeholder

    Once you’ve established, firmly, that everyone’s on the same team, meet individually with the stakeholders to assess capacity.

    Instructions

    1. Schedule a one-on-one meeting with each line of business manager (stakeholders identified in 3.1). Ideally this will be recurring.
    • Experienced capacity managers suggest doing this monthly.
  • In the meeting address the following questions:
    • What are some upcoming major initiatives?
    • Is the department going to expand or contract in a noticeable way?
    • Have customers taken to a particular product more than others?
  • Include the schedule in the Capacity Plan Template, and consider including details of the discussion in the notes section in tab 3 of the Capacity Snapshot Tool.
  • Input

    • Stakeholder opinions

    Output

    • Business requirements

    Materials

    • Whiteboard
    • Markers

    Participants

    • Capacity manager
    • Infrastructure staff

    Info-Tech Insight

    Sometimes line of business managers will evade or ignore you when you come knocking. They do this because they don’t know and they don’t want to give you the wrong information. Explain that a best guess is all you can ask for and allay their fears.

    Below, you will find more details about what to look for when soliciting information from the line of business manager you’ve roped into your scheme.

    1. Consider the following:
    • Projected sales pipeline
    • Business growth
    • Seasonal cycles
    • Marketing campaigns
    • New applications and features
    • New products and services
  • Encourage business stakeholders to give you their best guess for elements such as projected sales or business growth.
  • Estimate variance and provide a range. What can you expect at the low end? The high end? Record your historical projections for an idea of how accurate you are.
  • Consider carefully the infrastructure impact of new features (and record this in the notes section of the Capacity Snapshot Tool).
  • Directly solicit requirements from the business (optional)

    3.2a 1 hour

    IT staff and line of business staff come with different skillsets. This can lead to confusion, but it doesn’t have to. Develop effective information solicitation techniques.

    Instructions

    1. Gather your IT staff in a room with a whiteboard. As a group, select a gold service/line of business manager you would like to use as a “practice dummy.”
    2. Have everyone write down a question they would ask of the line of business representative in a hypothetical business/service capacity discussion.
    3. As a group discuss the merits of the questions posed:
    • Are they likely to yield productive information?
    • Are they too vague or specific?
    • Is the person in question likely to know the answer?
    • Is the information requested a guarded trade secret?
  • Discuss the findings and include any notes in section 3 of the Capacity Plan Template.
  • Input

    • Workshop participants’ ideas

    Output

    • Interview skills

    Materials

    • Whiteboard
    • Markers
    • Sticky notes

    Participants

    • Capacity manager
    • Infrastructure staff

    Map business needs to technical requirements, and technical requirements to infrastructure requirements

    3.2b 5 hours

    When it comes to mapping technical requirements, IT alone has the ability to effectively translate business needs.

    Instructions

    1. Use your notes from stakeholder meetings to assess the impact of any changes on gold systems.
    2. For each system brainstorm with infrastructure staff (and any technical experts as necessary) about what the information gleaned from stakeholder discussions. Consider the following discussion points:
    • How has demand for the service been trending? Does it match what the business is telling us?
    • Have we had availability issues in the past?
    • Has the business been right with their estimates in the past?
  • Estimate what a change in business/service metrics means for capacity.
    • E.g. how much RAM does a new email user require?
  • Record the output in the summary card of the Capacity Plan Template.
  • Input

    • Business needs

    Output

    • Technical and infrastructure requirements

    Materials

    • Whiteboard
    • Markers

    Participants

    • Capacity manager
    • Infrastructure staff

    Info-Tech Insight

    Adapt the analysis to the needs of your organization. One capacity manager called the one-to-one mapping of business process to infrastructure demand the Holy Grail of capacity management. If this level of precision isn’t attainable, develop your own working estimates using the higher-level data

    Avoid putting too much faith in the cloud as a solution to your problem

    Has the rise of on-demand, functionally unlimited services eliminated the need for capacity and availability management?

    Capacity management

    The role of the capacity manager is changing, but it still has a purpose. Consider this:

    • Not everything can move to the cloud. For security/functionality reasons, on-premises infrastructure will continue to exist.
    • Cost management is more relevant than ever in the cloud age. Manage your instances.
    • While a cloud migration might render some component capacity management functions irrelevant, it could increase the relevance of others (the network, perhaps).

    Availability management

    Ensuring services are available is still IT’s wheelhouse, even if that means a shift to a brokerage model:

    • Business availability requirements (as part of the business impact analysis, potentially) are important; internal SLAs and contracts with vendors need to be managed.
    • Even in the cloud environment, availability is not guaranteed. Cloud providers have outages (unplanned, maintenance related, etc.) and someone will have to understand the limitations of cloud services and the impact on availability.

    Info-Tech Insight

    The cloud comes at the cost of detailed performance data. Sourcing a service through an SLA with a third party increases the need to perform your own performance testing of gold level applications. See performance monitoring.

    Beware Parkinson’s law

    A consequence of our infinite capacity for creativity, people have the enviable skill of making work. In 1955, C. Northcote Parkinson pointed out this fact in The Economist . What are the implications for capacity management?

    "It is a commonplace observation that work expands so as to fill the time available for its completion. Thus, an elderly lady of leisure can spend the entire day in writing and despatching a postcard to her niece at Bognor Regis. An hour will be spent in finding the postcard, another in hunting for spectacles, half-an-hour in a search for the address, an hour and a quarter in composition, and twenty minutes in deciding whether or not to take an umbrella when going to the pillar-box in the next street."

    C. Northcote Parkinson, The Economist, 1955

    Info-Tech Insight

    If you give people lots of capacity, they will use it. Most shops are overprovisioned, and in some cases that’s throwing perfectly good money away. Don’t be afraid to prod if someone requests something that doesn’t seem right.

    Optimally align demand and capacity

    When it comes to managing your capacity, look for any additional efficiencies.

    Questions to ask:

    • Are there any infrastructure services that are not being used to their full potential, sitting idle, or allocated to non-critical or zombie functions?
      • Are you managing your virtual servers? If, for example, you experience a seasonal spike in demand, are you leaving virtual machines running after the fact?
    • Do your organization’s policies and your infrastructure setup allow for the use of development resources for production during periods of peak demand?
    • Can you make organizational or process changes in order to satisfy demand more efficiently?

    In brief

    Who isn’t a sports fan? Big games mean big stakes for pool participants and armchair quarterbacks—along with pressure on the network as fans stream games from their work computers. One organization suffered from this problem, and, instead of taking a hardline and banning all streams, opted to stream the game on a large screen in a conference room where those interested could work for its duration. This alleviated strain on the network and kept staff happy.

    Shutting off an idle cloud to cut costs

    CASE STUDY

    Industry:Professional Services

    Source:Interview

    24/7 AWS = round-the-clock costs

    A senior developer realized that his development team had been leaving AWS instances running without any specific reason.

    Why?

    The development team appreciated the convenience of an always-on instance and, because the people spinning them up did not handle costs, the problem wasn’t immediately apparent.

    Resolution

    In his spare time over the course of a month, the senior developer wrote a program to manage the servers, including shutting them down during times when they were not in use and providing remote-access start-up when required. His team alone saved $30,000 in costs over the next six months, and his team lead reported that it would have been more than worth paying the team to implement such a project on company time.

    Identify inefficiencies in order to remediate them

    3.2c 20 minutes per service

    Instructions

    1. Gather the infrastructure team together and discuss existing capacity and demand. Use the inputs from your data analysis and stakeholder meetings to set the stage for your discussion.
    2. Solicit ideas about potential inefficiencies from your participants:
    • Are VMs effectively allocated? If you need 7 VMs to address a spike, are those VMs being reallocated post-spike?
    • Are developers leaving instances running in the cloud?
    • Are particular services massively overprovisioned?
    • What are the biggest infrastructure line items? Are there obvious opportunities for cost reduction there?
  • Record any potential opportunities in the summary of the Capacity Plan Template.
  • Input

    • Gold systems
    • Data inputs

    Output

    • Inefficiencies

    Materials

    • Whiteboard
    • Markers

    Participants

    • Capacity manager
    • Infrastructure staff

    Info-Tech Insight

    The most effective capacity management takes a holistic approach and looks at the big picture in order to find ways to eliminate unnecessary infrastructure usage, or to find alternate or more efficient sources of required capacity.

    Dodging the toll troll by rerouting traffic

    CASE STUDY

    Industry:Telecommunications

    Source: Interview

    High-cost lines

    The capacity manager at a telecommunications provider mapped out his firm’s network traffic and discovered they were using a number of VP circuits (inter building cross connects) that were very expensive on the scale of their network.

    Paying the toll troll

    These VP circuits were supplying needed network services to the telecom provider’s clients, so there was no way to reduce this demand.

    Resolution

    The capacity manager analyzed where the traffic was going and compared this to the cost of the lines they were using. After performing the analysis, he found he could re-route much of the traffic away from the VP circuits and save on costs while delivering the same level of service to their users.

    Compare the data across business, component, and service levels, and project your capacity needs

    3.2d 2 hour session/meeting

    Make informed decisions about capacity. Remember: retain all documentation. It might come in handy for the justification of purchases.

    Instructions

    1. Using either a dedicated tool or generic spreadsheet software like Excel or Sheets, evaluate capacity trends. Ask the following questions:
    • Are there times when application performance degraded, and the service level was disrupted?
    • Are there times when certain components or systems neared, reached, or exceeded available capacity?
    • Are there seasonal variations in demand?
    • Are there clear trends, such as ongoing growth of business activity or the usage of certain applications?
    • What are the ramifications of trends or patterns in relation to infrastructure capacity?
  • Use the insight gathered from stakeholders during the stakeholder meetings, project required capacity for the critical components of each gold service.
  • Record the results of this activity in the summary card of the Capacity Plan Template.
  • Compare current capacity to your projections

    3.2e Section 5 of the Capacity Plan Template

    Capacity management (and, by extension, availability management) is a combination of two balancing acts: cost against capacity and supply and demand.*

    Instructions

    1. Compare your projections with your reality. You already know whether or not you have enough capacity given your lead times. But do you have too much? Compare your sub-component capacity projections to your current state.
    2. Highlight any outliers. Is there a particular service that is massively overprovisioned?
    3. Evaluate the reasons for the overprovisioning.
    • Is the component critically important?
    • Did you get a great deal on hardware?
    • Is it an oversight?
  • Record the results in the notes section of the summary card of the Capacity Plan Template.
  • *Office of Government Commerce 2001, 119.

    In brief

    The fractured nature of the capacity management space means that every organization is going to have a slightly different tooling strategy. No vendor has dominated, and every solution requires some level of customization. One capacity manager (a cloud provider, no less!) relayed a tale about a capacity management Excel sheet programmed with 5,000+ lines of code. As much work as that is, a bespoke solution is probably unavoidable.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop.

    The image contains a picture of an Info-Tech analyst.

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.2

    The image contains a screenshot of activity 3.2.

    Map business needs to technical requirements and technical requirements to infrastructure requirements

    The analyst will guide workshop participants in using their organization’s data to map out the relationships between applications, technical requirements, and the underlying infrastructure usage.

    Phase 3 Guided Implementation

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Solicit and incorporate business needs

    Proposed Time to Completion: 2 weeks

    Step 3.1: Solicit business needs and gather data

    Review your findings with an analyst

    Discuss the effectiveness of your strategies to involve business stakeholders in the planning process and your methods of data collection and analysis.

    Then complete these activities…

    • Analyze historical trends and track your services’ status
    • Build a list of key business stakeholders
    • Bake stakeholders into the planning process

    With these tools & templates:

    Capacity Plan Template

    Step 3.2: Analyze data and project future needs

    Review your findings with an analyst

    Discuss the effectiveness of your strategies to involve business stakeholders in the planning process and your methods of data collection and analysis.

    Then complete these activities…

    • Map business needs to technical requirements and technical requirements to infrastructure requirements
    • Compare the data across business, component, and service levels, and project your capacity needs
    • Compare current capacity to your projections

    With these tools & templates:

    Capacity Snapshot Tool

    Capacity Plan Template

    Phase 3 Results & Insights:

    • Develop new business processes that more closely align your role with business stakeholders. Building these relationships takes hard work, and won’t happen overnight.
    • Take a holistic approach to eliminate unnecessary infrastructure usage or source capacity more efficiently.

    PHASE 4

    Identify and Mitigate Risks

    Step 4.1: Identify and mitigate risks

    This step will walk you through the following activities:

    • Identify potential risks.
    • Determine strategies to mitigate risks.
    • Complete your capacity management plan.

    This involves the following participants:

    • Capacity manager
    • Infrastructure team members
    • Business stakeholders

    Outcomes of this step

    • Strategies for reducing risks
    • Capacity management plan

    Understand what happens when capacity/availability management fails

    1. Services become unavailable. If availability and capacity management are not constantly practiced, an inevitable consequence is downtime or a reduction in the quality of that service. Critical sub-component failures can knock out important systems on their own.
    2. Money is wasted. In response to fears about availability, it’s entirely possible to massively overprovision or switch entirely to a pay-as-you-go model. This, unfortunately, brings with it a whole host of other problems, including overspending. Remember: infinite capacity means infinite potential cost.
    3. IT remains reactive and is unable to contribute more meaningfully to the organization. If IT is constantly putting out capacity/availability-related fires, there is no room for optimization and activities to increase organizational maturity. Effective availability and capacity management will allow IT to focus on other work.

    Mitigate availability and capacity risks

    Availability: how often a service is usable (that is to say up and not too degraded to be effective). Consequences of reduced availability can include financial losses, impacted customer goodwill, and reduced faith in IT more generally.

    Causes of availability issues:

    • Poor capacity management – a service becomes unavailable when there is insufficient supply to meet demand. This is the result of poor capacity management.
    • Scheduled maintenance – services go down for maintenance with some regularity. This needs to be baked into service-level negotiations with vendors.
    • Vendor outages – sometimes vendors experience unplanned outages. There is typically a contract provision that covers unplanned outages, but that doesn’t change the fact that your service will be interrupted.

    Capacity: a particular component’s/service’s/business’ wiggle room. In other words, its usage ceiling.

    Causes of capacity issues:

    • Poor demand management – allowing users to run amok without any regard for how capacity is sourced and paid for.
    • Massive changes in legitimate demand – more usage means more demand.
    • Poor capacity planning – predictable changes in demand that go unaddressed can lead to capacity issues.

    Add additional potential causes of availability and capacity risks as needed

    4.1a 30 minutes

    Availability and capacity issues can stem from a number of different causes. Include a list in your availability and capacity management plan.

    Instructions

    1. Gather the group together. Go around the room and have participants provide examples of incidents and problems that have been the result of availability and capacity issues.
    2. Pose questions to the group about the source of those availability and capacity issues.
    • What could have been done differently to avoid these issues?
    • Was the availability/capacity issue a result of a faulty internal/external SLA?
  • Record the results of the exercise in sections 4.1 and 4.2 of the Capacity Plan Template.
  • Input

    • Capacity Snapshot Tool results

    Output

    • Additional sources of availability and capacity risks

    Materials

    • Capacity Plan Template

    Participants

    • Capacity manager
    • Infrastructure staff

    Info-Tech Insight

    Availability and capacity problems result in incidents, critical incidents, and problems. These are addressed in a separate project (incident and problem management), but information about common causes can streamline that process.

    Identify capacity risks and mitigate them

    4.1b 30 minutes

    Based on your understanding of your capacity needs (through written SLAs and informal but regular meetings with the business) highlight major risks you foresee.

    Instructions

    1. Make a chart with two columns on a whiteboard. They should be labelled “risk” and “mitigation” respectively.
    2. Record risks to capacity you have identified in earlier activities.
    • Refer to the Capacity Snapshot Tool for components that are highlighted in red and yellow. These are specific components that present special challenges. Identify the risk(s) in as much detail as possible. Include service and business risks as well.
    • Examples: a marketing push will put pressure on the web server; a hiring push will require more Office 365 licenses; a downturn in registration will mean that fewer VMs will be required to run the service.

    Input

    • Capacity Snapshot Tool results

    Output

    • Inefficiencies

    Materials

    • Whiteboard
    • Markers

    Participants

    • Capacity manager
    • Infrastructure staff

    Info-Tech Insight

    It’s an old adage, but it checks out: don’t come to the table armed only with problems. Be a problem solver and prove IT’s value to the organization.

    Identify capacity risks and mitigate them (cont.)

    4.1b 1.5 hours

    Instructions (cont.)

    1. Begin developing mitigation strategies. Options for responding to known capacity risks fall into one of two camps:
    • Acceptance: responding to the risk is costlier than acknowledging its existence without taking any action. For gold systems, acceptance is typically not acceptable.
    • Mitigation: limiting/reducing, eliminating, or transferring risk (Herrera) comprise the sort of mitigation discussed here.
      • Limiting/reducing: taking steps to improve the capacity situation, but accepting some level of risk (spinning up a new VM, pushing back on demands from the business, promoting efficiency).
      • Eliminating: the most comprehensive (and most expensive) mitigation strategy, elimination could involve purchasing a new server or, at the extreme end, building a new datacenter.
      • Transfer: “robbing Peter to pay Paul,” in the words of capacity manager Todd Evans, is one potential way to limit your exposure. Is there a less critical service that can be sacrificed to keep your gold service online?
  • Record the results of this exercise in section 5 of the Capacity Plan Template.
  • Input

    • Capacity Snapshot Tool results

    Output

    • Capacity risk mitigations

    Materials

    • Whiteboard
    • Markers

    Participants

    • Capacity manager
    • Infrastructure staff

    Info-Tech Insight

    It’s an old adage, but it checks out: don’t come to the table armed only with problems. Be a problem solver and prove IT’s value to the organization.

    Identify availability risks and mitigate them

    4.1c 30 minutes

    While capacity management is a form of availability management, it is not the only form. In this activity, outline the specific nature of threats to availability.

    Instructions

    1. Make a chart with two columns on a whiteboard. They should be labelled “risk” and “mitigation” respectively.
    2. Begin brainstorming general availability risks based on the following sources of information/categories:
    • Vendor outages
    • Disaster recovery
    • Historical availability issues

    The image contains a large blue circle labelled: Availability. Also in the blue circle is a small red circle labelled: Capacity.

    Input

    • Capacity Snapshot Tool results

    Output

    • Availability risks and mitigations

    Materials

    • Whiteboard
    • Markers

    Participants

    • Capacity manager
    • Infrastructure staff

    Info-Tech Best Practice

    A dynamic central repository is a good way to ensure that availability issues stemming from a variety of causes are captured and mitigated.

    Identify availability risks and mitigate them (cont.)

    4.1c 1.5 hours

    Although it is easier said than done, identifying potential mitigations is a crucial part of availability management as an activity.

    Instructions (cont.)

    1. Begin developing mitigation strategies. Options for responding to known capacity risks fall into one of two camps:
    • Acceptance – responding to the risk is costlier than taking it on. Some unavailability is inevitable, between maintenance and unscheduled downtime. Record this, though it may not require immediate action.
    • Mitigation strategies:
      • Limiting/reducing – taking steps to increase availability of critical systems. This could include hot spares for unreliable systems or engaging a new vendor.
      • Eliminating – the most comprehensive (and most expensive) mitigation strategy. It could include selling.
      • Transfer – “robbing Peter to pay Paul,” in the words of capacity manager Todd Evans, is one potential way to limit your exposure. Is there a less critical service that can be sacrificed to keep your gold service online?
  • Record the results of this exercise in section 5 of Capacity Plan Template.
  • Input

    • Capacity Snapshot Tool results

    Output

    • Availability risks and mitigations

    Materials

    • Whiteboard
    • Markers

    Participants

    • Capacity manager
    • Infrastructure staff

    Iterate on the process and present your completed availability and capacity management plan

    The stakeholders consulted as part of the process will be interested in its results. Share them, either in person or through a collaboration tool.

    The current status of your availability and capacity management plan should be on the agenda for every stakeholder meeting. Direct the stakeholders’ attention to the parts of the document that are relevant to them, and solicit their thoughts on the document’s accuracy. Over time you should get a pretty good idea of who among your stakeholder group is skilled at projecting demand, and who over- or underestimates, and by how much. This information will improve your projections and, therefore, your management over time.

    Info-Tech Insight

    Use the experience gained and the artifacts generated to build trust with the business. The meetings should be regular, and demonstrating that you’re actually using the information for good is likely to make hesitant participants in the process more likely to open up.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop.

    The image contains a picture of an Info-Tech analyst.

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    4.1

    The image contains a screenshot of activity 4.1.

    Identify capacity risks and mitigate them

    The analyst will guide workshop participants in identifying potential risks to capacity and determining strategies for mitigating them.

    Phase 4 Guided Implementation

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 4: Identify and mitigate risks

    Proposed Time to Completion: 1 week

    Step 4.1: Identify and mitigate risks

    Review your findings with an analyst

    • Discuss your potential risks and your strategies for mitigating those risks.

    Then complete these activities…

    • Identify capacity risks and mitigate them
    • Identify availability risks and mitigate them
    • Complete your capacity management plan

    With these tools & templates:

    Capacity Snapshot Tool

    Capacity Plan Template

    Phase 4 Results & Insights:

    • Be a problem solver and prove IT’s value to the organization. Capacity management allows infrastructure to drive business value.
    • Iterate and share results. Reinforce your relationships with stakeholders and continue to refine how capacity management transforms your organization’s business processes.

    Insight breakdown

    Insight 1

    Components are critical to availability and capacity management.

    The CEO doesn’t care about the SMTP server. She cares about meeting customer needs and producing profit. For IT capacity and availability managers, though, the devil is in the details. It only takes one faulty component to knock out a service. Keep track and keep the lights on.

    Insight 2

    Ask what the business is working on, not what they need.

    If you ask them what they need, they’ll tell you – and it won’t be cheap. Find out what they’re going to do, and use your expertise to service those needs. Use your IT experience to estimate the impact of business and service level changes on the components that secure the availability you need.

    Insight 3

    Cloud shmoud.

    The role of the capacity manager might be changing with the advent of the public cloud, but it has not disappeared. Capacity managers in the age of the cloud are responsible for managing vendor relationships, negotiating external SLAs, projecting costs and securing budgets, reining in prodigal divisions, and so on.

    Summary of accomplishment

    Knowledge Gained

    • Impact of downtime on the organization
    • Gold systems
    • Key dependencies and sub-components
    • Strategy for monitoring components
    • Strategy for soliciting business needs
    • Projected capacity needs
    • Availability and capacity risks and mitigations

    Processes Optimized

    • Availability management
    • Capacity management

    Deliverables Completed

    • Business Impact Analysis
    • Capacity Plan Template

    Project step summary

    Client Project: Develop an Availability and Capacity Management Plan

    1. Conduct a business impact analysis
    2. Assign criticality ratings to services
    3. Define your monitoring strategy
    4. Implement your monitoring tool/aggregator
    5. Solicit business needs and gather data
    6. Analyze data and project future needs
    7. Identify and mitigate risks

    Info-Tech Insight

    This project has the ability to fit the following formats:

    • Onsite workshop by Info-Tech Research Group consulting analysts.
    • Do-it-yourself with your team.
    • Remote delivery via Info-Tech Guided Implementation.

    Research contributors and experts

    The image contains a picture of Adrian Blant.

    Adrian Blant, Independent Capacity Consultant, IT Capability Solutions

    Adrian has over 15 years' experience in IT infrastructure. He has built capacity management business processes from the ground up, and focused on ensuring a productive dialogue between IT and the business.

    The image contains a picture of James Zhang.

    James Zhang, Senior Manager Disaster Recovery, AIG Technology

    James has over 20 years' experience in IT and 10 years' experience in capacity management. Throughout his career, he has focused on creating new business processes to deliver value and increase efficiency over the long term.

    The image contains a picture of Mayank Banerjee.

    Mayank Banerjee, CTO, Global Supply Chain Management, HelloFresh

    Mayank has over 15 years' experience across a wide range of technologies and industries. He has implemented highly automated capacity management processes as part of his role of owning and solving end-to-end business problems.

    The image contains a picture of Mike Lynch

    Mike Lynch, Consultant, CapacityIQ

    Mike has over 20 years' experience in IT infrastructure. He takes a holistic approach to capacity management to identify and solve key problems, and has developed automated processes for mapping performance data to information that can inform business decisions.

    The image contains a picture of Paul Waguespack.

    Paul Waguespack, Manager of Application Systems Engineering, Tufts Health Plan

    Paul has over 10 years' experience in IT. He has specialized in implementing new applications and functionalities throughout their entire lifecycle, and integrating with all aspects of IT operations.

    The image contains a picture of Richie Mendoza.

    Richie Mendoza, IT Consultant, SMITS Inc.

    Richie has over 10 years' experience in IT infrastructure. He has specialized in using demand forecasting to guide infrastructure capacity purchasing decisions, to provide availability while avoiding costly overprovisioning.

    The image contains a picture of Rob Thompson.

    Rob Thompson, President, IT Tools & Process

    Rob has over 30 years’ IT experience. Throughout his career he has focused on making IT a generator of business value. He now runs a boutique consulting firm.

    Todd Evans, Capacity and Performance Management SME, IBM

    Todd has over 20 years' experience in capacity and performance management. At Kaiser Permanente, he established a well-defined mapping of the businesses workflow processes to technical requirements for applications and infrastructure.

    Bibliography

    451 Research. “Best of both worlds: Can enterprises achieve both scalability and control when it comes to cloud?” 451 Research, November 2016. Web.

    Allen, Katie. “Work Also Shrinks to Fit the Time Available: And We Can Prove It.” The Guardian. 25 Oct. 2017.

    Amazon. “Amazon Elastic Compute Cloud.” Amazon Web Services. N.d. Web.

    Armandpour, Tim. “Lies Vendors Tell about Service Level Agreements and How to Negotiate for Something Better.” Network World. 12 Jan 2016.

    “Availability Management.” ITIL and ITSM World. 2001. Web.

    Availability Management Plan Template. Purple Griffon. 30 Nov. 2012. Web.

    Bairi, Jayachandra, B., Murali Manohar, and Goutam Kumar Kundu. “Capacity and Availability Management by Quantitative Project Management in the IT Service Industry.” Asian Journal on Quality 13.2 (2012): 163-76. Web.

    BMC Capacity Optimization. BMC. 24 Oct 2017. Web.

    Brooks, Peter, and Christa Landsberg. Capacity Management in Today’s IT Environment. MentPro. 16 Aug 2017. Web.

    "Capacity and Availability Management." CMMI Institute. April 2017. Web.

    Capacity and Availability Management. IT Quality Group Switzerland. 24 Oct. 2017. Web.

    Capacity and Performance Management: Best Practices White Paper. Cisco. 4 Oct. 2005. Web.

    "Capacity Management." Techopedia.

    “Capacity Management Forecasting Best Practices and Recommendations.” STG. 26 Jan 2015. Web.

    Capacity Management from the Ground up. Metron. 24 Oct. 2017. Web.

    Capacity Management in the Modern Datacenter. Turbonomic. 25 Oct. 2017. Web.

    Capacity Management Maturity Assessing and Improving the Effectiveness. Metron. 24 Oct. 2017. Web.

    “Capacity Management Software.” TeamQuest. 24 Oct 2017. Web,

    Capacity Plan Template. Purainfo. 11 Oct 2012. Web.

    “Capacity Planner—Job Description.” Automotive Industrial Partnership. 24 Oct. 2017. Web.

    Capacity Planning. CDC. Web. Aug. 2017.

    "Capacity Planning." TechTarget. 24 Oct 2017. Web.

    “Capacity Planning and Management.” BMC. 24 Oct 2017. Web.

    "Checklist Capacity Plan." IT Process Wiki. 24 Oct. 2017. Web.

    Dykes, Brent. “Actionable Insights: The Missing Link Between Data and Business Value.” Forbes. April 26, 2016. Web.

    Evolved Capacity Management. CA Technologies. Oct. 2013. Web.

    Francis, Ryan. “False positives still cause threat alert fatigue.” CSO. May 3, 2017. Web.

    Frymire, Scott. "Capacity Planning vs. Capacity Analytics." ScienceLogic. 24 Oct. 2017. Web.

    Glossary. Exin. Aug. 2017. Web.

    Herrera, Michael. “Four Types of Risk Mitigation and BCM Governance, Risk and Compliance.” MHA Consulting. May 17, 2013.

    Hill, Jon. How to Do Capacity Planning. TeamQuest. 24 Oct. 2017. Web.

    “How to Create an SLA in 7 Easy Steps.” ITSM Perfection. 25 Oct. 2017. Web.

    Hunter, John. “Myth: If You Can’t Measure It: You Can’t Manage It.” W. Edwards Deming Institute Blog. 13 Aug 2015. Web.

    IT Service Criticality. U of Bristol. 24 Oct. 2017. Web.

    "ITIL Capacity Management." BMC's Complete Guide to ITIL. BMC Software. 22 Dec. 2016. Web.

    “Just-in-time.” The Economist. 6 Jul 2009. Web.

    Kalm, Denise P., and Marv Waschke. Capacity Management: A CA Service Management Process Map. CA. 24 Oct. 2017. Web.

    Klimek, Peter, Rudolf Hanel, and Stefan Thurner. “Parkinson’s Law Quantified: Three Investigations in Bureaucratic Inefficiency.” Journal of Statistical Mechanics: Theory and Experiment 3 (2009): 1-13. Aug. 2017. Web.

    Landgrave, Tim. "Plan for Effective Capacity and Availability Management in New Systems." TechRepublic. 10 Oct. 2002. Web.

    Longoria, Gina. “Hewlett Packard Enterprise Goes After Amazon Public Cloud in Enterprise Storage.” Forbes. 2 Dec. 2016. Web.

    Maheshwari, Umesh. “Understanding Storage Capacity.” NimbleStorage. 7 Jan. 2016. Web.

    Mappic, Sandy. “Just how complex can a Login Transaction be? Answer: Very!” Appdynamics. Dec. 11 2011. Web.

    Miller, Ron. “AWS Fires Back at Larry Ellison’s Claims, Saying It’s Just Larry Being Larry.” Tech Crunch. 2 Oct. 2017. Web.

    National College for Teaching & Leadership. “The role of data in measuring school performance.” National College for Teaching & Leadership. N.d. Web,

    Newland, Chris, et al. Enterprise Capacity Management. CETI, Ohio State U. 24 Oct. 2017. Web.

    Office of Government Commerce . Best Practice for Service Delivery. London: Her Majesty’s Stationery Office, 2001.

    Office of Government Commerce. Best Practice for Business Perspective: The IS View on Delivering Services to the Business. London: Her Majesty’s Stationery Office, 2004.

    Parkinson, C. Northcote. “Parkinson’s Law.” The Economist. 19 Nov. 1955. Web.

    “Parkinson’s Law Is Proven Again.” Financial Times. 25 Oct. 2017. Web.

    Paul, John, and Chris Hayes. Performance Monitoring and Capacity Planning. VM Ware. 2006. Web.

    “Reliability and Validity.” UC Davis. N.d. Web.

    "Role: Capacity Manager." IBM. 2008. Web.

    Ryan, Liz. “‘If You Can’t Measure It, You Can’t Manage It’: Not True.” Forbes. 10 Feb. 2014. Web.

    S, Lalit. “Using Flexible Capacity to Lower and Manage On-Premises TCO.” HPE. 23 Nov. 2016. Web.

    Snedeker, Ben. “The Pros and Cons of Public and Private Clouds for Small Business.” Infusionsoft. September 6, 2017. Web.

    Statement of Work: IBM Enterprise Availability Management Service. IBM. Jan 2016. Web.

    “The Road to Perfect AWS Reserved Instance Planning & Management in a Nutshell.” Botmetric. 25 Oct. 2017. Web.

    Transforming the Information Infrastructure: Build, Manage, Optimize. Asigra. Aug. 2017. Web.

    Valentic, Branimir. "Three Faces of Capacity Management." ITIL/ISO 20000 Knowledge Base. Advisera. 24 Oct. 2017. Web.

    "Unify IT Performance Monitoring and Optimization." IDERA. 24 Oct. 2017. Web.

    "What is IT Capacity Management?" Villanova U. Aug. 2017. Web.

    Wolstenholme, Andrew. Final internal Audit Report: IT Availability and Capacity (IA 13 519/F). Transport For London. 23 Feb. 2015. Web.

    Endpoint Management Selection Guide

    • Buy Link or Shortcode: {j2store}65|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: End-User Computing Applications
    • Parent Category Link: /end-user-computing-applications

    Endpoint management solutions are becoming an essential solution: Deploying the right devices and applications to the right user and the need for zero-touch provisioning are indispensable parts of a holistic strategy for improving customer experience. However, selecting the right-sized platform that aligns with your requirements is a big challenge.

    Following improvements in end-user computation strategies, selection of the right endpoint management solution is a crucial next step in delivering a concrete business value.

    Our Advice

    Critical Insight

    Investigate vendors’ roadmaps to figure out which of the candidate platforms can fulfill your long-term requirements, without any unnecessary investment in features that are not currently useful for you. Make sure you don’t purchase capabilities that you will never use.

    Impact and Result

    • Determine what you require from an endpoint management solution.
    • Review the market space and product offerings, and compare capabilities of key players.
    • Create a use case and use top-level requirements to determine use cases and shortlist vendors.
    • Conduct a formal process for interviewing vendors using Info-Tech’s templates to select the best platform for your requirements.

    Endpoint Management Selection Guide Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Endpoint Management Selection Guide Storyboard – A structured guide to walk you through the endpoint management market.

    This storyboard will help you understand endpoint management solution core capabilities and prepare you to select an appropriate tool.

    • Endpoint Management Selection Guide Storyboard

    2. UEM Requirements Workbook – A template to help you build your first draft of requirements for UEM selection.

    Use this spreadsheet to brainstorm use cases and features to satisfy your requirements. This document will be help you score solutions and narrow down the field to a list of candidates who can meet your requirements.

    • UEM Requirements Workbook
    [infographic]

    Further reading

    Endpoint Management Selection Guide

    Streamline your organizational approach to selecting a right-sized endpoint management platform.

    Endpoint Management Selection Guide

    Streamline your organizational approach toward the selection of a right-sized endpoint management platform.

    EXECUTIVE BRIEF

    Analyst Perspective

    Revolutionize your endpoint management with a proper tool selection approach

    The endpoint management market has an ever-expanding and highly competitive landscape. The market has undergone tremendous evolution in past years, from device management to application deployments and security management. The COVID-19 pandemic forced organizations to service employees and end users remotely while making sure corporate data is safe and user satisfaction doesn't get negatively affected. In the meantime, vendors were forced to leverage technology enhancements to satisfy such requirements.

    That being said, endpoint management solutions have become more complex, with many options to manage operating systems and run applications for relevant user groups. With the work-from-anywhere model, customer support is even more important than before, as a remote workforce may face more issues than before, or enterprises may want to ensure more compliance with policies.

    Moreover, the market has become more complex, with lots of added capabilities. Some features may not be beneficial to corporations, and with a poor market validation, businesses may end up paying for some capabilities that are not useful.

    In this blueprint, we help you quickly define your requirements for endpoint management and narrow down a list to find the solutions that fulfill your use cases.

    An image of Mahmoud Ramin, PhD

    Mahmoud Ramin, PhD
    Senior Research Analyst, Infrastructure and Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Endpoint management solutions are becoming increasingly essential – deploying the right devices and applications to the right users and zero-touch provisioning are indispensable parts of a holistic strategy for improving customers' experience. However, selecting the right-sized platform that aligns with your requirements is a big challenge.

    Following improvements in end-user computation strategies, selection of the right endpoint management solution is a crucial next step in delivering concrete business value.

    Common Obstacles

    Despite the importance of selecting the right endpoint management platform, many organizations struggle to define an approach to picking the most appropriate vendor and rolling out the solution in an effective and cost-efficient manner. There are many options available, which can cause business and IT leaders to feel lost.

    The endpoint management market is evolving quickly, making the selection process tedious. On top of that, IT has a hard time defining their needs and aligning solution features with their requirements.

    Info-Tech's Approach

    Determine what you require from an endpoint management solution.

    Review the market space and product offerings, and compare the capabilities of key players.

    Create a use case – use top-level requirements to determine use cases and short-list vendors.

    Conduct a formal process for interviewing vendors, using Info-Tech's templates to select the best platform for your requirements.

    Info-Tech Insight

    Investigate vendors' roadmaps to figure out which of the candidate platforms can fulfill your long-term requirements without any unnecessary investment in features that are not currently useful for you. Make sure you don't purchase capabilities that you will never use.

    What are endpoint management platforms?

    Our definition: Endpoint management solutions are platforms that enable IT with appropriate provisioning, security, monitoring, and updating endpoints to ensure that they are in good health. Typical examples of endpoints are laptops, computers, wearable devices, tablets, smart phones, servers, and the Internet of Things (IoT).

    First, understand differences between mobile management solutions

    • Endpoint management solutions monitor and control the status of endpoints. They help IT manage and control their environment and provide top-notch customer service.
    • These solutions ensure a seamless and efficient problem management, software updates and remediations in a secure environment.
    • Endpoint management solutions have evolved very quickly to satisfy IT and user needs:
    • Mobile Device Management (MDM) helps with controlling features of a device.
    • Enterprise Mobile Management (EMM) controls everything in a device.
    • Unified Endpoint Management (UEM) manages all endpoints.

    Endpoint management includes:

    • Device management
    • Device configuration
    • Device monitoring
    • Device security

    Info-Tech Insight

    As endpoint management encompasses a broad range of solution categories including MDM, EMM, and UEM, look for your real requirements. Don't pay for something that you won't end up using.

    As UEM covers all of MDM and EMM capabilities, we overview market trends of UEM in this blueprint to give you an overall view of market in this space.

    Your challenge: Endpoint management has evolved significantly over the past few years, which makes software selection overwhelming

    An mage showing endpoint management visualzed as positions on an iceberg. at the top is UEM, at the midpoint above the waterline is Enterprise Mobile Management, and below the water is Mobile Device Management.

    Additional challenges occur in securing endpoints

    A rise in the number of attacks on cloud services creates a need to leverage endpoint management solutions

    MarketsandMarkets predicted that global cloud infrastructure services would increase from US$73 billion in 2019 to US$166.6 billion in 2024 (2019).

    A study by the Ponemon Institute showed that 68% of respondents believe that security attacks increased over the past 12 months (2020).

    The study reveals that over half of IT security professionals who participated in the survey believe that organizations are not very efficient in securing their endpoints, mainly because they're not efficient in detecting attacks.

    IT professionals would like to link endpoint management and security platforms to unify visibility and control, to determine potential risks to endpoints, and to manage them in a single solution.

    Businesses will continue to be compromised by the vulnerabilities of cloud services, which pose a challenge to organizations trying to maintain control of their data.

    Trends in endpoint management have been undergoing a tremendous change

    In 2020, about 5.2 million users subscribed to mobile services, and smartphones accounted for 65% of connections. This will increase to 80% by 2025.
    Source: Fortune Business Insights, 2021

    Info-Tech's methodology for selecting a right-sized endpoint management platform

    1. Understand Core Features and Build Your Use Case

    2. Discover the Endpoint Management Market Space and Select the Right Vendor

    Phase Steps

    1. Define endpoint management platforms
    2. Explore endpoint management trends
    3. Classify table stakes & differentiating capabilities
    4. Streamline the requirements elicitation process for a new endpoint management platform
    1. Discover key players across the vendor landscape
    2. Engage the shortlist and select finalists
    3. Prepare for implementation

    Phase Outcomes

    1. Consensus on scope of endpoint management and key endpoint management platform capabilities
    2. Top-level use cases and requirements
    1. Overview of shortlisted vendors
    2. Prioritized list of UEM features

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2

    Call #1: Understand what an endpoint management platform is and learn how it evolved. Discuss core capabilities and key trends.
    Call #2: Build a use case and define features to fulfill the use case.

    Call #3: Define your core endpoint management platform requirements.
    Call #4: Evaluate the endpoint management platform vendor landscape and shortlist viable options.
    Review implementation considerations.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    The endpoint management purchase process should be broken into segments:

    1. Endpoint management vendor shortlisting with this buyer's guide
    2. Structured approach to selection
    3. Contract review

    Info-Tech's approach

    The Info-Tech difference:
    Analyze needs

    Evaluate solutions

    Determine where you need to improve the tools and processes used to support the company.

    Determine the best fit for your needs by scoring against features.

    Assess existing solution

    Features

    Determine if your solution can be upgraded or easily updated to meet your needs.

    Determine which features will be key to your success

    Create a business case for change

    Use Cases

    A two-part business case will focus on a need to change and use cases and requirements to bring stakeholders onboard.

    Create use cases to ensure your needs are met as you evaluate features

    Improve existing

    High-Level Requirements

    Work with Info-Tech's analysts to determine next steps to improve your process and make better use of the features you have available.

    Use the high-level requirements to determine use cases and shortlist vendors

    Complementary research:

    Create a quick business case and requirements document to align stakeholders to your vision with Info-Tech's Rapid Application Selection Framework.
    See what your peers are saying about these vendors at SoftwareReviews.com.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Phase 1

    Understand core features and build your business case

    Phase 1

    Phase 2

    Define endpoint management platforms

    Explore endpoint management trends

    Classify table stakes & differentiating capabilities

    Streamline the requirements elicitation process for a new endpoint management platform

    Discover key players across the vendor landscape

    Engage the shortlist and select finalist

    Prepare for implementation

    This phase will walk you through the following activity:

    Define use cases and core features for meeting business and technical goals

    This phase involves the following participants:

    • CIO
    • IT manager
    • Infrastructure & Applications directors
    Mobile Device Management

    Enterprise Mobile Management

    MDM applies security over corporate-owned devices.

    What is MDM and what can you do with it?

    1. MDM helps manage and control corporate owned devices.
    2. You can enforce company policies, track, monitor, and lock device remotely by an MDM.
    3. MDM helps with remote wiping of the device when it is lost or stolen.
    4. You can avoid unsecure Wi-Fi connections via MDM.

    EMM solutions solve the restrictions arose with BYOD (Bring Your Own Device) and COPE (Corporate Owned, Personally Enabled) provisioning models.

    • IT needs to secure corporate-owned data without compromising personal and private data. MDM cannot fulfill this requirement. This led to the development of EMM solutions.
    • EMM tools allow you to manage multiple device platforms through MDM protocols. These tools enforce security settings, allow you to push apps to managed devices, and monitor patch compliance through reporting.

    MDM solutions function at the level of corporate devices. Something else was needed to enable personal device management.

    Major components of EMM solutions

    Mobile Application Management (MAM)

    Allows organizations to control individual applications and their associated data. It restricts malicious apps and enables in-depth application management, configuration, and removal.

    Containerization

    Enables separation of work-related data from private data. It provides encrypted containers on personal devices to separate the data, providing security on personal devices while maintaining users' personal data.

    Mobile Content Management (MCM)

    Helps remote distribution, control, management, and access to corporate data.

    Mobile Security Management (MSM)

    Provides application and data security on devices. It enables application analysis and auditing. IT can use MSM to provide strong passwords to applications, restrict unwanted applications, and protect devices from unsecure websites by blacklisting them.

    Mobile Expense Management (MEM)

    Enables mobile data communication expenses auditing. It can also set data limits and restrict network connections on devices.

    Identity Management

    Sets role-based access to corporate data. It also controls how different roles can use data, improving application and data security. Multifactor authentication can be enforced through the identity management featured of an EMM solution.

    Unified endpoint management: Control all endpoints in a single pane of glass

    IT admins used to provide customer service such as installation, upgrades, patches, and account administration via desktop support. IT support is not on physical assistance over end users' desktops anymore.

    The rise of BYOD enhanced the need to be able to control sensitive data outside corporate network connection on all endpoints, which was beyond the capability of MDM and EMM solutions.

    • It's now almost impossible for IT to be everywhere to support customers.
    • This created a need to conduct tasks simultaneously from one single place.
    • UEM enables IT to run, manage, and control endpoints from one place, while ensuring that device health and security remain uncompromised.
    • UEM combines features of MDM and EMM while extending EMM's capabilities to all endpoints, including computers, laptops, tablets, phones, printers, wearables, and IoT.

    Info-Tech Insight

    Organizations once needed to worry about company connectivity assets such as computers and laptops. To manage them, traditional client management tools like Microsoft Configuration Manager would be enough.

    With the increase in the work-from-anywhere model, it is very hard to control, manage, and monitor devices that are not connected to a VPN. UEM solutions enable IT to tackle this challenge and have full visibility into and management of any device.

    UEM platforms help with saving costs and increasing efficiency

    UEM helps corporates save on their investments as it consolidates use-case management in a single console. Businesses don't need to invest in different device and application management solutions.

    From the employee perspective, UEM enables them to work on their own devices while enforcing security on their personal data.

    • Security and privacy are very important criteria for organizations. With the rapid growth of the work-from-anywhere model, corporate security is a huge concern for companies.
    • Working from home has forced companies to invest a lot in data security, which has led to high UEM demand. UEM solutions streamline security management by consolidating device management in a single platform.
    • With the fourth-generation industrial revolution, we're experiencing a significant rise in the use of IoT devices. UEM solutions are very critical for managing, configuring, and securing these devices.
    • There will be a huge increase in cyber threats due to automation, IoT, and cloud services. The pandemic has sped up the adoption of such services, forcing businesses to rethink their enterprise mobility strategies. They are now more cautious about security risks and remediations. Businesses need UEM to simplify device management on multiple endpoints.
    • With UEM, IT environment management gets more granular, while giving IT better visibility on devices and applications.

    UEM streamlines mundane admin tasks and simplifies user issues.

    Even with a COPE or COBO provisioning model, without any IT intervention, users can decide on when to install relevant updates. It also may lead to shadow IT.

    Endpoint management, and UEM more specifically, enables IT to enforce administration over user devices, whether they are corporate or personally owned. This is enabled without interfering with private/personal data.

    Where it's going: The future state of UEM

    Despite the fast evolution of the UEM market, many organizations do not move as fast as technological capabilities. Although over half of all organizations have at least one UEM solution, they may not have a good strategy or policies to maximize the value of technology (Tech Orchard, 2022). As opposed to such organizations, there are others that use UEM to transform their endpoint management strategy and move service management to the next level. That integration between endpoint management and service management is a developing trend (Ivanti, 2021).

    • SaaS tools like Office 365 are built to be used on multiple devices, including multiple computers. Further, the pandemic saw 47% of organizations significantly increase their use of BYOD (Cybersecurity Insiders, 2021).
    • Over 2022, 78% of people worked remotely for at least some amount of time during the week (Tech Orchard, 2022).
    • 84% of organizations believe that cybersecurity threat alarms are becoming very overwhelming, and almost half of companies believe that the best way to tackle this is through consolidating platforms so that everything will be visible and manageable through a single pane of glass (Cybersecurity Insiders, 2022).
    • The UEM market was worth $3.39 billion in 2020. It is expected to reach $53.65 billion by 2030, with an annual growth rate of 31.7% (Datamation, 2022). This demonstrates how dependent IT is becoming on endpoint management solutions.

    An image of a donut chart showing the current state of UEM Strategy.

    Only 27% of organizations have "fully deployed" UEM "with easy management across all endpoints"
    Source: IT Pro Today, 2018.

    Endpoint Management Key Trends

    • Commoditization of endpoint management features. Although their focus is the same, some UEM solutions have unique features.
    • New endpoint management paradigms have emerged. Endpoint management has evolved from client management tools (CMT) and MDM into UEM, also known as "modern management" (Ivanti, 2022).
    • One pane of glass for the entire end-user experience. Endpoint management vendors are integrating their solution into their ITSM, ITOM, digital workspace, and security products.
    • AI-powered insights. UEM tools collect data on endpoints and user behavior. Vendors are using their data to differentiate themselves: Products offer threat reports, automated compliance workflows, and user experience insights. The UEM market is ultimately working toward autonomous endpoint management (Microsoft, 2022).
    • Web apps and cloud storage are the new normal. Less data is stored locally. Fewer apps need to be patched on the device. Apps can be accessed on different devices more easily. However, data can more easily be accessed on BYOD and on new operating systems like Chrome OS.
    • Lighter device provisioning tools. Instead of managing thick images, UEM tools use lighter provisioning packages. Once set up, Autopilot and UEM device enrollment should take less time to manage than thick images.
    • UEM controls built around SaaS. Web apps and the cloud allow access from any device, even unmanaged BYOD. UEM tools allow IT to apply the right level of control for the situation – mobile application management, mobile content management, or mobile device management.
    • Work-from-anywhere and 5G result in more devices outside of your firewalls. Cloud-based management tools are not limited by your VPN connection and can scale up more easily than traditional, on-prem tools.

    Understand endpoint management table stakes features

    Determine high-level use cases to help you narrow down to specific features

    Support the organization's operating systems:
    Many UEM vendors support the most dominant operating systems, Windows and Mac; however, they are usually stronger in one particular OS than the other. For instance, Intune supports both Windows and Mac, although there are some drawbacks with MacOS management by Intune. Conversely, Jamf is mainly for MacOS and iOS management. Enterprises look to satisfy their end users' needs. The more UEM vendors support different systems, the more likely enterprises will pick them. Although, as mentioned, in some instances, enterprises may need to select more than one option, depending on their requirements.

    Support BYOD and remote environments:
    With the impact of the pandemic on work model, 60-70% of workforce would like to have more flexibility for working remotely (Ivanti, 2022). BYOD is becoming the default, and SaaS tools like Office 365 are built to be used on multiple devices, including multiple computers. As BYOD can boost productivity (Samsung Insights, 2016), you may be interested in how your prospective UEM solution will enable this capability with remote wipe (corporate wipe capability vs. wiping the whole device), data and device tracking, and user activity auditing.

    Understand endpoint management table stakes features

    Determine high-level use cases to help you narrow down to specific features

    Integration with the enterprise's IT products:
    To get everything in a single platform and to generate better metrics and dashboards, vendors provide integrations with ticketing and monitoring solutions. Many large vendors have strong integrations with multiple ITSM and ITAM platforms to streamline incident management, request management, asset management, and patch management.

    Support security and compliance policies:
    With the significant boost in work-from-anywhere, companies would like to enable endpoint security more than ever. This includes device threat detection, malware detection, anti-phishing, and more. All UEMs provide these, although the big difference between them is how well they enable security and compliance, and how flexible they are when it comes to giving conditional access to certain data.

    Provide a fully automated vs manual deployment:
    Employees want to get their devices faster, IT wants to deploy devices faster, and businesses want to enable employees faster to get them onboard sooner. UEMs have the capability to provide automated and manual deployment. However, the choice of solution depends on enterprise's infrastructure and policies. Full automation of deployment is very applicable for corporate devices, while it may not be a good option for personally owned devices. Define your user groups and provisioning models, and make sure your candidate vendors satisfy requirements.

    Plan a proper UEM selection according to your requirements

    1. Identify IT governance, policy, and process maturity
      Tools cannot compensate for your bad processes. You should improve deploying and provisioning processes before rolling out a UEM. Automation of a bad process only wraps the process in a nicer package – it does not fix the problem.
      Refer to InfoTech's Modernize and Transform Your End-User Computing Strategy for more information on improving endpoint management procedures.
    2. Consider supported operating systems, cloud services, and network infrastructure in your organization
      Most UEMs support all dominant operating systems, but some solutions have stronger capability for managing a certain OS over the other.
    3. Define enterprise security requirements
      Investigate security levels, policies, and requirements to align with the security features you're expecting in a UEM.
    4. Selection and implementation of a UEM depends on use case. Select a vendor that supports your use cases
      Identify use cases specific to your industry.
      For example, UEM use cases in Healthcare:
      • Secure EMR
      • Enforce HIPAA compliance
      • Secure communications
      • Enable shared device deployment

    Activity: Define use cases and core features for meeting business and technical goals

    1-2 hours

    1. Brainstorm with your colleagues to discuss your challenges with endpoint management.
    2. Identify how these challenges are impacting your ability to meet your goals for managing and controlling endpoints.
    3. Define high-level goals you wish to achieve in the first year and in the longer term.
    4. Identify the use cases that will support your overall goals.
    5. Document use cases in the UEM Requirements Workbook.

    Input

    • List of challenges and goals

    Output

    • Use cases to be used for determining requirements

    Materials

    • Whiteboard/flip charts
    • Laptop to record output

    Participants

    • CIO
    • IT manager
    • Infrastructure & Applications directors

    Download the UEM Requirements Workbook

    Phase 2

    Discover the endpoint management market space and select the right vendor

    Phase 1

    Phase 2

    Define endpoint management platforms

    Explore endpoint management trends

    Classify table stakes & differentiating capabilities

    Streamline the requirements elicitation process for a new endpoint management platform

    Discover key players across the vendor landscape

    Engage the shortlist and select finalist

    Prepare for implementation

    This phase will walk you through the following activity:
    Define top-level features for meeting business and technical goals
    This phase involves the following participants:

    • CIO
    • IT manager
    • Infrastructure & Applications directors
    • Project managers

    Elicit and prioritize granular requirements for your endpoint management platform

    Understanding business needs through requirements gathering is the key to defining everything about what is
    being purchased. However, it is an area where people often make critical mistakes.

    Risks of poorly scoped requirements

    • Fail to be comprehensive and miss certain areas of scope.
    • Focus on how the solution should work instead of what it must accomplish.
    • Have multiple levels of confusing and inconsistent detail in the requirements.
    • Drill down all the way to system-level detail.
    • Add unnecessary constraints based on what is done today rather than focusing on what is needed for tomorrow.
    • Omit constraints or preferences that buyers think are "obvious."

    Best practices

    • Get a clear understanding of what the system needs to do and what it is expected to produce.
    • Test against the principle of MECE – requirements should be "mutually exclusive and collectively exhaustive."
    • Explicitly state the obvious and assume nothing.
    • Investigate what is sold on the market and how it is sold. Use language that is consistent with that of the market and focus on key differentiators – not table stakes.
    • Contain the appropriate level of detail – the level should be suitable for procurement and sufficient for differentiating vendors.

    Review Info-Tech's blueprint Improve Requirements Gathering to improve your requirements gathering process.

    Consider the perspective of each stakeholder to ensure functionality needs are met

    Best of breed vs. "good enough" is an important discussion and will feed your success

    Costs can be high when customizing an ill-fitting module or creating workarounds to solve business problems, including loss of functionality, productivity, and credibility.

    • Start with use cases to drive the initial discussion, then determine which features are mandatory and which are nice-to-haves. Mandatory features will help determine high success for critical functionality and identify where "good enough" is an acceptable state.
    • Consider the implications of implementation and all use cases of:
      • Buying an all-in-one solution.
      • Integration of multiple best-of-breed solutions.
      • Customizing features that were not built into a solution.
    • Be prepared to shelve a use case for this solution and look to alternatives for integration where mandatory features cannot meet highly specialized needs that are outside of traditional endpoint management solutions.

    Pros and Cons

    An image showing the pros and cons of building vs buying

    Evaluate software category leaders through vendor rankings and awards

    SoftwareReviews
    A screenshot of softwareReviews Data Quadrant analyis.. A screenshot of softwareReviews Emotonal Fotprint analyis
    • evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.
    • Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.
    • The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.
    • Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

    Speak with category experts to dive deeper into the vendor landscape

    SoftwareReviews

    • Fact-based reviews of business software from IT professionals.
    • Product and category reports with state-of-the-art data visualization.
    • Top-tier data quality backed by a rigorous quality assurance process.
    • User-experience insight that reveals the intangibles of working with a vendor.

    CLICK HERE to ACCESS

    Comprehensive software reviews
    to make better IT decisions

    We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

    SoftwareReviews is powered by Info-Tech

    Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive unbiased data on today's technology.
    With the insight of our expert analysts, our members receive unparalleled support in their buying journey.

    Get to Know the Key Players in the Endpoint Management Landscape

    The following slides provide a top-level overview of the popular players you will encounter in the endpoint management shortlisting process in alphabetical order.

    A screenshot showing a series of logos for the companies addressed later in this blueprint. It includes: Ciso; Meraki; Citrix; IBM MaaS360; Ivanti; Jamf|Pro; ManageEngine Endpoint Central; Microsoft Endpoint Manager, and VMWARE.

    Vendor scores are driven by real-world practitioner reviews via SoftwareReviews. Composite, CX, EF, and NPS scores are pulled from live data as of January 2023.

    Secure business units and enhance connection by simplifying the digital workplace

    A good option for enterprises that want a single-pane-of-glass UEM that is easy to use, with a modern-looking dashboard, high threat-management capability, and high-quality customer support.

    CISCO Meraki

    Est. 1984 | CA, USA | NASDAQ: CSCO

    8.8

    9.1

    +92

    91%

    COMPOSITE SCORE

    CX SCORE

    EMOTIONAL FOOTPRINT

    LIKELINESS TO RECOMMEND

    DOWNLOAD REPORT

    This is a Screenshot of CISCO Meraki's dashboard.

    Screenshot of CISCO Meraki's dashboard. Source: Cisco

    Strengths:

    Areas to improve:

    • Cisco Meraki offers granular control over what users can and cannot use.
    • The system is user friendly and intuitive, with a variety of features.
    • The anti-malware capability enhances security.
    • Users are very satisfied with being able to control everything in a single platform.
    • System configuration is easy.
    • Vendor relationship is very high with a rate of 96%.
    • System setup is easy, and users don't need much experience for initial configuration of devices.
    • Users are also mostly satisfied with the platform design.
    • Monitoring within the tool is easy.
    • According to SoftwareReviews' survey report, the primary reason for leaving Cisco Meraki and switching over to another vendor is functionality.
    • Regardless of the top-notch offerings and high-quality features, the product is relatively expensive. The quality and price factors make the solution a better fit for large enterprises. However, SoftwareReviews' scorecard for Cisco Meraki shows that small organizations are the most satisfied compared to the medium and large enterprises, with a net promoter score of 81%.

    Transform work experience and support every endpoint with a unified view to ensure users are productive

    A tool that enables you to access corporate resources on personal devices. It is adaptable to your budget. SoftwareReviews reports that 75% of organizations have received a discount at initial purchase or renewal, which makes it a good candidate if looking for a negotiable option.

    Citrix Endpoint Management

    Est. 1989 | TX, USA | Private

    7.9

    8.0

    8.0

    83%

    COMPOSITE SCORE

    CX SCORE

    EMOTIONAL FOOTPRINT

    LIKELINESS TO RECOMMEND

    DOWNLOAD REPORT

    Screenshot of Citrix Endpoint Management's dashboard.

    Screenshot of Citrix Endpoint Management's dashboard. Source: Citrix

    Strengths:

    Areas to improve:

    • Citrix Endpoint Management is a cloud-centric, easy-to-use UEM with an upgradable interface.
    • The solution simplifies endpoint management and provides real-time visibility and notifications.
    • Citrix allows deployments on different operating systems to meet organizations' infrastructure requirements.
    • The vendor offers different licenses and pricing models, allowing businesses of different sizes to use the tool based on their budgets and requirements.
    • Some users believe that integration with external applications should be improved.
    • Deployment is not very intuitive, making implementation process challenging.
    • User may experience some lagging while opening applications on Citrix. Application is even a bit slower when using a mobile device.

    Scale remote users, enable BYOD, and drive a zero-trust strategy with IBM's modern UEM solution

    A perfect option to boost cybersecurity. Remote administration and installation are made very easy and intuitive on the platform. It is very user friendly, making implementation straightforward. It comes with four licensing options: Essential, Deluxe, Premier, and Enterprise. Check IBM's website for information on pricing and offerings.

    IBM MaaS360

    Est. 1911 | NY, USA | NYSE: IBM

    7.7

    8.4

    +86

    76%

    COMPOSITE SCORE

    CX SCORE

    EMOTIONAL FOOTPRINT

    LIKELINESS TO RECOMMEND

    DOWNLOAD REPORT

    Screenshot of IBM MaaS360's dashboard.

    Screenshot of IBM MaaS360's dashboard. Source: IBM

    Strengths:

    Areas to improve:

    • IBM MaaS360 is easy to install and implement.
    • It has different pricing models to fit enterprises' needs.
    • MaaS360 is compatible with different operating systems.
    • Security management is one of the strongest features, making the tool perfect for organizations that want to improve cybersecurity.
    • Vendor support is very effective, and users find knowledge articles very helpful.
    • It has a very intuitive dashboard.
    • The tool can control organizational data, allowing you to apply BYOD policy.
    • AI Advisor with Watson provides AI-driven reporting and insights.
    • Working with iOS may not be as intuitive as other operating systems.
    • Adding or removing users in a user group is not very straightforward.
    • Some capabilities are limited to particular Android or iOS devices.
    • Deploying application packages may be a bit difficult.
    • Hardware deployment may need some manual work and is not fully automated.

    Get complete device visibility from asset discovery to lifecycle management and remediation

    A powerful tool for patch management with a great user interface. You can automate patching and improve cybersecurity, while having complete visibility into devices. According to SoftwareReviews, 100% of survey participants plan to renew their contract with Ivanti.

    Ivanti Neurons

    Est. 1985 | CA, USA | Private

    8.0

    8.0

    +81

    83%

    COMPOSITE SCORE

    CX SCORE

    EMOTIONAL FOOTPRINT

    LIKELINESS TO RECOMMEND

    DOWNLOAD REPORT

    Screenshot of Ivanti Neurons UEM's dashboard.

    Screenshot of Ivanti Neurons UEM's dashboard. Source: Ivanti

    Strengths:

    Areas to improve:

    • The tool is intuitive and user friendly.
    • It's a powerful security management platform, supporting multiple operating systems.
    • Ivanti Neurons is very strong in patch management and inventory management. It helps a seamless application deployment.
    • Users can install their applications via Ivanti's portal.
    • The user interface is very powerful and easy to use.
    • AI-augmented process management automates protocols, streamlining device management and application updates.
    • Vendor is very efficient in training and provides free webinars.
    • Data integration is very easy. According to SoftwareReviews, it had a satisfaction score for ease of data integration of 86%, which makes Ivanti the top solution for this capability.
    • Data analytics is powerful but complicated.
    • Setup is easy for some teams but not as easy for others, which may cause delays for implementation.
    • Software monitoring is not as good as other competitors.

    Improve your end-user productivity and transform enterprise Apple devices

    An Apple-focused UEM with a great interface. Jamf can manage and control macOS and iOS, and it is one of the best options for Apple products, according to users' sentiments. However, it may not be a one-stop solution if you want to manage non-Apple products as well. In this case, you can use Jamf in addition to another UEM. Jamf has some integrations with Microsoft, but it may not be sufficient if you want to fully manage Windows endpoints.

    Jamf PRO

    Est. 2002 | MN, USA | NASDAQ: JAMF

    8.8

    8.7

    +87

    95%

    COMPOSITE SCORE

    CX SCORE

    EMOTIONAL FOOTPRINT

    LIKELINESS TO RECOMMEND

    DOWNLOAD REPORT

    Screenshot of Jamf PRO's dashboard.

    Screenshot of Jamf PRO's dashboard. Source: Jamf

    Strengths:

    Areas to improve:

    • Jamf Pro is a unique product with an easy implementation that enables IT with minimum admin intervention.
    • It can create smart groups (based on MDM profile and user group) to automatically assign users to their pertinent apps and updates.
    • It's a very user-friendly tool, conducting device management in fewer steps than other competitors.
    • Reports are totally customizable and dynamic.
    • Notifications are easy to navigate and monitor.
    • Self-service feature enables end users to download their predefined categories of applications in the App Store.
    • It can apply single sign-on integrations to streamline user access to applications.
    • Businesses can personalize the tool with corporate logos.
    • Vendor does great for customer service when problems arise.
    • It is a costly tool relative to other competitors, pushing prospects to consider other products.
    • The learning process may be long and not easy, especially if admins do not script, or it's their first time using a UEM.

    Apply automation of traditional desktop management, software deployment, endpoint security, and patch management

    A strong choice for patch management, software deployment, asset management, and security management. There is a free version of the tool available to try get an understanding of the platform before purchasing a higher tier of the product.

    ManageEngine Endpoint Central

    Est. 1996 | India | Private

    8.3

    8.3

    +81

    88%

    COMPOSITE SCORE

    CX SCORE

    EMOTIONAL FOOTPRINT

    LIKELINESS TO RECOMMEND

    DOWNLOAD REPORT

    Screenshot of ME Endpoint Central's dashboard.

    Screenshot of ME Endpoint Central's dashboard. Source: ManageEngine

    Strengths:

    Areas to improve:

    • It supports several operating systems including Windows, Mac, Linux, Android, and iOS.
    • Endpoint Central provides end-to-end monitoring, asset management, and security in a single platform.
    • Setup is simple and intuitive, and it's easy to learn and configure.
    • The reporting feature is very useful and gives you clear visibility into dashboard.
    • Combined with ME Service Desk Plus, we can call Endpoint Central an all-in-one solution.
    • The tool provides a real-time report on devices and tracks their health status.
    • It has multiple integrations with third-party solutions.
    • Tool does not automate updates, making application updates time-consuming.
    • Sometimes, patches and software deployments fail, and the tool doesn't provide any information on the reason for the failure.
    • There is no single point of contact/account manager for the clients when they have trouble with the tool.
    • Remote connection to Android devices can sometimes get a little tedious.

    Get device management and security in a single platform with a combination of Microsoft Intune and Configuration Manager

    A solution that combines Intune and ConfigMgr's capabilities into a single endpoint management suite for enrolling, managing, monitoring, and securing endpoints. It's a very cost-effective solution for enterprises in the Microsoft ecosystem, but it also supports other operating systems.

    Microsoft Endpoint Manager

    Est. 1975 | NM, USA | NASDAQ: MSFT

    8.0

    8.5

    +83

    85%

    COMPOSITE SCORE

    CX SCORE

    EMOTIONAL FOOTPRINT

    LIKELINESS TO RECOMMEND

    DOWNLOAD REPORT

    Screenshot of MS Endpoint Manager's dashboard.

    Screenshot of MS Endpoint Manager's dashboard. Source: Microsoft

    Strengths:

    Areas to improve:

    • Licensing for the enterprises that use Windows as their primary operating system is more efficient and cost effective.
    • Endpoint Manager is very customizable, with the ability to assign personas to device groups.
    • Besides Windows, it manages other operating systems, such as Linux, Android, and iOS.
    • It creates endpoint security and compliance policies for BitLocker that streamlines data protection and security. It also provides SSO.
    • It provides very strong documentation and knowledgebase.
    • User interface is not as good as competitors. It's a bit clunky and complex to use.
    • The process of changing configurations on devices can be time consuming.
    • Sometimes there are service outages such as Autopilot failure, which push IT to deploy manually.
    • Location tracking is not very accurate.

    Simplify and consolidate endpoint management into a single solution and secure all devices with real-time, "over-the-air" modern management across all use cases

    A strong tool for managing and controlling mobile devices. It can access all profiles through Google and Apple, and it integrates with various IT management solutions.

    VMware Workspace ONE

    Est. 1998 | CA, USA | NYSE: VMW

    7.5

    7.4

    +71

    75%

    COMPOSITE SCORE

    CX SCORE

    EMOTIONAL FOOTPRINT

    LIKELINESS TO RECOMMEND

    DOWNLOAD REPORT

    Screenshot of Workspace ONE's dashboard.

    Screenshot of Workspace ONE's dashboard. Source: VMware

    Strengths:

    Areas to improve:

    • Workspace ONE provides lots of information about devices.
    • It provides a large list of integrations.
    • The solution supports various operating systems.
    • The platform has many out-of-the-box features and helps with security management, asset management, and application management.
    • The vendor has a community forum which users find helpful for resolving issues or asking questions about the solution.
    • It is very simple to use and provides SSO capability.
    • Implementation is relatively easy and straightforward.
    • Customization may be tricky and require expertise.
    • The solution can be more user friendly with a better UI.
    • Because of intensive processing, updates to applications take a long time.
    • The tool may sometimes be very sensitive and lock devices.
    • Analytics and reporting may need improvement.

    Review your use cases to start your shortlist

    Your Info-Tech analysts can help you narrow down the list of vendors that will meet your requirements.

    Next steps will include:

    1. Reviewing your requirements
    2. Checking out SoftwareReviews
    3. Shortlisting your vendors
    4. Conducting demos and detailed proposal reviews
    5. Selecting and contracting with a finalist!

    Activity: Define high-level features for meeting business and technical goals

    Input

    • List of endpoint management use cases
    • List of prioritized features

    Output

    • Vendor evaluation
    • Final list of candidate vendors

    Materials

    • Whiteboard/flip charts
    • Laptop
    • UEM Requirements Workbook

    Participants

    • CIO
    • IT manager
    • Infrastructure & Applications directors
    • Project managers

    Activity: Define top-level features for meeting business and technical goals

    As there are many solutions in the market that share capabilities, it is imperative to closely evaluate how well they fulfill your endpoint management requirements.
    Use the UEM Requirements Workbook to identify your desired endpoint solution features and compare vendor solution functionality based on your desired features.

    1. Refer to the output of the previous activity, the identified use cases in the spreadsheet.
    2. List the features you want in an endpoint solution for your devices that will fulfill these use cases. Record those features in the second column ("Detailed Feature").
    3. Prioritize each feature (must have, should have, nice to have, not required).
    4. Send this list to candidate vendors.
    5. When you finish your investigation, review the spreadsheet to compare the various offerings and pros and cons of each solution.

    Info-Tech Insight

    The output of this activity can be used for a detailed evaluation of UEM vendors. The next steps will be vendor briefing and having further discussion on technical capabilities and conducting demos of solutions. Info-Tech's blueprint, The Rapid Application Selection Framework, takes you to these next steps.

    This is a screenshot showing the high value use cases table from The Rapid Application Selection Framework.

    Download the UEM Requirements Workbook

    Leverage Info-Tech's research to plan and execute your endpoint management selection and implementation

    Use Info-Tech Research Group's blueprints for selection and implementation processes to guide your own planning.

    • Assess
    • Prepare
    • Govern & Course Correct

    This is a screenshot of the title pages from INfo-tech's Governance and management of enterprise Software Implementaton; and The Rapid Applicaton Selection Framework.

    Ensure your implementation team has a high degree of trust and communication

    If external partners are needed, dedicate an internal resource to managing the vendor and partner relationships.

    Communication

    Teams must have some type of communication strategy. This can be broken into:

    • Regularity: Having a set time each day to communicate progress and a set day to conduct retrospectives.
    • Ceremonies: Injecting awards and continually emphasizing delivery of value can encourage relationship building and constructive motivation.
    • Escalation: Voicing any concerns and having someone responsible for addressing those concerns.

    Proximity

    Distributed teams create complexity because communication can break down more easily. This can be mitigated by:

    • Location: Placing teams in proximity can close the barrier of geographical distance and time zone differences.
    • Inclusion: Making a deliberate attempt to pull remote team members into discussions and ceremonies.
    • Communication Tools: Having the right technology (e.g. video conference) can help bring teams closer together virtually.

    Trust

    Members should trust other members are contributing to the project and completing their required tasks on time. Trust can be developed and maintained by:

    Accountability: Having frequent quality reviews and feedback sessions. As work becomes more transparent, people become more accountable.

    • Role Clarity: Having a clear definition of what everyone's role is.

    Implementation with a partner typically results in higher satisfaction

    Align your implementation plans with both the complexity of the solution and internal skill levels

    Be clear and realistic in your requirements to the vendor about the level of involvement you need to be successful.

    Primary reasons to use a vendor:

    • Lack of skilled resources: For solutions with little configuration change happening after the initial installation, the ramp-up time for an individual to build skills for a single event is not practical.
    • Complexity of solution: Multiple integrations, configurations, modules, and even acquisitions that haven't been fully integrated in the solution you choose can make it difficult to complete the installation and rollout on time and on budget. Troubleshooting becomes even more complex if multiple vendors are involved.
    • Data migration: Decide what information will be valuable to transfer to the new solution and which will not benefit your organization. Data structure and residency can both be factors in the complexity of this exercise.

    This is an image of a bar graph showing the Satisfaction Net Promotor Score by Implementation type and Organization Size.

    Source: SoftwareReviews, January 2020 to January 2023, N= 20,024 unique reviews

    To ensure your SOW is mutually beneficial, download the blueprint Improve Your Statements of Work to Hold Your Vendors Accountable.

    Consider running a proof of concept if concerns are expressed about the feasibility of the chosen solution

    Proofs of concept (PoCs) can be time consuming, so make good choices on where to spend the effort

    Create a PoC charter that will enable a quick evaluation of the defined use cases and functions. These key dimensions should form the PoC.

    1. Objective – Giving an overview of the planned PoC will help to focus and clarify the rest of this section. What must the PoC achieve? Objectives should be specific, measurable, attainable, relevant, and time bound. Outline and track key performance indicators.
    2. Key Success Factors – These are conditions that will positively impact the PoC's success.
    3. Scope – High-level statement of scope. More specifically, state what is in scope and what is out of scope.
    4. Project Team – Identify the team's structure, e.g. sponsors, subject matter experts.
    5. Resource Estimation – Identify what resources (time, materials, space, tools, expertise, etc.) will be needed to build and socialize your prototype. How will they be secured?

    An image of two screenshots from Info-Tech Research Group showing documentaton used to generate effective proof of concepts.

    To create a full proof of concept plan, download the Proof of Concept Template and see the instructions in Phase 3 of the blueprint Exploit Disruptive Infrastructure Technology.

    Selecting a right-sized endpoint management platform

    This selection guide allows organizations to execute a structured methodology for picking a UEM platform that aligns with their needs. This includes:

    • Identifying and prioritizing key business and technology drivers for an endpoint management selection business case.
    • Defining key use cases and requirements for a right-sized UEM platform.
    • Reviewing a comprehensive market scan of key players in the UEM marketspace.

    This formal UEM selection initiative will map out requirements and identify technology capabilities to fill the gap for better endpoint management. It also allows a formal roll-out of a UEM platform that is highly likely to satisfy all stakeholder needs.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Contact your account representative for more information

    workshops@infotech.com
    1-888-670-8889

    Summary of Accomplishment

    Knowledge Gained

    • What endpoint management is
    • Historical origins and evolution of endpoint management platforms
    • Current trends and future state of endpoint management platforms

    Processes Optimized

    • Identifying use cases
    • Gathering requirements
    • Reviewing market key players and their capabilities
    • Selecting a UEM tool that fulfills your requirements

    UEM Solutions Analyzed

    • CISCO Meraki
    • Citrix Endpoint Management
    • IBM MaaS360
    • Ivanti Neurons UEM
    • Jamf Pro
    • ManageEngine Endpoint Central
    • Microsoft Endpoint Manager
    • VMware Workspace ONE

    Related Info-Tech Research

    Modernize and Transform Your End-User Computing Strategy

    This project helps support the workforce of the future by answering the following questions: What types of computing devices, provisioning models, and operating systems should be offered to end users? How will IT support devices? What are the policies and governance surrounding how devices are used? What actions are we taking and when? How do end-user devices support larger corporate priorities and strategies?

    Best Unified Endpoint Management (UEM) Software | SoftwareReviews

    Compare and evaluate Unified Endpoint Management vendors using the most in-depth and unbiased buyer reports available. Download free comprehensive 40+ page reports to select the best Unified Endpoint Management software for your organization.

    The Rapid Application Selection Framework

    This blueprint walks you through a process for a fast and efficient selection of your prospective application. You will be enabled to use a data-driven approach to select the right application vendor for your needs, shatter stakeholder expectations with truly rapid application selections, boost collaboration and crush the broken telephone with concise and effective stakeholder meetings, and lock in hard savings.

    Bibliography

    "BYOD Security Report." Cybersecurity Insiders, 2021. Accessed January 2023.
    "Cloud Infrastructure Services Market." MarketsAnd Markets, 2019. Accessed December 2022.
    Evans, Alma. "Mastering Mobility Management: MDM Vs. EMM Vs. UEM." Hexnode, 2019. Accessed November 2022.
    "Evercore-ISI Quarterly Enterprise Technology Spending Survey." Evercore-ISI, 2022. Accessed January 2023.
    "5G Service Revenue to Reach $315 Billion Globally in 2023." Jupiter Research, 2022. Accessed January 2023.
    Hein, Daniel. "5 Common Unified Endpoint Management Use Cases You Need to Know." Solutions Review, 2020. Accessed January 2023.
    "Mobile Device Management Market Size, Share & COVID-19 Impact Analysis." Fortune Business Insights, 2021. Accessed December 2022.
    Ot, Anina. "The Unified Endpoint Management (UEM) Market." Datamation, 14 Apr. 2022. Accessed Jan. 2023.
    Poje, Phil. "CEO Corner: 4 Trends in Unified Endpoint Management for 2023." Tech Orchard, 2022. Accessed January 2023.
    "The Future of UEM November 2021 Webinar." Ivanti, 2021. Accessed January 2023.
    "The Third Annual Study on the State of Endpoint Security Risk." Ponemon Institute, 2020. Accessed December 2022.
    "The Ultimate Guide to Unified Endpoint Management (UEM)." MobileIron. Accessed January 2023.
    "Trends in Unified Endpoint Management." It Pro Today, 2018. Accessed January 2023.
    Turek, Melanie. "Employees Say Smartphones Boost Productivity by 34 Percent: Frost & Sullivan Research." Samsung Insights, 3 Aug. 2016.
    "2023 State of Security Report." Cybersecurity Insiders, 2022. Accessed January 2023.
    Violino, Bob. "Enterprise Mobility 2022: UEM Adds User Experience, AI, Automation." Computerworld, 2022. Accessed January 2023.
    Violino, Bob. "How to Choose the Right UEM Platform." Computerworld, 2021. Accessed January 2023.
    Violino, Bob. "UEM Vendor Comparison Chart 2022." Computerworld, 2022. Accessed January 2023.
    Wallent, Michael. "5 Endpoint Management Predictions for 2023." Microsoft, 2022. Accessed January 2023.
    "What Is the Difference Between MDM, EMM, and UEM?" 42Gears, 2017. Accessed November 2022.

    Satisfy Customer Requirements for Information Security

    • Buy Link or Shortcode: {j2store}259|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $247 Average $ Saved
    • member rating average days saved: 3 Average Days Saved
    • Parent Category Name: Governance, Risk & Compliance
    • Parent Category Link: /governance-risk-compliance
    • Your customers and potential customers are increasingly demanding assurance that you will meet their information security requirements.
    • Responding to these assurance demands requires ever more effort from the security team, which distracts them from their primary mission of protecting the organization.
    • Every customer seems to have their own custom security questionnaire they want you to complete, increasing the effort you have to expend to respond to them.

    Our Advice

    Critical Insight

    • Your security program can be a differentiator and help win and retain customers.
    • Value rank your customers to right-size the level of effort your security team dedicates to responding to questionnaires.
    • SOC 2 or ISO 27001 certification can be an important part of your security marketing, but only if you make the right business case.

    Impact and Result

    • CISOs need to develop a marketing strategy for their information security program.
    • Ensure that your security team dedicates the appropriate amount of effort to sales by value ranking your potential customers and aligning efforts to value.
    • Develop a business case for SOC 2 or ISO 27001 to determine if certification makes sense for your organization, and to gain support from key stakeholders.

    Satisfy Customer Requirements for Information Security Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should proactively satisfy customer requirements for information security, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Manage customer expectations for information security

    Identify your customers’ expectations for security and privacy, value rank your customers to right-size your efforts, and learn how to impress them with your information security program.

    • Satisfy Customer Requirements for Information Security – Phase 1: Manage Customer Expectations for Information Security

    2. Select a certification path

    Decide whether to obtain SOC 2 or ISO 27001 certification, and build a business case for certification.

    • Satisfy Customer Requirements for Information Security – Phase 2: Select a Certification Path
    • Security Certification Selection Tool
    • Security Certification Business Case Tool

    3. Obtain and maintain certification

    Develop your certification scope, prepare for the audit, and learn how to maintain your certification over time.

    • Satisfy Customer Requirements for Information Security – Phase 3: Obtain and Maintain Certification
    [infographic]