Choose Your Mobile Platform and Tools

Maximize the value of your mobile investments by prioritizing technology decisions on user experience, business priorities, and system quality.

EXECUTIVE BRIEF

Analyst Perspective

Mobile is the way of working.

Workers require access to enterprise products, data, and services anywhere at anytime on any device. Give them the device-specific features, offline access, desktop-like interfaces, and automation capabilities they need to be productive.

To be successful, you need to instill a collaborative business-IT partnership. Only through this partnership will you be able to select the right mobile platform and tools to balance desired outcomes with enterprise security, performance, integration, quality, and other delivery capacity concerns.

Andrew Kum-Seun
Senior Research Analyst,
Application Delivery and Application Management
Info-Tech Research Group

Executive Summary

Your Challenge

• Organizations see the value of mobile applications in improving productivity and reach of day-to-day business and IT operations. This motivates leaders to begin the planning of their first application.
• However, organizations often lack the critical foundational knowledge and skills to deliver and maintain high quality and valuable applications that meet business and user priorities and technical requirements.
• Mobile technologies and trends are continually evolving and maturing. It is hard to predict which trends will make a significant impact and to prepare current mobile investments to harness the value of these trends.

Common Obstacles

• Mobile applications can stress the stability, reliability and overall quality of your enterprise systems and services. They will also increase your security risks because of the exposure of your enterprise technology assets to unsecured networks and devices.
• High costs of entry may restrict what native features your users can have in their mobile experience. Workarounds may not be sufficient to offset the costs of certain native feature needs.
• Many operating models do not enable or encourage the collaboration required to fully understand user needs and behaviors and evaluate mobile opportunities and underlying operational systems from multiple perspectives.

Info-Tech's Approach

• Establish the right expectations. Understand your mobile users by learning their needs, challenges, and behaviors. Discuss the current state of your systems and your high priority non-functional requirements to determine what to expect from your mobile applications.
• Choose the right mobile platform approach and shortlist your mobile delivery solutions. Obtain a thorough view of the business and technical complexities of your mobile opportunities, including current mobile delivery capabilities and system compatibilities.
• Create your mobile roadmap. Describe the gradual rollout of your mobile technologies through minimal valuable products (MVPs).

Insight Summary

Overarching Info-Tech Insight

Treat your mobile applications as digital products. Digital products are continuously modernized to ensure they are fit-for-purpose, secured, accessible, and immersive. A successful mobile experience involves more than just the software and supporting system. It involves good training and onboarding, efficient delivery turnaround, and a clear and rational vision and strategy.

Phase 1: Set the Mobile Context

• Build applications your users need and desire – Design the right mobile application that enables your users to address their frustrations and productivity challenges.
• Maximize return on your technology investments – Build your mobile applications with existing web APIs, infrastructure, and services as much as possible.
• Prioritize mobile security, performance and integration requirements – Understand the unique security, performance, and integration influences has on your desired mobile user experience. Find the right balance of functional and non-functional requirements through business and IT collaboration.

Phase 2: Define Your Mobile Approach

• Start with a mobile web platform - Minimize disruptions to your existing delivery process and technical stack by building against common web standards. Select a hybrid platform or cross-platform if you need device hardware access or have complicated non-functional requirements.
• Focus your mobile solution decision on vendor support and functional complexity – Verify that your solution is not only compatible with the architecture, data, and policies of existing business systems, but satisfies IT's concerns with access to restricted technology and data, and with IT's ability to manage and operate your applications.
• Anticipate changes, defects & failures in your roadmap - Quickly shift your mobile roadmaps according to user feedback, delivery challenges, value, and stability.

Mobile is how the business works today

Mobile adoption continues to grow in part due to the need to be a mobile workforce, and the shift in customer behaviors. This reality pushed the industry to transform business processes and technologies to better support the mobile way of working.

Mobile Builds Interests
61%
Mobile devices drove 61% of visits to U.S. websites
Source: Perficient, 2021

Mobile Maintains Engagement
54%
Mobile devices generated 54.4% of global website traffic in Q4 2021.
Source: Statista, 2022

Mobile Drives Productivity
82%
According to 82% of IT executives, smartphones are highly important to employee productivity
Source: Samsung and Oxford Economics, 2022

Mobile applications enable and drive your digital business strategy

Organizations know the criticality of mobile applications in meeting key business and digital transformation goals, and they are making significant investments. Over half (58%) of organizations say their main strategy for driving application adoption is enabling mobile access to critical enterprise systems (Enterprise CIO, 2016). The strategic positioning and planning of mobile applications are key for success.

Mobile Can Motivate, Support and Drive Progress in Key Activities Underpinning Digital Transformation Goals

Goal: Enhance Customer Experience

• A shift from paper to digital communications
• Seamless, omni-channel client experiences across devices
• Create Digital interactive documents with sections that customers can customize to better understand their communications

Goal: Increase Workflow Throughput & Efficiency

• Digitized processes and use of data to improve process efficiency
• Modern IT platforms
• Automation through robotic process automation (RPA) where possible
• Use of AI and machine learning for intelligent automation

Source: Broadridge, 2022

To learn more, visit Info-Tech's Define Your Digital Business Strategy blueprint.

Well developed mobile applications bring unique opportunities to drive more value

Info-Tech Insight

If you build it, they may not come. Design and build the applications your user wants and needs, and ensure users are properly onboarded and trained. Learn how your applications are leveraged, capture feedback from the user and system dashboards, and plan for enhancements, fixes, and modernizations.

Workers expect IT to deliver against their high mobile expectations

Workers want sophisticated mobile applications like what they see their peers and competitors use.

Why is IT considering building their own applications?

• Complex and Unique Workflows: Canned templates and shells are viewed as incompatible to the workflows required to complete worker responsibilities outside the office, with the same level of access to corporate data as on premise.
• Supporting Bring Your Own Device (BYOD): Developing your own mobile applications around your security protocols and standards can help mitigate the risks with personal devices that are already in your workforce.
• Long-Term Architecture Misalignment: Outsourcing mobile development risks the mobile application misaligned with your quality standards or incompatible with other enterprise and third-party systems.

Continuously meeting aggressive user expectations will not be easy

Value Quickly Wears Off
39.9% of users uninstall an application because it is not in use.
40%
Source: n=2,000, CleverTap, 2021

Low Tolerance to Waiting
Keeping a user waiting for 3 seconds is enough to dissatisfy 43% of users.
43%
Source: AppSamurai, 2018

Quick Fixes Are Paramount
44% of defects are found by users
44%
Source: Perfecto Mobile, 2014

Mobile emphasizes the importance of good security, performance, and integration

Today's mobile workers are looking for new ways to get more work done quickly. They want access to enterprise solutions and data directly on their mobile devices, which can reside on multiple legacy systems and in the cloud and third-party infrastructure. This presents significant performance, integration, and security risks.

Accept change as the norm

IT is challenged with keeping up with disruptive technologies, such as mobile, which are arriving and changing faster and faster.

What is the issue? Mobile priorities, concepts, and technologies do not remain static. For example, current Google's Pixels benefit from at least three versions of Android updates and at least three years of monthly security patches after their release (NextPit, 2022). Keeping up to date with anything mobile is difficult if you do not have the right delivery and product management practices in place.

What is the impact on IT? Those who fail to prepare for changing requirements and technologies will quickly run into maintainability, extensibility, and flexibility issues. Mobile applications will quickly become stale and misaligned with the maturity of other enterprise infrastructure and applications.

Continuously look at the trends, vendor roadmaps, and your user's feedback to envision where your mobile applications should be. Learning from your past attempts gives you insights on the opportunities and impacts changes will have on your people, process, and technology.

How do I address this issue? A well-defined mobile vision and roadmap ensures your initiatives are aligned with your holistic business and technology strategies, the right problem is being solved, and resources are available to deliver high priority changes.

To learn more, visit Info-Tech's Deliver on Your Digital Product Vision blueprint.

Address the difficulties in managing enterprise mobile technologies

Adaptability During Development

Teams must be ready to alter their mobile approach when new insights and issues arise during and after the delivery of your mobile application and its updates.

High Cybersecurity Standards

Cybersecurity should be a top priority given the high security exposure of mobiles and the sensitive data mobile applications need to operate. Role-based access, back-up systems, advanced scanning, and protection software and encryption should all be implemented.

Integration with Other Systems

Your application will likely be integrated with other systems to expand service offerings and optimize performance and user experience. Your enterprise integration strategy ensures all systems connect against a common pattern with compatible technologies.

Finding the Right Mobile Developers

Enterprise mobile delivery requires a broad skillset to build valuable applications against extensive non-functional requirements in complex and integration environments. The right resources are even harder to find when native applications are preferred over web-based ones.

Source: Radoslaw Szeja, Netguru, 2022.

Build and manage the right experience by treating mobile as digital products

Digital products are continuously modernized to ensure they are fit-for-purpose, secured, insightful, accessible, and interoperable. A good experience involves more than just technology.

First, deliver the experience end users want and expect by designing the application against digital application principles.

To learn more, visit Info-Tech's Modernize Your Applications blueprint.

Then, deliver a long-lasting experience by supporting your applications with key governance and management capabilities.

• Product Strategy and Roadmap
• External Relationships
• User Adoption and Organizational Change Management
• Funding
• Knowledge Management
• Stakeholder Management
• Product Governance
• Maintenance & Enhancement
• User Support
• Managing and Governing Data
• Requirements Analysis and Design
• Research & Development

To learn more, visit Info-Tech's Make the Case for Product Delivery blueprint.

Choose Your Mobile Platform and Tools

Maximize the value of your mobile investments by prioritizing technology decisions on user experience, business priorities, and system quality.

	WORKFLOW
1. Capture Your User Personas and Journey
2. Select Your Platform
3. Shortlist Your Solutions

Make user experience (UX) the standard

User experience (UX) focuses on a user's emotions, beliefs, and physical and psychological responses that occur before, during, or after interacting with a service or product.

For a mobile application to be meaningful, the functions, aesthetics and content must be:

• Usable
  • Users can intuitively navigate through your mobile application and complete their desired tasks.
• Desirable
  • The application elements are used to evoke positive emotions and appreciation.
• Accessible
  • Users can easily use your mobile application, including those with disabilities.
• Valuable
  • Users find the content useful, and it fulfills a need.

Enable a greater experience with UX-driven thinking

Designing for a high-quality experience requires more than just focusing on the UI. It also requires the merging of multiple business, technical, and social disciplines in order to create an immersive, practical, and receptive application. The image on the right explains the disciplines involved in UX. This is critical for ensuring users have a strong desire to use the mobile application, it is adequately supported technically, and it supports business objectives.

To learn more, visit Info-Tech's Implement and Mature Your User Experience Design Practice blueprint.

Source: Marky Roden, Xomino, 2018

Define the mobile experience your end users want

• Anytime, Anywhere
  • The user can access, update and analyze data and corporate products and services whenever they want, in all networks, and on any device.
• Hands-Off and Automated
  • The application can perform various workflows and tasks without the user's involvement and notify the user when specific triggers are hit.
• Personalized and Insightful
  • Content presentation and subject are tailored for the user based on specific inputs from the user, device hardware, or predicted actions.
• Integrated Ecosystem
  • The application supports a seamless experience across various third-party and enterprise applications and services the user needs.
• Visually Pleasing and Fulfilling
  • The UI is intuitive and aesthetically gratifying, with little security and performance trade-offs to use the full breadth of its functions and services.

Each mobile platform has its own take on the mobile native experience. The choice ultimately depends on whether the costs and effort are worth the anticipated value.

Mobile value is dependent on the platform you choose

What is a platform?

"A platform is a set of software and a surrounding ecosystem of resources that helps you to grow your business. A platform enables growth through connection: its value comes not only from its own features, but from its ability to connect external tools, teams, data, and processes." (Source: Emilie Nøss Wangen, 2021) In the mobile context, applications in a platform execute and communicate through a loosely-coupled API architecture, whether the supporting system is managed and supported by your organization or by third-party providers.

Web

Mobile web applications are deployed and executed within the mobile web browser. They are often developed with a combination of web and scripting languages, such as HTML, CSS, and JavaScript. Web often takes two forms on mobile:

• Progressive Web Applications (PWA)
• Mobile Web Sites

Hybrid

Hybrid applications are developed with web technologies but are deployed as native applications. The code is wrapped using a framework so that it runs locally within a native container. It uses the device's browser runtime engine to support more sophisticated designs and features than to the web approach.

Cross-Platform

Cross-platform applications are developed within a distinct programming or scripting environment that uses its own scripting language (often like web languages) and APIs. The solution compiles the code into device-specific builds for native deployment.

Native

Native applications are developed and deployed to specific devices and OSs using platform-specific software development kits (SDKs) provided by the operating system vendors. The programming language and framework are dictated by the targeted device, such as Java for Android.

Start mobile development on a mobile web platform

Start with what you have: begin with a mobile web platform to minimize impacts to your existing delivery skill sets and technical stack while addressing business needs. Resort to a hybrid first. Then consider a cross-platform application if you require device access or need to meet specific non-functional requirements.

Why choose a mobile web platform?

Other Notable Benefits with Web Languages

• Modern browsers in most mobile devices can execute and render many mobile features developed in web languages, allowing for greater portability and sophistication of code across multiple devices. However, this flexibility comes at the cost of performance since the browser's runtime engine will not perform as well as a native engine.
• Web languages are well known by developers, minimizing skills and resourcing impacts. Consequently, changes can be quickly accommodated and updated uniformly across all end users.

Select your mobile platform

Drive your mobile platform selection against user-centric needs (e.g. device access, aesthetics) and enterprise-centric needs (e.g. security, system performance).

Understand the common attributes of a mobile delivery solution

• Source Code Management – Built-in or having the ability to integrate with code management solutions for branching, merging, and versioning. Debugging and coding assistance capabilities may be available.
• Single Code Base – Capable of programming in a standard coding and scripting language for deployment into several platforms and devices. This code base is aligned to a common industry framework (e.g. AngularJS, Java) or a vendor-defined one.
• Out-of-the-Box Connectors & Plug-ins – Pre-built APIs enhance the solution's capabilities with third-party tools and systems to deliver and manage high quality and valuable mobile applications.
• Emulators – Ability to virtualize an application's execution on a target platform and device.
• Support for Native Features – Supports plug-ins and APIs for access to device-specific features.

What are mobile delivery solutions?

A mobile delivery solution provides the tools, resources, and support to enable or build your mobile application. It can provide pre-built applications, vendor supported components to allow some configurations, or resources for full stack customizations. Solutions can be barebone software development kits (SDKs), or comprehensive suites offering features to support the entire software delivery lifecycle, such as:

• Mobile application management
• Testing and publishing to app stores
• Content management
• Cloud hosting
• Application performance management

Info-Tech Insight

Mobile enablement and development capabilities are already embedded in many common productivity tools and enterprise applications, such as Microsoft PowerApps and ERP modules. They can serve as a starting point in the initial rollout of new management and governance practices without the need to acquire new tools.

Select your mobile delivery solutions

1. Set the scope of your framework.

• The initial context of this framework is based on the mobile functions needed to support your desired mobile experience and on the current state of your enterprise and 3rd party systems.

Optimize your software delivery process

Mobile brings new delivery and management challenges that are often difficult for organizations that are tied to legacy systems, hindered by rigid and slow delivery lifecycles, and are unable to adopt leading-edge technologies. Many of these challenges stem from the fact that mobile is a significant shift from desktop development:

• Mobile devices and operating systems are heavily fragmented, especially in the Android space.
• Test coverage is significantly expanded to include physical environments and multiple network connections.
• Mobile devices do not have the same performance capabilities and memory storage as their desktop counterparts.
• The user interface must be strategically designed to accommodate the limited screen size.
• Mobile applications are highly susceptible to security breaches.
• Mobile users often expect quick turnaround time on fixes and enhancements due to continuously changing technology, business priorities, and user needs.

To learn more, visit Info-Tech's Modernize Your SDLC blueprint.

How should the process change?

• Cross-functional collaboration – Bringing business and IT together at the most opportune times to clarify user needs and business priorities, and set realistic expectations given technology and capacity constraints. The appropriate tactics and techniques are used to improve decision making and delivery effectiveness according to the type of work.
• Iterative delivery – Frequent delivery of progressive changes minimizes the risk of low-quality features by containing and simplifying scope, and enables responsive turnarounds of fixes, enhancements, and priority changes.
• Feedback loops –Mobile application owners constantly review, update and refine their backlog of mobile features and changes to reflect user feedback and system performance metrics. Delivery teams proactively prepare the application for future scaling based on lessons and feedback learned from earlier releases.

Achieve mobile success with MVPs

By delivering mobile capabilities in small iterations, teams recognize value sooner and reduce accumulated risk. Both benefits are realized as the iteration enters validation testing and release.

An MVP focuses on a small set of functions, involves minimal possible effort to deliver a working and valuable solution, and is designed to satisfy a specific user group. Its purpose is to:

• Maximize learning.
• Evaluate the value and acceptance of mobile applications.
• Inform the building of a mobile delivery practice.

The build-measure-learn loop suggests mobile delivery teams should perpetually take an idea and develop, test, and validate it with the mobile development solution, then expand on the MVP using the lessons learned and evolving ideas. In this sense the MVP is just the first iteration in the loop.

Gauge the value with the right metrics

Metrics are a powerful way to drive behavior change in your organization. But metrics are highly prone to creating unexpected outcomes so they must be used with great care. Use metrics judiciously to avoid gaming or ambivalent behavior, productivity loss, and unintended consequences.

To learn more, visit Info-Tech's Select and Use SDLC Metrics Effectively blueprint.

What should I measure?

1. Mobile Application Engagement, Retention and User Satisfaction
   1. The activeness of users on the applications, the number of returning users, and the happiness of the users.
   2. Example: Number of tasks completed, number of active and returning users, session length and intervals, user satisfaction
2. Value Driven from Mobile Applications
   1. The business value that the user directly or indirectly receives with the mobile application.
   2. Example: Mobile application revenue, business operational costs, worker productivity, business reputation and image
3. Delivery Throughput and Quality
   1. The health and quality of your mobile applications throughout their lifespan and the speed to deliver working applications that meet stakeholder expectations.
   2. Example: Frequency of release, lead time, request turnaround, escaped defects, test coverage.

Use Info-Tech's diagnostic to evaluate the reception of your mobile applications

Info-Tech's Application Portfolio Assessment (APA) Diagnostic is a canned end-user satisfaction survey used to evaluate your application portfolio health to support data-driven decisions.

USE THE PROGRAM DIAGNOSTIC TO:

• Assess the importance and satisfaction of enterprise applications.
• Solicit feedback from your end users on applications being used.
• Understand the strengths and weaknesses of your current applications.
• Perform a high-level application rationalization initiative.

INTEGRATE DIAGNOSTIC RESULTS TO:

• Target which applications to analyze in greater detail.
• Expand on the initial application rationalization results with a more comprehensive and business-value-focused criteria.

Grow your mobile delivery practice

Level 1: Mobile Delivery Foundations

You understand the opportunities and impacts mobile has on your business operations and its disruptive nature on your enterprise systems. Your software delivery lifecycle was optimized to incorporate the specific practices and requirements needed for mobile. A mobile platform was selected based on stakeholder needs that are weighed against current skillsets, high priority non-functional requirements, the available capacity and scalability of your stack, and alignment to your current delivery process.

Level 2: Scaled Mobile Delivery

New features and mobile use cases are regularly emerging in the industry. Ensuring your mobile platform and delivery process can easily scale to incorporate constantly changing mobile features and technologies is key. This can help minimize the impact these changes will have on your mobile stack and the resulting experience.

Achieving this state requires three competencies: mobile security, performance optimization, and integration practices.

Level 3: Leading-Edge Mobile Delivery

Many of today's mobile trends involve, in one form or another, hardware components on the mobile device (e.g., NFC receivers, GPS, cameras). You understand the scope of native features available on your end user's mobile device and the required steps and capabilities to enable and leverage them.

Hit a home run with your stakeholders

Use a data-driven approach to select the right tooling vendor for your needs – fast.

Investing time improving your software selection methodology has big returns.

Info-Tech Insight

Not all software selection projects are created equal – some are very small, some span the entire enterprise. To ensure that IT is using the right framework, understand the cost and complexity profile of the application you're looking to select. Info-Tech's Rapid Application Selection Framework approach is best for commodity and mid-tier enterprise applications; selecting complex applications is better handled by the methodology in Info-Tech's Implement a Proactive and Consistent Vendor Selection Process.

Pitch your mobile delivery approach with Info-Tech's template

Communicate the justification of your approach to mobile applications with Info-Tech's Mobile Application Delivery Communication Template:

• Level set your mobile application goals and objectives by weighing end user expectations with technical requirements.
• Define the high priority opportunities for mobile applications.
• Educate decision makers of the limitations and challenges of delivering specific mobile experiences with the various mobile platform options.
• Describe your framework to select the right mobile platform and delivery tools.
• Lay out your mobile delivery roadmap and initiatives.

INFO-TECH DELIVERABLE

Info-Tech's methodology for mobile platform and delivery solution selection

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

Guided Implementation

"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

Workshop

"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

Consulting

"Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is 6 to 9 calls over the course of 2 to 3 months.

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Phase 1

Set the Mobile Context

Choose Your Mobile Platform and Tools

This phase will walk you through the following steps:

• Step 1.1 – Build Your Mobile Backlog
• Step 1.2 – Identify Your Technical Needs
• Step 1.3 – Define Your Non-Functional Requirements

This phase involves the following participants:

• Applications Manager
• Product and Platform Owners
• Software Delivery Teams
• Business and IT Leaders

Step 1.1

Build Your Mobile Backlog

Activities

1.1.1 Generate user personas with empathy maps

1.1.2 Build your mobile application canvas

1.1.3 Build your mobile backlog

Set the Mobile Context

This step involves the following participants:

• Applications Manager
• Product and Platform Owners
• Software Delivery Teams
• Business and IT Leaders

Outcomes of this step

• User personas
• Mobile objectives and metrics
• Mobile opportunity backlog

Users expect your organization to support their mobile way of working

Today, users expect sophisticated and personalized features, immersive interactions, and cross-platform capabilities from their mobile applications and be able to access information and services anytime, anywhere and on any device. These demands are pushing organizations to become more user-driven, placing greater importance on user experience (UX) with enterprise-grade technologies.

How has technologies evolved to easily enable mobile capabilities?

• Desktop-Like Features
  • Native-like features, such as geolocation and local caching, are supported through web language or third-party plugins and extensions.
• Extendable & Scalable
  • Plug-and-play architecture is designed to allow software delivery teams to explore new use cases and mobile capabilities with out-of-the-box connectors and/or customizable REST APIs.
• Low Barrier to Entry
  • Low- and no-code development tools, full-stack solutions, and plug-and-play architectures allow non-technical users to easily build and implement applications without direct IT involvement.
• Templates & Shells
  • Vendors provide UI templates and application shells that contain pre-built native features and multiple aesthetic layouts in a publishing-friendly and configurable way.
• Personalized Content
  • Content can be uniquely tailored to a user's preference or be automatically generated based on the user's profile or activity history.
• Hands-Off Operations
  • Many mobile solutions operate in a as-a-service model where the underlying and integrated technologies are managed by the vendor and abstracted away.

Make user experience (UX) the standard

User experience (UX) focuses on a user's emotions, beliefs, and physical and psychological responses that occur before, during, or after interacting with a service or product.

For a mobile application to be a meaningful experience, the functions, aesthetics and content must be:

• Usable
  • Users can intuitively navigate through your mobile application and complete their desired tasks.
• Desirable
  • The application elements are used to evoke positive emotions and appreciation.
• Accessible
  • Users can easily use your mobile application, including those with disabilities.
• Valuable
  • Users find the content useful, and it fulfills a need.

Enable a greater experience with UX-driven thinking

Designing for a high-quality experience requires more than just focusing on the UI. It also requires the merging of multiple business, technical, and social disciplines in order to create an immersive, practical, and receptive application. The image on the right explains the disciplines involved in UX. This is critical for ensuring users have a strong desire to use the mobile application, it is adequately supported technically, and it supports business objectives.

To learn more, visit Info-Tech's Implement and Mature Your User Experience Design Practice blueprint.

Source: Marky Roden, Xomino, 2018

UX-driven mobile apps bring together a compelling UI with valuable functionality

Info-Tech Insight

Organizations often over-rotate on the UI. Receptive and satisfying applications require more than just pretty pictures, bold colors, and flashy animations. UX-driven mobile applications require the seamless merging of enticing design elements and valuable functions that are specifically tailored to the behaviors of the users. Take a deep look at how each design element and function is used and perceived by the user, and how your application can sufficiently support user needs.

UI-Function Balance to Achieve Highly Satisfying Mobile Applications

An application's UI and function both contribute to UX, but they do so in different ways.

• The UI generates the visual, audio, and vocal cues to draw the attention of users to key areas of the application while stimulating the user's emotions.
• Functions give users the means to satisfy their needs effortlessly.

Finding the right balance of UI and function is dependent on the organization's understanding of user emotions, needs, and tendencies. However, these factors are often left out of an application's design. Having the right UX competencies is key in assuring user behaviors are appropriately accommodated early in the delivery process.

To learn more, visit Info-Tech's Modernize Your Corporate Website to Drive Business Value blueprint.

Focus your efforts on all items that drive high user experience and satisfaction

UX-driven mobile applications involve all interaction points and system components working together to create an immersive experience while being actively supported by delivery and operations teams. Many organizations commonly focus on visual and content design to improve the experience, but this is only a small fraction of the total UX design. Look beyond the surface to effectively enhance your application's overall UX.

Use personas to envision who will be using your mobile application

What Are Personas?

Personas are detailed descriptions of the targeted audience of your mobile application. It represents a type of user in a particular scenario. Effective personas:

• Express and focus on the major needs and expectations of the most important user groups.
• Give a clear picture of the typical user's behavior.
• Aid in uncovering critical features and functionalities.
• Describe real people with backgrounds, goals, and values.

Why Are Personas Important to UX?

They are important because they help:

• Focus the development of mobile application features on the immediate needs of the intended audience.
• Detail the level of customization needed to ensure content is valuable to and resonates with the user.
• Describe how users may behave when certain audio and visual stimulus are triggered from the mobile application.
• Outline the special design considerations required to meet user accessibility needs.

Key Elements of a Persona:

• Professional and Technical Skills and Experiences (e.g., knowledge of mobile applications, area of expertise)
• Persona Group (e.g., executives)
• Technological Environment of User (e.g., devices, browsers, network connection)
• Demographics (e.g., nationality, age, language spoken)
• Typical Behaviors and Tendencies (e.g., goes to different website when cannot find information in 20 seconds)
• Purpose of Using the Mobile Application (e.g., search for information, submit registration form)

Create empathy maps to gain a deeper understanding of stakeholder personas

Empathy mapping draws out the characteristics, motivations, and mannerisms of a potential end user.

Source: XPLANE, 2017

Empathy mapping focuses on identifying the problems, ambitions, and frustrations they are looking to resolve and describes their motivations for wanting to resolve them. This analysis helps your teams:

• Better understand the reason behind the struggles, frustrations and motivators through a user's perspective.
• Verify the accuracy of assertions made about the user.
• Pinpoint the specific problem the mobile application will be designed to solve and the constraints to its successful adoption and on-going use.
• Read more about empathy mapping and download the empathy map PDF template here.

To learn more, visit Info-Tech's Use Experience Design to Drive Empathy with the Business blueprint.

1.1.1 Generate user personas with empathy maps

1-3 hours

1. Download the Empathy Map Canvas and draw the map on a whiteboard or project it on the screen.
2. Choose an end user to be the focus of your empathy map. Using sticky notes, fill out the sections of the empathy map in the following order:
   1. Start by filling out the goals section. State who the subject of the empathy map will be and what activity or task you would like them to do.
      1. Focus on activities and tasks that may benefit from mobile.
   2. Next, complete the outer sections in clockwise order (see, say, do, hear). The purpose of this is to think in terms of what the subject of your empathy map is observing, sensing, and experiencing.
      1. Indicate the mobile devices and OS users will likely use and the environments they will likely be in (e.g., places with poor connections)
      2. Discuss accessibility needs and how user prefer to consume content.
   3. Last, complete the inner circle of the empathy map (pains and gains). Since you spent the last step of the exercise thinking about the external influences on your stakeholder, you can think about how those stimuli affect their emotions.
3. Document your end user persona into Info-Tech's Mobile Application Delivery Communication Template.

1.1.1 cont'd

Download the Empathy Map Canvas

Many business priorities are driving mobile

Mobile Applications

• Product Roadmap
  • Upcoming enterprise technology releases and updates offer mobile capabilities to expand its access to a broader userbase.
• Cost Optimization
  • Maximizing business value in processes and technologies through disciplined and strategic cost and spending reduction practices with mobile applications.
• Competitive Differentiation
  • Developing and optimizing your organization's distinct products and services quickly with mobile applications.
• Digital Transformation
  • Transitioning processes, data and systems to a digital environment to broaden access to enterprise data and services anywhere at anytime.
• Operational Efficiency
  • Improving software delivery and business process throughput by increasing worker productivity with mobile applications.
• Other Business Priorities
  • New corporate products and services, business model changes, application rationalization and other priorities may require modernization, innovation and a mobile way of working.

Focus on the mobile business and end user problem, not the solution

People are naturally solution-focused. The onus isn't on them to express their needs in the form of a problem statement!

When refining your mobile problem statement, attempt to answer the following four questions:

• Who is impacted?
• What is the (user or organizational) challenge that needs to be addressed?
• Where does it happen?
• Why does it matter?

There are many ways of writing problem statements, a clear approach follows the format:

• "Our (who) has the problem that (what) when (where). Our solution should (why)."
• Example: "Our system analysts has the problem that new tickets take too long to update when working on user requests. Our approach should enable the analyst to focus on working with customers and not on administration."

Adapted from: "Design Problem Statements – What and How to Frame Them"

How to write a vision statement

It's ok to dream a little!

When thinking about a vision statement, think about:

• Who is it for?
• What does the customer need?
• What can we do for them?
• And why is this special?

There are different statement templates available to help form your vision statements. Some include:

1. For [our target customer], who [customer's need], the [product] is a [product category or description] that [unique benefits and selling points]. Unlike [competitors or current methods], our product [main differentiators]. (Crossing the Chasm)
2. "We believe (in) a [noun: world, time, state, etc.] where [persona] can [verb: do, make, offer, etc.], for/by/with [benefit/goal].
3. To [verb: empower, unlock, enable, create, etc.] [persona] to [benefit, goal, future state].
4. Our vision is to [verb: build, design, provide], the [goal, future state], to [verb: help, enable, make it easier to...] [persona]."

(Numbers 2-4 from: How to define a product vision)

Info-Tech Best Practice

A vision shouldn't be so far out that it doesn't feel real and so short term that it gets bogged down in minutiae and implementation details. Finding that right balance will take some trial and error and will be different depending on your organization.

Ensure mobile supports ongoing value delivery and stakeholder expectations

Success hinges on your team's ability to deliver business value. Well-developed mobile applications instill stakeholder confidence in ongoing business value delivery and stakeholder buy-in, provided proper expectations are set and met.

Business value defines the success criteria of an organization, and it is interpreted from four perspectives:

• Profit Generation – The revenue generated from a business capability with mobile applications.
• Cost Reduction – The cost reduction when performing business capabilities with mobile applications.
• Service Enablement – The productivity and efficiency gains of internal business operations with mobile applications.
• Customer and Market Reach – Metrics measuring the improved reach and insights of the business in existing or new markets.

See our Build a Value Measurement Framework blueprint for more information about business value definition.

Set realistic mobile goals

Mobile applications enables the exploration of new and different ways to improve worker productivity and deliver business value. However, the realities of mobile applications may limit your ability to meet some of your objectives:

• On the day of installation, the average retention rate for public-facing applications was 25.3%. By day 30, the retention rate drops to 5.7%. (Source: Statista, 2020)
• 63% of 3,335 most popular Android mobile applications on the Google Play Store contained open-source components with known security vulnerabilities and other pervasive security concerns including exposing sensitive data (Source: Synopsys, 2021)
• 62% of users would delete the application because of performance issues, such as crashes, freezes and other errors (Source: Intersog, 2021).

These realities are not guaranteed to occur or impede your ability to deliver valuable mobile applications, but they can lead to unachievable expectations. Ensure your stakeholders are not oversold on advertised benefits and hold you accountable for unrealistic objectives. Recognize that the organization must also change how it works and operates to see the full benefit and adoption of mobile applications and overcome the known and unknown challenges and hurdles that often come with mobile delivery.

Benchmarks present enticing opportunities, but should be used to set reasonable expectations

66%
Improve Market Reach
66% of the global population uses a mobile device
Source: DataReportal, 2021

20%
Connected Workers are More Productive
Nearly 20 percent of mobile professionals estimate they miss more than three hours of working time a week not being able to get connected to the internet
Source: iPass, 2017

80%
Increase Brand Recognition
80% of smartphone users are more likely to purchase from companies whose mobile sites of apps help them easily find answers to their questions
Source: Google, 2018

Gauge the value with the right metrics

Metrics are a powerful way to drive behavior change in your organization. But metrics are highly prone to creating unexpected outcomes so they must be used with great care. Use metrics judiciously to avoid gaming or ambivalent behavior, productivity loss, and unintended consequences.

To learn more, visit Info-Tech's Select and Use SDLC Metrics Effectively blueprint.

What should I measure?

1. Mobile Application Engagement, Retention and User Satisfaction
   • The activeness of users on the applications, the number of returning users, and the happiness of the users.
   • Example: Number of tasks completed, number of active and returning users, session length and intervals, user satisfaction
2. Value Driven from Mobile Applications
   • The business value that the user directly or indirectly receives with the mobile application.
   • Example: Mobile application revenue, business operational costs, worker productivity, business reputation and image
3. Delivery Throughput and Quality
   • The health and quality of your mobile applications throughout their lifespan and the speed to deliver working applications that meet stakeholder expectations.
   • Example: Frequency of release, lead time, request turnaround, escaped defects, test coverage.

Use Info-Tech's diagnostic to evaluate the reception of your mobile applications

Info-Tech's Application Portfolio Assessment (APA) Diagnostic is a canned end user satisfaction survey used to evaluate your application portfolio health to support data-driven decisions.

USE THE PROGRAM DIAGNOSTIC TO:

• Assess the importance and satisfaction of enterprise applications.
• Solicit feedback from your end users on applications being used.
• Understand the strengths and weaknesses of your current applications.
• Perform a high-level application rationalization initiative.

INTEGRATE DIAGNOSTIC RESULTS TO:

• Target which applications to analyze in greater detail.
• Expand on the initial application rationalization results with a more comprehensive and business-value-focused criteria.

Use a canvas to define key elements of your mobile initiative

To learn more, visit Info-Tech's Deliver on Your Digital Product Vision blueprint.

1.1.2 Build your mobile application canvas

1-3 hours

1. Complete the following fields to build your mobile application canvas:
   • Mobile application initiative name
   • Mobile application owner
   • Parent initiative name
   • Problem that mobile applications are intending to solve and your vision. See the outcome from the previous exercise.
   • Mobile application business goals and metrics.
   • Capabilities, processes and application systems involved
   • Primary customers/users (For additional help with your product personas, download and complete to Deliver on Your Digital Product Vision.)
2. Stakeholders
3. Document your findings and discussions into Info-Tech's Mobile Application Delivery Communication Template.

Download the Mobile Application Delivery Communication Template

1.1.2 cont'd

Create your mobile backlog

Your backlog gives you a holistic understanding of the demand for mobile applications across your organization.

Find your mobile opportunities

Modern mobile technologies enable users to access, analyze and change data anywhere with native device features, which opens the door to enhanced processes and new value sources.

Examples of Mobile Opportunities:

• Mobile Payment
  • Cost alternative to credit card transaction fees.
  • Loyalty systems are updated upon payment without need of a physical card.
  • Quicker completion of transactions.
• Inventory Management
  • Update inventory database when shipments arrive or deliveries are made.
  • Inform retailers and consumers of current stock on website.
  • Alert staff of expired or outdated products.
• Quick and Small Data Transfer
  • Embed tags into posters to transfer URIs, which sends users to sites containing product or location information.
  • Replace entry tags, fobs, or smart cards at doors.
  • Exchange contact details.
• Location Sensitive Information
  • Proactively send promotions and other information (e.g. coupons, event details) to users within a defined area.
  • Inform employees of nearby prospective clients.
• Supply Chain Management
  • Track the movement and location of goods and delivery trucks.
  • Direct drivers to the most optimal route.
  • Location-sensitive billing apps such as train and bus ticket purchases.
• Education and Learning
  • Educate users about real-world objects and places with augmented books and by pushing relevant learning materials.
  • Visualize theories and other text with dynamic 3D objects.
• Augmented Reality (AR)
  • Provide information about the user's surroundings and the objects in the environment through the mobile device.
  • Interactive and immersive experiences with the inclusion of virtual reality.
• Architecture and Planning
  • Visualize historic buildings or the layout of structural projects and development plans.
  • Develop a digital tour with location-based audio initiated with location-based services or a camera.
• Navigation
  • Provide directions to users to navigate and provide contextual travelling instructions.
  • Push traffic notifications and route changes to travelling users.
• Tracking User Movement
  • Predict the future location of users based on historic information and traffic modelling.
  • Proactively push information to users before they reach their destination.

1.1.3 Build your mobile backlog

1-3 hours

1. As a group, discuss the use and value mobile already has within your organization for each persona.
   1. What are some of the apps being used?
   2. What enterprise systems and applications are already exposed to the web and accessible by mobile devices?
   3. How critical is mobile to business operations, marketing campaigns, etc.?
2. Discuss how mobile can bring additional business value to other areas of your organization for each persona.
   1. Can mobile enhance your customer reach? Do your customers care that your services are offered through mobile?
   2. Are employees asking for better access to enterprise systems in order to improve their productivity?
3. Write your mobile opportunities in the following form: As a [end user persona], I want to [process or capability to enable with mobile applications], so that [organizational benefit]. Prioritize each opportunity against feasibility, desirability, and viability.
4. Document your findings and discussions into Info-Tech's Mobile Application Delivery Communication Template.

Manage your mobile backlog

Your backlog stores and organizes your mobile opportunities at various stages of readiness. It must be continuously refined to address new requests, maintenance and changing priorities.

3 – IDEAS
Composed of raw, vague, and potentially large ideas that have yet to go through any formal valuation.

2 – QUALIFIED
Researched and qualified opportunities awaiting refinement.

1 READY
Discrete, refined opportunities that are ready to be placed in your team's delivery plans.

Adapted from Essential Scrum

A well-formed backlog can be thought of as a DEEP backlog

• Detailed Appropriately: opportunities are broken down and refined as necessary
• Emergent: The backlog grows and evolves over time as opportunities are added and removed.
• Estimated: The effort an opportunity requires is estimated at each tier.
• Prioritized: The opportunity's value and priority are determined at each tier.

(Source Perforce, 2018)

See our Deliver on Your Digital Product Vision for more information on backlog practices.

Step 1.2

Identify Your Technical Needs

Activities

1.2.1 Discuss your mobile needs

1.2.2 Conduct a technical assessment

Set the Mobile Context

This step involves the following participants:

• Applications Manager
• Product and Platform Owners
• Software Delivery Teams
• Business and IT Leaders

Outcomes of this step

• List of mobile features to enable the desired mobile experience
• System current assessment

Describe your desired mobile experiences with journey maps

A journey map tells the story of the user's experience with an existing or prospective product or service, starting with a trigger, through the process of engagement, to create an outcome. Journey maps can focus on a particular part of the user's or the entire experience with your organization's products or services. All types of maps capture key interactions and motivations of the user in chronological order.

Why are journey maps an important for mobile application delivery?

Everyone has their own preferred method for completing their tasks on mobile devices – often, what differentiates one persona from another has to do with how users privately behave. Understand that the activities performed outside of IT's purview develop context for your persona's pain points and position IT to meet their needs with the appropriate solution.

To learn more, visit Info-Tech's Use Experience Design to Drive Empathy with the Business blueprint.

Pinpoint specific mobile needs in your journey map

Realize that mobile applications may not precisely fit with your personas workflow or align to their expectations due to device and system limitations and restrictions. Flag the mobile opportunities that require significant modifications to underlying systems.

Consider these workflow scenarios that can influence your persona's desire for mobile:

Define the mobile experience your end users want

Anytime, Anywhere
The user can access, update and analyze data, and corporate products and services whenever they want, in all networks, and on any device.

Hands-Off & Automated
The application can perform various workflows and tasks without the user's involvement and notify the user when specific triggers are hit.

Personalized & Insightful
Content presentation and subject are tailored for the user based on specific inputs from the user, device hardware or predicted actions.

Integrated Ecosystem
The application supports a seamless experience across various 3rd party and enterprise applications and services the user needs.

Visually Pleasing & Fulfilling
The UI is intuitive and aesthetically gratifying with little security and performance trade-offs to use the full breadth of its functions and services.

Each mobile platform has its own take on the mobile native experience. The choice ultimately depends on whether the costs and effort are worth the anticipated value.

1.2.1 Discover your mobile needs

1-3 hours

1. Define the workflow of a high priority opportunity in your mobile backlog. This workflow can be pertaining to an existing mobile application or a workflow that can benefit with a mobile application.
   1. Indicate the trigger that will initiate the opportunity and the desired outcome.
   2. Break down the persona's desired outcome into small pieces of value that are realized in each workflow step.
2. Identify activities and touchpoints the persona will need to complete to finish each step in the workflow. Indicate the technology used to complete the activity or to facilitate the touchpoint.
3. Indicate which activities and touchpoints can be satisfied, complimented or enhanced with mobile.

1.2.1 cont'd

Legend:

Bold – Touchpoint

* – Activities or Touchpoints That Can Benefit with Mobile

1.2.1 cont'd

1-3 hours

1. Analyze persona expectations. Identify the persona's must-haves, then nice-to-haves, and then hidden needs to effectively complete the workflow.
   1. Must-haves. The necessary outcomes, qualities, and features of the workflow step.
   2. Nice-to-haves. Desired outcomes, qualities, or features that your persona is able to articulate or express.
   3. Hidden needs. Outcomes, qualities, or features that your persona is not aware they have a desire for; benefits that they are pleasantly surprised to receive. These will usually be unknown for your first-iteration journey map.
2. Indicate which persona expectations can be satisfied with mobile. Discuss what would the desired mobile experience be.
3. Discuss feedback and experiences your team has heard from the personas they engage with regularly.
4. Document your findings and discussions into Info-Tech's Mobile Application Delivery Communication Template.

Download the Mobile Application Delivery Communication Template

1.2.1 cont'd

Example

1.2.1 cont'd

Template:

If you need more than four steps in the workflow, duplicate this slide.

Understand how mobile fits with your current system

Evaluate the risks and impacts of your desired mobile features by looking at your enterprise system architecture from top to bottom. Is your mobile vision and needs compatible with your existing business capabilities and technologies?

An architecture is usually represented by one or more architecture views that together provide a coherent description of the application system, including demonstrating the full impact mobile will have. A single, comprehensive model is often too complex to be understood and communicated in its most detailed form, and a model too high level hides the underlying complexity of an application's structure and deployment (The Open Group, TOGAF 8.1.1 - Developing Architecture Views). Obtain a complete understanding of your architecture by assessing it through multiple levels of views to reveal different sets of concerns:

Application Architecture Views

1. Use Case View

• How does your business operate, and how will users interact with your mobile applications?

• What is the user workflow impacted by mobile, and how will it change?

• How are my existing applications structured? What are its various components? How will mobile expand the costs of the existing technical debt?

• What is the relationship of the data and information consumed, analyzed, and transmitted? Will mobile jeopardize the quality and reliability of the data?

• In what environment are your mobile application components deployed? How will the existing systems operate with your mobile applications?

See our Enhance Your Solution Architecture for more information.

Ask key questions in your current system assessment

• How do the various components of your system communicate with each other (e.g., web APIs, middleware, and point to point)?
• What information is exchanged during the conversation?
• How does the data flow from one component to the next? Is the data read-only or can application and users edit and modify it?
• What are the access points to your mid- and back-tier systems (e.g., user access through web interface, corporate networks and third-party application access through APIs)?
• Who has access to your enterprise systems?
• Which components are managed and operated by third-party providers? What is your level of control?
• What are the security protocols currently enforced in your system?
• How often are your databases updated? Is it real-time or periodic extract, transfer, and load (ETL)?
• What are the business rules?
• Is your mobile stack dependent on other systems?
• Is a mobile middleware, web server, or API gateway needed to help facilitate the integration between devices and your back-end support?

1.2.2 Conduct a technical assessment

1-3 hours

1. Evaluate your current systems that will support the journey map of your mobile opportunities based on two categories: system quality and system management. Use the tables on the following slides and modify the questions if needed.
2. Discuss if the current state of your system will impede your ability to succeed with mobile. Use this discussion to verify the decision to continue with mobile applications in your current state.
3. Document your findings and discussions into Info-Tech's Mobile Application Delivery Communication Template.

Download the Mobile Application Delivery Communication Template

1.2.2 cont'd

Current State System Quality Assessment

1.2.2 cont'd

Current State System Management Assessment

Step 1.3

Define Your Non-Functional Requirements

Activities

1.3.1 Define mobile application quality

1.3.2 Verify your decision to deliver mobile applications

Set the Mobile Context

This step involves the following participants:

• Applications Manager
• Product and Platform Owners
• Software Delivery Teams

Outcomes of this step

• Mobile application quality definition
• Readiness for mobile delivery

Build a strong foundation of mobile application quality

Functionality and aesthetics often take front seats in mobile application delivery. Applications are then frequently modified and changed, not because they are functionally deficient or visually displeasing, but because they are difficult to maintain or scale, too slow, vulnerable or compromised. Implementing clear quality principles (i.e., non-functional requirements) and strong quality assurance practices throughout delivery are critical to minimize the potential work of future maintenance and to avoid, mitigate and manage IT risks.

What is Mobile Application Quality?

• Quality requirements (i.e., non-functional requirements) are properties of a system or product that dictate how it should behave at runtime and how it should be designed, implemented, and maintained.
• These requirements should be involved in decision making around architecture, UI and functional design changes.
• Functionality should not dictate the level of security, availability, or performance of a product, thereby risking system quality. Functionality and quality are viewed orthogonally, and trade-offs are discussed when one impacts the other.
• Quality attributes should never be achieved in isolation as one attribute can have a negative or positive impact on another (e.g. security and availability).

Why is Mobile Quality Assurance Critical?

• Quality assurance (QA) is a necessity for the validation and verification of mobile delivery, whether you are delivering applications in an Agile or Waterfall fashion. Effective QA practices implemented across the software development lifecycle (SDLC) are vital, as all layers of the mobile stack need to readily able to adjust to suddenly evolving and changing business and user needs and technologies without risking system stability and breaking business standards and expectations.
• However, investments in QA optimizations are often afterthoughts. QA is commonly viewed as a lower priority compared to other delivery capabilities (e.g., design and coding) and is typically the first item cut when delivery is under pressure.

See our Build a Software Quality Assurance Program for more information.

Mobile emphasizes the importance of good security, performance and integration

Today's mobile workforce is looking for new ways to get more work done quickly. They want access to enterprise solutions and data directly on their mobile device, which can reside on multiple legacy systems and in the cloud and third-party infrastructure. This presents significant performance, integration, and security risks.

Mobile risks opening and widening existing security gaps

New mobile technologies and the continued expansion of the enterprise environment increase the number of entry points attackers to your corporate data and networks. The ever-growing volume, velocity, and variety of new threats puts significant pressure on mobile delivery teams who are responsible for implementing mobile security measures and maintaining alignment to your security policies and those of app stores.

Mobile attacks can come from various vectors:

Understand the top web security risks and vulnerabilities seen in the industry

Recognize mobile applications are exposed to the same risks and vulnerabilities as web applications. Learn of OWASP's top 10 web security risks.

• Broken Access Control
  • Failures typically lead to unauthorized information disclosure, modification, or destruction of all data or performing a business function outside the user's limits.
• Cryptographic Failures
  • Improper and incorrect protection of data in transit and at rest, especially proprietary and confidential data and those that fall under privacy laws.
• Injection
  • Execution of malicious code and injection of hostile or unfiltered data on the mobile device via the mobile application.
• Insecure Design
  • Missing or ineffective security controls in the application design. An insecure design cannot be fixed by a perfect implementation,. Needed security controls were never created to defend against specific attacks.
• Security Misconfiguration
  • The security settings in the application are not securely set or configured, including poor security hardening and inadequate system upgrading practices.
• Vulnerable and Outdated Components
  • System components are vulnerable because they are unsupported, out of date, untested or not hardened against current security concerns.
• Identification and Authentication Failures
  • Improper or poor protection against authentication-related attacks, particularly to the user's identity, authentication and session management.
• Software and Data Integrity Failures
  • Failures related to code and infrastructure that does not protect against integrity violations, such as an application relying upon plugins, libraries, or modules from untrusted sources, repositories, and content delivery networks
• Security Logging and Monitoring Failures
  • Insufficient logging, detection, monitoring, and active response that hinders the ability to detect, escalate, and respond to active breaches.
• Server-Side Request Forgery (SSRF)
  • SSRF flaws occur whenever a web application is fetching a remote resource without validating the user-supplied URL.

Good mobile application performance drives satisfaction and value delivery

Underperforming mobile applications can cause your users to be unproductive. Your mobile applications should always aim to satisfy the productivity requirements of your end users.

Users quickly notice applications that are slow and difficult to use. Providing a seamless experience for the user is now heavily dependent on how well your application performs. Optimizing your mobile application's processing efficiency can help your users perform their jobs properly in various environment conditions.

Productive Users Need
Performant Mobile Applications

Enhance the performance of the entire mobile stack

Due to frequently changing mobile hardware, users' high performance expectations and mobile network constraints, mobile delivery teams must focus on the entire mobile stack for optimizing performance.

Fine tune your enterprise mobile applications using optimization techniques to improve performance across the full mobile stack.

Info-Tech Insight

Some user performance expectations can be managed with clever UI design (e.g., spinning pinwheels to indicate loading in progress and directing user focus to quick loading content) and operational choices (e.g. graceful degradation and progressive enhancements).

Create an API-centric integration strategy

Mobile delivery teams are tasked to keep up with the changing needs of end users and accommodate the evolution of trending mobile features. Ensuring scalable APIs is critical in quickly releasing changes and ensuring availability of corporate services and resources.

As your portfolio of mobile applications grows, and device platforms and browsers diversify, it will become increasingly complex to provide all the data and service capabilities your mobile apps need to operate. It is important that your APIs are available, reliable, reusable, and secure for multiple uses and platforms.

Take an API-centric approach to retain control of your mobile development and ensure reliability.

APIs are the underlying layer of your mobile applications, enabling remote access of company data and services to end users. Focusing design and development efforts on the maintainability, reliability and scalability of your APIs enables your delivery teams to:

• Reuse tried-and-tested APIs to deliver, test and harden applications and systems quicker by standardizing on the use and structure of REST APIs.
• Ensure a consistent experience and performance across different applications using the same API.
• Uniformly apply security and access control to remain compliant to security protocols, industry standards and regulations.
• Provide reliable integration points when leveraging third-party APIs and services.

See our Build Effective Enterprise Integration on the Back of Business Process for more information.

Guide your integration strategy with principles

Craft your principles around good API management and integration practices

Expose Enterprise Data And Functionality in API-Friendly Formats
Convert complex on-premises application services into developer-friendly RESTful APIs

Protect Information Assets Exposed Via APIs to Prevent Misuse
Ensure that enterprise systems are protected against message-level attack and hijack

Authorize Secure, Seamless Access for Valid Identities
Deploy strong access control, identity federation and social login functionality

Optimize System Performance and Manage the API Lifecycle
Maintain the availability of backend systems for APIs, applications and end users

Engage, Onboard, Educate and Manage Developers
Give developers the resources they need to create applications that deliver real value

Source: 5 Pillars of API Management, Broadcom, 2021

Clarify your definition of mobile quality

Quality does not mean the same thing to everyone

Do not expect a universal definition of mobile quality. Each department, person and industry standard will have a different interpretation of quality, and they will perform certain activities and enforce policies that meet those interpretations. Misunderstanding of what is defined as a high quality mobile application within business and IT teams can lead to further confusion behind governance, testing priorities and compliance.

Each interpretation of quality can lead to endless testing, guardrails and constraints, or lack thereof. Be clear on the priority of each interpretation and the degree of effort needed to ensure they are met.

For example:

Mobile Application Owner
What does an accessible mobile application mean?

Persona: Customer
I can access it on mobile phones, tablets and the web browser

Persona: Developer
I have access to each layer of the mobile stack including the code & data

Persona: Operations
The mobile application is accessible 24/7 with 95% uptime

Example: A School Board's Quality Definition

1.3.1 Define mobile application quality

1-3 hours

1. List 5 quality attributes that your organization sees as important for a successful mobile application.
2. List the core personas that will support mobile delivery and that will consume the mobile application. Start with development, operations and support, and end user.
3. Describe each quality attributes from the perspective of each persona by asking, "What does quality mean to you?".
4. Review each description from each persona to come to an acceptable definition.
5. Document your findings and discussions into Info-Tech's Mobile Application Delivery Communication Template.

Download the Mobile Application Delivery Communication Template

1.3.1 cont'd

Example: Info-Tech Guided Implementation with a Legal and Professional Services Organization

1.3.2 Verify your decision to deliver mobile applications

1-3 hours

1. Review the various end user, business and technical expectations for mobile its achievability given the current state of your system and non-functional requirements.
2. Complete the list of questions on the following slide as an indication for your readiness for mobile delivery.

1.3.2 cont'd

Phase 2

Define Your Mobile Approach

Choose Your Mobile Platform and Tools

This phase will walk you through the following activities:

• Step 2.1 – Choose Your Platform Approach
• Step 2.2 – Shortlist Your Mobile Delivery Solution
• Step 2.3 – Create a Roadmap for Mobile Delivery

This phase involves the following participants:

• Applications Manager
• Product and Platform Owners
• Software Delivery Teams
• Business and IT Leaders

Step 2.1

Choose Your Platform Approach

Activities

2.1.1 Select your platform approach

Define Your Mobile Approach

This step involves the following participants:

• Applications Manager
• Product and Platform Owners
• Software Delivery Teams
• Business and IT Leaders

Outcomes of this step

• Desired mobile platform approach

Mobile value is dependent on the platform you choose

What is a platform?

"A platform is a set of software and a surrounding ecosystem of resources that helps you to grow your business. A platform enables growth through connection: its value comes not only from its own features, but from its ability to connect external tools, teams, data, and processes." (Source: Emilie Nøss Wangen, 2021) In the mobile context, applications in a platform execute and communicate through a loosely coupled API architecture whether the supporting system is managed and supported by your organization or by 3rd party providers.

Web

The mobile web often takes on one of the following two approaches:

• Responsive websites – Content, UI and other website elements automatically adjusts itself according to the device, creating a seamless experience regardless of the device.
• Progressive web applications (PWAs) – PWAs uses the browser's APIs and features to offer native-like experiences.

Mobile web applications are often developed with a combination of HTML, CSS, and JavaScript languages.

Hybrid

Hybrid applications are developed with web technologies but are deployed as native applications. The code is wrapped using a framework so that it runs locally within a native container, and it uses the device's browser runtime engine to support more sophisticated designs and features compared to the web approach. Hybrid mobile solutions allows teams to code once and deploy to multiple platforms.

Some notable examples:

• Gmail
• Instagram

Cross-Platform

Cross-platform applications are developed within a distinct programming or scripting environment that uses its own scripting language (often like web languages) and APIs. Then the solution will compile the code into device-specific builds for native deployment.

Some notable examples:

• Facebook
• Skype
• Slack

Native

Native applications are developed and deployed to specific devices and OSs using platform-specific software development kits (SDKs) provided by the operating system vendors. The programming language and framework are dictated by the targeted device, such as Java for Android.

With this platform, developers have direct access to local device features allowing customized operations. This enables the use of local resources, such as memory and runtime engines, which will achieve a higher performance than hybrid and cross-platform applications.

Each platform offers unique pros and cons depending on your mobile needs

Start mobile development on a mobile web platform

Start with what you have: begin with a mobile web platform to minimize impacts to your existing delivery skill sets and technical stack while addressing business needs. Resort to a hybrid first and then consider a cross-platform application if you require device access or the need to meet specific non-functional requirements.

Why choose a mobile web platform?

Pros

The latest versions of the most popular web languages (HTML5, CSS3, JavaScript) abstract away from the granular, physical components of the application, simplifying the development process. HTML5 offer some mobile features (e.g., geolocation, accelerometer) that can meet your desired experience without the need for native development skills. Native look-and-feel, high performance, and full device access are just a few tradeoffs of going with web languages.

Cons

Native mobile platforms depend on device-specific code which follows specific frameworks and leverages unique programming libraries, such as Objective C for iOS and Java for Android. Each language requires a high level of expertise in the coding structure and hardware of specific devices requiring resources with specific skillsets and different tools to support development and testing.

Other Notable Benefits with Web Languages

• Modern browsers in most mobile devices are capable of executing and rendering many mobile features developed in web languages, allowing for greater portability and sophistication of code across multiple devices. However, this flexibility comes at the cost of performance since the browser's runtime engine will not perform as well as a native engine.
• Web languages are well known by developers, minimizing skills and resourcing impacts. Consequently, changes can be quickly accommodated and updated uniformly across all end users.

Do you need a native platform?

Consider web workarounds if you choose a web platform but require some native experiences.

The web platform does not give you direct access or sophisticated customizations to local device hardware and services, underlying code and integrations. You may run into the situation where you need some native experiences, but the value of these features may not offset the costs to undertake a native, hybrid or cross-platform application. When developing hybrid and cross-platform applications with a mobile delivery solution, only the APIs of the commonly used device features are available. Note that some vendors may not offer a particular native feature across all devices, inhibiting your ability to achieve feature parity or exploiting device features only available in certain devices. Workarounds are then needed.

Consider the following workarounds to address the required native experiences on the web platform:

Info-Tech Insight

In many cases, workarounds are available when evaluating the gaps between web and native applications. For example, not having application-level access to the camera does not negate the user option to upload a picture taken by the camera through a web form. Tradeoffs like this will come down to assessing the importance of each platform gap for your organization and whether a workaround is good enough as a native-like experience.

Architect and configure your entire mobile stack with a plan

• Assess your existing technology stack that will support your mobile platform. Determine if it has the capacity to handle mobile traffic and the necessary integration between devices and enterprise and 3rd party systems are robust and reliable. Reach out to your IT teams and vendors if you are missing key mobile components, such as:
• The acquisition and provisioning of physical or virtual mobile web servers and middleware from existing vendors.
• Cloud services [e.g., Mobile Back-end as a Service (mBaaS)] that assists in the mobilization of back-end data sources with API SDKs, orchestration of data from multiple sources, transformation of legacy APIs to mobile formats, and satisfaction of other security, integration and performance needs.
• Configure the services of your web server or middleware to facilitate the translation, transformation, and transfer of data between your mobile front-end and back-end. If your plan involves scripts, maintenance and other ongoing costs will likely increase.
• Leverage the APIs or adapters provided by your vendors or device manufacturers to integrate your mobile front-end and back-end support to your web server or middleware. If you are reusing a web server, the back-end integration should already be in place. Remember, APIs implement business rules to maintain the integrity of data exchange within your mobile stack.
• See Appendix A for examples of reference architectures of mobile platforms.

See our Enhance Your Solution Architecture for more information.

Do Not Forget Your Security and Performance Requirements

Security: New threats from mobile put organizations into a difficult situation beyond simply responding to them in a timely matter. Be careful not to take the benefits of security out of the mobile context. You need to make security a first-order citizen during the scoping, design, and optimization of your systems supporting mobile. It must also be balanced with other functional and non-functional requirements with the right roles taking accountability for these decisions.

See our Strengthen the SSDLC for Enterprise Mobile Applications for more information.

Performance: Within a distributed mobile environment, performance has a risk of diminishing due to limited device capacity, network hopping, lack of server scalability, API bottlenecks, and other device, network and infrastructure issues. Mobile web APIs suffer from the same pain points as traditional web browsing and unplanned API call management in an application will lead to slow performance.

See our Develop Enterprise Mobile Applications With Realistic and Relevant Performance for more information.

Enterprise platform selection requires a shift in perspective

Your mobile platform selection must consider both user and enterprise (i.e., non-functional) needs. Use a two-step process for your analysis:

Begin Platform Selection with a User-Centric Approach

Organizations appealing to end users place emphasis on the user experience: the look and appeal of the user interface, and the satisfaction, ease of use, and value of its functionalities. In this approach, IT concerns and needs are not high priorities, but many functions are completed locally or isolated from mission critical corporate networks and sensitive data. Some needs include:

• Performance: quick execution of tasks and calculations made on the device or offloaded to web servers or the cloud.
• User Interface: cross-platform compatibility and feature-rich design and functionality. The right native experience is critical to the user adoption and satisfaction.
• Device Access: use of local device hardware and software to complete app use cases, such as camera, calendar, and contact lists.

Refine Platform Selection with an Enterprise-Centric Approach

From the enterprise perspective, emphasis is on security, system performance, integration, reuse and other non-functional requirements as the primary motivations in the selection of a mobile platform. User experience is still a contributing factor because of the mobile application's need to drive value but its priority is not exclusive. Some drivers include:

• Openness: agreed-upon industry standards and technologies that can be applied to serve enterprise needs which support business processes.
• Integration: increase the reuse of legacy investments and existing applications and services with integration capabilities.
• Flexibility: support for multiple data types from applications such as JSON format for mobile.
• Capacity: maximize the utilization of your software delivery resources beyond the initial iteration of the mobile application.

Info-Tech Insight

Selecting a mobile platform should not solely be made on business requirements. Key technical stakeholders should be at the table in this discussion to provide insight on the implementation and ongoing costs and benefits of each platform. Both business and technical requirements should be considered when deciding on a final platform.

Select your mobile platform

Drive your mobile platform selection against user-centric needs (e.g. device access, aesthetics) and enterprise-centric needs (e.g. security, system performance).

When does a platform makes sense to use?

Web

• Desire to maximize current web technologies investments (people, process, and technologies).
• Use cases do not require significant computational resources on the device or are tightly constrained by non-functional requirements.
• Limited budget to acquire mobile development resources.
• Access to device hardware is not a high priority.

Hybrid / Cross-Platform

• The need to quickly spin up native-like applications for multiple platforms and devices.
• Desire to leverage existing web development skills, but also a need for device access and meeting specific non-functional requirements.
• Vendor support is needed for the entire mobile delivery process.

Native

• Developers are experts in the target programming language and with the device's hardware.
• Strong need for high performance, security and device-specific access and customizations.
• Application use cases requiring significant computing resources.

2.1.1 Select your platform approach

1-3 hours

1. Review your mobile objectives, end user needs and non-functional requirements.
2. Determine which mobile platform is appropriate for each mobile opportunity or use case by answering the following questions on the following slides against two factors: user-centric and enterprise-centric needs.
3. Calculate an average score for user-centric and one for enterprise-centric. Then, map them on the matrix to indicate possible platform options. Consider all options around the plotted point.
4. Further discuss which platforms should be the preferred choice.
5. Document your findings and discussions into Info-Tech's Mobile Application Delivery Communication Template.

Download the Mobile Application Delivery Communication Template

2.1.1 cont'd

User-Centric Needs: Functional Requirements

2.1.1 cont'd

User-Centric Needs: Native User Experience Factors

2.1.1 cont'd

Enterprise-Centric Needs: Non-Functional Requirements

2.1.1 cont'd

Enterprise-Centric Needs: Delivery Capacity

2.1.1 cont'd

Example:

Build a scalable and manageable platform

Long-term mobile success depends on the efficiency and reliability of the underlying operational platform. This platform must support the computational and performance demands in a changing business environment, whether it is composed of off-the-self or custom-developed solutions, or a single vendor or best-of-breed.

• Application
  • The UI design and content language is standardized and consistently applied
  • All mobile configurations and components are automatically versioned
  • Controlled administration and tooling access, automation capabilities, and update delivery
  • Holistic portfolio management
• Data
  • Automated data management to preserve data quality (e.g. removal of duplications)
  • Defined single source of truth
  • Adherence to data governance, and privacy and security policies
  • Good content management practices, governance and architecture
• Infrastructure
  • Containers and sandboxes are available for development and testing
  • Self-healing and self-service environments
  • Automatic system scaling and load balancing
  • Comply to budgetary and licensing constraints
• Integration
  • Backend database and system updates are efficient
  • Loosely coupled architecture to minimize system regressions and delivery effort
  • Application, system and data monitoring

Step 2.2

Shortlist Your Mobile Delivery Solution

Activities

2.2.1 Shortlist your mobile delivery solution

2.2.2 Build your feature and service lists

Define Your Mobile Approach

This step involves the following participants:

• Applications Manager
• Product and Platform Owners
• Software Delivery Teams
• Business and IT Leaders

Outcomes of this step

• Shortlisted mobile delivery solutions
• Desired list of vendor features and services

Ask yourself: should I build or buy?

Weigh the pros and cons of mobile enablement versus development

Understand the common attributes of a mobile delivery solution

• Source Code Management – Built-in or having the ability to integrate with code management solutions for branching, merging, and versioning. Debugging and coding assistance capabilities may be available.
• Single Code Base – Capable of programming in a standard coding and scripting language for deployment into several platforms and devices. This code base is aligned to a common industry framework (e.g., AngularJS, Java) or a vendor-defined one.
• Out-of-the-Box Connectors & Plug-ins – Pre-built APIs enhance the solution's capabilities with 3rd party tools and systems to deliver and manage high quality and valuable mobile applications.
• Emulators – Ability to virtualize an application's execution on a target platform and device.
• Support for Native Features – Supports plug-ins and APIs for access to device-specific features.

What are mobile delivery solutions?

A mobile delivery solution gives you the tools, resources and support to enable or build your mobile application. They can provide pre-built applications, vendor supported components to allow some configurations, or resources for full stack customizations. Some solutions can be barebone software development kits (SDKs) or comprehensive suites offering features to support the entire software delivery lifecycle, such as:

• Mobile application management
• Testing and publishing to app stores
• Content management
• Cloud hosting
• Application performance management

Info-Tech Insight

Mobile enablement and development capabilities are already embedded in many common productivity tools and enterprise applications, such as Microsoft PowerApps and ERP modules. They can serve as a starting point in the initial rollout of new management and governance practices without the need of acquiring new tools.

Select your mobile delivery solutions

1. Set the scope of your framework.

• The initial context of this framework is based on the mobile functions needed to support your desired mobile experience and on the current state of your enterprise and 3rd party systems.

Explore the various solution options

Vendor Hosted Mobile Platform

• Cloud Services (Mobile Backend-as-a-Service) (Amazon Amplify, Kinvey, Back4App, Google Firebase, Apache Usergrid)
• Low Code Mobile Platforms (Outsystems, Mendix, Zoho Creator, IBM Mobile Foundation, Pega Mobile, HCL Volt MX, Appery)
• Mobile Development via Enterprise Application (SalesForce Heroku, Oracle Application Accelerator MAX, SAP Mobile Development Kit, NetSuite Mobile)
• Mobile Development via Business Process Automation (PowerApps, Appian, Nintex, Quickbase)

Cross-Platform Development SDKs

React Native, NativeScript, Xamarin Forms, .NET MAUI, Flutter, Kotlin Multiplatform Mobile, jQuery Mobile, Telerik, Temenos Quantum

Custom Native Development Solutions

• Native Development Languages and Environments (Swift, Java, Objective-C, Kotlin, Xcode, NetBeans, Android Studio, AppCode, Microsoft Visual Studio, Eclipse, DriodScript, Compose, Atom)
• Mobile Application Utilities (Unity, MonoGame, Blender, 3ds Max Design, Maya, Unreal Engine, Amazon Lumberyard, Oculus)

Commercial-Off-the-Shelf Solutions

• No Code Mobile Platforms (Swiftic, Betty Blocks, BuildFire, Appy Pie, Plant an App, Microsoft Power Apps, AppSheet, Wix, Quixy)
• Mobile Application Point Solutions and Enablement via Enterprise Applications

Hybrid Development SDKs

Cordova Project, Sencha Touch, Electron, Ionic, Capacitor, Monaca, Voltbuilder

Custom Web Development Solutions

Web Development Frameworks (React, Angular, Vue, Express, Django, Rails, Spring, Ember, Backbone, Bulma, Bootstrap, Tailwind CSS, Blade)

Get the most out of your solutions by understanding their core components

While most of the heavy lifting is handled by the vendor or framework, understanding how the mobile application is built and operates can identify where further fine-tuning is needed to increase its value and quality.

Platform Runtime

Automatic provisioning, configurations, and tuning of organizational and 3rd party infrastructure for high availability, performance, security and stability. This can include cloud management and non-production environments.

Extensions

• Mobile delivery solutions can be extended to allow:
• Custom development of back-end code
• Customizable integrations and hooks where needed
• Integrations with CI/CD pipelines and administrative services
• Integrations with existing databases and authentication services

Platform Services

The various services needed to support mobile delivery and enable continuous delivery, such as:

• Configuration & Change Management – Verifies, validates, and monitors builds, deployments and changes across all components.
• Code Generator – Transforms UI and data models into native application components that are ready to be deployed.
• Deployment Services – Deploys application components consistently across all target environments and app stores.
• Application Services – Manages the mobile application at runtime, including executing scheduled tasks and instrumentation.

Application Architecture

Fundamentally, mobile application architecture is no different than any other application architecture so much of your design standards still applies. The trick is tuning it to best meet your mobile functional and non-functional needs.

Source: "HCL Volt MX", HCL.

Build your shortlist decision criteria

The decision on which type of mobile delivery solution to use is dependent on several key questions?

Who is the Mobile Delivery Team?

• Is it a worker, business or IT?
• What skills and knowledge does this person have?
• Who is supporting mobile delivery and management?
• Are other skills and tools needed to support, extend or mature mobile delivery adoption?

What are the Use Cases?

• What is the value and priority of the use cases?
• What native features do we need?
• Who is the audience of the output and who is impacted?
• What systems, data and services do I need access?
• Is it best to build it or buy it?
• What are the quality standards?
• How strategic is the use case?

How Complex is the System?

• Is the mobile application a standalone or integrated with enterprise systems?
• What is the system's state and architecture?
• What 3rd party services do we need integrated?
• Are integrations out-of-the-box or custom?
• Is the data standardized and who can edit its definition?
• Is the system monolithic or loosely coupled?

How Much Can We Tolerate?

• Risks: What are the business and technical risks involved?
• Costs: How much can we invest in implementation, training and operations?
• Change: What organizational changes am I expecting to make? Will these changes be accepted and adopted?

2.2.1 Shortlist your mobile delivery solution

1-3 hours

1. Determine which mobile delivery solutions is appropriate for each mobile opportunity or use case by answering the following questions on the following slides against two factors: complexity of mobile workflows and native features and management of the mobile stack.
   1. Take the average of the enterprise-centric and user-centric scores from step 2.1 for your complexity of mobile workflows and native features scores.
2. Calculate an average score for the management of the mobile stack. Then, map them on the matrix to indicate possible solution options alongside your user-centric scores. Consider all options around the plotted point.
3. Further discuss which solution should be the preferred choice and compare those options with your selected platform approach.
4. Document your findings and discussions into Info-Tech's Mobile Application Delivery Communication Template.

Download the Mobile Application Delivery Communication Template

2.2.1 cont'd

Stack Management

2.2.1 cont'd

Example:

Consider the following in your solution selection and implementation

• Vendor lock in – Each solution has its own approach, frameworks, and data schemas to convert designs and logic into an executable build that is stable in the targeted environment. Consequently, moving application artifacts (e.g., code and designs) from one solution or environment to another may not be easily accomplished without significant modifications or the use of application modernization or migration services.
• Conflicting priorities and viewpoints of good delivery practices – Mobile delivery solutions are very particular on how they generate applications from designs and configurations. The solution's approach may not accommodate your interpretation of high-quality code (e.g., scalability, maintainability, extensibility, security). Technical experts should be reviewing and refactoring the generated code.
• Incompatibility with enterprise applications and systems – The true benefit of mobile delivery solutions is their ability to connect your mobile application to enterprise and 3rd party technologies and services. This capability often requires enterprise technologies and services to be architected in a way that is compatible with your delivery solution while ensuring data, security protocols and other standards and policies are consistently enforced.
• Integration with current application development and management tools – Mobile delivery solutions should be extensions from your existing application development and management tools that provides the versioning, testing, monitoring, and deployment capabilities to sustain a valuable application portfolio. Without this integration, IT will be unable to:
  • Root cause issues found on IT dashboards or reported to help desk.
  • Rollback defective applications to a previous stable state.
  • Obtain a complete application portfolio inventory.
  • Execute comprehensive testing for high-risk applications.
  • Trace artifacts throughout the development lifecycle.
  • Generate reports of the status of releases.

Enhance your SDLC to support mobile delivery

What is the SDLC?

The software development lifecycle (SDLC) is a process that ensures valuable software products are efficiently delivered to customers. It contains a repeatable set of activities needed to intake and analyze requirements to design, build, test, deploy, and maintain software products.

How will mobile delivery influence my SDLC?

• Cross-functional collaboration – Bringing business and IT together at the most opportune times to clarify user needs and business priorities, and set realistic expectations given technology and capacity constraints. The appropriate tactics and techniques are used to improve decision making and delivery effectiveness according to the type of work.
• Iterative delivery – Frequent delivery of progressive changes minimizes the risk of low-quality features by containing and simplifying scope, and enables responsive turnarounds of fixes, enhancements, and priority changes.
• Feedback loops –Mobile application owners constantly review, update and refine their backlog of mobile features and changes to reflect user feedback and system performance metrics. Delivery teams proactively prepare the application for future scaling based on lessons and feedback learned from earlier releases.

To learn more, visit Info-Tech's Modernize Your SDLC blueprint.

Example: Low- & No-Code Mobile Delivery Pipeline

Use Info-Tech's research to address your delivery gaps

Mobile success requires more than a set of good tools.

Overcome the Common Challenges Faced with Building Mobile Applications

Source: DronaHQ, 2021

Learn the differentiators of mobile delivery solutions

• Native Program Languages – Supports languages other than web (Java, Ruby, C/C++/C#, Objective-C).
• IDE Integration – Available plug-ins for popular development suites and editors.
• Debugging Tools – Finding and eliminating bugs (breakpoints, single stepping, variable inspection, etc.).
• Application Packaging via IDE – Digitally sign applications through the IDE for it to be packaged and published in app stores.
• Automated Testing Tools – Native or integration with automated functional and unit testing tools.
• Low- and No- Code Designer – Tools for designing graphical user interfaces and features and managing data with drag-and-drop functionalities.
• Publishing and Deployment Capabilities – Automated deployment to mobile device management (MDM) systems, mobile application management (MAM) systems, mobile application stores, and web servers.
• Third-Party and Open-Source Integration – Integration with proprietary and open-source third-party modules, development tools, and systems.
• Developer Marketplace – Out-of-the-box plug-ins, templates, and integration are available through a marketplace.
• Mobile Application Support Capabilities – Ability to gather, manage, and address application issues and defects.
• API Gateway, Monitoring, and Management – Services that enable the creation, publishing, maintenance, monitoring, and securing of APIs through a common interface.
• Mobile Analytics and Monitoring – View the adoption, usage, and performance of deployed mobile applications through graphical dashboards.
• Mobile Content Management – Publish and manage mobile content through a centralized system.
• Mobile Application Security – Supports the securing of application access and usage, data encryption, and testing of security controls.

Define your mobile delivery vendor selection criteria

Focus on the key vendor attributes and capabilities that enable mobile delivery scaling and growth in your organization

Build your features list

Incorporate different perspectives when defining the list of mandatory and desired features of your target solution.

Appendix B contains a list of features for low- and no-code solutions that can be used as a starting point.

Visit Info-Tech's Implement a Proactive and Consistent Vendor Selection Process blueprint.

Mobile Developer

• Visual, drag-and-drop models to define data models, business logic, and user interfaces.
• One-click deployment.
• Self-healing capabilities.
• Vendor-managed infrastructure.
• Active community and marketplace.
• Pre-built templates and libraries.
• Optical character recognition and natural language processing.
• Knowledgebase and document management.
• Business value, operational costs, and other KPI monitoring.
• Business workflow automation.

Mobile IT Professional

• Audit and change logs.
• Theme and template builder.
• Template management.
• Role-based access.
• Regulatory compliance.
• Consistent design and user experience across applications.
• Application and system performance monitoring.
• Versioning and code management.
• Automatic application and system refactoring and recovery.
• Exception and error handling.
• Scalability (e.g. load balancing) and infrastructure management.
• Real-time debugging.
• Testing capabilities.
• Security management.
• Application integration management.

2.2.2 Build your feature and service lists

1-3 hours

Review the key outcomes in the previous exercises to help inform the features and vendor support you require to support your mobile delivery needs:

End user personas and desired mobile experience

Objectives and expectations

Desired mobile features and platform

Mobile delivery solutions

Brainstorm a list of features and functionalities you require from your ideal solution vendors. Prioritize these features and functionalities. See our Implement a Proactive and Consistent Vendor Selection Process blueprint for more information on vendor procurement.

Document your findings and discussions into Info-Tech's Mobile Application Delivery Communication Template.

Download the Mobile Application Delivery Communication Template

Hit a home run with your stakeholders

Use a data-driven approach to select the right tooling vendor for your needs – fast.

Investing time improving your software selection methodology has big returns.

Info-Tech Insight

Not all software selection projects are created equal – some are very small, some span the entire enterprise. To ensure that IT is using the right framework, understand the cost and complexity profile of the application you're looking to select. Info-Tech's Rapid Application Selection Framework approach is best for commodity and mid-tier enterprise applications; selecting complex applications is better handled by the methodology in Info-Tech's Implement a Proactive and Consistent Vendor Selection Process.

Step 2.3

Create a Roadmap for Mobile Delivery

Activities

2.3.1 Define your MVP release

2.3.2 Build your roadmap

Define Your Mobile Approach

This step involves the following participants:

• Applications Manager
• Product and Platform Owners
• Software Delivery Teams
• Business and IT Leaders

Outcomes of this step

• MVP design
• Mobile delivery roadmap

Achieve mobile success with MVPs

By delivering mobile capabilities in small iterations, teams recognize value sooner and reduce accumulated risk. Both benefits are realized as the iteration enters validation testing and release.

An MVP focuses on a small set of functions, involves minimal possible effort to deliver a working and valuable solution, and is designed to satisfy a specific user group. Its purpose is to:

• Maximize learning.
• Evaluate the value and acceptance of mobile applications.
• Inform the building of a mobile delivery practice.

The build-measure-learn loop suggests mobile delivery teams should perpetually take an idea and develop, test, and validate it with the mobile development solution, then expand on the MVP using the lessons learned and evolving ideas. In this sense the MVP is just the first iteration in the loop.

Leverage a canvas to detail your MVP

Use the release canvas to organize and align the organization around your MVP!

2.3.1 Define your MVP release

1-3 hours

1. Create a list of high priority use cases slated for mobile application delivery. Brainstorm the various supporting activities required to implement your use cases including the shortlisting of mobile delivery tools.
2. Prioritize these use cases based on business priority (from your canvas). Size the effort of these use cases through collaboration.
3. Define your MVPs using a release canvas as shown on the following slide.
4. Document your findings and discussions into Info-Tech's Mobile Application Delivery Communication Template.

2.3.1 cont'd

Build your mobile roadmap

It's more than a set of colorful boxes. It's the map to align everyone to where you are going

Your mobile roadmap

• Lays out a strategy for your mobile application, platform and practice implementation and scaling.
• Is a statement of intent for your mobile adoption.
• Communicates direction for the implementation and use of mobile delivery tools, mobile applications and supporting technologies.
• Directly connects to the organization's goals

However, it is not:

• Representative of a hard commitment.
• A simple combination of your current product roadmaps

Roadmap your MVPs against your milestones and release dates

To learn more, visit Info-Tech's Deliver on Your Digital Product Vision blueprint.

Understand what is communicated in your roadmap

WHY is the work being done?

Explains the overarching goal of work being done to a specific audience.

WHO is doing the work?

Categorizes the different groups delivering the work on the product.

WHAT is the work being done?

Explains the artifacts, or items of work, that will be delivered.

WHEN is the work being done?

Explains when the work will be delivered within your timeline.

To learn more, visit Info-Tech's Deliver on Your Digital Product Vision blueprint.

Pay attention to organizational changes

Be prepared to answer:

"How will mobile change the way I do my job?"

• Plan how workers will incorporate mobile applications into their way of working and maximize the features it offers.
• Address the human concerns regarding the transition to a digital world involving modern and mobile technologies and automation.
• Accept changes, challenges and failures with open arms and instill tactics to quickly address them.
• Build and strengthen business-IT trust, empowerment, and collaborative culture by adopting the right practices throughout the mobile delivery process.
• Ensure continuous management and leadership support for business empowerment, operational changes, and shifts in role definitions to best support mobile delivery.
• Establish a committee to manage the growth, adoption, and delivery of mobile as part of a grandeur digital application portfolio and address conflicts among business units and IT.

Anticipate and prepare for changes and issues

Verify and validate the flexibility and adaptability of your mobile applications, strategy and roadmap against various scenarios

• Scenarios
  • Application Stores Rejecting the Application
  • Security Incidents & Risks
  • Low User Adoption, Retention & Satisfaction
  • Incompatibility with User's Device & Other Systems
  • Device & OS Patches & Updates
  • Changes in Industry Standards & Regulations

Use the "Now, Next, Later" roadmap

Use this when deadlines and delivery dates are not strict. This is best suited for brainstorming a product plan when dependency mapping is not required.

Now

What are you going to do now?

Next

What are you going to do very soon?

Later

What are you going to do in the future?

Adapted From: "Tips for Agile product roadmaps & product roadmap examples," Scrum.org, 2017

2.3.2 Build your roadmap

1-3 hours

1. Identify the business outcomes your mobile application delivery and MVP is expected to deliver.
2. Build your strategic roadmap by grouping each business outcome by how soon you need to deliver it:
   1. Now: Let's achieve this ASAP.
   2. Next: Sometime very soon, let's achieve these things.
   3. Later: Much further off in the distance, let's consider these things.
3. Identify what the critical steps are for the organization to embrace mobile application delivery and deliver your MVP.
4. Build your tactical roadmap by grouping each critical step by how soon you need to address it:
   1. Now: Let's do this ASAP.
   2. Next: Sometime very soon, let's do these things.
   3. Later: Much further off in the distance, let's consider these things.
5. Document your findings and discussions into Info-Tech's Mobile Application Delivery Communication Template.

2.3.2 cont'd

Example: Tactical Roadmap

Milestone 1

• Modify the business processes of the MVP to best leverage mobile technologies. Streamline the business processes by removing the steps that do not directly support value delivery.
• Develop UI templates using the material design framework and the organization's design standards. Ensure it is supported on mobile devices through the mobile browser and satisfy accessibility design standards.
• Verify and validate current security controls against latest security risks using the W3C as a starting point. Install the latest security patches to maintain compliance.
• Acquire the Ionic SDK and upskill delivery teams.

Milestone 2

• Update the current web framework and third-party libraries with the latest version and align web infrastructure to latest W3C guidelines.
• Verify and validate functionality and stability of APIs with third-party applications. Begin transition to REST APIs where possible.
• Make minor changes to the existing data architecture to better support the data volume, velocity, variety, and veracity the system will process and deliver.
• Update the master data management with latest changes. Keep changes to a minimum.
• Develop and deliver the first iteration of the MVP with Ionic.

Milestone 3

• Standardize the initial mobile delivery practice.
• Continuously monitor the system and proactively address business continuity, system stability and performance, and security risks.
• Deliver a hands-on and facilitated training session to end users.
• Develop intuitive user manuals that are easily accessible on SharePoint.
• Consult end users for their views and perspectives of suggested business model and technology changes.
• Regularly survey end users and the media to gauge industry sentiment toward the organization.

Pitch your roadmap initiatives

There are multiple audiences for your pitch, and each audience requires a different level of detail when addressed. Depending on the outcomes expected from each audience, a suitable approach must be chosen. The format and information presented will vary significantly from group to group.

Continuously measure the benefits and value realized in your mobile applications

Success hinges on your team's ability to deliver business value. Well-developed mobile applications instill stakeholder confidence in ongoing business value delivery and stakeholder buy-in, provided proper expectations are set and met.

Business value defines the success criteria of an organization, and it is interpreted from four perspectives:

• Profit Generation – The revenue generated from a business capability with mobile applications.
• Cost Reduction – The cost reduction when performing business capabilities with mobile applications.
• Service Enablement – The productivity and efficiency gains of internal business operations with mobile applications.
• Customer and Market Reach – Metrics measuring the improved reach and insights of the business in existing or new markets.

See our Build a Value Measurement Framework blueprint for more information about business value definition.

Business Value Matrix

Grow your mobile delivery practice

Grow your mobile delivery practice (cont'd)

Summary of Accomplishment

Choose Your Mobile Platform and Tools

• User personas
• Mobile objectives and metrics
• Mobile opportunity backlog
• List of mobile features to enable the desired mobile experience
• System current assessment
• Mobile application quality definition
• Readiness for mobile delivery
• Desired mobile platform approach
• Shortlisted mobile delivery solutions
• Desired list of vendor features and services
• MVP design
• Mobile delivery roadmap

If you would like additional support, have our analysts guide you through other phases as part of Info-Tech workshop.

Contact your account representative for more information

workshops@infotech.com

1-888-670-8889

Research Contributors and Experts

Chaim Yudkowsky
Chief Information Officer
The American Israel Public Affairs Committee

Chaim Yudkowsky is currently Chief information Officer for American Israel Public Affairs Committee (AIPAC), the DC headquartered not-for-profit focused on lobbying for a strong US-Israel relationship. In that role, Chaim is responsible for all traditional IT functions including oversight of IT strategy, vendor relationships, and cybersecurity program. In addition, Chaim also has primary responsibility for all physical security technology and strategy for US offices and event technology for the many AIPAC events.

Bibliography

"5 Pillars of API Management". Broadcom, 2021. Web.

Bourne, James. "Apperian research shows more firms pushing larger numbers of enterprise apps". Enterprise CIO, 17 Feb 2016. Web.

Ceci, L. "Mobile app user retention rate worldwide 2020, by vertical". Statista, 6 Apr 2022. Web.

Clement, J. "Share of global mobile website traffic 2015-2021". Statista, 18 Feb 2022. Web

DeVos, Jordan. "Design Problem Statements – What They Are and How to Frame Them." Toptal, n.d. Web.

Enge, Eric. "Mobile vs. Desktop Usage in 2020". Perficient, 23 March 2021. Web.

Engels, Antoine. "How many Android updates does Samsung, Xiaomi or OnePlus offer?" NextPit, Mar 2022. Web.

"Fast-tracking digital transformation through next-gen technologies". Broadridge, 2022. Web.

Gayatri. "The Pulse of Digital Transformation 2021 – Survey Results." DronaHQ, 2021. Web.

Gray, Dave. "Updated Empathy Map Canvas." The XPLANE Collection, 15 July 2017. Web.

"HCL Volt MX". HCL, n.d. Web.

"iPass Mobile Professional Report 2017". iPass, 2017. Web.

Karlsson, Johan. "Backlog Grooming: Must-Know Tips for High-Value Products." Perforce, 2019. Web.

Karnes, KC. "Why Users Uninstall Apps: 28% of People Feel Spammed [Survey]". CleverTap, 27 July 2021. Web.

Kemp, Simon. "Digital 2021: Global Overview Report". DataReportal, 27 Jan 2021. Web.

Kleinberg, Sara. "Consumers are always shopping and eager for your help". Google, Aug 2018. Web.

MaLavolta, Ivano. "Anatomy of an HTML 5 mobile web app". University of L'Aquila, 16 Apr 2012. Web.

"Maximizing Mobile Value: To BYOD or not to BYOD?" Samsung and Oxford Economics, 2022. Web.

"Mobile App Performance Metrics For Crash-Free Apps." AppSamurai, 27 June 2018. Web.

"Mobile Application Development Statistics: 5 Facts". Intersog, 23 Nov 2021. Web.

Moore, Geoffrey A. "Crossing the Chasm, 3rd Edition: Marketing and Selling Disruptive Products to Mainstream Customers." Harper Business, 3rd edition, 2014. Book.

"OWASP Top Ten". OWASP, 2021. Web.

"Personas". Usability.gov, n.d. Web.

Roden, Marky. "PSC Tech Talk: UX Design – Not just making things pretty". Xomino, 18 Mar 2018. Web.

Royce, Dr. Winston W. "Managing the Development of Large Software Systems." USC Student Computing Facility, 1970. Web.

Rubin, Kenneth S. Essential Scrum: A Practical Guide to the Most Popular Agile Process. Pearson Education, 2012. Book.

Sahay, Apurvanand et al. "Supporting the understanding and comparison of low-code development platforms." Universit`a degli Studi dell'Aquila, 2020. Web.

Schuurman, Robbin. "Tips for Agile product roadmaps & product roadmap examples." Scrum.org, 2017. Web.

Strunk, Christian. "How to define a product vision (with examples)." Christian Strunk. n.d. Web.

Szeja, Radoslaw. "14 Biggest Challenges in Mobile App Development in 2022". Netguru, 4 Jan 2022. Web.

"Synopsys Research Reveals Significant Security Concerns in Popular Mobile Apps Amid Pandemic". Synopsys, 25 Mar 2021. Web.

"TOGAF 8.1.1 Online, Part IV: Resource Base, Developing Architecture Views." The Open Group, n.d. Web.

Wangen, Emilie Nøss. "What Is a Software Platform & How Is It Different From a Product?" HubSpot, 2021. Web.

"Mobile App Retention Rate: What's a Good Retention Rate?" Localytics, July 2021. Web.

"Why Mobile Apps Fail: Failure to Launch". Perfecto Mobile, 26 Jan 2014. Web.

Appendix A

Sample Reference Frameworks

Reference Framework: Web Platform

Most of the operations of the applications on a web platform are executed in the mid-tier or back-end servers. End users interact with the platform through the presentation layer, developed with web languages, in the browser.

Reference Framework: Mobile Web Application

Many mobile web applications are composed of JavaScript (the muscle of the app), HTML5 (the backbone of the app), and CSS (the aesthetics of the app). The user will make a request to the web server which will interact with the application to provide a response. Since each device has unique attributes, consider a device detection service to help adjust content for each type of device.

Source: MaLavolta, Ivono, 2012.

Web Platform: Anatomy of a Web Server

Web Server Services

• Mediation Services: Perform transformation of data/messages.
• Boundary Services: Provide interface protocol and data/message conversion capabilities.
• Event Distribution: Provides for the enterprise-wide adoption of content and topic-based publish/subscribe event distribution.
• Transport Services: Facilitate data transmission across the middleware/server.
• Service Directory: Manages multiple service identifiers and locations.

Reference Framework: Hybrid Platform

Unlike the mobile web platform, most of an application's operations on the hybrid platform is on the device within a native container. The container leverages the device browser's runtime engine and is based on the framework of the mobile delivery solution.

Reference Framework: Native Platform

Applications on a native platform are installed locally on the device giving it access to native device hardware and software. The programming language depends on the operating system's or device's SDK.

Appendix B

List of Low- and No- Code Software Delivery Solution Features

Supplementary List of Features

Graphical user interface

• Drag-and-drop designer - This feature enhances the user experience by permitting to drag all the items involved in making an app including actions, responses, connections, etc.
• Point and click approach - This is similar to the drag-and-drop feature except it involves pointing on the item and clicking on the interface rather than dragging and dropping the item.
• Pre-built forms/reports - This is off-the-shelf and most common reusable editable forms or reports that a user can use when developing an application.
• Pre-built dashboards - This is off-the-shelf and most common dashboards that a user can use when developing an application.
• Forms - This feature helps in creating a better user interface and user experience when developing applications. A form includes dashboards, custom forms, surveys, checklists, etc. which could be useful to enhance the usability of the application being developed.
• Progress tracking - This features helps collaborators to combine their work and track the development progress of the application.
• Advanced Reporting - This features enables the user to obtain a graphical reporting of the application usage. The graphical reporting includes graphs, tables, charts, etc.
• Built-in workflows - This feature helps to concentrate the most common reusable workflows when creating applications.
• Configurable workflows - Besides built-in workflows, the user should be able to customize workflows according to their needs.

Interoperability support

• Interoperability with external services - This feature is one of the most important features to incorporate different services and platforms including that of Microsoft, Google, etc. It also includes the interoperability possibilities among different low-code platforms.
• Connection with data sources - This features connects the application with data sources such as Microsoft Excel, Access and other relational databases such as Microsoft SQL, Azure and other non-relational databases such as MongoDB.

Security Support

• Application security - This feature enables the security mechanism of an application which involves confidentiality, integrity and availability of an application, if and when required.
• Platform security - The security and roles management is a key part in developing an application so that the confidentiality, integrity and authentication (CIA) can be ensured at the platform level.

Collaborative development support

• Off-line collaboration - Different developers can collaborate on the specification of the same application. They work off-line locally and then they commit to a remote server their changes, which need to be properly merged.
• On-line collaboration - Different developers collaborate concurrently on the specification of the same application. Conflicts are managed at run-time.

Reusability support

• Built-in workflows - This feature helps to concentrate the most common reusable workflows in creating an application.
• Pre-built forms/reports - This is off-the-shelf and most common reusable editable forms or reports that a user might want to employ when developing an application.
• Pre-built dashboards - This is off-the-shelf and most common dashboards that a user might want to employ when developing an application.

Scalability

• Scalability on number of users - This features enables the application to scale-up with respect to the number of active users that are using that application at the same time.
• Scalability on data traffic - This features enables the application to scale-up with respect to the volume of data traffic that are allowed by that application in a particular time.
• Scalability on data storage - This features enables the application to scale-up with respect to the data storage capacity of that application.

Business logic specification mechanisms

• Business rules engine - This feature helps in executing one or more business rules that help in managing data according to user's requirements.
• Graphical workflow editor - This feature helps to specify one or more business rules in a graphical manner.
• AI enabled business logic - This is an important feature which uses Artificial Intelligence in learning the behavior of an attributes and replicate those behaviors according to learning mechanisms.

Application build mechanisms

• Code generation - According to this feature, the source code of the modeled application is generated and subsequently deployed before its execution.
• Models at run-time - The model of the specified application is interpreted and used at run-time during the execution of the modeled application without performing any code generation phase.

Deployment support

• Deployment on cloud - This features enables an application to be deployed online in a cloud infrastructure when the application is ready to deployed and used.
• Deployment on local infrastructures - This features enables an application to be deployed locally on the user organization's infrastructure when the application is ready to be deployed and used.

Kinds of supported applications

• Event monitoring - This kind of applications involves the process of collecting data, analyzing the event that can be caused by the data, and signaling any events occurring on the data to the user.
• Process automation - This kind of applications focuses on automating complex processes, such as workflows, which can take place with minimal human intervention.
• Approval process control - This kind of applications consists of processes of creating and managing work approvals depending on the authorization of the user. For example, payment tasks should be managed by the approval of authorized personnel only.
• Escalation management - This kind of applications are in the domain of customer service and focuses on the management of user viewpoints that filter out aspects that are not under the user competences.
• Inventory management - This kind of applications is for monitoring the inflow and outflow of goods and manages the right amount of goods to be stored.
• Quality management - This kind of applications is for managing the quality of software projects, e.g., by focusing on planning, assurance, control and improvements of quality factors.
• Workflow management - This kind of applications is defined as sequences of tasks to be performed and monitored during their execution, e.g., to check the performance and correctness of the overall workflow.

Source: Sahay, Apurvanand et al., 2020

Identify and Manage Risk Impacts on Your Organization

It is easier for prospective clients to find out what you did wrong than that you fixed the issue.

Analyst perspective

Organizations must understand the regulatory damage vendors may cause from lack of compliance.

The sheer number of regulations on the international market is immense, ever-changing, and make it almost impossible for any organization to consistently keep up with compliance. As regulatory enforcement increases, organizations must hold their vendors accountable for compliance through ongoing monitoring and validation of regulatory compliance to the relevant standards in their industries, or face increasing penalties for non-compliance. Frank Sewell, Research Director, Vendor Management Info-Tech Research Group

Executive Summary

Info-Tech Insight

Organizations must evolve their risk assessments to be more adaptive to respond to regulatory changes in the global market. Ongoing monitoring of the vendors who must comply with industry and governmental regulations is crucial to avoiding penalties and maintaining your regulatory compliance.

Info-Tech’s multi-blueprint series on vendor risk assessment

There are many individual components of vendor risk beyond cybersecurity.

This series will focus on the individual components of vendor risk and how vendor management practices can facilitate organizations’ understanding of those risks.

Out of Scope:

This series will not tackle risk governance, determining overall risk tolerance and appetite, or quantifying inherent risk.

Regulatory and Compliance risk impacts

Potential losses to the organization due regulatory and compliance incidents.

• In this blueprint we’ll:
  • Explore regulatory and compliance risks and their impacts.
  • Identify potentially disruptive events to assess the overall impact on organizations and implement adaptive measures to identify, manage, and monitor vendor performance.

The world is constantly changing

The IT market is constantly reacting to global influences. By anticipating changes, leaders can set expectations and work with their vendors to accommodate them and avoid penalties.

When the unexpected happens, being able to adapt quickly to new priorities and regulations ensures continued long-term business success.

Below are some things no one expected to happen in the last few years:

Regulatory Compliance

Consider implementing vendor management initiatives and practices in your organization to help gain compliance with your expanding vendor landscape.

Your organizational risks may be monitored but are your n-party vendors?

Review your expectations with your vendors and hold them accountable.

Regulatory entities are looking beyond your organization’s internal compliance these days. More and more they are diving into your third-party and downstream relationships, particularly as awareness of downstream breaches increases globally.

• Are you assessing your vendors regularly?
• Are you validating those assessments?
• Do your vendors have a map of their downstream support vendors?
• Do they have the mechanisms to hold those downstream vendors accountable to your standards?

Regulatory Guidance and Industry Standards

• International Organization for Standardization (ISO)
• FOREIGN CORRUPT PRACTICES ACT (FCPA)
• Sarbanes–Oxley Act (SOX)
• National Institute of Standards & Technology (NIST)
• Control Objectives for Information and Related Technologies (COBIT)
• EU General Data Protection Regulation 2016/679 (“GDPR”);
• UK General Data Protection Regulation, as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 and the Data Protection Act 2018 (UKGDPR)
• Swiss Federal Act on Data Protection (Swiss FDPA) – coming September 1, 2023
• IR35 (UK Off-Payroll compliance)
• Technology Code of Practice (UK)
• Modern Slavery Act 2015 (UK)
• Defense Federal Acquisition Regulation Supplement (DFARS)
• Cybersecurity Maturity Model Certification (CMMC)
• Payment Card Industry Data Security Standard (PCI DSS)
• Family Educational Rights and Privacy Act (FERPA)
• Health Insurance Portability and Accountability Act (HIPAA)
• Health Information Technology for Economic and Clinical Health Act (HITECH)

Are you confident your vendors meet your standards?

Identify and manage regulatory and compliance risks

Environmental, Social, Governance (ESG)
Regulatory agencies are putting more enforcement on ESG practices across the globe. As a result, organizations will need to monitor the changing regulations and validate that their vendors and n-party support vendors are adhering to these regulations, or face penalties for non-compliance.

Data Protection
Data Protection remains an issue in the world. Organizations should ensure that the data their vendors obtain remains protected throughout the vendor’s lifecycle, including post-termination. Otherwise, they could be monitoring for a data breach in perpetuity.

Mergers and Acquisitions
More prominent vendors continuously buy smaller companies to control the market in the IT industry. Therefore, organizations should put protections in their contracts to ensure that an IT vendor’s acquisition does not put them in a relationship with someone that could cause them an issue.

What to look for

Identify regulatory and compliance risk impacts.

• Is there a record of complaints against the vendor from their employees or customers?
• Has the vendor been cited for regulatory compliance issues in the past?
• Does the vendor have a comprehensive list of their n-party vendor partners?
  • Are they willing to accept appropriate contractual protections regarding them?
• Does the vendor self-audit, or do they use a vetted third-party audit firm to issue a SOC report annually?
• Does the vendor operate in regions known for regulatory violations?
• Is the vendor willing to make concessions on contractual protections, or are they only offering “one-sided” agreements with “as-is” warranties?

Prepare your vendor risk management for success

Due diligence will enable successful outcomes.

1. Obtain top-level buy-in; it is critical to success.
2. Build enterprise risk management (ERM) through incremental improvement.
3. Focus initial efforts on the “big wins” to prove the process works.
4. Use existing resources.
5. Build on any risk management activities that already exist in the organization.
6. Socialize ERM throughout the organization to gain additional buy‑in.
7. Normalize the process long term, with ongoing updates and continuing education for the organization.

(Adapted from COSO)

How to assess third-party risk

1. Review Organizational Regulations

Understand the organization’s regulatory risks to prepare for the “What If” game exercise.

2. Identify & Understand Potential Regulatory-Compliance Risks

Play the “What If” game with the right people at the table.

3. Create a Risk Profile Packet for Leadership

Pull all the information together in a presentation document.

4. Validate the Risks

Work with leadership to ensure that the proposed risks are in line with their thoughts.

5. Plan to Manage the Risks

Lower the overall risk potential by putting mitigations in place.

6. Communicate the Plan

It is important not only to have a plan but also to socialize it in the organization for awareness.

7. Enact the Plan

Once the plan is finalized and socialized, put it in place with continued monitoring for success.

Adapted from Harvard Law School Forum on Corporate Governance

Insight summary

Regulatory risk impacts often come from unexpected places and have significant consequences. Knowing who your vendors are using for their support and supply chain could be crucial in eliminating the risk of non-compliance for your organization. Having a plan to identify and validate the regulatory compliance of your vendors is a must for any organization, to avoid penalties.

Identifying regulatory and compliance risks

Who should be included in the discussion.

• While it is true that executive-level leadership defines the strategy for an organization, it is vital for those making decisions to make informed decisions.
• Getting input from regulatory risk experts within your organization will enhance your long-term potential for successful compliance.
• Involving those who not only directly manage vendors but also understand your regulatory requirements will aid in determining the path forward for relationships with your current vendors, and identifying new emerging potential partners.

See the blueprint Build an IT Risk Management Program

Review your risk management plans for new risks on a regular basis.

Keep in mind Risk = Likelihood x Impact (R=L*I).

Impact (I) tends to remain the same, while Likelihood (L) is becoming closer to 100% as threat actors become more prevalent

Managing vendor regulatory and compliance risk impacts

How could your vendors fall out of compliance?

• Review vendors’ downstream connections to understand thoroughly with whom you are in business.
  • Monitor their regulatory stance as it could reflect on your organization.
• Institute proper vendor lifecycle management.
  • Make sure to follow corporate due diligence and risk assessment policies and procedures.
  • Failure to consistently do so is a recipe for disaster.
• Develop IT risk governance and change control.
• Introduce continual risk assessment to monitor the relevant vendor markets.
  • Regularly review your regulatory requirements for new and changing risks.
• Be adaptable and allow for innovations that arise from the current needs.
  • Capture lessons learned from prior incidents to improve over time, and adjust your plans accordingly.

Organizations must review their regulatory risk appetite and tolerance levels, considering their complete landscape.

Changing regulations, acquisitions, and events that affect global supply chains are current realities, not unlikely scenarios.

Ongoing Improvement

Incorporating lessons learned.

• Over time, despite everyone’s best observations and plans, incidents will catch us off guard.
• When it happens, follow your incident response plans and act accordingly.
• An essential step is to document what worked and what did not – collectively known as the “lessons learned.”
• Use the lessons learned document to devise, incorporate, and enact a better risk management process.

Sometimes disasters occur despite our best plans to manage them.

When this happens, it is important to document the lessons learned and update our plans.

The “what if” game

1-3 hours

Vendor management professionals are in an excellent position to help senior leadership identify and pull together resources across the organization to determine potential risks. By playing the "what if" game and asking probing questions to draw out – or eliminate – possible adverse outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

1. Break into smaller groups (or if too small, continue as a single group).
2. Use the Regulatory Risk Impact Tool to prompt discussion on potential risks. Keep this discussion flowing organically to explore all potentials but manage the overall process to keep the discussion pertinent and on track.
3. Collect the outputs and ask the subject matter experts (SMEs) for management options for each one in order to present a comprehensive risk strategy. You will use this to educate senior leadership so that they can make an informed decision to accept or reject the solution.

High risk example from tool

How to mitigate:

Contractually insist that the vendor have a third-party security audit performed annually, with the stipulation that they will not denigrate below your acceptable standards.

Note: Even though a few items are “scored” they have not been added to the overall weight, signaling that the company has noted but does not necessarily hold them against the vendor.

Low risk example from tool

Summary

Seek to understand all regulatory requirements to obtain compliance.

• Organizations need to understand and map out their entire vendor landscape.
• Understand where all your data lives and how you can control it throughout the vendor lifecycle.
• Those organizations that consistently follow their established risk assessment and due diligence processes are better positioned to avoid penalties.
• Bring the right people to the table to outline potential risks in the market and your organization.
• Incorporate “lessons learned” from prior incidents into your risk management process to build better plans for future issues.

Keeping up with the ever-changing regulations can make compliance a difficult task.

Organizations should increase the resources dedicated to monitoring these regulations as agencies continue to hold them more accountable.

Related Info-Tech Research

Identify and Manage Financial Risk Impacts on Your Organization

• Vendor management practices educate organizations on potential financial impacts that vendors may incur and suggest systems to help manage them.
• Standardize your processes for identifying and monitoring vendor risks to manage financial impacts with our Financial Risk Impact Tool.

Identify and Manage Reputational Risk Impacts on Your Organization

• Vendor management practices educate organizations on potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
• Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your reputation and brand with our Reputational Risk Impact Tool.

Identify and Manage Strategic Risk Impacts on Your Organization

• Vendor management practices educate organizations on potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
• Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your strategic plan with our Strategic Risk Impact Tool.

Info-Tech Insight

It is easier for prospective clients to find out what you did wrong than that you fixed the issue.

Bibliography

Alicke, Knut, et al. "Taking the pulse of shifting supply chains", McKinsey & Company, August 26th 2022. Accessed October 31st
Regan, Samantha, et al. "Can compliance keep up with warp-speed Change?", accenture, May 18th 2022. Accessed Oct 31st 2022.
Feria, Nathalie, and Rosenberg, Daniel. "Mitigating Healthcare Cyber Risk Through Vendor Management", HIT Consultant, October 17th 2022. Accessed Oct 31st 2022.
Tonello, Matteo. “Strategic Risk Management: A Primer for Directors.” Harvard Law School Forum on Corporate Governance, 23 Aug. 2012.
Frigo, Mark L., and Richard J. Anderson. “Embracing Enterprise Risk Management: Practical Approaches for Getting Started.” COSO, 2011.

Get the Most Out of Workday

In today’s connected world, the continuous optimization of enterprise applications to realize your digital strategy is key.

EXECUTIVE BRIEF

Analyst Perspective

Focus optimization on organizational value delivery.

HR, finance, and planning systems are the core foundation of enterprise resource systems (ERP) systems. These are core tools that the business leverages to accomplish its goals. An ERP that is doing its job well is invisible to the business. The challenges come when the tool is no longer invisible. It has become a source of friction in the functioning of the business.

Workday is expensive, benefits can be difficult to quantify, and optimization can be difficult to navigate. Over time, technology evolves, organizational goals change, and the health of these systems is often not monitored. This is complicated in today’s digital landscape with multiple integration points, siloed data, and competing priorities.

Too often organizations jump into selecting replacement systems without understanding the health of their systems. We can do better than this.

IT leaders need to take a proactive approach to continually monitor and optimize their enterprise applications. Strategically realign business goals, identify business application capabilities, complete a process assessment, evaluate user satisfaction, measure module satisfaction, and improve vendor relations to create an optimization plan that will drive a cohesive technology strategy that delivers results.

Lisa Highfield

Research Director, Enterprise Applications

Info-Tech Research Group

Executive Summary

Your Challenge

Your Workday systems are critical to supporting the organization’s business processes. They are expensive. Direct benefits and ROI can be hard to measure.

Workday application portfolios are often behemoths to support. With complex integration points and unique business processes, stabilization is the norm.

Application optimization is essential to staying competitive and productive in today’s digital environment.

Common Obstacles

Balancing optimization with stabilization is one of the most difficult decisions for Workday application leaders.

Competing priorities and often unclear enterprise application strategies make it difficult to make decisions about what, how, and when to optimize.

Enterprise applications involve large numbers of processes, users, and evolving vendor roadmaps.

Teams do not have a framework to illustrate, communicate, and justify the optimization effort in the language your stakeholders understand.

Info-Tech's Approach

In today’s changing world, it is imperative to evaluate your applications for optimization and to look for opportunities to capitalize on rapidly expanding technologies, integrated data, and employee solutions that meet the needs of your organization.

Assess your Workday applications and the environment in which they exist. Take a business-first strategy to prioritize optimization efforts.

Validate capabilities, user satisfaction, and issues around data, vendor management, and costs to build out an overall roadmap and optimization strategy.

Pull this all together to prioritize optimization efforts and develop a concrete roadmap.

Info-Tech Insight

Workday is investing heavily in expanding and deepening its finance and expanded product offerings, but we cannot stand still on our optimization efforts. Understand your product(s), processes, user satisfaction, integration points, and the availability of data to business decision makers. Examine these areas to develop a personalized Workday optimization roadmap that fits the needs of your organization. Incorporate these methodologies into an ongoing optimization strategy aimed at enabling the business, increasing productivity, and reducing costs.

Insight summary

Continuous assessment and optimization of your Workday ERP is critical to the success of your organization.

• Applications and the environments in which they live are constantly evolving.
• This blueprint provides business and application managers with a method to complete a health assessment of their Workday systems to identify areas for improvement and optimization.
• Put optimization practices into effect by:
  • Aligning and prioritizing key business and technology drivers.
  • Identifying ERP process classification and performing a gap analysis.
  • Measuring user satisfaction across key departments.
  • Evaluating vendor relations.
  • Understanding how data plays into the mix.
  • Pulling it all together into an optimization roadmap.

Workday enterprise resource planning (ERP) facilitates the flow of information across business units. It allows for the seamless integration of data across financial and people systems to create a holistic view of the enterprise to support decision making.

In many organizations, Workday is considered the core people systems and is becoming more widely adopted for finance and a full ERP system.

ERP systems are considered the lifeblood of organizations. Problems with this key operational system will have a dramatic impact on the ability of the enterprise to survive and grow.

ERP implementation should not be a one-and-done exercise. There needs to be ongoing optimization to enable business processes and optimal organizational results.

Workday enterprise resource planning (ERP)

Workday

• Finance
• Human Resources Management
• Talent and Performance
• Payroll and Workforce Management
• Employee Experience
• Student Information Systems
• Professional Services Automation
• Analytics and Reporting
• Spend Management
• Enterprise Planning

What is Workday?

Workday has many modules that work together to facilitate the flow of information across the business. Workday’s unique data platform allows for seamless integration of systems and creates a holistic view of the enterprise to support decision making.

In many organizations, the ERP system is considered the lifeblood of the enterprise. Problems with this key operational system will have a dramatic impact on the ability of the enterprise to survive and grow.

Workday operates in many industry verticals and performs well in service organizations.

An ERP system:

• Automates processes, reducing the amount of manual, routine work.
• Integrates with core modules, eliminating the fragmentation of systems.
• Centralizes information for reporting from multiple parts of the value chain to a single point.

Workday Fast Facts

Product Description

• Workday offers HR, Finance, planning systems, and extended offerings. Workday prides itself on rapidly expanding its product portfolio to meet the needs of organizations in a changing world.
• The integrated cloud data model Workday has been built on allows for seamless end-to-end organizational data.
• Offerings include Financial Management, Human Capital Management, Workday Adaptive Planning, Spend Management, Talent Management, Payroll & Workforce Management, Analytics & Reporting, Student, Professional Services Automation, Platform & Product Extensions, Workday Peakon Employee Voice, and most recently VNDLY (contract and vendor management).

Evolution of Workday

Workday HCM 2006

Workday Financial Management 2007

Workday 10 (Finance & HCM) 2010

Workday Student (Higher Education) 2011

Workday Cloud (PAAS) 2017

Acquisition of Adaptive Insights 2018

Acquisition of VNDLY 2021

Vendor Description

• Workday was founded in 2005 by Aneel Bhusri and Dave Duffield (former PeopleSoft founder.)
• The platform-as-a-service (PaaS) bundles and modules are sold in a subscription model to customers.
• Workday has untaken several acquisitions in recent years to grow the product and invests in early-stage companies through Workday Ventures.
• Workday is publicly traded (2012); Nasdaq: WDAY.

Employees: 12,500

Headquarters: Pleasanton, CA

Website: workday.com

Founded: 2005

Presence: Global, Publicly Traded

Workday by the numbers

77%

77% of clients were satisfied with the product’s business value created. 78% of clients were satisfied that the cost is fair relative to value, and 95% plan to renew. (SoftwareReviews, 2022)

50% of Fortune 500

Workday has seen steady growth working with over 50% of Fortune 500 companies. 4,100 of those are HCM and finance customers. It has seen great success in service industries and has a 95% gross retention rate. (Diginomica)

40%

Workday reported a 40% year-over-year increase in Workday Financial Management deployments for both new and existing customers, as accelerated demand for Workday cloud-based continues. (Workday, June 2021)

Workday Finance

A great opportunity for Workday

Workday continues to invest in Workday Finance

• 35% of the Fortune 500 and 50% of the Fortune 50 use Workday HCM products (Seeking Alpha, 2019).
• The customer base for Workday Financial Management has increased from 45 in 2014 to 530 in 2019 with 9 Fortune 500 companies in the mix. This infers that Financial Management is a product that will drive future growth for Workday.

Recent Finance-Related Acquisitions

• Zimit - Quotation Management
• Stories.bi - Augmented Analytics
• Adaptive Insights - Business Planning
• SkipFlag - Machine Learning (AI)
• Platfora - Analytics
• VNDLY - Contractor and Vendor Management

Workday challenges and dissatisfaction

Workday challenges and dissatisfaction

Organizational

• Competing Priorities
• Lack of Strategy
• Budget Challenges

People and teams

• Knowledgeable Staff/Turnover
• Lack of Internal Skills
• Ability to Manage New Products
• Lack of Training

Technology

• Integration Issues
• Selecting Tools & Technology
• Keeping Pace With Technology Changes
• Update Challenges

Data

• Access to Data
• Data Literacy
• Data Hygiene
• One View of the Customer

Finance, IT, Sales, and other users of the ERP system can only optimize ERP with the full support of each other. The cooperation of the departments is crucial when trying to improve ERP technology capabilities and customer interaction.

Info-Tech Insight

While technology is the key enabler of building strong customer experiences, there are many other drivers of dissatisfaction. IT must stand shoulder-to-shoulder with the business to develop a technology framework for ERP.

Where are applications leaders focusing?

Big growth numbers

Year-over-year call topic requests

Enterprise Application Optimization - 124%

Product - 65%

Enterprise Application Selection - 76%

Agile - 79%

(Info-Tech case data, 2022; N=3,293)

We are seeing Applications leaders’ priorities change year over year, driven by a shift in their approach to problem solving. Leaders are moving from a process-centric approach to a collaborative approach that breaks down boundaries and brings teams together.

Other changes

Year-over-year call topic requests

Application Portfolio Management - 13%

Business Process Management - 4%

Software Development Lifecycle -25%

(Info-Tech case data, 2022; N=3,293)

Software development lifecycle topics are tactical point solutions. Organizations have been “shifting left” to tackle the strategic issues such as product vision and Agile mindset to optimize the whole organization.

Application optimization is risky without a plan

Avoid these common pitfalls:

• Not considering how this pays into the short-, medium-, and long-term ERP strategy.
• Not considering application optimization as a business and IT partnership, which requires the continuous formal engagement of all participants.
• Not having a good understanding of your current state, including integration points and data.
• Not adequately accommodating feedback and changes after digital applications are deployed and employed.
• Not treating digital applications as a motivator for potential future IT optimization efforts and incorporating digital assets in strategic business planning.
• Not involving department leads, management, and other subject-matter experts to facilitate the organizational change digital applications bring.

“A successful application optimization strategy starts with the business need in mind and not from a technological point of view. No matter from which angle you look at it, modernizing a legacy application is a considerable undertaking that can’t be taken lightly. Your best approach is to begin the journey with baby steps.” – Norelus, Pamidala, and Senti, 2020

Info-Tech’s methodology for getting the most out of your ERP

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

Get the Most Out of Your Workday Workbook

Identify and prioritize your Workday optimization goals.

Application Portfolio Assessment

Assess IT-enabled user satisfaction across your Workday portfolio.

Key deliverable:

Workday Optimization Roadmap

Complete an assessment of processes, user satisfaction, data quality, and vendor management.

Case Study

MANAGED AP AUTOMATION with OneSource Virtual

TripAdvisor + OneSource

INDUSTRY: Travel

SOURCE: OneSource Virtual, 2017

Challenge

TripAdvisor needed a solution that would decrease administrative labor from its accounting department.

“We needed something that was already compatible with our Workday tenant, that didn’t require a lot of customizations and would be an enhancement to our processes.” – Director of Accounting Operations, Scott Garner

Requirements included:

• Easy implementation
• Existing system compatibility
• Enhancement to the company’s process
• Competitive pricing
• Secure

Solution

TripAdvisor chose to outsource its accounts payable services to OneSource Virtual (OSV).

OneSource Virtual offers the comprehensive finance and accounting outsourcing solutions needed to improve efficiency, eliminate paper processes, reduce errors, and improve cash flow.

Managed AP services include scanning and auditing all extracted invoice data for accuracy, transmitting AP files with line-item details from invoices, and creating full invoice images in Workday.

Results

• Accurate and timely invoice processing for over 3,000 invoices per month.
• Empowered employees to focus on higher-level tasks rather than day-to-day data entry.
• 50+ hours saved per week on routine data entry.
• Employees had 30% of their time freed up to focus on high-value tasks.
• Allowed TripAdvisor to become more scalable across departments and as an organization.

Info-Tech offers various levels of support to suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

Phase 1

Call #1: Scope requirements, objectives, and your specific challenge.

Phase 2

Call #2:

• Build the Workday team.
• Align organizational goals.

Call #3:

• Map current state.
• Inventory Workday capabilities and processes.
• Explore Workday-related costs.

Phase 3

Call #4: Understand product satisfaction and vendor management.

Call #5: Review APA results.

Call #6: Understand Workday optimization opportunities.

Call #7: Determine the right Workday path for your organization.

Phase 4

Call #8: Build out optimization roadmap and next steps.

Workshop Overview

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

Phase 1

Map Current-State Capabilities

Phase 1

1.1 Identify Stakeholders and Build Your Optimization Team

1.2 Build an ERP Strategy Model

1.3 Inventory Current System State

1.4 Define Optimization Timeframe

1.5 Understand Workday Costs

Phase 2

2.1 Assess Workday Capabilities

2.2 Review Your Satisfaction With the Vendor/Product and Willingness for Change

Phase 3

3.1 Prioritize Optimization Opportunities

3.2 Discover Optimization Initiatives

Phase 4

4.1 Build Your Optimization Roadmap

This phase will guide you through the following activities:

• Align your organizational goals
• Gain a firm understanding of your current state
• Inventory Workday and related applications
• Confirm the organization’s capabilities

This phase involves the following participants:

• CFO
• Department Leads – Finance, Procurement, Asset Management
• Applications Director
• Senior Business Analyst
• Senior Developer
• Procurement Analysts

Step 1.1

Identify Stakeholders and Build Your Optimization Team

Activities

1.1.1 Identify Stakeholders Critical to Success

1.1.2 Map Your Workday Optimization Stakeholders

1.1.3 Determine Your Workday Optimization Team

Map Current State Capabilities

Step 1.1

Step 1.2

Step 1.3

Step 1.4

Step 1.5

This step will guide you through the following activities:

• Identify ERP drivers and objectives
• Explore ERP challenges and pain points
• Discover ERP benefits and opportunities
• Align the ERP foundation with your corporate strategy

This step involves the following participants:

• Stakeholders
• Project sponsors and leaders

Outcomes of this step

• Stakeholder map
• Workday optimization team

ERP optimization stakeholders

• Understand the roles necessary to Get the Most Out of Your Workday.
• Understand the role of each player within your project structure. Look for listed participants on the activities slides to determine when each player should be involved.

Info-Tech Insight

Do not limit project input or participation. Include subject-matter experts and internal stakeholders at stages within the project. Such inputs can be solicited on a one-off basis as needed. This ensures you take a holistic approach to create your ERP optimization strategy.

1.1.1 Identify Workday optimization stakeholders

1 hour

1. Hold a meeting to identify the Workday optimization stakeholders.
2. Use the next slide as a guide.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Understand how to navigate the complex web of stakeholders in ERP

Identify which stakeholders to include and what their level of involvement should be during requirements elicitation based on relevant topic expertise.

Large-scale ERP projects require the involvement of many stakeholders from all corners and levels of the organization, including project sponsors, IT, end users, and business stakeholders. Consider the influence and interest of stakeholders in contributing to the requirements elicitation process and involve them accordingly.

Activity 1.1.2 Map your Workday optimization stakeholders

1 hour

1. Use the list of Workday optimization stakeholders.
2. Map each stakeholder on the quadrant based on their expected Influence and involvement in the project.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Map the organization’s stakeholders

The Workday optimization team

Consider the core team functions when putting together the project team. Form a cross-functional team (i.e. across IT, Marketing, Sales, Service, and Operations) to create a well-aligned ERP optimization strategy.

Don’t let your project team become too large when trying to include all relevant stakeholders. Carefully limiting the size of the project team will enable effective decision making while still including functional business units such as Human Resources, Operations, Manufacturing, Marketing, Sales, Service, and Finance as well as IT.

1.1.3 Determine your Workday optimization team

1 hour

1. Have the project manager and other key stakeholders discuss and determine who will be involved in the Workday optimization project.
   • The size of the team will depend on the initiative and size of your organization.
   • Key business leaders in key areas and IT representatives should be involved.

Note: Depending on your initiative and size of your organization, the size of this team will vary.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Step 1.2

Build an ERP Strategy Model

Activities

1.2.1 Explore Organizational Goals and Business Needs

1.2.2 Discover Environmental Factors and Technology Drivers

1.2.3 Consider Potential Barriers to Achieving Workday Optimization

1.2.4 Set the Foundation for Success

1.2.5 Discuss Workday Strategy and Develop Your ERP Optimization Goals

Map Current State Capabilities

Step 1.1

Step 1.2

Step 1.3

Step 1.4

Step 1.5

This step will guide you through the following activities:

• Identify ERP drivers and objectives
• Explore ERP challenges and pain points
• Discover ERP benefits and opportunities
• Align the ERP foundation with the corporate strategy

This step involves the following participants:

• Workday Optimization Team

Outcomes of this step

• ERP business model
• Strategy alignment

Align your Workday strategy with the corporate strategy

Corporate Strategy

Your corporate strategy:

• Conveys the current state of the organization and the path it wants to take.
• Identifies future goals and business aspirations.
• Communicates the initiatives that are critical for getting the organization from its current state to the desired future state.

Unified ERP Strategy

• The ideal ERP strategy is aligned with overarching organizational business goals and broader IT initiatives.
• Include all affected business units and departments in these conversations.
• The ERP optimization can be and should be linked, with metrics, to the corporate strategy and ultimate business objectives.

IT Strategy

Your IT strategy:

• Communicates the organization’s budget and spending on ERP.
• Identifies IT initiatives that will support the business and key ERP objectives.
• Outlines staffing and resourcing for ERP initiatives.

ERP projects are more successful when the management team understands the strategic importance and the criticality of alignment. Time needs to be spent upfront aligning business strategies with ERP capabilities. Effective alignment between IT and the business should happen daily. Alignment doesn’t just need to occur at the executive level but at each level of the organization.

ERP Business Model Template

Conduct interviews to elicit the business context

Stakeholder Interviews

Begin by conducting interviews of your executive team. Interview the following leaders:

1. Chief Information Officer
2. Chief Executive Officer
3. Chief Financial Officer
4. Chief Revenue Officer/Sales Leader
5. Chief Operating Officer/Supply Chain & Logistics Leader
6. Chief Technology Officer/Chief Product Officer

INTERVIEWS MUST UNCOVER:

1. Your organization’s mission & vision
2. Your organization’s top business goals
3. Your organization’s top business initiatives
4. The stakeholder’s top goals and initiatives
5. Tools and systems needed to facilitate organizational and departmental goals

Understand the mission, vision, and goals of the organization and supporting departments

Info-Tech Insight

One of the biggest drivers for ERP adoption is the ability to make quicker decisions from timely information. This driver is a result of external considerations. Many industries today are highly competitive, uncertain, and rapidly changing. To succeed under these pressures, there needs to be timely information and visibility into all components of the organization.

1.2.1 Explore organizational goals and business needs

60 minutes

1. Discuss organizational mission, vision, and goals. What are the top initiatives underway? Are you contracting, expanding, or innovating?
2. Discuss business needs to support organizational goals. What are identified goals and initiatives at the departmental level? What tools and resources within the Workday system will help make this successful?
3. Understand how the company is running today and what the organization’s future will look like. Envision the future system state.

Record this information in the Get the Most Out of Your Workday Workbook.

Organizational Goals

• Organization’s mission and vision
• Top business goals
• Initiatives underway

Business Needs

• Departmental goals
• Business drivers
• Key initiatives
• Key capabilities to support the organization
• Requirements to support the business capability and process

Download the Get the Most Out of Your Workday Workbook

ERP Business Model

Organizational Goals

• Organization’s mission and vision
• Top business goals (~3)
• Initiatives underway
• KPIs and metrics that are important to the organization in achieving its goals and objectives

Business Needs

• Departmental goals
• Key initiatives
• Key capabilities to support the organization
• Tools and systems required to support business capability or process
• KPIs and metrics that are important to the department/stakeholder in achieving its goals and objectives

Understand the technology drivers and environmental factors

Info-Tech Insight

A comprehensive plan that takes into consideration organizational goals, departmental needs, technology drivers, and environmental factors will allow for a collaborative approach to defining your Workday strategy.

1.2.2 Discover environmental factors and technology drivers

30 minutes

1. Identify business drivers that are contributing to the organization’s need for ERP.
2. Understand how the company is running today and what the organization’s future will look like. Try to identify the purpose for becoming an integrated organization. Use a whiteboard or flip charts and markers to capture key findings.
3. Consider external considerations, organizational drivers, technology drivers, and key functional requirements.

Record this information in the Get the Most Out of Your Workday Workbook.

External Considerations

• Funding constraints
• Regulations

Technology Considerations

• Data accuracy
• Data quality
• Better reporting

Functional Requirements

• Information availability
• Integration between systems
• Secure data

Download the Get the Most Out of Your Workday Workbook

Create a realistic ERP foundation by identifying the challenges and barriers the project will bestow

There are several different factors that may stifle the success of an ERP implementation. Organizations that are creating an ERP foundation must scan their current environment to identify internal barriers and challenges.

Common Internal Barriers

1.2.3 Consider potential barriers to achieving Workday optimization

1-3 hours

1. Open tab 1.2, “Strategy & Goals,” in the Get the Most Out of Your Workday Workbook.
2. Identify barriers to ERP optimization success.
3. Review the ERP critical success factors and how they relate to your optimization efforts.
4. Discuss potential barriers to successful ERP optimization.

Record this information in the Get the Most Out of Your Workday Workbook.

Functional Gaps

• No online purchase order requisitions

Technical Gaps

• Inconsistent reporting – data quality concerns

Process Gaps

• Duplication of data
• Lack of system integration

Barriers to Success

• Cultural mindset
• Resistance to change
• Lack of training
• Funding

Download the Get the Most Out of Your Workday Workbook

ERP Business Model

Organizational Goals

• Efficiency
• Effectiveness
• Integrity
• One source of truth for data
• One team
• Customer service, external and internal

Barriers

• Organizational silos
• Lack of formal process documentation
• Funding availability
• What goes first? Organizational priorities

What does success look like?

Top 15 Critical Success Factors for ERP System Implementation

(Epizitone and Olugbara, 2019; CC BY 4.0)

Info-Tech Insight

Complement your ability to deliver on your critical success factors with the capabilities of your implementation partner to drive a successful ERP implementation.

“Implementation partners can play an important role in successful ERP implementations. They can work across the organizational departments and layers creating a synergy and a communications mechanism.” – Ayogeboh Epizitone, Durban University of Technology

1.2.3 Set the foundation for success

1-3 hours

1. Open tab 1.2, “Strategy & Goals,” in the Get the Most Out of Your Workday Workbook.
2. Identify barriers to ERP optimization success.
3. Review the ERP critical success factors and how they relate to your optimization efforts.
4. Discuss potential barriers to successful ERP optimization.

Record this information in the Get the Most Out of Your Workday Workbook.

Business Benefits

• Business-IT alignment

IT Benefits

• Compliance
• Scalability
• Operational efficiency

Organizational Benefits

• Data accuracy
• Data quality
• Better reporting

Enablers of Success

• Change management
• Training
• Alignment with strategic objectives

Download the Get the Most Out of Your Workday Workbook

ERP Business Model

Organizational Goals

• Efficiency
• Effectiveness
• Integrity
• One source of truth for data
• One team
• Customer service, external and internal

Enablers

• Cross-trained employees
• Desire to focus on value-add activities
• Collaborative
• Top-level executive support
• Effective change management process

The Business Value Matrix

Rationalizing and quantifying the value of Workday

Benefits can be realized internally and externally to the organization or department and have different drivers of value.

• Financial benefits refer to the degree to which the value source can be measured through monetary metrics and are often quite tangible.
• Human benefits refer to how an application can deliver value through a user’s experience.
• Inward refers to value sources that have an internal impact and improve your organization’s effectiveness and efficiency in performing its operations.
• Outward refers to value sources that come from your interaction with external factors, such as the market or your customers.

Organizational Goals

Increased Revenue

Application functions that are specifically related to the impact on your organization’s ability to generate revenue and deliver value to your customers.

Reduced Costs

Reduction of overhead. The ways in which an application limits the operational costs of business functions.

Enhanced Services

Functions that enable business capabilities that improve the organization’s ability to perform its internal operations.

Reach Customers

Application functions that enable and improve the interaction with customers or produce market information and insights.

Business Value Matrix

1.2.4 Define your Workday strategy and optimization goals

30 minutes

1. Discuss the Workday business model exercises and ERP critical success factors.
2. Through the lens of corporate goals and objectives think about the supporting ERP technology. How can the ERP system bring value to the organization? What are the top things that will make this initiative a success? What major themes are emerging?
3. Develop five to ten optimization goals that will form the basis for the success of this initiative.
   • What is a strong statement that will help guide decision making throughout the life of the ERP project?
   • What are your overarching requirements for business processes?
   • What do you ultimately want to achieve?
   • What is a statement that will ensure all stakeholders are on the same page for the project?

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

Workday strategy and optimization goals

Key Themes Emerging / Workday Strategy

• Efficiency
• Effectiveness
• Integrity
• One source of truth for data
• One team
• Customer service, external and internal

Optimization Goals

• Support Business Agility: A flexible and adaptable integrated business system providing a seamless user experience.
• Use ERP best practices: Do not recreate or replicate what we have today; focus on modernization. Exercise customization governance by focusing on those customizations that are strategically differentiating.
• Automate: Take manual work out where we can, empowering staff and improving productivity through automation and process efficiencies.
• Stay focused: Focus on scope around core business capabilities. Maintain scope control. Prioritize demand in line with the strategy.
• Strive for “One Source of Truth”: Unified data model and integrate processes where possible. Assess integration needs carefully.

Step 1.3

Inventory Current System State

Activities

1.3.1 Inventory Workday Applications and Interactions

1.3.2 Draw Your Workday System Diagram

1.3.3 Inventory Your Workday Modules and Business Capabilities (or Business Processes)

1.3.4 Define Your Key Workday Optimization Modules and Business Capabilities

Map Current-State Capabilities

Step 1.1

Step 1.2

Step 1.3

Step 1.4

Step 1.5

This step will guide you through the following activities:

• Inventory of applications
• Mapping interactions between systems

This step involves the following participants:

• Workday Optimization Team
• Enterprise Architect
• Data Architect

Outcomes of this step

• Systems inventory
• Systems diagram

1.3.1 Inventory Workday applications and interfaces

1-3+ hours

1. Enter your Workday systems, Workday extended applications, and integrated applications within scope.
2. Include any abbreviated names or nicknames.
3. List the application type or main function. List the modules the organization has licensed.
4. List any integrations.

Record this information in the Get the Most Out of Your Workday Workbook.

Download the Get the Most Out of Your Workday Workbook

ERP Data Flow

When assessing the current application portfolio that supports your ERP, the tendency will be to focus on the applications under the ERP umbrella. These relate mostly to marketing, sales, and customer service. Be sure to include systems that act as input to, or benefit due to outputs from, ERP or similar applications.

1.3.2 Draw your Workday system diagram (optional)

1-3+ hours

1. From the Workday application inventory, diagram your network. Include:
   • Any internal or external systems
   • Integration points
   • Data flow

Download the Get the Most Out of Your Workday Workbook

Sample Workday and integrations map

Business capability map (Level 0)

In business architecture, the primary view of an organization is known as a business capability map.

A business capability defines what a business does to enable value creation, rather than how.

Business capabilities:

• Represent stable business functions.
• Are unique and independent of each other.
• Will typically have a defined business outcome.

A business capability map provides details that help the business architecture practitioner direct attention to a specific area of the business for further assessment.

The value stream

Value stream defined:

Value Streams:

Design Product

• Manufacturers work proactively to design products and services that will meet consumer demand.
• Products are driven by consumer demand and government regulations.

Produce Product

• Production processes and labor costs are constantly analyzed for efficiencies and accuracies.
• Quality of product and services are highly regulated through all levels of the supply chain.

Sell Product

• Sales networks and sales staff deliver the product from the organization to the end consumer.
• Marketing plays a key role throughout the value stream connecting consumers’ wants and needs to the products and services offered.

Customer Service

• Relationships with consumers continue after the sale of products and services.
• Continued customer support and data mining is important to revenue streams.

Value streams connect business goals to the organization’s value realization activities in the marketplace. Those activities are dependent on the specific industry segment in which an organization operates. There are two types of value streams: core value streams and support value streams.

• Core value streams are mostly externally facing. They deliver value to either an external or internal customer and they tie to the customer perspective of the strategy map.
• Support value streams are internally facing and provide the foundational support for an organization to operate.

Taking a value stream approach to process mapping allows you to move across departmental and system boundaries to understand the underlying business capability.

Some mistakes organizations make are over-customizing processes, or conversely, not customizing when required. Workday provides good baseline process that work for most organizations. However, if a process is broken or not working efficiently take the time to investigate it, including underlying policies, roles, workflows, and integrations.

Process frameworks

Help define your inventory of sales, marketing, and customer services processes.

(APQC)

If you do not have a documented process model, you can use the APQC Framework to help define your inventory of sales business processes.

APQC’s Process Classification Framework is a taxonomy of cross-functional business processes intended to allow the objective comparison of organizational performance within and among organizations.

APQC’s Process Classification Framework