IT Strategy
- Buy Link or Shortcode: {j2store}20|cart{/j2store}
- Up-Sell: {j2store}20|upsells{/j2store}
- Parent Category Name: Strategy and Governance
- Parent Category Link: strategy-and-governance
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Confirm the list of Agile skills that you wish to measure.
Define what it means to attain specific agile skills through a defined ascension path of proficiency levels, and standardized skill expectations.
Determine the roll-out and communication plan that suits your organization.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Learn about and define the Agile skills that are important to your organization.
Define the different levels of attainment when it comes to your Agile skills.
Define the standards on a per-role basis.
Get a clear view of the Agile skills important into meet your Agile transformation goals in alignment with organizational objectives.
Set a clear standard for what it means to meet your organizational standards for Agile skills.
1.1 Review and update the Agile skills relevant to your organization.
1.2 Define your Agile proficiency levels to evaluate attainment of each skill.
1.3 Define your Agile team roles.
1.4 Define common experience levels for your Agile roles.
1.5 Define the skill expectations for each Agile role.
A list of Agile skills that are consistent with your Agile transformation
A list of proficiency levels to be used during your Agile skills assessment
A confirmed list of roles that you wish to measure on your Agile teams
A list of experience levels common to Agile team roles (example: Junior, Intermediate, Senior)
Define the skill expectations for each Agile role
Attractive a target, I do not make, hmmm? Yoda-speak with a slightly inquisitive tone, indicating that he means the opposite. And many (small) business owners also feel they are no target. But 61% of SMBs were attacked already. And large corporations also still have a ways to go.
In many cases, the answer is to develop a cloud brokerage to manage the complexity. But what should your cloud broker be delivering, and how?
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Define the value, ecosystem, and metrics required to add value as a brokerage. Develop a brokerage value proposition that aligns with your audience and capabilities. Define and rationalize the ecosystem of partners and value-add activities for your brokerage. Define KPIs that allow you to maximize and balance both usability and compliance.
Increasingly, large institutions and governments are adopting cloud-first postures for delivering IT resources. Combined with the growth of cloud offerings that are able to meet the certifications and requirements of this segment that has been driven by federal initiatives like Cloud-First in Canada and Cloud Smart in the United States, these two factors have left institutions (and the businesses that serve them) with the challenge of delivering cloud services to their users while maintaining compliance, control, and IT sanity.
In many cases, the answer is to develop a cloud brokerage to manage the complexity. But what should your cloud broker be delivering and how?
Not all cloud brokerages are the same. And while they can be an answer to cloud complexity, an ineffective brokerage can drain value and complicate operations even further. Cloud brokerages need to be designed:
By defining your end goals, framing solutions based on the type of value and rigor your brokerage needs to deliver, and focusing on the right balance of security and flexibility, you can deliver a brokerage that delivers the best of all worlds.
Sometimes a brokerage delivery model makes sense, sometimes it doesn’t! Understanding the value addition you want your brokerage to provide before creating it allows you to not only avoid pitfalls and maximize benefits but also understand when a brokerage model does and doesn’t make sense in the first place.
Different institutions want brokerage delivery for different reasons. It’s important to define up front why your users need to work through a brokerage and what value that brokerage needs to deliver.
What’s in the catalog? Is it there to consolidate and simplify billing and consumption? Or does it add value further up the technology stack or value chain? If so, how does that change the capabilities you need internally and from partners?
Among institutions adopting cloud, a broker that can help deliver their defined security and compliance standards is an almost universal requirement. Especially in government institutions, this can mean the need to meet a high standard in both implementation and validation.
The good news is that even if you lack the complete set of skills in-house, the high certification levels available from hyperscale providers combined with a growing ecosystem of service providers working on these platforms means you can usually find the right partner(s) to make it possible.
Ultimately, if end users can’t get what they need from you, they will go around you to get it. This challenge, which has always existed in IT, is further amplified in a cloud service world that offers users a cornucopia of options outside the brokerage. Furthermore, cloud users expect to be able to consume IT seamlessly. Without frictionless satisfaction of user demand your brokerage will become disintermediated, which risks your highest priorities of security and compliance.
While initial adoption of cloud brokerages in institutions was focused on ensuring the ability of IT to extend its traditional role as gatekeeper to the realm of cloud services, the focus has now shifted upstream to enabling ease of use and smart adoption of cloud services. This is evidenced clearly in examples like the US government’s renaming of its digital strategy from “Cloud First” to “Cloud Smart” and has been mirrored in other regions and institutions.
To avoid failure, you need to provide security and compliance.
Basic user satisfaction means becoming a frictionless intermediary.
Exceed expectations! Enabling brokers provide knowledge and guidance for the best usage of cloud.
While GCBs fill a critical role as a control point for IT consumption, they can easily turn into a friction point for IT projects. It’s important to find the right balance between enabling compliance and providing frictionless usability.
Maintain compliance and ensure architecture discipline: Brokerages can be an effective gating point for ensuring properly governed and managed IT consumption that meets the specific regulations and compliances required for an institution. It can also be a strong catalyst and enabler for moving to even more effective cloud consumption through automation.
Avoid disintermediation: Especially in institutions, cloud brokers are a key tool in the fight against disintermediation – that is, end users circumventing your IT department’s procurement and governance by consuming an ad hoc cloud service.
Leverage economies of scale: Simply put, consolidation of your cloud consumption drives effectiveness by making the most of your buying power.
Understanding the importance of each benefit type to your brokerage audience will help you define the type of brokerage you need to build and what skills and partners will be required to deliver the right value.
The ecosystem of platforms and tools has grown significantly and examples of best practices, especially in government, are readily available. Once you’ve defined your brokerage’s value stance, the building blocks you need to deliver often don’t need to be built from scratch.
With the business taking more accountability and management of their own technology, brokers must learn how to evolve from being gatekeepers to enablers.
The greatest risks in using a cloud broker come from its nature as a single point of distribution for service and support. Without resources (or automation) to enable scale, as well as responsive processes for supporting users in finding the right services and making those services available through the brokerage, you will lose alignment with your users’ needs, which inevitably leads to disintermediation, loss of IT control, and broken compliance
Standardization and automation are your friend when building a cloud brokerage! Sometimes this means having a flexible catalog of options and configurations, but great brokerages can deliver value by helping their users redefine and evolve their workloads to work more effectively in the cloud. This means providing guidance and facilitating the landing/transformation of users’ workloads in the cloud, the right way.
Challenges | → | Impact |
---|---|---|
|
|
Depending on the type of brokerage, the value delivered may be as simple as billing consolidation, but many brokerages go much deeper in their value proposition.
Remember that these categories are general guidelines! Depending on the requirements and value a brokerage needs to deliver, it may fit more than one category of broker type.
Each value addition your brokerage invests in delivering should tie to reinforcing efficiency, compliance, frictionlessness, or enablement.
Value Addition | Purchasing Agent | Contract Manager | Cloud Enabler | Cloud Customizer | Cloud Agent |
---|---|---|---|---|---|
Underlying service selection | Standard Activity |
Standard Activity | Standard Activity | Standard Activity | Common Activity |
Support and info | Standard Activity | Common Activity |
Standard Activity | Standard Activity | Common Activity |
Contract lifecycle (pricing/negotiation) | Standard Activity | Common Activity | Standard Activity | ||
Workload distribution (to underlying services) (aggregation) | Common Activity | Standard Activity | Standard Activity | Standard Activity | |
Value-add or layered on services | Standard Activity | Common Activity | |||
Customization/integration of underlying services | Standard Activity | ||||
Automated workload distribution (i.e. software) | Standard Activity |
Whatever value proposition and associated services your brokerage has defined, either internal resources or additional partners will be required to run the platform and processes you want to offer on top of the defined base cloud platforms.
Remember to always align your value adds and activities to the four key themes:
The additional value your broker delivers will depend on the tools and services you can layer on top of the base cloud platform(s) you support.
In many cases, you may require different partners to fulfil similar functions across different base platforms. Although this increases complexity for the brokerage, it’s also a place where additional value can be delivered to end users by your role as a frictionless intermediary.
Different value-add types (based on the category/categories of broker you’re targeting) require different additional platforms and partners to augment the base cloud service you’re brokering.
Incorporate your end user, business, and IT perspectives in defining the list of mandatory and desired features of your target solution.
See our Implement a Proactive and Consistent Vendor Selection Process blueprint for information on procurement practices, including RFP templates.
Depending on the value-add(s) you are trying to deliver, as well as the requirements from your institution(s), you will have a different delineation of responsibilities for each of the value-add dimensions. Typically, there will be at least three stakeholders whose role needs to be considered for each dimension:
It’s important to remember that the ecosystem of third-party options available to you in each case will likely be dependent on if a given partner operates or supports your chosen base provider.
Value Addition | Cost Governance | Security & Compliance | Adoption and User Satisfaction | New Service Addition Speed | End-User Cloud Effectiveness |
Base platform(s) | |||||
Third party | |||||
Internal |
A basic table of the stakeholders and platforms involved in your value stream is a critical tool for aligning activities and partners with brokerage value.
Remember to tie each value-add category you’re embarking on to at least one of the key themes!
Cost Governance → Efficiency
Security & Compliance → Compliance
Adoption & User Satisfaction → Frictionlessness
New Service Addition Responsiveness → Frictionlessness, Enablement
End-User Cloud Effectiveness → Enablement
The expectations for how applications are consumed and what a user experience should look like is increasingly being guided by the business and by the disintermediating power of the cloud-app ecosystem.
In environments where compliance and security are a must, the challenges of handing off application management to the business are even more complex. Great brokers learn to act not just as a gatekeeper but an enabler of business-led IT.
Organizations are looking to enhance their Agile and BizDevOps practices by shifting traditional IT practices left and toward the business.
Organizational priorities are constantly changing. Cost reduction opportunities and competitive advantages are lost because of delayed delivery of features.
Low- and no-code development tools, full-stack solutions, and plug-and-play architectures allow non-technical users to easily build and implement applications without significant internal technical support or expertise.
A wide range of digital applications, services, and information are readily available and continuously updated through vendor and public marketplaces and open-source communities.
The business is motivated to learn more about the technology they use so that they can better integrate it into their processes.
Move to being an accelerator and an enabler! Rather than creating an additional layer of complexity, we can use the abstraction of a cloud brokerage to bring a wide variety of value-adds and partners into the ecosystem without increasing complexity for end users.
Category |
Purpose |
Examples |
---|---|---|
Business Value – The amount of value and benefits delivered. | Justify the investment and impact of the brokerage and its optimization to business operations. | ROI, user productivity, end-user satisfaction, business operational costs, error rate |
Application Quality – Satisfaction of application quality standards. | Evaluate organizational effort to address and maximize user satisfaction and adoption rates. | Adoption rate, usage friction metrics, user satisfaction metrics |
Delivery Effectiveness – The delivery efficiency of changes. | Enable members to increase their speed to effective deployment, operation, and innovation on cloud platforms. | Speed of deployment, landing/migration success metrics |
Determine measures that demonstrate the value of your brokerage by aligning it with your quality definition, value drivers, and users’ goals and objectives. Recognize that your journey will require constant monitoring and refinement to adjust to situations that may arise as you adopt new products, standards, strategies, tactics, processes, and tools.
Ultimately, the goal is designing a brokerage that can evolve from gatekeeping to frictionless intermediation to cloud enablement.
Maintain focus on the value proposition, your brokerage ecosystem, and the metrics that represent enablement for your users and avoid pitfalls and challenges from the beginning.
This blueprint covers aligning your value proposition with general cloud requirements.
Define Your Digital Business Strategy
Phase 1 of this research covers identifying value chains to be transformed.
Embrace Business-Managed Applications
Phase 1 of this research covers understanding the business-managed applications as a factor in developing a frictionless intermediary model.
Implement a Proactive and Consistent Vendor Selection Process
This blueprint provides information on partner selection and procurement practices, including RFP templates.
“3 Types of Cloud Brokers That Can Save the Cloud.” Cloud Computing Topics, n.d. Web.
Australian Government Cloud Computing Policy. Government of Australia, October 2014. Web.
“Cloud Smart Policy Overview.” CIO.gov, n.d. Web.
“From Cloud First to Cloud Smart.” CIO.gov, n.d. Web.
Gardner, Dana. “Cloud brokering: Building a cloud of clouds.” ZDNet, 22 April 2011. Web.
Narcisi, Gina. “Cloud, Next-Gen Services Help Master Agents Grow Quickly And Beat 'The Squeeze' “As Connectivity Commissions Decline.” CRN, 14 June 2017. Web.
Smith, Spencer. “Asigra calls out the perils of cloud brokerage model.” TechTarget, 28 June 2019. Web.
Tan, Aaron. “Australia issues new cloud computing guidelines.” TechTarget, 27 July 2020. Web.
The European Commission Cloud Strategy. ec.europa.eu, 16 May 2019. Web.
“TrustRadius Review: Cloud Brokers 2022.” TrustRadius, 2022. Web.
Yedlin, Debbie. “Pros and Cons of Using a Cloud Broker.” Technology & Business Integrators, 17 April 2015. Web.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Level-set the expectations for your business-managed applications.
Identify and define your application managers and owners and build a fit-for-purpose governance model.
Build a roadmap that illustrates the key initiatives to implement your BMA and governance models.
[infographic]
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Define business-managed applications in your context.
Identify your business-managed application objectives.
State the value opportunities with business-managed applications.
A consensus definition and list of business-managed applications goals
Understanding of the business value business-managed applications can deliver
1.1 Define business-managed applications.
1.2 List your objectives and metrics.
1.3 State the value opportunities.
Grounded definition of a business-managed application
Goals and objectives of your business-managed applications
Business value opportunity with business-managed applications
Develop your application management framework.
Tailor your application delivery and ownership structure to fit business-managed applications.
Discuss the value of an applications committee.
Discuss technologies to enable business-managed applications.
Fit-for-purpose and repeatable application management selection framework
Enhanced application governance model
Applications committee design that meets your organization’s needs
Shortlist of solutions to enable business-managed applications
2.1 Develop your management framework.
2.2 Tune your delivery and ownership accountabilities.
2.3 Design your applications committee.
2.4 Uncover your solution needs.
Tailored application management selection framework
Roles definitions of application owners and managers
Applications committee design
List of business-managed application solution features and services
Build your roadmap to implement busines-managed applications and build the foundations of your optimized governance model.
Implementation initiatives
Adoption roadmap
3.1 Build your roadmap.
Business-managed application adoption roadmap
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Read our executive brief to understand our approach to SDLC optimization and why we advocate a holistic approach for your company.
This phase helps you understand your business goals and priorities. You will document your current SDLC process and find where the challenges are.
Prioritize your initiatives and formalize them in a roll-out strategy and roadmap. Communicate your plan to all your stakeholders.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Assess your current level of Cloud adoption and integration, focusing on solutions that are emerging in the market and the applicability to your IT environment.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Complete three unique assessments to define the ideal security architecture maturity for your organization.
Use the results of the assessments from Phase 1 of this research to create a roadmap for improving the security program.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Assess the current state of the portfolio and ensure that portfolio owners and other stakeholders are onboard before you move forward to develop and implement new portfolio processes.
Wireframe standardized portfolio processes for all project methodologies to follow.
Pilot your new portfolio processes and decision-making paradigm. Then, execute a change impact analysis to inform your communications strategy and implementation plan.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Determine the current state of your project execution and portfolio oversight practices.
Align different types of projects within a unified portfolio.
Define the best roles and engagement strategies for individual stakeholders as you transition to an Engaged Agile Portfolio.
A current state understanding of project and portfolio management challenges.
Bolster the business case for developing an Engaged Agile Portfolio.
Increase stakeholder and team buy-in.
1.1 Calculate the size of your portfolio in human resource hours.
1.2 Estimate your project sizes and current project methodology mix.
1.3 Document the current known status of your in-flight projects.
1.4 Perform a project execution portfolio oversight survey.
Your portfolio’s project capacity in resource hours.
Better understanding of project demand and portfolio mix.
Current state visibility.
An objective assessment of current areas of strengths and weaknesses.
Objectively and transparently approve, reject, and prioritize projects.
Prioritize work to start and stop on a sprint-by-sprint basis.
Maintain a high frequency of accurate reporting.
Assess and report the realization of project benefits.
Improve timeliness and accuracy of project portfolio reporting.
Make better, faster decisions about when to start and stop work on different projects.
Increase stakeholder satisfaction.
2.1 Develop a portfolio intake workflow.
2.2 Develop a prioritization scorecard and process.
2.3 Establish a process to estimate sprint demand and resource supply.
2.4 Develop a process to estimate sprint value and necessity.
An intake workflow.
A prioritization scorecard and process.
A process to estimate sprint demand and resource supply.
A process to estimate sprint value and necessity.
Analyze the potential change impacts of your new portfolio processes and how they will be felt across the organization.
Develop an implementation plan to ensure strategy buy-in.
A strategic and well-planned approach to process implementation.
3.1 Analyze change impacts of new portfolio processes.
3.2 Prepare a communications plan based upon change impacts.
3.3 Develop an implementation plan.
3.4 Present new portfolio processes to portfolio owners.
A change impact analysis.
A communications plan.
An implementation plan.
Portfolio strategy buy-in.
To stay competitive, IT leaders need to radically change the way they recruit and retain talent, and women in IT represent one of the largest untapped markets for IT talent. CIOs need a targeted strategy to attract and retain the best, and this requires a shift in how leaders currently manage the talent lifecycle. Info-Tech offers a targeted solution that will help IT leaders:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Create a targeted recruitment and retention strategy for women. Increase the number of viable candidates by leveraging best practices to sell to, search for, and secure top women in IT. Take a data-driven approach to improving retention of women by using best practices to measure and improve employee engagement.
These tools tap into best practices to help you collect the information you need to build, assess, test, and adopt an employee value proposition.
Don’t hire by intuition, consider leveraging behavioral interview questions to reduce bias and uncover candidates that will be able to execute on the job.
Stay interviews are an effective method for monitoring employee engagement. Have these informal conversations to gain insight into what your employees really think about their jobs, what causes them to stay, and what may lead them to leave.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Identify the need for a targeted strategy to recruit and retain women in IT and pinpoint your largest opportunities to drive diversity in your IT team.
Establish goals and targets for the changes to be made to your IT recruitment and retention strategies.
1.1 Understand trends in IT staffing.
1.2 Assess your talent lifecycle challenges and opportunities.
1.3 Make the case for changes to recruitment and retention strategies.
Recruitment & Retention Metrics Report
Business Case for Recruitment and Retention Changes
The way you position the organization impacts who is likely to apply to posted positions. Ensure you are putting a competitive foot forward by developing a unique, meaningful, and aspirational employee value proposition and clear job descriptions.
Implement effective strategies to drive more applications to your job postings.
2.1 Develop an IT employee value proposition.
2.2 Adopt your employee value proposition.
2.3 Write meaningful job postings.
Employee Value Proposition
EVP Marketing Plan
Revised Job Ads
Sourcing shouldn’t start with an open position, it should start with identifying an anticipated need and then building and nurturing a talent pipeline.
IT participation in this is critical to effectively promote the employee experience and foster relationships before candidates even apply.
Develop a modern job requisition form though role analysis.
Increase your candidate pool by expanding sourcing programs.
3.1 Build realistic job requisition forms.
3.2 Identify new alternative sourcing approaches for talent.
3.3 Build a sourcing strategy.
Job requisition form for key roles
Sourcing strategy for key roles
Work with your HR department to influence the recruitment process by taking a data-driven approach to understanding the root cause of applicant drop-off and success and take corrective actions.
Optimize your selection process.
Implement non-bias interview techniques in your selection process.
4.1 Assess key selection challenges.
4.2 Implement behavioral interview techniques.
Root-Cause Analysis of Section Challenges
Behavioral Interview Guide
Employee engagement is one of the greatest predictors of intention to stay.
To retain employees you need to understand not only engagement, but also your employee experience and the moments that matter, and actively work to create positive experience.
Identify opportunities to drive engagement across your IT organization.
Implement tactical programs to reduce turnover in IT.
5.1 Measure employee engagement and review results.
5.2 Identify new alternative sourcing approaches for talent.
5.3 Train managers to conduct stay interviews and drive employee engagement.
Identified Employee Engagement Action Plan
Action Plan to Execute Stay Interviews
Technology has never been more important to organizations, and as a result, recruiting and retaining quality IT employees is increasingly difficult.
To stay competitive, IT leaders need to radically change the way they recruit and retain talent, and women in IT represent one of the largest untapped markets. CIOs need a targeted strategy to attract and retain the best, and this requires a shift in how leaders currently manage the talent lifecycle. Info-Tech offers a targeted solution to help:
Retaining and attracting top women is good business, not personal. Companies with greater gender diversity on executive teams were 25% more likely to have above-average profitability.1 In the war on talent, having a strategy around how you will recruit and retain women in IT is Marketing 101. What influences whether women apply for roles and stay at organizations is different than men; traditional models won’t cut it.
65% of men think their employers have a program to encourage hiring women. But only 51% of women agree.
71% of men believe their employers have a program to encourage the promotion or advancement of women. But only 59% of women agree.
49% of women compared to 44% of men in the survey feel they must work harder than their peers.
22% of women compared to 14% of men feel they are underpaid.
66% of women compared to 72% of men feel they are receiving sufficient resources to sustain their career.
30% of women compared to 23% of men feel they have unequal growth opportunities.
74% of women compared to 64% of men feel they lack confidence to negotiate their salaries.
The chart to the left, compiled by Statista, (based on self-reported company figures) shows that women held between 23% to 25% of the tech jobs at major tech companies.
Women are also underrepresented in leadership positions: 34% at Facebook, 31% at Apple, 29% at Amazon, 28% at Google, and 26% at Microsoft.
To help support women in tech, 78% of women say companies should promote more women into leadership positions. Other solutions include:
* Recent data stays consistent, but, the importance of compensation and recognition in retaining women in IT is increasing.
The majority of organizations take a one-size-fits-all approach to retaining and engaging employees.
However, studies show that women are leaving IT in significantly higher proportions than men and that the drivers impacting men’s and women’s retention are different. Knowing how men and women react differently to engagement drivers will help you create a targeted retention strategy.
In particular, to increase the retention and engagement of women, organizations should develop targeted initiatives that focus on:
SIGNS YOU MAY NEED A TARGETED RECRUITMENT STRATEGY… |
SIGNS YOU MAY NEED A TARGETED RETENTION STRATEGY… |
---|---|
|
|
Info-Tech takes a practical, tactical approach to improving gender diversity at organizations, which starts with straightforward tactics that will help you improve the recruitment and retention of women in your organization.
If you don’t have a targeted recruitment strategy for women, you are missing out on 50% of the candidate pool. Increase the number of viable candidates by leveraging best practices to sell to, search for, and secure top women in IT.
Key metrics to track:
The drivers that impact the retention of men and women are different. Take a data-driven approach to improving retention of women in your organization by using best practices to measure and improve employee engagement.
Key metrics to track:
1. Enhance Your Recruitment Strategies |
2. Enhance Your Retention Strategies |
|
---|---|---|
Phase Steps |
|
|
Phase Outcomes |
Recruitment Optimization Plan |
Retention Optimization Plan |
"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."
"Our teams knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."
"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."
"Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."
A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. A typical GI is 6 calls over the course of 1 to 2 months.
1. Tactics to Recruit More Women in IT
Call #1: Develop a strategy to better sell your organization to diverse candidates.
Call #2: Evaluate your candidate search practices to reach a wider audience.
Call #3: Introduce best practices in your interviews to improve the candidate experience and limit bias.
2. Tactics to Retain More Women in IT
Call #4: Launch focus groups to improve performance of key retention drivers.
Call #5: Measure the employee experience and identify key moments that matter to staff.
Call #6: Conduct stay interviews and establish actions to improve retention.
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
Day 1 |
Day 2 |
Day 3 |
Day 4 |
Day 5 |
|
---|---|---|---|---|---|
Make the Case |
Develop Strategies to Sell to a Wider Candidate Pool |
Expand Your Talent Sourcing Strategy |
Secure & Retain Top Talent |
Next Steps and Wrap-Up (offsite) |
|
Activities |
1.1 Understand trends in IT staffing. 1.2 Assess your talent lifecycle. 1.3 Make the case for changes to recruitment and retention strategies. |
2.1 Develop an IT employee value proposition (EVP). 2.2 Adopt your employee value proposition. 2.3 Write meaningful job postings. |
3.1 Build realistic job requisition forms. 3.2 Identify new alternative sourcing approaches for talent. 3.3 Build a sourcing strategy. |
4.1 Assess key selection challenges. 4.2 Implement behavioral interview techniques. 4.3 Measure employee engagement and review results. 4.4 Develop programs to improve employee engagement. 4.5 Train managers to conduct stay interviews and drive employee engagement. |
5.1 Complete in-progress deliverables from previous four days. 5.2 Set up review time for workshop deliverables and to discuss next steps. |
Deliverables |
|
|
|
|
|
Phase 1
Phase 2
How do you position the value of working for your organization and roles in a meaningful way?
How can you expand your key search criteria and sourcing strategies to reach more candidates?
How can you reduce bias in your interview process and create positive candidate experiences?
1. Develop an employee value proposition that will attract female candidates.
2. Understand how your job postings may be deterring female candidates.
3. Identify opportunities to expand your role analysis for job requisitions.
4. Increase your candidate pool by expanding sourcing programs.
5. Identify tactics to improve women’s interview experience.
6. Leverage behavioral interview questions to limit bias in interviews.
Please note, this section is not a replacement or a full talent strategy. Rather, this blueprint will highlight key tactics within talent acquisition practices that the IT leadership team can help to influence to drive greater diversity in recruitment.
Work with your HR department to track critical metrics around where you need to make improvements and where you can partner with your recruitment team to improve your recruitment process and build a more diverse pipeline. Identify where you have significant drops or variation in diversity or overall need and select where you’d like to focus your recruitment improvement efforts.
Selection Process Step |
Sample Metrics to Track |
||||||
---|---|---|---|---|---|---|---|
Sell | Average time to fill a vacant position |
||||||
Average number of applicants for posted positions |
Total # of Candidates; # of Male Candidates (% of total); # of Female Candidates (% of total); % Difference Male & Female |
||||||
Number of page visits vs. applications for posted positions |
|||||||
Total # of Candidates |
# of Male Candidates |
% of total |
# of Female Candidates |
% of total |
% Difference Male & Female |
||
Search | Number of applicants coming from your different sourcing channels (one line per sourcing channel: LinkedIn Group A, website, job boards, specific events, etc.) |
||||||
Number of applicants coming from referrals |
|||||||
Secure | Number of applicants meeting qualifications |
||||||
Number of applicants selected for second interview |
|||||||
Number of applicants rejecting an offer |
|||||||
Number of applicants accepting an offer |
|||||||
Number of employees retained for one year |
The way you position the organization impacts who is likely to apply to posted positions. Ensure you are putting a competitive foot forward by developing a unique, meaningful, and aspirational employee value proposition and clear job descriptions.
What is an employee value proposition?
An employee value proposition (EVP) is a unique and clearly defined set of attributes and benefits that capture an employee’s overall work experience within an organization. An EVP is your opportunity to showcase the unique benefits and opportunities of working at your organization, allowing you to attract a wider pool of candidates.
How is an employee value proposition used?
Your EVP should be used internally and externally to promote the unique benefits of working within the department. As a recruiting tool, you can use it to attract candidates, highlighting the benefits of working for your organization. The EVP is often highlighted where you are most likely to reach your target audience, whether that is through social media, in-person events, or in other advertising activities.
Why tailor this to multiple audiences?
While your employee value proposition should remain constant in terms of the unique benefits of working for your organization, you want to ensure that the EVP appeals to multiple audiences and that it is backed up by relevant stories that support how your organization lives your EVP every day. Candidates need to be able to relate to the EVP and see it as desirable, so ensuring that it is relatable to a diverse audience is key.
1. Build and Assess the EVP
Assess your existing employee value proposition and/or build a forward-looking, meaningful, authentic, aspirational EVP.
2. Test the EVP
Gather feedback from staff to ensure the EVP is meaningful internally and externally.
3. Adopt the EVP
Identify how and where you will leverage the EVP internally and externally, and integrate the EVP into your candidate experience, job ads, and employee engagement initiatives.
As you build your EVP, keep in mind that while it’s important to brand your IT organization as an inclusive workplace to help you attract diverse candidates, be honest about your current level of diversity and your intentions to improve. Otherwise, new recruits will be disappointed and leave.
The employee value proposition is your opportunity to showcase the unique benefits and opportunities of working at your organization, allowing you to attract a wider pool of candidates.
AN EMPLOYEE VALUE PROPOSITION IS: |
AN EMPLOYEE VALUE PROPOSITION IS NOT: |
||
---|---|---|---|
|
|
||
THE FOUR KEY COMPONENTS OF AN EMPLOYEE VALUE PROPOSITION |
|||
Rewards |
Organizational Elements |
Working Conditions |
Day-to-Day Job Elements |
|
|
|
|
Creating a compelling EVP that presents a picture of your employee experience, with a focus on diversity, will attract females to your team. This can lead to many internal and external benefits for your organization.
Existing Employee Value Proposition: If your organization or IT department has an existing employee value proposition, rather than starting from scratch, we recommend leveraging that and moving to the testing phase to see if the EVP still resonates with staff and external parties.
Employee Engagement Results: If your organization does an employee engagement survey, review the results to identify the areas in which the IT organization is performing well. Identify and document any key comment themes in the report around why employees enjoy working for the organization or what makes your IT department a great place to work.
Social Media Sites. Prepare for the good, the bad, and the ugly. Social media websites like Glassdoor and Indeed make it easier for employees to share their experiences at an organization honestly and candidly. While postings on these sites won’t relate exclusively to the IT department, they do invite participants to identify their department in the organization. You can search these to identify any positive things people are saying about working for the organization and potentially opportunities for improvement (which you can use as a starting point in the retention section of this report).
Sell – Assess the current state and develop your employee value proposition
Activities
1.1.1 Gather feedback on unique benefits
1.1.2 Build key messages
1.1.3 Test your EVP
1.1.4 Adopt your EVP
1.1.5 Review job postings for gender bias
Input |
Output |
|
|
Materials |
Participants |
|
|
Download the EVP Interview Guide
*See Engagement Driver Handout slides for more details on these five drivers.
Input | Output |
|
|
Materials | Participants |
|
|
Internally and Externally
Use the EVP Scorecard and EVP Scorecard Handout throughout this step to assess your EVP against:
Internal Criteria:
External Criteria:
INTERNAL TEST REVOLVES AROUND THE 3A’s |
EXTERNAL TEST REVOLVES AROUND THE 3C’s |
---|---|
ALIGNED: The EVP is in line with the organization’s purpose, vision, values, and processes. Ensure policies and programs are aligned with the organization’s EVP. |
CLEAR: The EVP is straightforward, simple, and easy to understand. Without a clear message in the market, even the best intentioned EVPs can be lost in confusion. |
ACCURATE: The EVP is clear and compelling, supported by proof points. It captures the true employee experience, which matches the organization’s communication and message in the market. |
COMPELLING: The EVP emphasizes the value created for employees and is a strong motivator to join this organization. A strong EVP will be effective in drawing in external candidates. The message will resonate with them and attract them to your organization. |
ASPIRATIONAL: The EVP inspires both individuals and the IT organization as a whole. Identify and invest in the areas that are sure to generate the highest returns for employees. |
COMPREHENSIVE: The EVP provides enough information for the potential employee to understand the true employee experience and to self-assess whether they are a good fit for your organization. If the EVP lacks depth, the potential employee may have a hard time understanding the benefits and rewards of working for your organization. |
Input | Output |
|
|
Materials | Participants |
|
|
Input | Output |
|
|
Materials | Participants |
|
|
INDUSTRY: Restaurant
SOURCE: McDonald’s Careers, Canadian Business via McLean & Company
McDonald’s saw a divide between employee experience and its vision. McDonald’s set out to reinvent its employer image and create the reputation it wanted.
For the full article please click here.
Input | Output |
|
|
Materials | Participants |
|
|
INDUSTRY: Social Media
SOURCE: Buffer Open blog
When the social media platform Buffer replaced one word in a job posting, it noticed an increase in female candidates.
For the social media platform Buffer, all employees were called “hackers.” It had front-end hackers, back-end hackers, Android hackers, iOS hackers, and traction hackers.
As the company began to grow and ramp up hiring, the Chief Technology Officer, Sunil Sadasivan, noticed that Buffer was seeing a very low percentage of female candidates for these “hacker” jobs.
In researching the challenge in lack of female candidates, the Buffer team discovered that the word “hacker” may be just the reason why.
Understanding that wording has a strong impact on the type of candidates applying to work for Buffer started a great and important conversation on the Buffer team.
Buffer wanted to be as inviting as possible in job listings, especially because it hires for culture fit over technical skill.
Buffer went through a number of wording choices that could replace “hacker,” and ended on the term “developer.” All external roles were updated to reflect this wording change.
By making this slight change to the wording used in their jobs, Buffer went from seeing a less than 2% female representation of applicants for developer jobs to around 12% female representation for the same job.
Activities
1.2.1 Complete role analysis
1.2.2 Expand your sourcing pools
Sourcing shouldn’t start with an open position; it should start with identifying an anticipated need and building and nurturing a talent pipeline. IT participation in this is critical to effectively promote the employee experience and foster relationships before candidates even apply.
What is a candidate sourcing program?
A candidate sourcing program is one element of the overall HR sourcing approach, which consists of the overall process (steps to source talent), the people responsible for sourcing, and the programs (internal talent mobility, social media, employee referral, alumni network, campus recruitment, etc.).
What is a sourcing role analysis?
Part of the sourcing plan will outline how to identify talent for a role, which includes both the role analysis and the market assessment. The market assessment is normally completed by the HR department and consists of analyzing the market conditions as they relate to specific talent needs. The role analysis looks at what is necessary to be successful in a role, including competencies, education, background experience, etc.
How will this enable you to attract female candidates?
Expanding your sourcing programs and supporting deeper role analysis will allow your HR department to reach a larger candidate pool and better understand the type of talent that will be successful in roles within your organization. By expanding from traditional pools and criteria you will open the organization up to a wider variety of talent options.
Failure to take an inclusive approach to sourcing will limit your talent pool by sidelining entire groups or discouraging applicants from diverse backgrounds. Address bias in sourcing so that diverse candidates are not excluded from the start. Solutions such as removing biographical data from CVs prior to interviews may reduce bias, but they may come too late to impact diversity.
Potential areas of bias in sourcing: |
Modifications to reduce bias: |
Intake Session
|
|
Sourcing Pools
|
|
Required Entry Criteria |
Preferred Entry Criteria |
|
Education |
|
|
Experience |
|
|
Designations/Certifications |
|
Competency |
Level of Proficiency |
Behavioral Descriptions |
Business Analysis |
Level 2: Capable |
|
SOURCING APPROACH
INTERNAL MOBILITY PROGRAM
Positioning the right talent in the right place, at the right time, for the right reasons, and supporting them appropriately. Often tied to succession or workforce planning, mentorship, and learning and development.
SOCIAL MEDIA PROGRAM
The widely accessible electronic tools that enable anyone to publish and access information, collaborate on common efforts, and build relationships. Think beyond the traditional and consider niche social media platforms.
EMPLOYEE REFERRAL PROGRAM
Employees recommend qualified candidates. If the referral is hired, the referring employee typically receives some sort of reward.
ALUMNI PROGRAM
An alumni referral program is a formalized way to maintain ongoing relationships with former employees of the organization.
CAMPUS RECRUITING PROGRAM
A formalized means of attracting and hiring individuals who are about to graduate from schools, colleges, or universities.
EVENTS & ASSOCIATION PROGRAM
A targeted approach for participation in non-profit associations and industry events to build brand awareness of your organization and create a forward-looking talent pipeline.
# of Candidates From Approach |
% of Female Candidates From Approach |
Target # of Female Candidates |
|
---|---|---|---|
Internal Talent Mobility |
|||
Social Media Program |
|||
Employee Referral Program |
|||
Alumni Program |
|||
Campus Recruiting Program |
|||
Events & Non-Profit Affiliations |
|||
Other (job databases, corporate website, etc.) |
Benefits | Keys to Success | |
---|---|---|
Internal Mobility Program |
|
|
Social Media Program |
|
|
Employee Referral Program |
|
|
Alumni Program |
|
|
Campus Recruiting Program |
|
|
Events & Non-Profit Affiliations |
|
|
Work with your HR department to influence the recruitment process by taking a data-driven approach to understand the root cause of applicant drop-off and success and take corrective actions.
Why does the candidate experience matter?
Until recently it was an employer’s market, so recruiters and hiring managers were able to get good talent without courting top candidates. Today, that’s not the case. You need to treat your IT candidates like customers and be mindful that this is often one of the first experiences future staff will have with the organization. It will give them their first real sense of the culture of the organization and whether they want to work for the organization.
What can IT leaders do if they have limited influence over the interview process?
Work with your HR department to evaluate the existing recruitment process, share challenges you’ve experienced, and offer additional support in the process. Identify where you can influence the process and if there are opportunities to build service-level agreements around the candidate experience.
While your HR department likely owns the candidate experience and processes, if you have identified challenges in diversity we recommend partnering with your HR department or recruitment team to identify opportunities for improvement within the process. If you are attracting a good amount of candidates through your sell and search tactics but aren’t finding that this is translating into more women selected, it’s time to take a look at your selection processes.
SIMPLIFIED CANDIDATE SELECTION PROCESS STEPS
To understand the challenges within your selection process, start by baselining your drop-off rates throughout selection and comparing the differences in male and female candidates. Use this to pin point the issues within the process and complete a root-cause analysis to identify where to improve.
Activities
1.3.1 Identify selection challenges
Selection Process Step | Total # of Candidates | Male Candidates | Female Candidates | % Difference Male & Female | ||
---|---|---|---|---|---|---|
# | # | % of total | # | % of total | ||
Applicants for Posted Position | 150 | 115 | 76.7% | 35 | 23.3% | 70% fewer females |
Selected for Interview | ||||||
(Selected for Second Interview) | ||||||
(Selected for Final Interview) | ||||||
Offer Extended | ||||||
Offer Rejected | ||||||
Employees Retained for One Year |
Note: For larger organizations, we highly recommend analyzing differences in specific teams/roles and/or at different seniority levels. If you have that data available, repeat the analysis, controlling for those factors.
Brainstorming/Process of Elimination
After brainstorming, identify which possible causes are not the issue’s root cause by removing unlikely causes.
The Five Whys
Use reverse engineering to delve deeper into a recruitment issue to identify the root cause.
Ishikawa/Fishbone Diagram
Use an Ishikawa/fishbone diagram to identify and narrow down possible causes by categories.
Using the process of elimination can be a powerful tool to determine root causes.
Example
Problem: Women candidates are rejecting job offers more consistently
Potential Causes
As you brainstorm, ensure that you are identifying differentiators between male and female candidate experiences and rationale. If you ask candidates their rationale for turning down roles, ensure that these are included in the discussion.
Repeatedly asking “why” might seem overly simplistic, but it has the potential to be useful.
Example
Use this technique to sort potential causes by category and match them to the problem.
Info-Tech Best Practice
Avoid naming individuals in the fishbone diagram. The goal of the root-cause exercise is not to lay blame or zero in on a guilty party but rather to identify how you can rectify any challenges.
Reduce bias in your interviews.
In the past, companies were pushing the boundaries of the conventional interview, using unconventional questions to find top talent, e.g. “what color is your personality?” The logic was that the best people are the ones who don’t necessarily show perfectly on a resume, and they were intent on finding the best.
However, many companies have stopped using these questions after extensive statistical analysis revealed there was no correlation between candidates’ ability to answer them and their future performance on the job. Hiring by intuition – or “gut” – is usually dependent on an interpersonal connection being developed over a very short period of time. This means that people who were naturally likeable would be given preferential treatment in hiring decisions whether they were capable of doing the job.
Asking behavioral interview questions based on the competency needs of the role is the best way to uncover if the candidates will be able to execute on the job.
For more information see Info-Tech’s Behavioral Interview Question Library.
Broaden the notion of fit:
For a deeper analysis of your new hire processes Info-Tech’s sister company, McLean & Company, is an HR research and advisory firm that offers powerful diagnostics to measure HR processes effectiveness. If you are finding diversity issues to be systemic within the organization, leveraging a diagnostic can greatly improve your processes.
Use this diagnostic to get vital feedback on:
For more information on the New Hire Survey click here. If you are interested in referring your HR partner please contact your account manager.
Phase 1
Phase 2
Employee engagement: the measurement of effective management practices that create a positive emotional connection between the employee and the organization.
Engaged employees do what’s best for the organization: they come up with product/service improvements, provide exceptional service to customers, consistently exceed performance expectations, and make efficient use of their time and resources. The result is happy customers, better products/services, and saved costs.
Today, what we find is that 54% of women in IT are not engaged,* but…
…engaged employees are: 39% more likely to stay at an organization than employees who are not engaged.*
Additionally, engaging your female staff also has the additional benefit of increasing willingness to innovate by 30% and performance by 28%. The good news is that increasing employee engagement is not difficult, it just requires dedication and an effective toolkit to monitor, analyze, and implement tactics.*
* Recent data stays consistent, but the importance of compensation and recognition in retaining women in IT is increasing.
An analysis of the differences between men and women in IT’s drivers indicates that women in IT are significantly less likely than men in IT to agree with the following statements:
Culture:
Employee Empowerment:
Manager Relationships:
Working Environment:
Employee engagement is one of the greatest predictors of intention to stay. To retain you need to understand not only engagement but also your employee experience – the moments that matter – and actively work to create a positive experience.
What differentiates an engaged employee?
Engaged employees do what’s best for the organization: they come up with product/service improvements, provide exceptional service to customers, consistently exceed performance expectations, and make efficient use of their time and resources. The result is happy customers, better products/services, and saved costs.
Why measure engagement when looking at retention?
Engaged employees report 39%1 higher intention to stay at the organization than disengaged employees. The cost of losing an employee is estimated to be 150% to 200% of their annual salary.2 Can you afford to not engage your staff?
Why should IT leadership be responsible for their staff engagement?
Engagement happens every day, through every interaction, and needs to be tailored to individual team members to be successful. When engagement is owned by IT leadership, engagement initiatives are incorporated into daily experiences and personalized to their employees based on what is happening in real time. It is this active, dynamic leadership that inspires ongoing employee engagement and differentiates those who talk about engagement from those who succeed in engaging their teams.
Activities
2.1.1 Review employee engagement results and trends
2.1.2 Focus on areas that impact retention of women
Info-Tech’s employee engagement diagnostics are low-effort, high-impact programs that will give you detailed report cards on the organization’s engagement levels. Use these insights to understand your employees’ engagement levels by a variety of core demographics.
FULL ENGAGEMENT DIAGNOSTIC |
EMPLOYEE EXPERIENCE MONITOR |
---|---|
The full engagement diagnostic provides a comprehensive view of your organization’s engagement levels, informing you of what motivates employees and providing a detailed view of what engagement drivers to focus on for optimal results. Info-Tech & McLean & Company’s Full Engagement Diagnostic Survey has 81 questions in total. The survey should be completed annually and typically takes 15-20 minutes to complete. |
The EXM Dashboard is designed to give organizations a real-time view of employee engagement while being minimally intrusive. This monthly one-question survey allows organizations to track the impact of events and initiatives on employee engagement as they happen, creating a culture of engagement. The survey takes less than 30 seconds to complete and is fully automated. |
For the purpose of improving retention of women in IT, we encourage you to leverage the EXM tool, which will allow you to track how this demographic group’s engagement changes as you implement new initiatives.
Overall Engagement Results
Priority Matrix and Driver Scores
EXM Dashboard
Time Series Trends
Info-Tech’s dedicated team of program managers will facilitate this diagnostic program remotely, providing you with a convenient, low-effort, high-impact experience.
We will guide you through the process with your goals in mind to deliver deep insight into your successes and areas to improve.
What You Need to Do: |
Info-Tech’s Program Manager Will: |
---|---|
|
|
Input |
|
Participants |
|
Engagement driver handout
Culture: The degree to which an employee identifies with the beliefs, values, and attitudes of the organization.
Questions:
Ranked Correlation of Impact of Engagement Driver on Retention:
Company Potential: An employee’s understanding of and commitment to the organization’s mission, and the employee’s excitement about the organization’s mission and future.
Questions:
Ranked Correlation of Impact of Engagement Driver on Retention:
Employee Empowerment: The degree to which employees have accountability and control over their work within a supported environment.
Questions:
Ranked Correlation of Impact of Engagement Driver on Retention:
Learning and Development: A cooperative and continuous effort between an employee and the organization to enhance an employee’s skill set and expertise and meet an employee’s career objectives and the organization’s needs.
Questions:
Ranked Correlation of Impact of Engagement Driver on Retention:
Manager Relationships: The professional and personal relationship an employee has with their manager. Manager relationships depend on the trust that exists between these two individuals and the extent that a manager supports and develops the employee.
Questions:
Ranked Correlation of Impact of Engagement Driver on Retention:
Activities
2.2.1 Identify moments that matter
Train your managers to provide them with the skills and expertise to recognize the warning signs of an employee’s departure and know how to re-engage and retain them.
Employee experience (EX) is the employee’s perception of their cumulative lived experiences with the organization. It is gauged by how well the employee’s expectations are met within the parameters of the workplace, especially by the “moments that matter” to them. Individual employee engagement is the outcome of a strong overall EX.
Moments that matter are defining pieces or periods in an employee’s experience that create a critical turning point or memory that is of significant importance to them.
These are moments that dramatically change the path of the emotional journey, influence the quality of the final outcome, or end the journey prematurely.
To identify the moment that matters look for significant drops in the emotional journey that your organization needs to improve or significant bumps that your organization can capitalize on. Look for these drops or bumps in the journey and take stock of everything you have recorded at that point in the process. To improve the experience, analyze the hidden needs and how they are or aren’t being met.
The moment that matters is key and it could be completely separate from organizational life, like the death of a family member. Leaders can more proactively address these moments that matter by identifying them and determining how to make the touchpoint at that moment more impactful.
Retention
Employees who indicate they are having a positive experience at work have a 52% higher level of intent to stay (Great Place To Work Institute, 2021)
The bottom line
Organizations that make employee experience a focus have: 23% higher profitability 10% higher customer loyalty (Achievers, 2021)
INDUSTRY: Post-Secondary Education
SOURCE: Adam Grant, “Impact and the Art of Motivation Maintenance: The Effects of Contact with Beneficiaries on Persistence Behavior”
Challenge
A university call center, tasked with raising scholarship money from potential donors, had high employee turnover and low morale.
Solution
A study led by Grant arranged for a test group of employees to meet and interact with a scholarship recipient. In the five-minute meeting, employees learned what the student was studying.
Results
Demonstrating the purpose behind their work had significant returns. Employees who had met with the student demonstrated:
More than two times longer “talk time” with potential donors.
A productivity increase of 400%: the weekly average in donations went from $185.94 to $503.22 for test-group employees.
Do not wait until employees leave to find out what they were unhappy with or why they liked the organization. Instead, perform stay interviews with top and core talent to create a holistic understanding of what they are perceiving and feeling.
What is a stay interview?
A stay interview is a conversation with current employees. It should be performed on a yearly basis and is an informal discussion to generate deeper insight into the employee’s opinions, perspectives, concerns, and complaints. Stay interviews can have a multitude of uses. In this project they will be used to understand why top and core talent chose to stay with the organization to ensure that organizations understand and build upon their current strengths.
When should you do stay interviews?
We recommend completing stay interviews at least on an annual, if not quarterly, basis to truly understand how staff are feeling about the organization and their job, why they stay at the organization, and what would cause them to leave. Couple the outcomes of these interviews with employee engagement action planning to ensure that you are able to address talent needs.
Activities
2.3.1 Conduct stay interviews
Build stay interviews into the regular routine. By incorporating stay interviews into your schedule, they are more likely to stick. This regularity provides several advantages:
Stay interview best practices:
Proactively identify opportunities to drive retention.
The Stay Interview Guide helps managers conduct interviews with current employees, enabling the manager to understand:
Use this template to help you understand how you can best engage your employees and identify any challenges, in terms of moments that mattered, that negatively impacted their intention to stay at the organization.
Download the Stay Interview Guide
“4 Hiring Trends Technology Managers Need to Know.” Robert Half Talent Solutions, 4 Oct. 2021. Accessed 4 Feb. 2022.
“89% of CIOs are concerned about Talent Retention: SOTD CIO.” 2016 Harvey Nash/KPMG CIO Survey, CIO From IDG, 12 Aug. 2016. Web.
Angier, Michelle, and Beth Axelrod. “Realizing the power of talented women.” McKinsey Insights, Sept. 2014. Web.
Beansontoast23. “Not being trained on my first dev job.” Reddit, 29 July 2016. Web.
Birt, Martin. “How to develop a successful mentorship program: 8 steps.” Financial Post, 5 Dec. 2014. Web.
Bort, Julie. “The 25 Best Tech Employers For Women [Ranked].” Business Insider, 18 Nov. 2014. Web.
Bradford, Laurence. “15 of the Most Powerful Women in Tech.” The Balance Careers, Updated 4 Feb. 2018. Web.
“Building A Stronger, Better, More Diverse eBay.” eBay Inc., 31 July 2014. Web.
“Canada’s Best Employers 2015: The Top 50 Large Companies.” Canadian Business, 2014. Article.
Cao, Jing, and Wei Xue. “What are the Best practices to Promote High-Ranking Female Employees Within Organizations?” Cornell University ILR School, Spring 2013. Web.
Cheng, Roger. “Women in Tech: The Numbers Don't Add Up.” CNET, 6 May 2015. Web.
“CIO Survey 2020: Everything Changed. Or Did It?” Harvey Nash and KPMG, 2020. Accessed 24 Feb. 2022.
Daley, Sam. “Women in Tech Statistics Show the Industry Has a Long Way to Go.” Built In, 5 May 2021. Accessed 1 March 2022.
Dixon-Fyle, Sundiatu, et al. “Diversity wins: How inclusion matters.” McKinsey & Company, 19 May 2020. Accessed 24 Feb. 2022.
Donovan, Julia. “How to Quantify the Benefits of Enhancing Your Employee Experience.” Achievers Solution Inc., 21 Sept. 2021. Web.
“Engage Me! Employee Engagement Explored.” SoftSolutions, 12 Jan. 2016. Web.
Erb, Marcus. Global Employee Engagement Benchmark Study. Great Place to Work Institute, 29 Nov. 2021. Accessed 15 Feb. 2022.
Garner, Mandy. “How to attract and recruit a more gender diverse team.” Working Mums, 4 March 2016. Web.
Gaur, Shubhra. “Women in IT: Their path to the top is like a maze.” Firstpost, 28 Aug. 2015. Web.
“Girls Gone Wired Subreddit.” Reddit, n.d. Web.
Glassdoor Team. “10 Ways to Remove Gender Bias from Job Descriptions.” Glassdoor for Employers Blog, 9 May 2017. Web.
Grant, Adam. “Impact and the Art of Motivation Maintenance: The Effects of Contact with Beneficiaries on Persistence Behavior.” Organizational Behavior and Human Decision Processes, vol. 103, no. 1, 2007, pp. 53-67. Accessed on ScienceDirect.
IBM Smarter Workforce Institute. The Employee Experience Index. IBM Corporation, 2016. Web.
ISACA. “Tech Workforce 2020: The Age and Gender Perception Gap.” An ISACA Global Survey Report, 2019. Accessed 17 Feb. 2022.
Johnson, Stephanie K., David R. Hekman, and Elsa T. Chan. “If There’s Only One Woman in Your Candidate Pool, There’s Statistically No Chance She’ll Be Hired.” Harvard Business Review, 26 April 2016. Web.
Kessler, Sarah. “Tech's Big Gender Diversity Push One Year In.” Fast Company, 19 Nov. 2015. Web.
Kosinski, M. “Why You Might Want to Focus a Little Less on Hiring for Cultural Fit.” Recruiter.com, 11 Aug. 2015. Web.
Krome, M. A. “Knowledge Transformation: A Case for Workforce Diversity.” Journal of Diversity Management (JDM), vol. 9, no. 2, Nov. 2014, pp. 103-110.
Ladimeij, Kazim. “Why Staff Resign; the Psychology of Quitting.” The Career Café, 31 March 2017. Updated 9 Jan. 2018. Web.
Loehr, Anne. “Why You Need a New Strategy For Retaining Female Talent.” ReWork, 10 Aug. 2015. Web.
Lucas, Suzanne. “How Much Employee Turnover Really Costs You.” Inc., 30 Aug. 2013. Web.
Marttila, Paula. “5 Step Action Plan To Attract Women Join Tech Startups.” LinkedIn, 10 March 2016. Web.
Mayor, Tracy. “Women in IT: How deep is the bench?” Computerworld, 19 Nov. 2012. Web.
McCracken, Douglas M. “Winning the Talent War for Women: Sometimes It Takes a Revolution.” Harvard Business Review, Nov.-Dec. 2000. Web.
McDonald’s Careers. McDonald’s, n.d. Web.
McFeely, Shane, and Ben Wigert. “This Fixable Problem Costs U.S. Businesses $1 Trillion.” Gallup, Inc., 31 March 2019. Accessed 4 March 2022.
Morgan, Jacob. The Employee Experience Advantage: How to Win the War for Talent by Giving Employees the Workspaces they Want, the Tools they Need, and a Culture They Can Celebrate. John Wiley & Sons, Inc., 2017. Print.
Napolitano, Amy. “How to Build a Successful Mentoring Program.” Training Industry, 20 April 2015. Web.
Peck, Emily. “The Stats On Women In Tech Are Actually Getting Worse.” Huffington Post. 27 March 2015. Updated 6 Dec. 2017. Web. 20
Porter, Jane. “Why Are Women Leaving Science, Engineering, And Tech Jobs?” Fast Company, 15 Oct. 2014. Web.
Pratt, Siofra. “Emma Watson: Your New Recruitment Guru - How to: Attract, Source and Recruit Women.” SocialTalent, 25 Sept. 2014. Web.
“RBC Diversity Blueprint 2012-2015.” 2012-2015 Report Card, RBC, 2015. Web.
Richter, Felix. “Infographic: Women’s Representation in Big Tech.” Statista Infographics, 1 July 2021. Web.
Rogers, Rikki. “5 Ways Companies Can Attract More Women (Aside From Offering to Freeze Their Eggs).” The Muse, n.d. Web.
Sazzoid. “HOWTO recruit and retain women in tech workplaces.” Geek Feminism Wiki, 10 Jan. 2012. Updated 18 Aug. 2016. Web.
Seiter, Courtney. “Why We Removed the Word ‘Hacker’ From Buffer Job Descriptions.” Buffer Open blog, 13 March 2015. Updated 31 Aug. 2018. Web.
Serebrin, Jacob. “With tech giants like Google going after female talent, how can startups compete?” The Globe and Mail, 18 Jan. 2016. Updated 16 May 2018. Web.
Snyder, Kieran. “Why women leave tech: It's the culture, not because 'math is hard'.” Fortune, 2 Oct. 2014. Web.
Stackpole, Beth. “5 ways to attract and retain female technologists.” Computerworld, 7 March 2016. Web.
Sullivan, John. “4 Stay Interview Formats You Really Should Consider.” Talent Management & HT, 5 Dec. 2013. Web.
Syed, Nurhuda. “IWD 2021: Why Are Women Underrepresented in the C-Suite?” HRD America, 5 March 2021. Web.
Sylvester, Cheryl. “How to empower women in IT (and beyond) on #InternationalWomenDay.” ITBUSINESS.CA, 31 March 2016. Web.
“The Power of Parity: Advancing Women’s Equality in the United States.” McKinsey Global Institute, April 2016. Web.
White, Cindy. “How to Promote Gender Equality in the Workplace.” Chron, 8 Aug. 2018. Web.
White, Sarah. “Women in Tech Statistics: The Hard Truths of an Uphill Battle.” CIO From IDG Communication, Inc., 8 March 2021. Accessed 24 Feb. 2022.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Create a PPM solution selection and implementation project charter and gather your organizations business and technical requirements.
Select the most appropriate PPM solution for your organization by using Info-Tech’s PPM solution Vendor Landscape and use cases to help you create a vendor shortlist, produce an RFP, and establish evaluation criteria for ranking your shortlisted solutions.
Plan a PPM solution implementation that will result in long-term sustainable adoption of the tool and that will allow the PMO to meet the needs of core project portfolio stakeholders.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Create a PPM solution selection and implementation project charter.
Gather the business and technical requirements for the PPM solution.
Establish clear and measurable success criteria for your PPM solution project.
Comprehensive project plan
Comprehensive and organized record of the various PPM solution requirements
A record of PPM solution project goals and criteria that can be used in the future to establish the success of the project
1.1 Brainstorm, refine, and prioritize your PPM solution needs
1.2 Stakeholder identification exercise
1.3 Project charter work session
1.4 Requirements gathering work session
1.5 PPM solution success metrics workbook session
High-level outline of PPM solution requirements
Stakeholder consultation plan
A draft project charter and action plan to fill in project charter gaps
A draft requirements workbook and action plan to fill in requirement gathering gaps
A PPM project success metrics workbook that can be used during and after the project
Identify the PPM solutions that are most appropriate for your organization’s size and level of PPM maturity.
Create a PPM solution and vendor shortlist.
Create a request for proposal (RFP).
Create a PPM solution scoring and evaluation tool.
Knowledge of the PPM solution market and the various features available
An informed shortlist of PPM vendors
An organized and focused method for evaluating the often long and complex responses to the RFP that vendors provide
The groundwork for an informed and defensible selection of a PPM solution for your organization
2.1 Assess the size of your organization and the level of PPM maturity to select the most appropriate use case
2.2 PPM solution requirements and criteria ranking activity
2.3 An RFP working session
2.4 Build an RFP evaluation tool
Identification of the most appropriate use case in Info-Tech’s Vendor Landscape
A refined and organized list of the core features that will be included in the RFP
A draft RFP with an action plan to fill in any RFP gaps
An Excel tool that can be used to compare and evaluate vendors’ responses to the RFP
To think ahead to the eventual implementation of the solution that will occur once the selection phase is completed
An understanding of key insights and steps that will help avoid mistakes resulting in poor adoption or PPM solutions that end up producing little tangible value
3.1 Outline high-level implementation stages
3.2 Organizational change management strategy session
3.3 A PPM project success metrics planning session
High-level implementation tasks and milestones
A RACI chart for core implementation tasks
A high-level PPM solution implementation organizational change management strategy
A RACI chart for core organizational change management tasks related to the PPM solution implementation
A PPM project success metrics schedule and plan
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Establish your project vision and metrics of success before shortlisting potential contact center architectures and deciding which is right-sized for the organization.
Build business requirements to achieve stakeholder buy-in, define key deliverables, and issue an RFP/RFQ to shortlisted vendors.
Score RFP/RFQ responses and decide upon a vendor before constructing a SOW.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Shortlist and decide upon a right-sized contact center architecture.
A high-level decision for a right-sized architecture
1.1 Define vision and mission statements.
1.2 Identify infrastructure metrics of success.
1.3 Confirm key performance indicators for contact center operations.
1.4 Complete architecture assessment.
1.5 Confirm right-sized architecture.
Project outline
Metrics of success
KPIs confirmed
Quickly narrow down right-sized architecture
Decision on right-sized contact center architecture
Build business requirements and define key deliverables to achieve stakeholder buy-in and shortlist potential vendors.
Key deliverables defined and a shortlist of no more than five vendors
Sections 7-8 of the Contact Center Playbook completed
2.1 Hold focus groups with key stakeholders.
2.2 Gather business, nonfunctional, and functional requirements.
2.3 Define key deliverables.
2.4 Shortlist five vendors that appear meet those requirements.
User requirements identified
Business Requirements Document completed
Key deliverables defined
Shortlist of five vendors
Compare and evaluate shortlisted vendors against gathered requirements.
Have a strong overview of which vendors are preferred for issuing RFP/RFQ
Section 9 of the Contact Center Playbook
3.1 Input requirements to the Contact Center RFP Scoring Tool. Define which are mandatory and which are desirable.
3.2 Determine which vendors best meet requirements.
3.3 Compare requirements met with anticipated TCO.
3.4 Compare and rank vendors.
An assessment of requirements
Vendor scoring
A holistic overview of requirements scoring and vendor TCO
An initial ranking of vendors to shape RFP process after workshop end
Walk through the Contact Center SOW Template and Guide to identify how much time to allocate per section and who will be responsible for completing it.
An understanding of a SOW that is designed to avoid major pitfalls with vendor management
Section 10 of the Contact Center Playbook
4.1 Get familiar with the SOW structure.
4.2 Identify which sections will demand greater time allocation.
4.3 Strategize how to avoid potential pitfalls.
4.4 Confirm reviewer responsibilities.
A broad understanding of a SOW’s key sections
A determination of how much time should be allocated for reviewing major sections
A list of ways to avoid major pitfalls with vendor management
A list of reviewers, the sections they are responsible for reviewing, and their time allocation for their review
Finalize deliverables and plan post-workshop communications.
A completed Contact Center Playbook that justifies each decision of this workshop
5.1 Finalize deliverables.
5.2 Support communication efforts.
5.3 Identify resources in support of priority initiatives.
Contact Center Playbook delivered
Post-workshop engagement to confirm satisfaction
Follow-up research that complements the workshop or leads workshop group in relevant new directions
Make sure to build a strong knowledge management strategy to identify, capture, and transfer knowledge from project delivery to the service desk.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
This storyboard will help you craft a project support plan to document information to streamline service support.
Use these two templates as a means of collaboration with the service desk to provide information on the application/product, and steps to take to make sure there are efficient service processes and knowledge is appropriately transferred to the service desk to support the service.
Analyst PerspectiveFormalize your project support plan to shift customer service to the service desk. |
As a service support team member, you receive a ticket from an end user about an issue they’re facing with a new application. You are aware of the application release, but you don’t know how to handle the issue. So, you will need to either spend a long time investigating the issue via peer discussion and research or escalate it to the project team. Newly developed or improved services should be transitioned appropriately to the support team. Service transitioning should include planning, coordination, and communication. This helps project and support teams ensure that upon a service failure, affected end users receive timely and efficient customer support. At the first level, the project team and service desk should build a strategy around transitioning service support to the service desk by defining tasks, service levels, standards, and success criteria. In the second step, they should check the service readiness to shift support from the project team to the service desk. The next step is training on the new services via efficient communication and coordination between the two parties. The project team should allocate some time, according to the designed strategy, to train the service desk on the new/updated service. This will enable the service desk to provide independent service handling. This research walks you through the above steps in more detail and helps you build a checklist of action items to streamline shifting service support to the service desk. Mahmoud Ramin, PhDSenior Research Analyst
|
Your Challenge
|
Common Obstacles
|
Info-Tech’s Approach
|
Make sure to build a strong knowledge management strategy to identify, capture, and transfer knowledge from project delivery to the service desk.
Service desk team:
|
Project delivery team:
|
A successful launch can still be a failure if the support team isn't fully informed and prepared.
|
Info-Tech InsightInvolve the service desk in the transition process via clear communication, knowledge transfer, and staff training. |
Service desk involvement in the development, testing, and maintenance/change activity steps of your project lifecycle will help you logically define the category and priority level of the service and enable service level improvement accordingly after the project goes live.
The project team is dedicated to projects, while the support team focuses on customer service for several products.Siloed responsibilities:
|
How to break the silos: Develop a tiered model for the service desk and include project delivery in the specialist tier.
|
At the project level, get a clear understanding of support capabilities and demands, and communicate them to the service desk to proactively bring them into the planning step.
The following questions help you with an efficient plan for support transition |
|
Why is stakeholder analysis essential?
Task/Activity | Example |
Conduct administrative work in the application |
|
Update documentation |
|
Service request fulfillment/incident management |
|
Technical support for systems troubleshooting |
|
End-user training |
|
Service desk training |
|
Support management (monitoring, meeting SLAs) |
|
Report on the service transitioning |
|
Ensure all policies follow the transition activities |
|
|
|
|
|
|
|
Document project description and service priority in the Project Handover Template.
|
|
Document service level objectives and maintenance in the Project Handover Template.
Transition of a project to the service desk includes both knowledge transfer and execution transfer.
01
Provide training and mentoring to ensure technical knowledge is passed on.
02
Transfer leadership responsibilities by appointing the right people.
03
Transfer support by strategically assigning workers with the right technical and interpersonal skills.
04
Transfer admin rights to ensure technicians have access rights for troubleshooting.
05
Create support and a system to transfer work process. For example, using an online platform to store knowledge assets is a great way for support to access project information.
A communication plan and executive presentation will help project managers outline recommendations and communicate their benefits.
Leaders of successful change spend considerable time developing a powerful change message, i.e. a compelling narrative that articulates the desired end state, that makes the change concrete and meaningful to staff. The message should:
|
|
The support team usually uses an ITSM solution, while the project team mostly uses a project management solution. End users’ support is done and documented in the ITSM tool.
Even terminologies used by these teams are different. For instance, service desk’s “incident” is equivalent to a project manager’s “defect.” Without proper integration of the development and support processes, the contents get siloed and outdated over time.
Potential ways to deal with this challenge:
This helps you document information in a single platform and provides better visibility of the project status to the support team as well. It also helps project team find out change-related incidents for a faster rollback.
Note: This is not always feasible because of the high costs incurred in purchasing a new application with both ITSM and PM capabilities and the long time it takes for implementing such a solution.
Note: Consider the processes that should be integrated. Don’t integrate unnecessary steps in the development stage, such as design, which will not be helpful for support transition.
Training the service desk has two-fold benefits:
Improve support:
Shift-left enablement:
|
For more information about shift-left enablement, refer to InfoTech’s blueprint Optimize the Service Desk With a Shift-Left Strategy. |
Use the following steps to ensure the service desk gets trained on the new project.
|
Info-Tech InsightAllocate knowledge transfer within ticket handling workflows. When incident is resolved by a specialist, they will assess if it is a good candidate for technician training and/or a knowledgebase article. If so, the knowledge manager will be notified of the opportunity to assign it to a SME for training and documentation of an article. For more information about knowledge transfer, refer to phase 3 of Info-Tech’s blueprint Standardize the Service Desk. |
Role | Training Function | Timeline |
Developer/Technical Support |
|
|
Business Analysts |
|
|
Service Desk Agents |
|
|
Vendor |
|
Document your knowledge transfer plan in the Project Handover Template.
Info-Tech InsightNo matter how well training is done, specialists may need to work on critical incidents and handle emergency changes. With effective service support and transition planning, you can make an agreement between the incident manager, change manager, and project manager on a timeline to balance critical incident or emergency change management and project management and define your SLA. |
2-3 hours Document project support information and check off each support transition initiative as you shift service support to the service desk.
|
|
You won’t know if transitioning support processes are successful unless you measure their impact. Find out your objectives for project transition and then track metrics that will allow you to fulfill these goals.
Determine critical success factors to help you find out key metrics: High quality of the service Effectiveness of communication of the transition Manage risk of failure to help find out activities that will mitigate risk of service disruption Smooth and timely transition of support to the service desk Efficient utilization of the shared services and resources to mitigate conflicts and streamline service transitioning |
Suggested metrics:
|
Following the steps outlined in this research has helped you build a strategy to shift service support from the project team to the service desk, resulting in an improvement in customer service and agent satisfaction.
You have also developed a plan to break the silo between the service desk and specialists and enable knowledge transfer so the service desk will not need to unnecessarily escalate tickets to developers. In the meantime, specialists are also responsible for service desk training on the new application.
Efficient communication of service levels has helped the project team set clear expectations for managers to create a balance between their projects and service support.
If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.
Contact your account representative for more information
workshops@infotech.com
1-888-670-8889
Improve customer service by driving consistency in your support approach and meeting SLAs.
Optimize the Service Desk With a Shift-Left StrategyThe best type of service desk ticket is the one that doesn’t exist.
Tailor IT Project Management Processes to Fit Your ProjectsRight-size PMBOK for all of your IT projects.
Brown, Josh. “Knowledge Transfer: What it is & How to Use it Effectively.” Helpjuice, 2021. Accessed November 2022.
Magowan, Kirstie. “Top ITSM Metrics & KPIs: Measuring for Success, Aiming for Improvement.” BMC Blogs, 2020. Accessed November 2022.
“The Complete Blueprint for Aligning Your Service Desk and Development Teams (Process Integration and Best Practices).” Exalate, 2021. Accessed October 2022.
“The Qualities of Leadership: Leading Change.” Cornelius & Associates, 2010. Web.
It used to be easy: pick your cloud, build out your IT footprint, and get back to business. But the explosion of cloud adoption has also led to an explosion of options for cloud providers, platforms, and deployment options. And that’s just when talking about infrastructure as a service!
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Use this research to understand the risks and benefits that come with a multicloud posture.
Your Challenge |
Common Obstacles |
Info-Tech’s Approach |
---|---|---|
It used to be easy: pick your cloud, build out your IT footprint, and get back to business. But the explosion of cloud adoption has also led to an explosion of options for cloud providers, platforms, and deployment. And that’s just when talking about infrastructure as a service! For many businesses, one of the key benefits of the cloud ecosystem is enabling choice for different users, groups, and projects in the organization. But this means embracing multiple cloud platforms. Is it worth it? |
The reality is that multicloud is inevitable for most organizations, and if it’s not yet a reality for your IT team, it soon will be. This brings new challenges:
|
By defining your end goals, framing solutions based on the type of visibility and features your multicloud footprint needs to deliver, you can enable choice and improve performance, flexibility, and availability.
|
Info-Tech Insight
Embracing multicloud in your organization is an opportunity to gain control while enabling choice. Although it increases complexity for both IT operations and governance, with the right tools and principles in place you can reduce the IT burden and increase business agility at the same time.
Multicloud isn’t good or bad; it’s inevitable |
The reality is multicloud is usually not a choice. For most organizations, the requirement to integrate with partners, subsidiaries, and parent organizations, as well as the need to access key applications in the software-as-a-service ecosystem, means that going multicloud is a matter of when, not if. The real question most businesses should ask is not whether to go multicloud, but rather how to land in multicloud with intent and use it to their best advantage. |
---|---|
Your workloads will guide the way |
One piece of good news is that multicloud doesn’t change the basic principles of a good cloud strategy. In fact, a well-laid-out multicloud approach can make it even easier to put the right workloads in the right place – and then even move them around as needed. This flexibility isn’t entirely free, though. It’s important to know how and when to apply this type of portability and balance its benefits against the cost and complexity that come with it. |
Don’t fall in reactively; land on your feet |
Despite the risks that come with the increased scale and complexity of multicloud, it is possible to maintain control, realize the benefits, and even use multicloud as a springboard for leveraging cloud benefits in your business. By adopting best practices and forethought in key areas of multicloud risk, you can hit the ground running. |
01 Hybrid Cloud
Private cloud and public cloud infrastructure managed as one entity
02 Multicloud
Includes multiple distinct public cloud services, or “footprints”
03 Hybrid IT
Putting the right workloads in the right places with an overall management framework
Info-Tech Insight
The SaaS ecosystem has led organizations to encourage business units to exercise the IT choices that are best for them.
Hybrid IT: Aggregate Management, Monitoring, Optimization, Continuous Improvement
The risks in multicloud are the same as in traditional cloud but amplified by the differences across footprints and providers in your ecosystem.
Info-Tech Insight
Don’t be afraid to ask for help! Each cloud platform you adopt in your multicloud posture requires training, knowledge, and execution. If you’re already leveraging an ecosystem of cloud providers, leverage the ecosystem of cloud enablers as needed to help you on your way.
Increasing flexibility & accelerating integration |
Because multicloud increases the number of platforms and environments available to us, we can Multicloud also can be a catalyst for integrating and stitching together resources and services that were previously isolated from each other. Because of the modular design and API architecture prevalent in cloud services, they can be easily consumed and integrated from your various footprints. |
---|---|
Modernizing data strategy |
While it may seem counterintuitive, a proactive multicloud approach will allow you to regain visibility and control of your entire data ecosystem. Defining your data architecture and policies with an eye to the inevitability of multicloud means you can go beyond just regaining control of data stranded in SaaS and other platforms; you can start to really understand the flows of data and how they affect your business processes for better or worse. |
Move to cloud-native IT & design |
Embracing multicloud is also a great opportunity to embrace the refactoring and digital transformation you’ve been blocked on. Instead of treading water with respect to keeping control of fragmented applications, services, and workloads, a proactive approach to multicloud allows you to embrace open standards built to deliver cloud-native power and portability and to build automations that increase reliability, performance, and cost effectiveness while reducing your total in-house work burden. |
Info-Tech Insight
Don’t bite off more than you can chew! Especially with IaaS and PaaS services, it’s important to ensure you have the skills and bandwidth to manage and deploy services effectively. It’s better to start with one IaaS platform, master it, and then expand.
The principles of cloud strategy don’t change with multicloud! | ![]() |
If anything, a multicloud approach increases your ability to put the right workloads in the right places, wherever that may be. | |
It can also (with some work and tooling) provide even broader options for portability and resilience. |
Put everything in its right place.
Just like with any cloud strategy, start with a workload-level approach and figure out the right migration path and landing point for your workload in cloud.
Understand the other right places!
Multicloud means for many workloads, especially IaaS- and PaaS-focused ones, you will have multiple footprints you can use for secondary locations as desired for portability, resilience, and high availability (with the right tooling and design).
Info-Tech Insight
Portability is always a matter of balancing increased flexibility, availability, and resilience against increased complexity, maintenance effort, and cost. Make sure to understand the requirement for your workloads and apply portability efforts where they make the most sense
Don’t manage multicloud with off-the-rack tools.
The default dashboards and management tools from most cloud vendors are a great starting point when managing a single cloud. Unfortunately, most of these tools do not extend well to other platforms, which can lead to multiple dashboards for multiple footprints.
These ultimately lead to an inability to view your multicloud portfolio in aggregate and fragmentation of metrics and management practices across your various platforms. In such a situation maintaining compliance and control of IT can become difficult, if not impossible!
Unified standards and tools that work across your entire cloud portfolio will help keep you on track, and the best way to realize these is by applying repeatable, open standards across your various environments and usually adopting new software and tools from the ecosystem of multicloud management software platforms available in the market.
Info-Tech Insight
Even in multicloud, don’t forget that the raw data available from the vendor’s default dashboards is a critical source of information for optimizing performance, efficiency, and costs.
The ecosystem is heterogeneous.
The explosion of cloud platforms and stacks means no single multicloud management tool can provide support for every stack in the private and public cloud ecosystem. This challenge becomes even greater when moving from IaaS/PaaS to addressing the near-infinite number of offerings available in the SaaS market.
When it comes to selecting the right multicloud management tool, it’s important to keep a few things in mind:
Key Features
Info-Tech Insight
SaaS always presents a unique challenge for gathering necessary cloud management data. It’s important to understand what data is and isn’t available and how it can be accessed and made available to your multicloud management tools.
As a working example, you can review these vendors on the following slides:
Info-Tech Insight
Creating vendor profiles will help quickly identify the management tools that meet your multicloud needs.
VMware CloudHealth
Vendor Summary
CloudHealth is a VMware management suite that provides visibility into VMware-based as well as public cloud platforms. CloudHealth focuses on providing visibility to costs and governance as well as applying automation and standardization of configuration and performance across cloud platforms.
Supported Platforms
Supports AWS, Azure, GCP, OCI, VMware
Vendor Summary
ServiceNow IT Operations Management (ITOM) is a module for the ServiceNow platform that allows deep visibility and automated intervention/remediation for resources across multiple public and private cloud platforms. In addition to providing a platform for managing workload portability and costs across multiple cloud platforms, ServiceNow ITOM offers features focused on delivering “proactive digital operations with AIOps.”
URL: servicenow.com/products/it-operations-management.html
Supported Platforms
Supports CloudFormation, ARM, GDM, and Terraform templates. Also provisions virtualized VMware environments.
CloudCheckr
Vendor Summary
CloudCheckr is a SaaS platform that provides end-to-end cloud management to control cost, ensure security, optimize resources, and enable services. Primarily focused on enabling management of public cloud services, CloudCheckr’s broad platform support and APIs can be used to deliver unified visibility across many multicloud postures.
URL: cloudcheckr.com
Supported Platforms
Supports AWS, Azure, GCP, SAP Hana
Feature Sets
This activity involves the following participants:
Outcomes of this step:
Info-Tech Insight
This checkpoint process creates transparency around agreement costs with the business and gives the business an opportunity to reevaluate its requirements for a potentially leaner agreement.
SaaS While every service model and deployment model has its place in multicloud, depending on the requirements of the workload and the business, most organizations end up in multicloud because of the wide ecosystem of options available at the SaaS level. Enabling the ability to adopt SaaS offerings into your multicloud footprint should be an area of focus for most IT organizations, as it’s the easiest way to deliver business impact (without taking on additional infrastructure work). |
IaaS and PaaS Although IaaS and PaaS also have their place in multicloud, the benefits are usually focused more on increased portability and availability rather than on enabling business-led IT. Additionally, multicloud at these levels can often be complex and/or costly to implement and maintain. Make sure you understand the cost-benefit for implementing multicloud at this level! |
With multiple SaaS workloads as well as IaaS and PaaS footprints, one of the biggest challenges to effective multicloud is understanding where any given data is, what needs access to it, and how to stitch it all together.
In short, you need a strategy to understand how to collect and consolidate data from your multiple footprints.
Relying solely on the built-in tools and dashboards provided by each provider inevitably leads to data fragmentation – disparate data sets that make it difficult to gain clear, unified visibility into your cloud’s data.
To address the challenge of fragmented data, many organizations will require a multicloud-capable management platform that can provide access and visibility to data from all sources in a unified way.
When it comes to multicloud, cloud-native design is both your enemy and your friend. On one hand, it provides the ability to fully leverage the power and flexibility of your chosen platform to run your workload in the most on-demand, performance-efficient, utility-optimized way possible.
But it’s important to remember that building cloud-native for one platform directly conflicts with that workload’s portability to other platforms! You need to understand the balance between portability and native effectiveness that works best for each of your workloads.
Info-Tech Insight
You can (sort of) have the best of both worlds! While the decision to focus on the cloud-native products, services, and functions from a given cloud platform must be weighed carefully, it’s still a good idea to leverage open standards and architectures for your workloads, as those won’t hamper your portability in the same way.
Even on singular platforms, cloud cost management is no easy task. In multicloud, this is amplified by the increased scale and scope of providers, products, rates, and units of measure.
There is no easy solution to this – ultimately the same accountabilities and tasks that apply to good cost management on one cloud also apply to multicloud, just at greater scale and impact.
Info-Tech Insight
Evolving your tooling applies to cost management too. While the vendor-provided tools and dashboards for cost control on any given cloud provider’s platform are a good start and a critical source for data, to get a proper holistic view you will usually require multicloud cost management software (and possibly some development work).
A key theme in cloud service pricing is “it’s free to come in, but it costs to leave.” This is a critical consideration when designing the inflows and outflows of data, interactions, transactions, and resources among workloads sitting on different platforms and different regions or footprints.
When defining your multicloud posture, think about what needs to flow between your various clouds and make sure to understand how these flows will affect costs, performance, and throughput of your workloads and the business processes they support.
Automation Is Your Friend Managing multicloud is a lot of work. It makes sense to eliminate the most burdensome and error-prone tasks. Automating these tasks also increases the ease and speed of workload portability in most cases. Automation and scheduling are also key enablers of standardization – which is critical to managing costs and other risks in multicloud. Create policies that manage and optimize costs, resource utilization, and asset configuration. Use these to reduce the management burden and risk profile. |
Evolve Your Tooling Effective multicloud management requires a clear picture of your entire cloud ecosystem across all footprints. This generally isn’t possible using the default tools for any given cloud vendor. Fortunately, there is a wide ecosystem of multicloud tools to help provide you with a unified view. The best cloud management tools will not only allow you to get a unified view of your IT operations regardless of where the resources lie but also help you to evaluate your multiple cloud environments in a unified way, providing a level playing field to compare and identify opportunities for improvement. |
Info-Tech Insight
Embrace openness! Leveraging open standards and technologies doesn’t just ease portability in multicloud; it also helps rationalize telemetry and metrics across platforms, making it easier to achieve a unified management view.
Multicloud security challenges remain focused around managing user and role complexity
Info-Tech Insight
Don’t reinvent the wheel! Where possible, leverage your existing identity and access management platforms and role-based access control (RBAC) discipline and extend them out to your cloud footprints.
Define Your Cloud Vision
This blueprint covers a workload-level approach to determining cloud migration paths
10 Secrets for Successful Disaster Recovery in the Cloud
This research set covers general cloud best practices for implement DR and resilience in the cloud.
“7 Best Practices for Multi-Cloud Management.” vmware.com, 29 April 2022. Web.
Brown, Chalmers. “Six Best Practices For Multi-Cloud Management.” Forbes, 22 Jan. 2019. Web.
Curless, Tim. “The Risks of Multi-Cloud Outweigh the Benefits.” AHEAD, n.d. Web.
Tucker, Ryan. “Multicloud Security: Challenges and Solutions.” Megaport, 29 Sept 2022. Web.
Velimirovic, Andreja. “How to Implement a Multi Cloud Strategy.” pheonixNAP, 23 June 2021. Web.
“What is a Multi-Cloud Strategy?” vmware.com, n.d. Web.
You may be experiencing one or more of the following:
To have a successful information security strategy, take these three factors into account:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Read up on why you should build your customized information security strategy. Review our methodology and understand the four ways we can support you.
It all starts with risk appetite, yes, but security is something you want to get right. Determine your organizations' security pressures and business goals, and then determine your security program's goals.
Our best-of-breed security framework makes you perform a gap analysis between where you are and where you want to be (your target state). Once you know that, you can define your goals and duties.
With your design at this level, it is time to plan your roadmap.
Learn to use our methodology to manage security initiatives as you go. Identify the resources you need to execute the evolving strategy successfully.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Lay down the foundations for security risk management, including roles and responsibilities and a defined risk tolerance level.
Define frequency and impact rankings then assess the risk of your project.
Catalog an inventory of individual risks to create an overall risk profile.
Communicate the risk-based conclusions and leverage these in security decision making.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Build the foundation needed for a security risk management program.
Define roles and responsibilities of the risk executive.
Define an information security risk tolerance level.
Clearly defined roles and responsibilities.
Defined risk tolerance level.
1.1 Define the security executive function RACI chart.
1.2 Assess business context for security risk management.
1.3 Standardize risk terminology assumptions.
1.4 Conduct preliminary evaluation of risk scenarios to determine your risk tolerance level.
1.5 Decide on a custom risk factor weighting.
1.6 Finalize the risk tolerance level.
1.7 Begin threat and risk assessment.
Defined risk executive functions
Risk governance RACI chart
Defined quantified risk tolerance and risk factor weightings
Determine when and how to conduct threat and risk assessments (TRAs).
Complete one or two TRAs, as time permits during the workshop.
Developed process for how to conduct threat and risk assessments.
Deep risk analysis for one or two IT projects/initiatives.
2.1 Determine when to initiate a risk assessment.
2.2 Review appropriate data classification scheme.
2.3 Identify system elements and perform data discovery.
2.4 Map data types to the elements.
2.5 Identify STRIDE threats and assess risk factors.
2.6 Determine risk actions taking place and assign countermeasures.
2.7 Calculate mitigated risk severity based on actions.
2.8 If necessary, revisit risk tolerance.
2.9 Document threat and risk assessment methodology.
Define scope of system elements and data within assessment
Mapping of data to different system elements
Threat identification and associated risk severity
Defined risk actions to take place in threat and risk assessment process
Complete one or two TRAs, as time permits during the workshop.
Deep risk analysis for one or two IT projects/initiatives, as time permits.
3.1 Continue threat and risk assessment activities.
3.2 As time permits, one to two threat and risk assessment activities will be performed as part of the workshop.
3.3 Review risk assessment results and compare to risk tolerance level.
One to two threat and risk assessment activities performed
Validation of the risk tolerance level
Collect, analyze, and aggregate all individual risks into the security risk register.
Plan for the future of risk management.
Established risk register to provide overview of the organizational aggregate risk profile.
Ability to communicate risk to other stakeholders as needed.
4.1 Begin building a risk register.
4.2 Identify individual risks and threats that exist in the organization.
4.3 Decide risk responses, depending on the risk level as it relates to the risk tolerance.
4.4 If necessary, revisit risk tolerance.
4.5 Identify which stakeholders sign off on each risk.
4.6 Plan for the future of risk management.
4.7 Determine how to present risk to senior management.
Risk register, with an inventory of risks and a macro view of the organization’s risk
Defined risk-based initiatives to complete
Plan for securing and managing the risk register
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Parse specific technology drivers out of the formal enterprise digital strategy.
Review and understand potential enabling applications.
Use the drivers and an understanding of enabling applications to put together an execution roadmap that will support the digital strategy.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Review and validate the formal enterprise digital strategy.
Confirmation of the goals, objectives, and direction of the organization’s digital strategy.
1.1 Review the initial digital strategy.
1.2 Determine gaps.
1.3 Refine digital strategy scope and vision.
1.4 Finalize digital strategy and validate with stakeholders.
Validated digital strategy
Enumerate relevant technology drivers from the digital strategy.
List of technology drivers to pursue based on goals articulated in the digital strategy.
2.1 Identify affected process domains.
2.2 Brainstorm impacts of digital strategy on technology enablement.
2.3 Distill critical technology drivers.
2.4 Identify KPIs for each driver.
Affected process domains (based on APQC)
Critical technology drivers for the digital strategy
Relate your digital strategy drivers to specific, actionable application areas.
Understand the interplay between the digital strategy and impacted application domains.
3.1 Build and review current application inventory for digital.
3.2 Execute fit-gap analysis between drivers and current state inventory.
3.3 Pair technology drivers to specific enabling application categories.
Current-state application inventory
Fit-gap analysis
Understand how different applications support the digital strategy.
Understand the art of the possible.
Knowledge of how applications are evolving from a features and capabilities perspective, and how this pertains to digital strategy enablement.
4.1 Application spotlight: customer experience.
4.2 Application spotlight: content and collaboration.
4.3 Application spotlight: business intelligence.
4.4 Application spotlight: enterprise resource planning.
Application spotlights
Create a concrete, actionable roadmap of application and technology initiatives to move the digital strategy forward.
Clear, concise articulation of application roadmap for supporting digital that can be communicated to the business.
5.1 Build list of enabling projects and applications.
5.2 Create prioritization criteria.
5.3 Build the digital strategy application roadmap.
5.4 Socialize the roadmap.
5.5 Delineate responsibility for roadmap execution.
Application roadmap for the digital strategy
RACI chart for digital strategy roadmap execution
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Identify benefits of shared services to your organization and define implementation challenges.
Identify your process and staff capabilities and discover which services will be transitioned to shared services plan. It will also help you to figure out the best model to choose.
Discuss an actionable plan to implement shared services to track the project. Walk through a communication plan to document the goals, progress, and expectations with customer stakeholders.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Establish the need for change.
Set a clear understanding about benefits of shared services to your organization.
1.1 Identify your organization’s main drivers for using a shared services model.
1.2 Define if it is beneficial to implement shared services.
Shared services mission
Shared services goals
Become aware of challenges to implement shared services and your capabilities for such transition.
Discover the primary challenges for transitioning to shared services, eliminate resistance factors, and identify your business potentials for implementation.
2.1 Identify your organization’s resistance to implement shared services.
2.2 Assess process and people capabilities.
Shared Services Business Case
Shared Services Assessment
Determine the shared services model.
Identify the core services to be shared and the best model that fits your organization.
3.1 Define core services that will be moved to shared services.
3.2 Assess different models of shared services and pick the one that satisfies your goals and needs.
List of services to be transferred to shared services
Shared services model
Define and communicate the tasks to be delivered.
Confidently approach key stakeholders to make the project a reality.
4.1 Define the roadmap for implementing shared services.
4.2 Make a plan to communicate changes.
List of initiatives to reach the target state, strategy risks, and their timelines
Draft of a communication plan
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Assess the opportunities of web APIs.
Design and develop web APIs that support business processes and enable reusability.
Accommodate web API testing best practices in application test plans.
Monitor the usage and value of web APIs and plan for future optimizations and maintenance.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Gauge the importance of web APIs for achieving your organizational needs.
Understand how web APIs can be used to achieve below-the-line and above-the-line benefits.
Be aware of web API development pitfalls.
Understanding the revenue generation and process optimization opportunities web APIs can bring to your organization.
Knowledge of the current web API landscape.
1.1 Examine the opportunities web APIs can enable.
Establish a web API design and development process.
Design scalable web APIs around defined business process flows and rules.
Define the web service objects that the web APIs will expose.
Reusable web API designs.
Identification of data sets that will be available through web services.
Implement web API development best practices.
2.1 Define high-level design details based on web API requirements.
2.2 Define your process workflows and business rules.
2.3 Map the relationships among data tables through ERDs.
2.4 Define your data model by mapping the relationships among data tables through data flow diagrams.
2.5 Define your web service objects by effectively referencing your data model.
High-level web API design.
Business process flow.
Entity relationship diagrams.
Data flow diagrams.
Identification of web service objects.
Incorporate APIs into your existing testing practices.
Emphasize security testing with web APIs.
Learn of the web API testing and monitoring tool landscape.
Creation of a web API test plan.
3.1 Create a test plan for your web API.
Web API Test Plan.
Plan for iterative development and maintenance of web APIs.
Manage web APIs for versioning and reuse.
Establish a governance structure to manage changes to web APIs.
Implement web API monitoring and maintenance best practices.
Establishment of a process to manage future development and maintenance of web APIs.
4.1 Identify roles for your API development projects.
4.2 Develop governance for web API development.
RACI table that accommodates API development.
Web API operations governance structure.
Innovation is about people, not ideas or processes. Innovation does not require a formal process, a dedicated innovation team, or a large budget; the most important success factor for innovation is culture. Companies that facilitate innovative behaviors like growth mindset, collaboration, and taking smart risks are most likely to see the benefits of innovation.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
This storyboard includes three phases and nine activities that will help you define your purpose, align your people, and build your practice.
Use this template in conjunction with the activities in the main storyboard to create and communicate your innovation program. This template uses sample data from a fictional retailer, Acme Corp, to illustrate an ideal innovation program summary.
This job description can be used to hire your Chief Innovation Officer. There are many other job descriptions available on the Info-Tech website and referenced within the storyboard.
Use this framework to facilitate an ideation session with members of the business. Instructions for how to customize the information and facilitate each section is included within the deck.
This spreadsheet provides an analytical and transparent method to prioritize initiatives based on weighted criteria relevant to your business.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Define your innovation ambitions.
Gain a better understanding of why you are innovating and what your organization will gain from an innovation program.
1.1 Understand your innovation mandate.
1.2 Define your innovation ambitions.
1.3 Determine value proposition & metrics.
Complete the "Our purpose" section of the Innovation Program Template
Complete "Vision and guiding principles" section
Complete "Scope and value proposition" section
Success metrics
Build a culture, operating model, and team that support innovation.
Develop a plan to address culture gaps and identify and implement your operating model.
2.1 Foster a culture of innovation.
2.2 Define your operating model.
Complete "Building an innovative culture" section
Complete "Operating model" section
Create the capability to facilitate innovation.
Create a resourcing plan and prioritization templates to make your innovation program successful.
3.1 Build core innovation capabilities.
3.2 Develop prioritization criteria.
Team structure and resourcing requirements
Prioritization spreadsheet template
Finalize your program and complete the final deliverable.
Walk away with a complete plan for your innovation program.
4.1 Define your methodology to pilot projects.
4.2 Conduct a program retrospective.
Complete "Operating model" section in the template
Notable wins and goals
Many organizations stumble when implementing innovation programs. Innovation is challenging to get right, and even more challenging to sustain over the long term.
One of the common stumbling blocks we see comes from organizations focusing more on the ideas and the process than on the culture and the people needed to make innovation a way of life. However, the most successful innovators are the ones which have adopted a culture of innovation and reinforce innovative behaviors across their organization. Organizational cultures which promote growth mindset, trust, collaboration, learning, and a willingness to fail are much more likely to produce successful innovators.
This research is not just about culture, but culture is the starting point for innovation. My hope is that organizations will go beyond the processes and methodologies laid out here and use this research to dramatically improve their organization's performance.
Kim Osborne Rodriguez
Research Director, CIO Advisory
Info-Tech Research Group
As a leader in your organization, you need to:
In the past, you might have experienced one or more of the following:
This blueprint will help you:
There is no single right way to approach innovation. Begin with an understanding of your innovation ambitions, your existing culture, and the resources available to you, then adopt the innovation operating model that is best suited to your situation.
Note: This research is written for the individual who is leading the development of the innovation. This role is referred to as the Chief Innovation Officer (CINO) throughout this research but could be the CIO, CTO, IT director, or another business leader.
75% |
Three-quarters of companies say innovation is a top-three priority. |
---|---|
30% |
But only 30% of executives say their organizations are doing it well. |
Based on a survey of 270 business leaders.
Source: Harvard Business Review, 2018
The most common challenges business leaders experience relate to people and culture. Success is based on people, not ideas.
Politics, turf wars, and a lack of alignment: territorial departments, competition for resources, and unclear roles are holding back the innovation efforts of 55% of respondents.
FIX IT
Senior leadership needs to be clear on the innovation goals and how business units are expected to contribute to them.
Cultural issues: many large companies have a culture that rewards operational excellence and disincentivizes risk. A history of failed innovation attempts may result in significant resistance to new change efforts.
FIX IT
Cultural change takes time. Ensure you are rewarding collaboration and risk-taking, and hire people with fresh new perspectives.
Inability to act on signals crucial to the future of the business: only 18% of respondents indicated their organization was unaware of disruptions, but 42% said they struggled with acting on leading indicators of change.
FIX IT
Build the ability to quickly run pilots or partner with startups and incubators to test out new ideas without lengthy review and approval processes.
Source: Harvard Business Review, 2018
1 Source: Boston Consulting Group, 2021
2 Source: Boston Consulting Group, 2019
3 Source: Harvard Business Review, 2018
Innovators are defined as companies that were listed on Fast Company World's 50 Most Innovative Companies for 2+ years.
A 25-year study by Business Development Canada and Statistics Canada showed that innovation was more important to business success than management, human resources, marketing, or finance.
INDUSTRY: Healthcare
SOURCE: Interview
This Info-Tech member is a nonprofit, community-based mental health organization located in the US. It serves about 25,000 patients per year in community, school, and clinic settings.
This organization takes its innovation culture very seriously and has developed methodologies to assess individual and team innovation readiness as well as innovation types, which it uses to determine everyone's role in the innovation process. These assessments look at knowledge of and trust in the organization, its innovation profile, and its openness to change. Innovation enthusiasts are involved early in the process when it's important to dream big, while more pragmatic perspectives are incorporated later to improve the final solution.
The organization has developed many innovative approaches to delivering healthcare. Notably, they have reimagined patient scheduling and reduced wait times to the extent that some patients can be seen the same day. They are also working to improve access to mental health care despite a shortage of professionals.
1. Define Your Purpose |
2. Align Your People |
3. Build Your Practice |
|
---|---|---|---|
Phase Steps |
|
|
|
Phase Outcomes |
Understand where the mandate for innovation comes from, and what the drivers are for pursuing innovation. Define what innovation means to your organization, and set the vision, mission, and guiding principles. Articulate the value proposition and key metrics for measuring success. |
Understand what it takes to build an innovative culture, and what types of innovation structure are most suited to your innovation goals. Define an innovation methodology and build your core innovation capabilities and team. |
Gather ideas and understand how to assess and prioritize initiatives based on standardized metrics. Develop criteria for tracking and measuring the success of pilot projects and conduct a program retrospective. |
Innovation Operating Model
The operating model describes how the innovation program delivers value to the organization, including how the program is structured, the steps from idea generation to enterprise launch, and the methodologies used.
Examples: Innovation Hub, Grassroots Innovation.
Innovation Methodology
Methodologies describe the ways the operating model is carried out, and the approaches used in the innovation practice.
Examples: Design Thinking, Weighted Criteria Scoring
Chief Innovation Officer
This research is written for the person or team leading the innovation program – this might be a CINO, CIO, or other leader in the organization.
Innovation Team
The innovation team may vary depending on the operating model, but generally consists of the individuals involved in facilitating innovation across the organization. This may be, but does not have to be, a dedicated innovation department.
Innovation Program
The program for generating ideas, running pilot projects, and building a business case to implement across the enterprise.
Pilot Project
A way of testing and validating a specific concept in the real world through a minimum viable product or small-scale implementation. The pilot projects are part of the overall pilot program.
Innovation is about people, not ideas or processes
Innovation does not require a formal process, a dedicated innovation team, or a large budget; the most important success factor for innovation is culture. Companies that facilitate innovative behaviors like growth mindset, collaboration, and the ability to take smart risk are most likely to see the benefits of innovation.
Very few are doing innovation well
Only 30% of companies consider themselves innovative, and there's a good reason: innovation involves unknowns, risk, and failure – three situations that people and organizations typically do their best to avoid. Counter this by removing the barriers to innovation.
Culture is the greatest barrier to innovation
In a survey of 270 business leaders, the top three most common obstacles were politics, turf wars, and alignment; culture issues; and inability to act on signals crucial to the business (Harvard Business Review, 2018). If you don't have a supportive culture, your ability to innovate will be significantly reduced.
Innovation is a means to an end
It is not the end itself. Don't get caught up in innovation for the sake of innovation – make sure you are getting the benefits from your investments. Measurable success factors are critical for maintaining the long-term success of your innovation engine.
Tackle wicked problems
Innovative approaches are better at solving complex problems than traditional practices. Organizations that prioritize innovation during a crisis tend to outperform their peers by over 30% and improve their market position (McKinsey, 2020).
Innovate or die
Innovation is critical to business growth. A 25-year study showed that innovation was more important to business success than management, human resources, marketing, or finance (Statistics Canada, 2006).
Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:
Sample Job Descriptions and Organization Charts
Determine the skills, knowledge, and structure you need to make innovation happen.
Facilitate an ideation session with your staff to identify areas for innovation.
Initiative Prioritization Workbook
Evaluate ideas to identify those which are most likely to provide value.
Communicate how you plan to innovate with a report summarizing the outputs from this research.
US businesses spend over half a trillion dollars on innovation annually. What are they getting for it?
(1) based on BCG's 50 Most Innovative Companies 2022
30% | The most innovative companies outperform the market by 30%. |
“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”
“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”
“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”
“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”
Phase 0 | Phase 1 | Phase 2 | Phase 3 | Finish |
---|---|---|---|---|
Call #1: Scope requirements, objectives, and your specific challenges. |
Call #2: Understand your mandate. Call #3: Innovation vision, guiding principles, value proposition, and scope. |
Call #4: Foster a culture of innovation. (Activity 2.1) Call #5: Define your methodology. (Activity 2.2) Call #6: Build core innovation capabilities. (Activity 2.3) |
Call #7: Build your ideation and pilot programs. (Activities 3.1 and 3.2) Call #8: Identify success metrics and notable wins. (Activity 3.3) |
Call #9: Summarize results and plan next steps. |
A GI is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.
A typical GI is 8 to 12 calls over the course of three to six months.
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
Session 1 | Session 2 | Session 3 | Session 4 |
Wrap Up |
|
---|---|---|---|---|---|
Activities |
Define Your Ambitions |
Align Your People |
Develop Your Capabilities |
Build Your Program |
Next Steps and |
|
|
|
|
|
|
Deliverables |
|
|
|
|
|
Purpose |
People |
Practice |
---|---|---|
|
|
|
This phase will walk you through the following activities:
This phase involves the following participants:
INDUSTRY: Transportation
SOURCE: Interview
ArcBest
ArcBest is a multibillion-dollar shipping and logistics company which leverages innovative technologies to provide reliable and integrated services to its customers.
An Innovative Culture Starts at the Top
ArcBest's innovative culture has buy-in and support from the highest level of the company. Michael Newcity, ArcBest's CEO, is dedicated to finding better ways of serving their customers and supports innovation across the company by dedicating funding and resources toward piloting and scaling new initiatives.
Having a clear purpose and mandate for innovation at all levels of the organization has resulted in extensive grassroots innovation and the development of a formalized innovation program.
Results
ArcBest has a legacy of innovation, going back to its early days when it developed a business intelligence solution before anything else existed on the market. It continues to innovate today and is now partnering with start-ups to further expand its innovation capabilities.
"We don't micromanage or process-manage incremental innovation. We hire really smart people who are inspired to create new things and we let them run – let them create – and we celebrate it.
Our dedication to innovation comes from the top – I am both the President and the Chief Innovation Officer, and innovation is one of my top priorities."
Michael Newcity
President and Chief Innovation Officer ArcBest
You can only influence what you can control.
Unless your mandate comes from the CEO or Board of Directors, driving enterprise-wide innovation is very difficult. If you do not have buy-in from senior business leaders, use lighthouse projects and a smaller innovation practice to prove the value of innovation before taking on enterprise innovation.
In order to execute on a mandate to build innovation, you don't just need buy-in. You need support in the form of resources and funding, as well as strong leadership who can influence culture and the authority to change policies and practices that inhibit innovation.
For more resources on building relationships in your organization, refer to Info-Tech's Become a Transformational CIO blueprint.
Innovation is often easier to recognize than define.
Align on a useful definition of innovation for your organization before you embark on a journey of becoming more innovative.
Innovation is the practice of developing new methods, products or services which provide value to an organization.
Practice
This does not have to be a formal process – innovation is a means to an end, not the end itself.
New
What does "new" mean to you?
Value
What does value mean to you? Look to your business strategy to understand what goals the organization is trying to achieve, then determine how "value" will be measured.
Some innovations are incremental, while some are radically transformative. Decide what kind of innovation you want to cultivate before developing your strategy.
Evaluate your goals with respect to innovation: focus, strategy, and potential to transform.
Focus: Where will you innovate?
Strategy: To what extent will you guide innovation efforts?
Potential: How radical will your innovations be?
Download the Innovation Program Template.
Input
Output
Materials
Participants
A strong vision statement:
Examples:
"Good business leaders create a vision, articulate the vision, passionately own the vision, and relentlessly drive it to completion." – Jack Welch, Former Chairman and CEO of GE
Strong guiding principles:
Encourage experimentation and risk-taking
Innovation often requires trying new things, even if they might fail. We encourage experimentation and learn from failure, so that new ideas can be tested and refined.
Foster collaboration and cross-functional teams
Innovation often comes from the intersection of different perspectives and skill sets.
Customer-centric
Focus on creating value for the end user. This means understanding their needs and pain points, and using that knowledge to develop new methods, products, or services.
Embrace diversity and inclusivity
Innovation comes from a variety of perspectives, backgrounds, and experiences. We actively seek out and encourage diversity and inclusivity among our team members.
Foster a culture of learning and continuous improvement
Innovation requires continuous learning, development, and growth. We facilitate a culture that encourages learning and development, and that seeks feedback and uses it to improve.
Flexible and adaptable
We adapt to changes in the market, customer needs, and new technologies, so that it can continue to innovate and create value over time.
Data-driven
We use performance metrics and data to guide our innovation efforts.
Transparency
We are open and transparent in our processes and let the business needs guide our innovation efforts. We do not lead innovation, we facilitate it.
Input
Output
Materials
Participants
A strong value proposition not only articulates the value that the business will derive from the innovation program but also provides a clear focus, helps to communicate the innovation goals, and ultimately drives the success of the program.
Focus
Prioritize and focus innovation efforts to create solutions that provide real value to the organization
Communicate
Communicate the mandate and benefits of innovation in a clear and compelling way and inspire people to think differently
Measure Success
Measure the success of your program by evaluating outcomes based on the value proposition
Your success metrics should link back to your organizational goals and your innovation program's value proposition.
Revenue Growth: Increase in revenue generated by new products or services.
Market Share: Percentage of total market that the business captures as a result of innovation.
Customer Satisfaction: Reviews, customer surveys, or willingness to recommend the company.
Employee Engagement: Engagement surveys, performance, employee retention, or turnover.
Innovation Output: The number of new products, services, or processes that have been developed.
Return on Investment: Financial return on the resources invested in the innovation process.
Social Impact: Number of people positively impacted, net reduction in emissions, etc.
Time to Launch: The time it takes for a new product or service to go from idea to launch.
The total impact of innovation is often intangible and extremely difficult to capture in performance metrics. Focus on developing a few key metrics rather than trying to capture the full value of innovation.
Company | Industry | Revenue(2) (USD billions) |
R&D Spend (USD billions) |
R&D Spend (% of revenue) |
---|---|---|---|---|
Apple | Technology | $394.30 | $26.25 | 6.70% |
Microsoft | Technology | $203.10 | $25.54 | 12.50% |
Amazon.com | Retail | $502.20 | $67.71 | 13.40% |
Alphabet | Technology | $282.10 | $37.94 | 13.40% |
Tesla | Manufacturing | $74.90 | $3.01 | 4.00% |
Samsung | Technology | $244.39 (2021)(3) | $19.0 (2021) | 7.90% |
Moderna | Pharmaceuticals | $23.39 | $2.73 | 11.70% |
Huawei | Technology | $99.9 (2021)4 | Not reported | - |
Sony | Technology | $83.80 | Not reported | - |
IBM | Technology | $60.50 | $1.61 | 2.70% |
Meta | Software | $118.10 | $32.61 | 27.60% |
Nike | Commercial goods | $49.10 | Not reported | - |
Walmart | Retail | $600.10 | Not reported | - |
Dell | Technology | $105.30 | $2.60 | 2.50% |
Nvidia | Technology | $28.60 | $6.85 | 23.90% |
Innovation requires a dedicated investment of time, money, and resources in order to be successful. The most innovative companies, based on Boston Consulting Group's ranking of the 50 most innovative companies in the world, spend significant portions of their revenue on research and development.
Note: This data uses research and development as a proxy for innovation spending, which may overestimate the total spend on what this research considers true innovation.
(1) Based on Boston Consulting Group's ranking of the 50 most innovative companies in the world, 2022
(2) Macrotrends, based on the 12 months ending Sept 30, 2022
(3) Statista
(4) CNBC, 2022
Input
Output
Materials
Participants
Create a culture that fosters innovative behaviors and puts processes in place to support them.
Purpose | People | Practice |
---|---|---|
|
|
|
This phase will walk you through the following activities:
This phase involves the following participants:
Info-Tech's Fix Your IT Culture can help you promote innovative behaviors
Refer to Improve IT Team Effectiveness to address team challenges
The following behaviors and key indicators either stifle or foster innovation.
Stifles Innovation | Key Indicators | Fosters Innovation | Key Indicators |
---|---|---|---|
Fixed mindset | "It is what it is" | Growth mindset | "I wonder if there's a better way" |
Performance focused | "It's working fine" | Learning focused | "What can we learn from this?" |
Fear of reprisal | "I'll get in trouble" | Psychological safety | "I can disagree" |
Apathy | "We've always done it this way" | Curiosity | "I wonder what would happen if…" |
Cynicism | "It will never work" | Trust | "You have good judgement" |
Punishing failure | "Who did this?" | Willingness to fail | "It's okay to make mistakes" |
Individualism | "How does this benefit me?" | Collaboration | "How does this benefit us?" |
Homogeneity | "We never disagree" | Diversity and inclusion | "We appreciate different views" |
Excessive bureaucracy | "We need approval" | Autonomy | "I can do this" |
Risk avoidance | "We can't try that" | Appropriate risk-taking | "How can we do this safely?" |
Ensure you are not inadvertently stifling innovation.
Review the following to ensure that the desired behaviors are promoted:
INDUSTRY: Commercial Real Estate and Retail
SOURCE: Interview
This anonymous national organization owned commercial properties across the country and had the goal of becoming the most innovative real estate and retail company in the market.
The organization pursued innovation in the digital solutions space across its commercial and retail properties. Within this space, there were significant differences in risk tolerance across teams, which resulted in the more risk-tolerant teams excluding the risk-averse members from discussions in order to circumvent corporate policies on risk tolerance. This resulted in an adversarial and siloed culture where each group believed they knew better than the other, and the more risk-averse teams felt like they were policing the actions of the risk-tolerant group.
Morale plummeted, and many of the organization's top people left. Unfortunately, one of the solutions did not meet regulatory requirements, and the company faced negative media coverage and legal action. There was significant reputational damage as a result.
Considering differences in risk tolerance and risk appetite is critical when pursuing innovation. While everyone doesn't have to agree, leadership needs to understand the different perspectives and ensure that no one party is dominating the conversation over the others. An understanding of corporate risk tolerance and risk appetite is necessary to drive innovation.
All perspectives have a place in innovation. More risk tolerant perspectives should be involved early in the ideas-generation phase, and risk-averse perspectives should be considered later when ideas are being refined.
Speed should not override safety or circumvent corporate policies.
It is more important to match the level of risk tolerance to the degree of innovation required. Not all innovation needs to be (or can feasibly be) disruptive.
Many factors impact risk tolerance including:
Use Info-Tech's Security Risk Management research to better understand risk tolerance
Input
Output
Materials
Participants
There is no one right way to pursue innovation, but some methods are better than others for specific situations and goals. Consider your existing culture, your innovation goals, and your budget when selecting the right methodology for your innovation.
Model | Description | Advantages | Disadvantages | Good when… |
---|---|---|---|---|
Grassroots Innovation | Innovation is the responsibility of everyone, and there is no centralized innovation team. Ideas are piloted and scaled by the person/team which produces it. |
|
|
|
Community of Practice | Innovation is led by a cross-divisional Community of Practice (CoP) which includes representation from across the business. Champions consult with their practice areas and bring ideas forward. |
|
|
|
Innovation Enablement *Most often recommended* |
A dedicated innovation team with funding set aside to support pilots with a high degree of autonomy, with the role of facilitating business-led innovation. |
|
|
|
Center of Excellence | Dedicated team responsible for leading innovation on behalf of the organization. Generally, has business relationship managers who gather ideas and liaise with the business. |
|
|
|
Innovation Hub | An arm's length innovation team is responsible for all or much of the innovation and may not interact much with the core business. |
|
|
|
Outsourced Innovation | Innovation is outsourced to an external organization which is not linked to the primary organization. This can take the form of working with or investing in startups. |
|
|
|
Adapted from Niklaus Gerber via Medium, 2022
For example, design thinking tends to be excellent for earlier innovation planning, while Agile can allow for faster implementation and launch of initiatives later in the process.
Consider combining two or more methodologies to create a custom approach that best suits your organization's capabilities and goals.
A robust innovation methodology ensures that the process for developing, prioritizing, selecting, implementing, and measuring initiatives is aligned with the results you are hoping to achieve.
Different types of problems (drivers for innovation) may necessitate different methodologies, or a combination of methodologies.
Hackathon: An event which brings people together to solve a well-defined problem.
Design Thinking: Creative approach that focuses on understanding the needs of users.
Lean Startup: Emphasizes rapid experimentation in order to validate business hypotheses.
Design Sprint: Five-day process for answering business questions via design, prototyping, and testing.
Agile: Iterative design process that emphasizes project management and retrospectives.
Three Horizons: Framework that looks at opportunities on three different time horizons.
Innovation Ambition Matrix: Helps organizations categorize projects as part of the core offering, an adjacent offering, or completely new.
Global Innovation Management: A process of identifying, developing and implementing new ideas, products, services, or processes using alternative thinking.
Blue Ocean Strategy: A methodology that helps organizations identify untapped market space and create new markets via unique value propositions.
Input
Output
Materials
Participants
Types of roles will depend on the purpose and size of the innovation team.
You don't need to grow them all internally. Consider partnering with vendors and other organizations to build capabilities.
Visionaries who inspire, support, and facilitate innovation across the business. Their responsibilities are to drive the culture of innovation.
Key skills and knowledge:
Sample titles:
Translate ideas into tangible business initiatives, including assisting with business cases and developing performance metrics.
Key skills and knowledge:
Sample titles:
Provide expertise in product design, delivery and management, and responsible for supporting and executing on pilot projects.
Key skills and knowledge:
Sample titles:
Visualize the whole value delivery process end-to-end to help identify the types of roles, resources, and capabilities required. These capabilities can be sourced internally (i.e. grow and hire internally) or through collaboration with centers of excellence, commercial partners, etc.
Input
Output
Materials
Participants
Master Organizational Change Management Practices
Purpose | People | Practice |
---|---|---|
|
|
|
This phase will walk you through the following activities:
This phase involves the following participants:
INDUSTRY: Government
SOURCE: Interview
The business applications group at this government agency strongly believes that innovation is key to progress and has instituted a formal innovation program as part of their agile operations. The group uses a Scaled Agile Framework (SAFe) with 2-week sprints and a 12-week program cycle.
To support innovation across the business unit, the last sprint of each cycle is dedicated toward innovation and teams do not commit to any other during these two weeks. At the end of each innovation sprint, ideas are presented to leadership and the valuable ones were either implemented initially or were given time in the next cycle of sprints for further development. This has resulted in a more innovative culture across the practice.
There have been several successful innovations since this process began. Notably, the agency had previously purchased a robotic process automation platform which was only being used for a few specific applications. One team used their innovation sprint to expand the use cases for this solution and save nearly 10,000 hours of effort.
Your operating model should include several steps including ideation, validation, evaluation and prioritization, piloting, and a retrospective which follows the pilot. Use the example on this slide when designing your own innovation operating model.
Design Thinking
A structured approach that encourages participants to think creatively about the needs of the end user.
Ideation Workshop
A formal session that is used to understand a problem then generate potential solutions. Workshops can incorporate the other methodologies (such as brainstorming, design thinking, or mind mapping) to generate ideas.
Crowdsourcing
An informal method of gathering ideas from a large group of people. This can be a great way to generate many ideas but may lack focus.
Value Proposition Canvas
A visual tool which helps to identify customer (or user) needs and design products and services that meet those needs.
Evaluation should be transparent and use both quantitative and qualitative metrics. The exact metrics used will depend on your organization and goals.
It is important to include qualitative metrics as these dimensions are better suited to evaluating highly innovative ideas and can capture important criteria like alignment with overall strategy and feasibility.
Develop 5 to 10 criteria that you can use to evaluate and prioritize ideas. Some criteria may be a pass/fail (for example, minimum ROI) and some may be comparative.
Evaluate
The first step is to evaluate ideas to determine if they meet the minimum criteria. This might include quantitative criteria like ROI as well as qualitative criteria like strategic alignment and feasibility.
Prioritize
Ideas that pass the initial evaluation should be prioritized based on additional criteria which might include quantitative criteria such as potential market size and cost to implement, and qualitative criteria such as risk, impact, and creativity.
Quantitative metrics are objective and easily comparable between initiatives, providing a transparent and data-driven process for evaluation and prioritization.
Examples:
Qualitative metrics are less easily comparable but are equally important when it comes to evaluating ideas. These should be developed based on your organization strategy and innovation goals.
Examples:
Input
Output
Materials
Participants
Download the Initiative Prioritization Template
"Learning is as powerful as the outcome." – Brett Trelfa, CIO, Arkansas Blue Cross
Adoption: How many end users have adopted the pilot solution?
Utilization: Is the solution getting utilized?
Support Requests: How many support requests have there been since the pilot was initiated?
Value: Is the pilot delivering on the value that it proposed? For example, time savings.
Feasibility: Has the feasibility of the solution changed since it was first proposed?
Satisfaction: Focus groups or surveys can provide feedback on user/customer satisfaction.
A/B Testing: Compare different methods, products or services.
Ensure standard core metrics are used across all pilot projects so that outcomes can be compared. Additional metrics may be used to refine and test hypotheses through the pilot process.
Input
Output
Materials
Participants
A retrospective is a review of your innovation program with the aim of identifying lessons learned, areas for improvement, and opportunities for growth.
During a retrospective, the team will reflect on past experiences and use that information to inform future decision making and improve outcomes.
The goal of a retrospective is to learn from the past and use that knowledge to improve in the future.
Ensure that the retrospective is based on facts and objective data, rather than personal opinions or biases.
Ensure that the retrospective is a positive and constructive experience, with a focus on finding solutions rather than dwelling on problems.
The retrospective should result in a clear action plan with specific steps to improve future initiatives.
Input
Output
Materials
Participants
Adopt Design Thinking in Your Organization
Prototype With an Innovation Design Sprint
Fund Innovation With a Minimum Viable Business Case
You have now completed your innovation strategy, covering the following topics:
If you would like additional support, have our analysts guide you through an Info-Tech workshop or Guided Implementation.
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
Accelerate Digital Transformation With a Digital Factory
Sustain and Grow the Maturity of Innovation in Your Enterprise
Define Your Digital Business Strategy
Kim Osborne Rodriguez
Research Director, CIO Advisory
Info-Tech Research Group
Kim is a professional engineer and Registered Communications Distribution Designer with over a decade of experience in management and engineering consulting spanning healthcare, higher education, and commercial sectors. She has worked on some of the largest hospital construction projects in Canada, from early visioning and IT strategy through to design, specifications, and construction administration. She brings a practical and evidence-based approach, with a track record of supporting successful projects.
Kim holds a Bachelor's degree in Mechatronics Engineering from University of Waterloo.
Joanne Lee
Principal Research Director, CIO Advisory
Info-Tech Research Group
Joanne is an executive with over 25 years of experience in digital technology and management consulting across both public and private entities from solution delivery to organizational redesign across Canada and globally.
Prior to joining Info-Tech Research Group, Joanne was a management consultant within KPMG's CIO management consulting services and the Western Canadas Digital Health Practice lead. She has held several executive roles in the industry with the most recent position as Chief Program Officer for a large $450M EHR implementation. Her expertise spans cloud strategy, organizational design, data and analytics, governance, process redesign, transformation, and PPM. She is passionate about connecting people, concepts, and capital.
Joanne holds a Master's in Business and Health Policy from the University of Toronto and a Bachelor of Science (Nursing) from the University of British Columbia.
Jack Hakimian
Senior Vice President
Info-Tech Research Group
Jack has more than 25 years of technology and management consulting experience. He has served multi-billion-dollar organizations in multiple industries including Financial Services and Telecommunications. Jack also served a number of large public sector institutions.
He is a frequent speaker and panelist at technology and innovation conferences and events and holds a Master's degree in Computer Engineering as well as an MBA from the ESCP-EAP European School of Management.
Michael Tweedie
Practice Lead, CIO Strategy
Info-Tech Research Group
Mike Tweedie brings over 25 years as a technology executive. He's led several large transformation projects across core infrastructure, application, and IT services as the head of Technology at ADP Canada. He was also the Head of Engineering and Service Offerings for a large French IT services firm, focused on cloud adoption and complex ERP deployment and management.
Mike holds a Bachelor's degree in Architecture from Ryerson University.
Mike Schembri
Senior Executive Advisor
Info-Tech Research Group
Mike is the former CIO of Fuji Xerox Australia and has 20+ years' experience serving IT and wider business leadership roles. Mike has led technical and broader business service operations teams to value and growth successfully in organizations ranging from small tech startups through global IT vendors, professional service firms, and manufacturers.
Mike has passion for strategy and leadership and loves working with individuals/teams and seeing them grow.
John Leidl
Senior Director, Member Services
Info-Tech Research Group
With over 35 years of IT experience, including senior-level VP Technology and CTO leadership positions, John has a breadth of knowledge in technology innovation, business alignment, IT operations, and business transformation. John's experience extends from start-ups to corporate enterprise and spans higher education, financial services, digital marketing, and arts/entertainment.
Joe Riley
Senior Workshop Director
Info-Tech Research Group
Joe ensures our members get the most value out of their Info-Tech memberships by scoping client needs, current state and desired business outcomes, and then drawing upon his extensive experience, certifications, and degrees (MBA, MS Ops/Org Mgt, BS Eng/Sci, ITIL, PMP, Security+, etc.) to facilitate our client's achievement of desired and aspirational business outcomes. A true advocate of ITSM, Joe approaches technology and technology practices as a tool and enabler of people, core business, and competitive advantage activities.
Denis Goulet
Senior Workshop Director
Info-Tech Research Group
Denis is a transformational leader and experienced strategist who has worked with 100+ organizations to develop their digital, technology, and governance strategies.
He has held positions as CIO, Chief Administrative Office (City Manager), General Manager, Vice President of Engineering, and Management Consultant, specializing in enterprise and technology strategy.
Cole Cioran
Managing Partner
Info-Tech Research Group
I knew I wanted to build great applications that would delight their users. I did that over and over. Along the way I also discovered that it takes great teams to deliver great applications. Technology only solves problems when people, processes, and organizations change as well. This helped me go from writing software to advising some of the largest organizations in the world on how to how to build a digital delivery umbrella of Product, Agile, and DevOps and create exceptional products and services powered by technology.
Carlene McCubbin
Research Lead, CIO Practice
Info-Tech Research Group
During her tenure at Info-Tech, Carlene has led the development of Info-Tech's Organization and Leadership practice and worked with multiple clients to leverage the methodologies by creating custom programs to fit each organization's needs.
Before joining Info-Tech, Carlene received her Master of Communications Management from McGill University, where she studied development of internal and external communications, government relations, and change management.
Isabelle Hertanto
Principal Research Director
Info-Tech Research Group
Isabelle Hertanto has over 15 years of experience delivering specialized IT services to the security and intelligence community. As a former federal officer for Public Safety Canada, Isabelle trained and led teams on data exploitation and digital surveillance operations in support of Canadian national security investigations. Since transitioning into the private sector, Isabelle has held senior management and consulting roles across a variety of industry sectors, including retail, construction, energy, healthcare, and the broader Canadian public sector.
Hans Eckman
Principal Research Director
Info-Tech Research Group
Hans Eckman is a business transformation leader helping organizations connect business strategy and innovation to operational excellence. He supports Info-Tech members in SDLC optimization, Agile and DevOps implementation, CoE/CoP creation, innovation program development, application delivery, and leadership development. Hans is based out of Atlanta, Georgia.
Valence Howden
Principal Research Director
Info-Tech Research Group
With 30 years of IT experience in the public and private sector, Valence has developed experience in many Information Management and Technology domains, with a particular focus in the areas of Service Management, Enterprise and IT Governance, Development and Execution of Strategy, Risk Management, Metrics Design and Process Design, and Implementation and Improvement. Prior to joining Info-Tech, he served in technical and client-facing roles at Bell Canada and CGI Group Inc., as well as managing the design, integration, and implementation of services and processes in the Ontario Public Sector.
Clayton Gillett
Managing Partner
Info-Tech Research Group
Clayton Gillett is a Managing Partner for Info-Tech, providing technology management advisory services to healthcare clients. Clayton joined Info-Tech with more than 28 years of experience in health care information technology. He has held senior IT leadership roles at Group Health Cooperative of Puget Sound and OCHIN, as well as advisory or consulting roles at ECG Management Consultants and Gartner.
Donna Bales
Principal Research Director
Info-Tech Research Group
Donna Bales is a Principal Research Director in the CIO Practice at Info-Tech Research Group specializing in research and advisory services in IT risk, governance, and compliance. She brings over 25 years of experience in strategic consulting and product development and has a history of success in leading complex, multi-stakeholder industry initiatives.
Igor Ikonnikov
Research Director
Info-Tech Research Group
Igor Ikonnikov is a Research and Advisory Director in the Data and Analytics practice. Igor has extensive experience in strategy formation and execution in the information management domain, including master data management, data governance, knowledge management, enterprise content management, big data, and analytics.
Igor has an MBA from the Ted Rogers School of Management (Toronto, Canada) with a specialization in Management of Technology and Innovation.
Michael Newcity
Chief Innovation Officer
ArcBest
Kevin Yoder
Vice President, Innovation
ArcBest
Gary Boyd
Vice President, Information Systems & Digital Transformation
Arkansas Blue Cross and Blue Shield
Brett Trelfa
Chief Information Officer
Arkansas Blue Cross and Blue Shield
Kristen Wilson-Jones
Chief Technology & Product Officer
Medcurio
Note: additional contributors did not wish to be identified
Altringer, Beth. "A New Model for Innovation in Big Companies" Harvard Business Review. 19 Nov. 2013. Accessed 30 Jan. 2023. https://hbr.org/2013/11/a-new-model-for-innovation-in-big-companies
Arpajian, Scott. "Five Reasons Why Innovation Fails" Forbes Magazine. 4 June 2019. Accessed 31 Jan. 2023. https://www.forbes.com/sites/forbestechcouncil/2019/06/04/five-reasons-why-innovation-fails/?sh=234e618914c6
Baldwin, John & Gellatly, Guy. "Innovation Capabilities: The Knowledge Capital Behind the Survival and Growth of Firms" Statistics Canada. Sept. 2006. Accessed 30 Jan. 2023. https://www.bdc.ca/fr/documents/other/innovation_capabilities_en.pdf
Bar Am, Jordan et al. "Innovation in a Crisis: Why it is More Critical Than Ever" McKinsey & Company, 17 June 2020. Accessed 12 Jan. 2023. <https://www.mckinsey.com/capabilities/strategy-and-corporate-finance/our-insights/innovation-in-a-crisis-why-it-is-more-critical-than-ever >
Boston Consulting Group, "Most Innovative Companies 2021" BCG, April 2021. Accessed 30 Jan. 2023. https://web-assets.bcg.com/d5/ef/ea7099b64b89860fd1aa3ec4ff34/bcg-most-innovative-companies-2021-apr-2021-r.pdf
Boston Consulting Group, "Most Innovative Companies 2022" BGC, 15 Sept. 2022. Accessed 6 Feb. 2023. https://www.bcg.com/en-ca/publications/2022/innovation-in-climate-and-sustainability-will-lead-to-green-growth
Christensen, Clayton M. The Innovator's Dilemma: When New Technologies Cause Great Firms to Fail. Harvard Business Review Press, 2016.
Gerber, Niklaus. "What is innovation? A beginner's guide into different models, terminologies and methodologies" Medium. 20 Sept 2022. Accessed 7 Feb. 2023. https://world.hey.com/niklaus/what-is-innovation-a-beginner-s-guide-into-different-models-terminologies-and-methodologies-dd4a3147
Google X, Homepage. Accessed 6 Feb. 2023. https://x.company/
Harnoss, Johann D. & Baeza, Ramón. "Overcoming the Four Big Barriers to Innovation Success" Boston Consulting Group, 24 Sept. 2019. Accessed 30 Jan 2023. https://www.bcg.com/en-ca/publications/2019/overcoming-four-big-barriers-to-innovation-success
Jaruzelski, Barry et al. "Global Innovation 1000 Study" Pricewaterhouse Cooper, 30 Oct. 2018. Accessed 13 Jan. 2023. <https://www.strategyand.pwc.com/gx/en/insights/innovation1000.html>
Kharpal, Arjun. "Huawei posts first-ever yearly revenue decline as U.S. sanctions continue to bite, but profit surges" CNBC. 28 March 2022. Accessed 7 Feb. 2023. https://www.cnbc.com/2022/03/28/huawei-annual-results-2021-revenue-declines-but-profit-surges.html
Kirsner, Scott. "The Biggest Obstacles to Innovation in Large Companies" Harvard Business Review, 30 July 2018. Accessed 12 Jan. 2023. <https://hbr.org/2018/07/the-biggest-obstacles-to-innovation-in-large-companies>
Macrotrends. "Apple Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/AAPL/apple/revenue
Macrotrends. "Microsoft Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/MSFT/microsoft/revenue
Macrotrends. "Amazon Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/AMZN/amazon/revenue
Macrotrends. "Alphabet Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/GOOG/alphabet/revenue
Macrotrends. "Tesla Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/TSLA/tesla/revenue
Macrotrends. "Moderna Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/MRNA/moderna/revenue
Macrotrends. "Sony Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/SONY/sony/revenue
Macrotrends. "IBM Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/IBM/ibm/revenue
Macrotrends. "Meta Platforms Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/META/meta-platforms/revenue
Macrotrends. "NIKE Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/NKE/nike/revenue
Macrotrends. "Walmart Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/WMT/walmart/revenue
Macrotrends. "Dell Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/DELL/dell/revenue
Macrotrends. "NVIDIA Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/NVDA/nvidia/revenue
Sloan, Paul. "How to Develop a Vision for Innovation" Innovation Management, 10 Aug. 2009. Accessed 7 Feb. 2023. https://innovationmanagement.se/2009/08/10/how-to-develop-a-vision-for-innovation/
Statista. "Samsung Electronics' global revenue from 2005 to 2021" Statista. Accessed 7 Feb. 2023. https://www.statista.com/statistics/236607/global-revenue-of-samsung-electronics-since-2005/
Tichy, Noel & Ram Charan. "Speed, Simplicity, Self-Confidence: An Interview with Jack Welch" Harvard Business Review, 2 March 2020. Accessed 7 Feb. 2023. https://hbr.org/1989/09/speed-simplicity-self-confidence-an-interview-with-jack-welch
Weick, Karl and Kathleen Sutcliffe. Managing the Unexpected: Sustained Performance in a Complex World, Third Edition. John Wiley & Sons, 2015.
Xuan Tian, Tracy Yue Wang, Tolerance for Failure and Corporate Innovation, The Review of Financial Studies, Volume 27, Issue 1, 2014, Pages 211–255, Accessed https://doi.org/10.1093/rfs/hhr130
To remain competitive enterprises must renew and refresh their business model strategies and design/develop digital platforms – this requires enterprises to:
Organizations that implement this project will gain benefits in five ways:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Understand the platform business model and strategies and then set your platform business model goals.
Define design goals for your digital platform. Align your DX strategy with digital platform capabilities and understand key components of the digital platform.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Understand existing business model, value proposition, and key assets.
Understand platform business model and strategies.
Understanding the current assets helps with knowing what can be leveraged in the new business model/transformation.
Understanding the platform strategies can help the enterprise renew/refresh their business model.
1.1 Document the current business model along with value proposition and key assets (that provide competitive advantage).
1.2 Transformation narrative.
1.3 Platform model canvas.
1.4 Document the platform strategies in the context of the enterprise.
Documentation of current business model along with value proposition and key assets (that provide competitive advantage).
Documentation of the selected platform strategies.
Understand transformation approaches.
Understand various layers of platforms.
Ask fundamental and evolutionary questions about the platform.
Understanding of the transformational model so that the enterprise can realize the differences.
Understanding of the organization’s strengths and weaknesses for a DX.
Extraction of strategic themes to plan and develop a digital platform roadmap.
2.1 Discuss and document decision about DX approach and next steps.
2.2 Discuss and document high-level strategic themes for platform business model and associated roadmap.
Documented decision about DX approach and next steps.
Documented high-level strategic themes for platform business model and associated roadmap.
Understand the design goals for the digital platform.
Understand gaps between the platform’s capabilities and the DX strategy.
Design goals set for the digital platform that are visible to all stakeholders.
Gap analysis performed between enterprise’s digital strategy and platform capabilities; this helps understand the current situation and thus informs strategies and roadmaps.
3.1 Discuss and document design goals for digital platform.
3.2 Discuss DX themes and platform capabilities – document the gaps.
3.3 Discuss gaps and strategies along with timelines.
Documented design goals for digital platform.
Documented DX themes and platform capabilities.
DX themes and platform capabilities map.
Understanding of key components of a digital platform, including technology and teams.
Understanding of the key components of a digital platform and designing the platform.
Understanding of the team structure, culture, and practices needed for successful platform engineering teams.
4.1 Confirmation and discussion on existing UX/UI and API strategies.
4.2 Understanding of microservices architecture and filling of microservices canvas.
4.3 Real-time stream processing data pipeline and tool map.
4.4 High-level architectural view.
4.5 Discussion on platform engineering teams, including culture, structure, principles, and practices.
Filled microservices canvas.
Documented real-time stream processing data pipeline and tool map.
Documented high-level architectural view.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Establish the security compliance management program.
Reviewing and adopting an information security control framework.
Understanding and establishing roles and responsibilities for security compliance management.
Identifying and scoping operational environments for applicable compliance obligations.
1.1 Review the business context.
1.2 Review the Info-Tech security control framework.
1.3 Establish roles and responsibilities.
1.4 Define operational environments.
RACI matrix
Environments list and definitions
Identify security and data protection compliance obligations.
Identifying the security compliance obligations that apply to your organization.
Documenting obligations and obtaining direction from management on conformance levels.
Mapping compliance obligation requirements into your control framework.
2.1 Identify relevant security and data protection compliance obligations.
2.2 Develop conformance level recommendations.
2.3 Map compliance obligations into control framework.
2.4 Develop process for operationalizing identification activities.
List of compliance obligations
Completed Conformance Level Approval forms
(Optional) Mapped compliance obligation
(Optional) Identification process diagram
Understand how to build a compliance strategy.
Updating security policies and other control design documents to reflect required controls.
Aligning your compliance obligations with your information security strategy.
3.1 Review state of information security policies.
3.2 Recommend updates to policies to address control requirements.
3.3 Review information security strategy.
3.4 Identify alignment points between compliance obligations and information security strategy.
3.5 Develop compliance exception process and forms.
Recommendations and plan for updates to information security policies
Compliance exception forms
Track the status of your compliance program.
Tracking the status of your compliance obligations.
Managing exceptions to compliance requirements.
Reporting on the compliance management program to senior stakeholders.
4.1 Define process and forms for self-attestation.
4.2 Develop audit test scripts for selected controls.
4.3 Review process and entity control types.
4.4 Develop self-assessment process.
4.5 Integrate compliance management with risk register.
4.6 Develop metrics and reporting process.
Self-attestation forms
Completed test scripts for selected controls
Self-assessment process
Reporting process
Recommended metrics
Leadership has evolved over time. The velocity of change has increased and leadership for the future looks different than the past.
Development of the leadership mind should never stop. This program will help IT leaders continue to craft their leadership competencies to navigate the ever-changing world in which we operate.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Complete Phase 1 to outline your DR site requirements, review any industry or organizational constraints on your DR strategy, and zero in on relevant DR models.
Complete Phase 2 to explore possibilities of deployment models, conduct a TCO comparison analysis, and select the best-fit model.
Complete Phase 3 to assess outsourcing best practices, address implementation considerations, and build an executive presentation for business stakeholders.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Identify potential DR models
Take a funneled approach and avoid getting lost among all of the DR models available
1.1 Define DR site requirements
1.2 Document industry and organizational constraints
1.3 Identify potential DR models
Determine the type of site, replication, and risk mitigation initiatives required
Rule out unfit models
DR Decision Tree
Application Assessment Tool for Cloud DR
Explore relevant DR models
Develop supporting evidence for the various options
2.1 Explore pros and cons of potential solutions
2.2 Understand the use case for DRaaS
2.3 Review DR model diagrams
Qualitative analysis on candidate models
Evaluate the need for DRaaS
DR diagrams for candidate models
Determine best cost models
Save money by selecting the most cost effective option to meet your DR requirements
3.1 Gather hardware requirements for production site
3.2 Define capacity requirements for DR
3.3 Compare cost across various models
Populate the production summary tab in TCO tool
Understand how much hardware will need to be on standby and how much will be procured at the time of disaster
Find the most cost effective method
Build support from business stakeholders by having a clear and defendable proposal for DR
Effective and ready DR deployment model
4.1 Address implementation considerations for network, capacity, and day-to-day operations
4.2 Build presentation for business stakeholders
Define implementation projects necessary for deployment and appoint staff to execute them
PowerPoint presentation to summarize findings from the course of the project
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Define the current state of your data protection practices by documenting the backup process and identifying problems and opportunities for the desired state.
Understand the business priorities.
Determine the desired state.
Explore the component of governance required.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
This phase will help you identify challenges that you want to avoid by implementing a metrics program, discover the main IT goals, and determine your core metrics.
This phase will help you make an actionable plan to implement your metrics program, define roles and responsibilities, and communicate your metrics project across your organization and with the business division.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Confirm the “why” of the IT update presentation by determining its scope and goals.
Confirm the “what” of the presentation by focusing on business requirements, metrics, presentation creation, and stakeholder validation.
Confirm the “how” of the presentation by focusing on engaging your audience, getting what you need, and creating a feedback cycle.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Determine the IT update’s scope and goals and identify stakeholder requirements
IT update scope and goals
Business stakeholder goals and requirements
1.1 Determine/validate the IT update scope
1.2 Determine/validate the IT update goals
1.3 Business context analysis
1.4 Determine stakeholder needs and expectations
1.5 Confirm business goals and requirements
Documented IT update scope
Documented IT update goals
Validated business context
Stakeholder requirements analysis
Confirmed business goals and requirements
Analyze metrics and content and validate against business needs
Selection of key metrics
Metrics and content validated to business needs
2.1 Analyze current IT metrics
2.2 Review industry best-practice metrics
2.3 Align metrics and content to business stakeholder needs
Identification of key metrics
Finalization of key metrics
Metrics and content validated to business stakeholder needs
Create an IT update presentation that is optimized to business needs
Optimized IT update presentation
3.1 Understand the audience and how to best engage them
3.2 Determine how to present the pertinent data
3.3 IT update review with key business stakeholders
3.4 Final edits and review of IT update presentation
3.5 Pre-presentation checklist
Clarity on update audience
Draft IT update presentation
Business stakeholder feedback
Finalized IT update presentation
Confirmation on IT update presentation readiness
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Perform a measured value assessment for building and managing a minimum-viable PMO.
Focus on the minimum required to maintain accuracy of portfolio reporting and effectiveness in managing projects.
Emphasize reporting high-level project status as a way to identify and address issues to achieve the best results with the least effort.
Free PMs to focus on actually managing the project while still delivering accurate portfolio metrics.
Ensure project manager compliance with the portfolio reporting process by incorporating activities that create value.
Evaluate success and identify opportunities for further improvement.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Define goals and success criteria.
Finalize agenda.
Gather information: update project and resource lists (Info-Tech recommends using the Project Portfolio Workbook).
More efficiently organized and executed workshop.
Able to better customize and tailor content to your specific needs.
1.1 Discuss specific pain points with regards to project manager allocations
1.2 Review project lists, tools and templates, and other documents
1.3 Map existing strategies to Info-Tech’s framework
Understanding of where efforts must be focused in workshop
Assessment of what existing tools and templates may need to be included in zero-allocation workbook
Revisions that need to be made based on existing strategies
Assess current state (including review of project and resource lists).
Discuss and analyze SWOT around project and portfolio management.
Define target state.
Define standards / SOP / processes for project and portfolio management.
Gain perspective on how well your processes match up with the amount of time your project managers have for their PM duties.
Determine the value of the time and effort that your project teams are investing in project management activities.
Begin to define resource optimized processes for zero-allocation project managers.
Ensure consistent implementation of processes across your portfolio.
Establish project discipline and best practices that are grounded in actual project capacity.
2.1 Perform and/or analyze Minimum-Viable PMO Needs Assessment
2.2 SWOT analysis
2.3 Identify target allocations for project management activities
2.4 Begin to define resource optimized processes for zero-allocation project managers
Current state analysis based on Minimum-Viable PMO Needs Assessment
Overview of current strengths, weaknesses, opportunities and threats
Target state analysis based on Minimum-Viable PMO Needs Assessment
A refined Minimum-Viable Project and Portfolio Management SOP
Select and customize project and portfolio management toolkit.
Implement (test/pilot) toolkit and processes.
Customize project manager training plan.
Evaluate and refine toolkit and processes as needed.
Ensure consistent implementation of processes across your portfolio.
Establish project discipline and best practices that are grounded in actual project capacity.
A customized training session that will suit the needs of your project managers.
3.1 Customize the Zero-Allocation Toolkit to accommodate the needs of your projects
3.2 Test toolkit on projects currently underway
3.3 Tweak project manager training to suit the needs of your team
Customized Zero-Allocation Project Management Workbook
A tested and standardized copy of the workbook
A customized training session for your project managers (to take place on Day 4 of Info-Tech’s workshop)
Communicate project and portfolio management SOP to Project Managers.
Deliver project manager training: standards for portfolio reporting and toolkit.
Equip project managers to improve their level of discipline and documentation without spending more time in record keeping and task management.
Execute a successful training session that clearly and succinctly communicates your minimal and resource-optimized processes.
4.1 Project Manager Training, including communication of the processes and standard templates and reports that will be adopted by all project managers
Educated and disciplined project managers, aware of the required processes for portfolio reporting
Debrief from the training session.
Plan for ongoing evaluation and improvement.
Evaluate and refine toolkit and processes if needed.
Answer any remaining questions.
Assess portfolio and project manager performance in light of the strategy implemented.
Understanding of how to keep living documents like the workbook and SOP up to date.
Clearly defined next steps.
5.1 Review the customized tools and templates
5.2 Send relevant documentation to relevant stakeholders
5.3 Schedule review call
5.4 Schedule follow-up call with analysts to discuss progress in six months
Finalized workbook and processes
Satisfied and informed stakeholders
Scheduled review call
Scheduled follow-up call
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Understand the true drivers of customer satisfaction and build a process for managing and improving customer satisfaction.
EXECUTIVE BRIEF
“Healthy customer relationships are the paramount to long-term growth. When customers are satisfied, they remain loyal, spend more, and promote your company to others in their network. The key to high satisfaction is understanding and measuring the true drivers of satisfaction to enable the delivery of real customer value.
Most companies believe they know who their satisfied customers are and what keeps them satisfied, and 76% of B2B buyers expect that providers understand their unique needs (Salesforce Research, 2020). However, on average B2B companies have customer experience scores of less than 50% (McKinsey, 2016). This disconnect between customer expectations and provider experience indicates that businesses are not effectively measuring and monitoring satisfaction and therefore are not making meaningful enhancements to their service, offerings, and overall experience.
By focusing on the underlying drivers of customer satisfaction, organizations develop a truly accurate picture of what is driving deep satisfaction and loyalty, ensuring that their company will achieve sustainable growth and stay competitive in a highly competitive market.”
Emily Wright
Senior Research Analyst, Advisory
SoftwareReviews
Your Challenge |
Common Obstacles |
SoftwareReviews’ Approach |
---|---|---|
Getting a truly accurate picture of satisfaction levels among customers, and where to focus efforts to improve satisfaction, is challenging. Providers often find themselves reacting to customer challenges and being blindsided when customers leave. More effective customer satisfaction measurement is possible when providers self-assess for the following challenges:
|
What separates customer success leaders from developing a full view of their customers are several nagging obstacles:
|
Through the SoftwareReviews’ approach, customer success leaders will:
|
All companies measure satisfaction in some way, but many lack understanding of what’s truly driving customers to stay or leave. By understanding the true drivers of satisfaction, solution providers can measure and monitor satisfaction more effectively, pull actionable insights and feedback, and make changes to products and services that customers really care about. This will keep them coming back to you to have their needs met.
Measuring customer satisfaction is critical to understanding the overall health of your customer relationships and driving growth.
Through effective customer satisfaction measurement, organizations can:
Improve Customer Experience |
Increase Retention and CLV |
Increase Profitability |
Reduce Costs |
---|---|---|---|
|
|
|
|
“Measuring customer satisfaction is vital for growth in any organization; it provides insights into what works and offers opportunities for optimization. Customer satisfaction is essential for improving loyalty rate, reducing costs and retaining your customers.”
-Ken Brisco, NICE, 2019
Direct and Indirect Costs |
Being unaware of true drivers of satisfaction that are never remedied costs your business directly through customer churn, service costs, etc. |
---|---|
Tarnished Brand |
Tarnished brand through not resolving issues drives dissatisfaction; dissatisfied customers share their negative experiences, which can damage brand image and reputation. |
Waste Limited Resources |
Putting limited resources towards vanity programs and/or fixes that have little to no bearing on core satisfaction drivers wastes time and money. |
“When customer dissatisfaction goes unnoticed, it can slowly kill a company. Because of the intangible nature of customer dissatisfaction, managers regularly underestimate the magnitude of customer dissatisfaction and its impact on the bottom line.”
- Lakshmiu Tatikonda, “The Hidden Costs of Customer Dissatisfaction”, 2013
Most companies struggle to understand what’s truly driving customers to stay or leave. By understanding the true satisfaction drivers, tech providers can measure and monitor satisfaction more effectively, avoiding the numerous harmful consequences that result from average customer satisfaction measurement.
|
|
Surface-level satisfaction has immediate effects, but they are usually short-term or limited to certain groups of users. There are several factors that contribute to satisfaction including:
Deep satisfaction has long-term and meaningful impacts on the way that organizations work. Deep satisfaction has staying power and increases or maintains satisfaction over time, by reducing complexity and delivering exceptional quality for end-users and IT alike. This report found that the following capabilities provided the deepest levels of satisfaction:
The above solve issues that are part of everyday problems, and each drives satisfaction in deep and meaningful ways. While surface-level satisfaction is important, deep and impactful capabilities can sustain satisfaction for a longer time.
Driving deep satisfaction among software customers vs. surface-level measures is key
Vendor capabilities and product features correlate significantly to buyer satisfaction
Yet, it’s the emotional attributes – what we call the “Emotional Footprint”, that correlate more strongly
Software companies looking to improve customer satisfaction will focus on business value created and the Emotional Footprint attributes outlined here.
The essential ingredient is understanding how each is defined by your customers.
Leaders focus on driving improvements as described by customers.
These true drivers of satisfaction should be considered in your customer satisfaction measurement and monitoring efforts. The experience customers have with your product and brand is what will differentiate your brand from competitors, and ultimately, power business growth. Talk to a SoftwareReviews Advisor to learn how users rate your product on these satisfaction drivers in the SoftwareReviews Emotional Footprint Report.
“81% of organizations cite CX as a competitive differentiator. The top factor driving digital transformation is improving CX […] with companies reporting benefits associated with improving CX including:
– Dan Cote, “Advocacy Blooms and Business Booms When Customers and Employees Engage”, Influitive, 2021
1. Identify true customer satisfaction drivers |
2. Develop metrics dashboard |
3. Develop customer satisfaction measurement and management plan |
|
---|---|---|---|
Phase Steps |
|
|
|
Phase Outcomes |
|
|
|
All software companies measure satisfaction in some way, but many lack understanding of what’s truly driving customers to stay or leave. By understanding the true drivers of satisfaction, solution providers can measure and monitor satisfaction more effectively, pull actionable insights and feedback, and make changes to products and services that customers really care about and which will keep them coming back to you to have their needs met.
Positive experiences drive satisfaction more so than features and cost
According to our analysis of software buyer reviews data*, the biggest drivers of satisfaction and likeliness to recommend are the positive experiences customers have with vendors and their products. Customers want to feel that:
Measure Key Relationship KPIs to gauge satisfaction
Key metrics to track include the Business Value Created score, Net Emotional Footprint, and the Love/Hate score (the strength of emotional connection).
Orient the organization around customer experience excellence
Have a designated committee for customer satisfaction measurement
Best in class organizations create customer satisfaction committees that meet regularly to measure and monitor customer satisfaction, resolve issues quickly, and work towards improved customer experience and profit outcomes.
Use metrics that align to top satisfaction drivers
This will give you a more accurate and fulsome view of customer satisfaction than standard satisfaction metrics alone will.
Identify True Customer Satisfaction Drivers |
Develop Metrics Dashboard | Develop Customer Satisfaction Measurement and Management Plan |
---|---|---|
Call #1: Discuss current pain points and barriers to successful customer satisfaction measurement, monitoring and maintenance. Plan next call – 1 week. Call #2: Discuss all available data, noting any gaps. Develop plan to fill gaps, discuss feasibility and timelines. Plan next call – 1 week. Call #3: Walk through SoftwareReviews reports to understand EF and satisfaction drivers. Plan next call – 3 days. Call #4: Segment customers and document key satisfaction drivers. Plan next call – 2 week. |
Call #5: Document business goals and align them to metrics. Plan next call – 1 week. Call #6: Complete the SoftwareReviews satisfaction measurement diagnostic. Plan next call – 3 days. Call #7: Score list of metrics that align to satisfaction drivers. Plan next call – 2 days. Call #8: Develop metrics dashboard and definitions. Plan next call – 2 weeks. Call #9: Finalize metrics dashboard and definitions. Plan next call – 1 week. |
Call #10: Discuss committee and determine governance. Plan next call – 2 weeks. Call #11: Map out gaps in satisfaction along customer journey as they relate to top satisfaction drivers. Plan next call –2 weeks. Call #12: Develop plan and roadmap for satisfaction improvement. Plan next call – 1 week. Call #13: Finalize plan and roadmap. Plan next call – 1 week. Call # 14: Review and coach on communication deck. |
A Guided Implementation (GI) is series of calls with a SoftwareReviews Advisory analyst to help implement our best practices in your organization.
For guidance on marketing applications, we can arrange a discussion with an Info-Tech analyst.
Your engagement managers will work with you to schedule analyst calls.
DIY Toolkit |
Guided Implementation |
Workshop |
Consulting |
---|---|---|---|
“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.” | “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.” | “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.” | “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.” |
Included within Advisory Membership | Optional add-ons |
“Are you experienced?” Bain & Company, Apr. 2015. Accessed 6 June. 2022.
Brisco, Ken. “Measuring Customer Satisfaction and Why It’s So Important.” NICE, Feb. 2019. Accessed 6 June. 2022.
CMO.com Team. “The Customer Experience Management Mandate.” Adobe Experience Cloud Blog, July 2019. Accessed 14 June. 2022.
Cote, Dan. “Advocacy Blooms and Business Booms When Customers and Employees Engage.” Influitive, Dec. 2021. Accessed 15 June. 2022.
Fanderl, Harald and Perrey, Jesko. “Best of both worlds: Customer experience for more revenues and lower costs.” McKinsey & Company, Apr. 2014. Accessed 15 June. 2022.
Gallemard, Jeremy. “Why – And How – Should Customer Satisfaction Be Measured?” Smart Tribune, Feb. 2020. Accessed 6 June. 2022.
Kumar, Swagata. “Customer Success Statistics in 2021.” Customer Success Box, 2021. Accessed 17 June. 2022.
Lakshmiu Tatikonda, “The Hidden Costs of Customer Dissatisfaction”, Management Accounting Quarterly, vol. 14, no. 3, 2013, pp 38. Accessed 17 June. 2022.
Loper, Matthew. “Why ‘Customer Satisfaction’ Misses the Mark – And What to Measure Instead.” Newsweek, Jan. 2022. Accessed 16 June. 2022.
Maechler, Nicolas, et al. “Improving the business-to-business customer experience.” McKinsey & Company, Mar. 2016. Accessed 16 June.
“New Research from Dimension Data Reveals Uncomfortable CX Truths.” CISION PR Newswire, Apr. 2017. Accessed 7 June. 2022.
Sheth, Rohan. 75 Must-Know Customer Experience Statistics to move Your Business Forward in 2022.” SmartKarrot, Feb. 2022. Accessed 17 June. 2022.
Smith, Mercer. “111 Customer Service Statistics and Facts You Shouldn’t Ignore.” HelpScout, May 2022. Accessed 17 June. 2022.
“State of the Connected Customer.” Salesforce, 2020. Accessed 14 June. 2022
“The true value of customer experiences.” Deloitte, 2018. Accessed 15 June. 2022.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Begin the project by creating a vulnerability management team and determine how vulnerabilities will be identified through scanners, penetration tests, third-party sources, and incidents.
Determine how vulnerabilities will be triaged and evaluated based on intrinsic qualities and how they may compromise business functions and data sensitivity.
Address the vulnerabilities based on their level of risk. Patching isn't the only risk mitigation action; some systems simply cannot be patched, but other options are available. Reduce the risk down to medium/low levels and engage your regular operational processes to deal with the latter.
Evolve the program continually by developing metrics and formalizing a policy.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Establish a common understanding of vulnerability management, and define the roles, scope, and information sources of vulnerability detection.
Attain visibility on all of the vulnerability information sources, and a common understanding of vulnerability management and its scope.
1.1 Define the scope & boundary of your organization’s security program.
1.2 Assign responsibility for vulnerability identification and remediation.
1.3 Develop a monitoring and review process of third-party vulnerability sources.
1.4 Review incident management and vulnerability management
Defined scope and boundaries of the IT security program
Roles and responsibilities defined for member groups
Process for review of third-party vulnerability sources
Alignment of vulnerability management program with existing incident management processes
We will examine the elements that you will use to triage and analyze vulnerabilities, prioritizing using a risk-based approach and prepare for remediation options.
A consistent, documented process for the evaluation of vulnerabilities in your environment.
2.1 Evaluate your identified vulnerabilities.
2.2 Determine high-level business criticality.
2.3 Determine your high-level data classifications.
2.4 Document your defense-in-depth controls.
2.5 Build a classification scheme to consistently assess impact.
2.6 Build a classification scheme to consistently assess likelihood.
Adjusted workflow to reflect your current processes
List of business operations and their criticality and impact to the business
Adjusted workflow to reflect your current processes
List of defense-in-depth controls
Vulnerability Management Risk Assessment tool formatted to your organization
Vulnerability Management Risk Assessment tool formatted to your organization
Identifying potential remediation options.
Developing criteria for each option in regard to when to use and when to avoid.
Establishing exception procedure for testing and remediation.
Documenting the implementation of remediation and verification.
Identifying and selecting the remediation option to be used
Determining what to do when a patch or update is not available
Scheduling and executing the remediation activity
Planning continuous improvement
3.1 Develop risk and remediation action.
List of remediation options sorted into “when to use” and “when to avoid” lists
You will determine what ought to be measured to track the success of your vulnerability management program.
If you lack a scanning tool this phase will help you determine tool selection.
Lastly, penetration testing is a good next step to consider once you have your vulnerability management program well underway.
Outline of metrics that you can then configure your vulnerability scanning tool to report on.
Development of an inaugural policy covering vulnerability management.
The provisions needed for you to create and deploy an RFP for a vulnerability management tool.
An understanding of penetration testing, and guidance on how to get started if there is interest to do so.
4.1 Measure your program with metrics, KPIs, and CSFs.
4.2 Update the vulnerability management policy.
4.3 Create an RFP for vulnerability scanning tools.
4.4 Create an RFP for penetration tests.
List of relevant metrics to track, and the KPIs, CSFs, and business goals for.
Completed Vulnerability Management Policy
Completed Request for Proposal (RFP) document that can be distributed to vendor proponents
Completed Request for Proposal (RFP) document that can be distributed to vendor proponents
4 Analyst Perspective 5 Executive Summary 6 Common Obstacles 8 Risk-based approach to vulnerability management 16 Step 1.1: Vulnerability management defined 24 Step 1.2: Defining scope and roles 34 Step 1.3: Cloud considerations for vulnerability management |
33 Step 1.4: Vulnerability detection 46 Step 2.1: Triage vulnerabilities 51 Step 2.2: Determine high-level business criticality 56 Step 2.3: Consider current security posture 61 Step 2.4: Risk assessment of vulnerabilities 71 Step 3.1: Assessing remediation options |
80 Step 3.2: Scheduling and executing remediation 85 Step 3.3: Continuous improvement 89 Step 4.1: Metrics, KPIs, and CSFs 94 Step 4.2: Vulnerability management policy 97 Step 4.3: Select & implement a scanning tool 107 Step 4.4: Penetration testing 118 Summary of accomplishment |
119 Additional Support 120 Bibliography |
In this age of discovery, technology changes at such a rapid pace. New things are discovered, both in new technology and in old. The pace of change can often be very confusing as to where to start and what to do.
The ever-changing nature of technology means that vulnerabilities will always be present. Taking measures to address these completely will consume all your department’s time and resources. That, and your efforts will quickly become stale as new vulnerabilities are uncovered. Besides, what about the systems that simply can’t be patched? The key is to understand the vulnerabilities and the levels of risk they pose to your organization, to prioritize effectively and to look beyond patching.
A risk-based approach to vulnerability management will ensure you are prioritizing appropriately and protecting the business. Reduce the risk surface!
Vulnerability management is more than just systems and application patching. It is a full process that includes patching, compensating controls, segmentation, segregation, and heightened diligence in security monitoring.
![]() |
Jimmy Tom Research Advisor – Security, Privacy, Risk, and Compliance Info-Tech Research Group |
Your Challenge
Vulnerability scanners, industry alerts, and penetration tests are revealing more and more vulnerabilities, and it is unclear how to manage them. Organizations are struggling to prioritize the vulnerabilities for remediation, as there are many factors to consider, including the threat of the vulnerability and the potential remediation option. |
Common Obstacles
Patches are often seen as the answer to vulnerabilities, but these are not always the most suitable solution. Some systems deemed vulnerable simply cannot be patched or easily replaced. Companies are unaware of the risk implications that come from leaving the vulnerability open and from the remediation option itself. |
Info-Tech’s Approach
Design and implement a vulnerability management program that identifies, prioritizes, and remediates vulnerabilities. Understand what needs to be considered when implementing remediation options, including patches, configuration changes, and defense-in-depth controls. Build a process that is easy to understand and allows vulnerabilities to be remediated proactively, instead of in an ad hoc fashion. |
Vulnerability management does not always equal patch management. There is more than one way to tackle the problem, particularly if a system cannot be easily patched or replaced. If a vulnerability cannot be completely remediated, steps to reduce the risk to a tolerable level must be taken.
These barriers make vulnerability management difficult to address for many organizations:
|
CVSS Score Distribution From the National Vulnerability Database: ![]() (Source: NIST National Vulnerability Database Dashboard) |
Reduce the critical and high vulnerabilities below the risk threshold and operationalize the remediation of medium/low vulnerabilities by following your effective vulnerability management program cycles.
An inventory of your scanning tool and vulnerability threat intelligence data sources will help you determine a viable strategy for addressing vulnerabilities. Defining roles and responsibilities ahead of time will ensure you are not left scrambling when dealing with vulnerabilities.
Bring the vulnerabilities into context by assessing vulnerabilities based on your security posture and mechanisms and not just what your data sources report. This will allow you to gauge the true urgency of the vulnerabilities based on risk and determine an effective mitigation plan.
Address the vulnerabilities based on their level of risk. Patching isn't the only risk mitigation action; some systems simply cannot be patched, but other options are available.
Reduce the risk down to medium/low levels and engage your regular operational processes to deal with the latter.
Upon implementation of the program, measure with metrics to ensure that the program is successful. Improve the program with each iteration of vulnerability mitigation to ensure continuous improvement.
All actions to address vulnerabilities should be based on risk and the organization’s established risk tolerance.
Reduce the risk surface down below the risk threshold.
“For those of us in the vulnerability management space, ensuring that money, resources, and time are strategically spent is both imperative and difficult. Resources are dwindling fast, but the vulnerability problem sure isn’t.” (Kenna Security)
“Using vulnerability scanners to identify unpatched software is no longer enough. Keeping devices, networks, and digital assets safe takes a much broader, risk-based vulnerability management strategy – one that includes vulnerability assessment and mitigation actions that touch the entire ecosystem.” (Balbix)
“Unlike legacy vulnerability management, risk-based vulnerability management goes beyond just discovering vulnerabilities. It helps you understand vulnerability risks with threat context and insight into potential business impact.” (Tenable)
“A common mistake when prioritizing patching is equating a vulnerability’s Common Vulnerability Scoring System (CVSS) score with risk. Although CVSS scores can provide useful insight into the anatomy of a vulnerability and how it might behave if weaponized, they are standardized and thus don’t reflect either of the highly situational variables — namely, weaponization likelihood and potential impact — that factor into the risk the vulnerability poses to an organization.” (SecurityWeek)
60% — In 2019, 60% of breaches were due to unpatched vulnerabilities.
74% — In the same survey, 74% of survey responses said they cannot take down critical applications and systems to patch them quickly. (Source: SecurityBoulevard, 2019)
Taking a risk-based approach will allow you to focus on mitigating risk, rather than “just patching” your environment.
The average cost of a breach in 2020 is $3.86 million, and “…the price tag was much less for mature companies and industries and far higher for firms that had lackluster security automation and incident response processes.” (Dark Reading)
Vulnerability ManagementA risk-based approach |
Reduce the risk surface to avoid cost to your business, everything else is table stakes |
![]() ![]() |
1 |
Identify |
|
||||||||||||||||
Identify vulnerability management scanning tools & external threat intel sources (Mitre CVE, US-CERT, vendor alerts, etc.) | Vulnerability information feeds:
|
|||||||||||||||||
2 |
Analyze |
|||||||||||||||||
Assign actual risk (impact x urgency) to the organization based on current security posture
Triage based on risk › Your organization's risk tolerance threshold |
![]() |
|||||||||||||||||
3 |
Assess |
|||||||||||||||||
Plan risk mitigation strategy › | Consider:
|
Focus on developing the most efficient processes.
The vulnerability management market is relatively mature; however, vulnerability management remains a very relevant and challenging topic.
Security practitioners are inundated with the advice they need to prioritize their vulnerabilities. Every vulnerability scanning vendor will proclaim their ability to prioritize the identified vulnerabilities.
Third-party prioritization methodology can’t be effectively applied across all organizations. Each organization is too unique with different constraints. No tool or service can account for these variables.
When patching is not possible, other options exist: configuration changes (hardening), defense-in-depth, compensating controls, and even elevated security monitoring are possible options.
Vulnerability management is not only patch management. Patching is only one aspect.
Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:
Key deliverable:Vulnerability Management SOPThe Standard operating procedure (SOP) will comprise the end-to-end description of the program: roles & responsibilities, data flow, and expected outcomes of the program. ![]() |
Vulnerability Management Policy
Template for your vulnerability management policy. |
![]() |
Vulnerability Tracking Tool
This tool offers a template to track vulnerabilities and how they are remedied. |
![]() |
Vulnerability Scanning RFP Template
Request for proposal template for the selection of a vulnerability scanning tool. |
![]() |
Vulnerability Risk Assessment Tool
Methodology to assess vulnerability risk by determining impact and likelihood. |
![]() |
IT Benefits
|
Business Benefits
|
Phase | Measured Value |
Phase 1: Identify vulnerability sources |
|
Phase 2: Triage vulnerabilities and assign urgencies |
|
Phase 3: Remediate vulnerabilities |
|
Phase 4: Continually improve the vulnerability management process |
|
Potential financial savings from using Info-Tech resources | Phase 1 ($1,600) + Phase 2 ($6,400) + Phase 3 ($10,400) + Phase 4 ($10,400) = $28,800 |
A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.
A typical GI is between 8 to 12 calls over the course of 4 to 6 months.
What does a typical GI on this topic look like?
Phase 1 |
Phase 2 |
Phase 3 |
Phase 4 |
Call #1: Scope requirements, objectives, and your specific challenges.
Call #2: Discuss current state and vulnerability sources. |
Call #3: Identify triage methods and business criticality.
Call #4:Review current defense-in-depth and discuss risk assessment. |
Call #5: Discuss remediation options and scheduling.
Call #6: Review release and change management and continuous improvement. |
Call #7: Identify metrics, KPIs, and CSFs.
Call #8: Review vulnerability management policy. |
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
Day 1 | Day 2 | Day 3 | Day 4 | Day 5 | |
Activities |
Identify vulnerability sources1.1 What is vulnerability management? 1.2 Define scope and roles 1.3 Cloud considerations for vulnerability management 1.4 Vulnerability detection |
Triage and prioritize2.1 Triage vulnerabilities 2.2 Determine high-level business criticality 2.3 Consider current security posture 2.4 Risk assessment of vulnerabilities |
Remediate vulnerabilities3.1 Assess remediation options 3.2 Schedule and execute remediation 3.3 Drive continuous improvement |
Measure and formalize4.1 Metrics, KPIs & CSFs 4.2 Vulnerability Management Policy 4.3 Select & implement a scanning tool 4.4 Penetration testing |
Next Steps and Wrap-Up (offsite)5.1 Complete in-progress deliverables from previous four days 5.2 Set up review time for workshop deliverables and to discuss next steps |
Deliverables |
|
|
|
|
|
Phase 11.1 What is vulnerability management? |
Phase 22.1 Triage vulnerabilities |
||
Phase 33.1 Assessing remediation options |
Phase 44.1 Metrics, KPIs & CSFs |
Establish a common understanding of vulnerability management, define the roles, scope, and information sources of vulnerability detection.
None for this section
Establish a common understanding of vulnerability management and its place in the IT organization.
Foundational knowledge of vulnerability management in your organization.
Identify vulnerability sourcesStep 1.1 | Step 1.2 | Step 1.3 | Step 1.4 |
|
“Most organizations do not have a formal process for vulnerability management.” (Morey Haber, VP of Technology, BeyondTrust, 2016) |
It’s not easy, but it’s much harder without a process in place.
|
![]() You’re not just doing this for yourself. It’s also for your auditors.Many compliance and regulatory obligations require organizations to have thorough documentation of their vulnerability management practices. |
![]() |
Vulnerabilities can be found primarily within your assets but also connect to your information risk management. These must be effectively managed as part of a holistic security program.
Without management, vulnerabilities left unattended can be easy for attackers to exploit. It becomes difficult to identify the correct remediation option to mitigate against the vulnerabilities. |
Vulnerability Management Process Inputs/Outputs:![]() Arrows denote direction of information feed |
Vulnerability management serves as the input into a number of processes for remediation, including:
A two-way data flow exists between vulnerability management and:
|
|
|
Vulnerability management is a component of the Infrastructure Security section of Security Management
![]() |
For more information, review our Build an Information Security Strategy blueprint, or speak to one of our analysts.
Info-Tech InsightVulnerability management is but one piece of the information security puzzle. Ensure that you have all the pieces! |
Case Study |
![]() |
INDUSTRY: Manufacturing
|
One organization is seeing immediate benefits by formalizing its vulnerability management program.
Challenge
Cimpress was dealing with many challenges in regards to vulnerability management. Vulnerability scanning tools were used, but the reports that were generated often gave multiple vulnerabilities that were seen as critical or high and required many resources to help address them. Scanning was done primarily in an attempt to adhere to PCI compliance rather than to effectively enable security. After re-running some scans, Cimpress saw that some vulnerabilities had existed for an extended time period but were deemed acceptable. |
Solution
The Director of Information Security realized that there was a need to greatly improve this current process. Guidelines and policies were formalized that communicated when scans should occur and what the expectations for remediations should be. Cimpress also built a tiered approach to prioritize vulnerabilities for remediation that is specific to Cimpress instead of relying on scanning tool reports. |
Results
Cimpress found better management of the vulnerabilities within its system. There was no pushback to the adoption of the policies, and across the worldwide offices, business units have been proactively trying to understand if there are vulnerabilities. Vulnerability management has been expanded to vendors and is taken into consideration when doing any mergers and acquisitions. Cimpress continues to expand its program for vulnerability management to include application development and vulnerabilities within any existing legacy systems. |
Define and understand the scope and boundary of the security program. For example, does it include OT? Define roles and responsibilities for vulnerability identification and remediation
Understand how far vulnerability management extends and what role each person in IT plays in the remediation of vulnerabilities
Identify vulnerability sourcesStep 1.1 | Step 1.2 | Step 1.3 | Step 1.4 |
This will help you adjust the depth and breadth of your vulnerability management program.
|
![]() |
Input: List of Data Scope, Physical Scope, Organization Scope, and IT Scope
Output: Defined scope and boundaries of the IT security program
Materials: Whiteboard/Flip Charts, Sticky Notes, Markers, Vulnerability Management SOP Template
Participants: Business stakeholders, IT leaders, Security team members
The goal is to identify what your vulnerability management program is responsible for and document it.
Consider the following:
How is data being categorized and classified? How are business units engaged with security initiatives? How are IT systems connected to each other? How are physical locations functioning in terms of information security management?
Download the Vulnerability Management SOP Template
|
If you need assistance building your asset inventory, review Info-Tech’s Implement Hardware Asset Management and Implement Software Asset Management blueprints.
Info-Tech InsightCreate a formal IT asset inventory before continuing with the rest of this project. Otherwise, you risk being at the mercy of a weak vulnerability management program. |
Determine who is critical to effectively detecting and managing vulnerabilities.
|
![]() |
Input: Sample list of vulnerabilities and requisite actions from each group, High-level organizational chart with area functions
Output: Defined set of roles and responsibilities for member groups
Materials: Vulnerability Management SOP Template
Participants: CIO, CISO, IT Management representatives for each area of IT
If your organization does not have a dedicated IT security team, you can perform this exercise by mapping the relevant IT staff to the different positions shown on the right.
Download the Vulnerability Management SOP Template | ![]() |
None for this section.
Review cloud considerations for vulnerability management
Understand the various types of cloud offerings and the implications (and limitations) of vulnerability management in a cloud environment.
Identify vulnerability sourcesStep 1.1 | Step 1.2 | Step 1.3 | Step 1.4 |
Cloud will change your approach to vulnerability management.
|
![]() For more information, see Info-Tech Research Group’s Document Your Cloud Strategy blueprint. |
Cloud scanning is becoming a more common necessity but still requires special consideration.
Private Cloud | |
If your organization owns a private cloud, these environments can be tested normally. | |
Public Cloud | |
Performing vulnerability testing against public, third-party cloud environments is an area experiencing rapid growth and general acceptance, although customer visibility will still be limited.
In many cases, a customer must rely on the vendor’s assurance that vulnerabilities are being addressed in a sufficient manner. Security standards’ compliance requirements are driving the need for cloud suppliers to validate and assure that they are appropriately scanning for and remediating vulnerabilities. |
Infrastructure- or Platform-as-a-Service (IaaS or PaaS) Environments
Certain testing (e.g. DoS or load testing) will be very limited by your cloud vendor. Cloud vendors won’t open themselves to testing that would possibly impact their operations. |
Create an inventory of your vulnerability monitoring capability and third-party vulnerability information sources.
Determine how incident management and vulnerability management interoperate.
Catalog of vulnerability information data sources. Understanding of the intersection of incident management and vulnerability management.
Identify vulnerability sourcesStep 1.1 | Step 1.2 | Step 1.3 | Step 1.4 |
Vulnerabilities can be identified through numerous mediums.
Vulnerability Assessment and Scanning Tools
|
Penetration Tests
|
Open Source Monitoring
|
Security Incidents
|
Vulnerabilities are too numerous for manual scanning and detection.
|
Automation requires oversight.
For guidance on tool selectionRefer to section 4.3 Selecting and Implement a Scanning Tool in this blueprint. |
Select a vulnerability scanning tool with the features you need to be effective.
|
![]() For guidance on tool vendorsVisit SoftwareReviews for information on vulnerability management tools and vendors. |
One-off scans provide snapshots in time. Repeated scans over time provide tracking for how systems are changing and how well patches are being applied and software is being updated.
The results of a scan (asset inventory, configuration data, and vulnerability data) are basic information needed to understand your security posture. This data needs to be as up to date as possible.
Continuous scanning is the concept of providing continual scanning of your systems so any asset, configuration, or vulnerability information is up to date. Most vendors will advertise continuous scanning but you need to be skeptical of how this feature is met.
Continuous agent scanning
Real-time scanning that is completed through agent-based scanning. Provides real-time understanding of system changes. |
On-demand scanning
Cyclical scanning is the method where once you’re done scanning an area, you start it again. This is usually done because doing some scans on some areas of your network take time. How long the scan takes depends on the scan itself. How often you perform a scan depends on how long a scan takes. For example, if a scan takes a day, you perform a daily scan. |
Cloud-based scanning
Cloud-scanning-as-a-Service can provide hands-free continuous monitoring of your systems. This is usually priced as a subscription model. |
What should be scanned | How to point a scanner |
The general idea is that you want to scan pretty much everything. Here are considerations for three environments:
Mobile DevicesYou need to scan mobile devices for vulnerabilities, but the problem is these can be hard to scan and often come and go on your network. There are always going to be some devices that aren’t on the network when scanning occurs. Several ways to scan mobile devices:
Virtualization
Cloud Environments
|
|
IT security forums and mailing lists are another source of vulnerability information.
By monitoring for vulnerabilities as they are announced through industry alerts and open-source mechanisms, it is possible to identify vulnerabilities beyond your scanning tool’s penetration tests.
Common sources:
|
![]() |
IT security forums and mailing lists are another source of vulnerability information.
Input: Third-party resources list
Output: Process for review of third-party vulnerability sources
Materials: Whiteboard, Whiteboard markers, Vulnerability Management SOP Template
Participants: IT Security Manager, SecOps team members, ITOps team members, CISO
Download the Vulnerability Management SOP Template | ![]() |
Incidents can also be a sources of vulnerabilities.
When any incident occurs, for example:
There can be underlying vulnerabilities that need to be processed.
Three Types of IT Incidents exist:
Note: You need to have developed your various incident response plans to develop information feeds to the vulnerability mitigation process. |
Info-Tech Related Resources: | |
If you do not have a formalized information security incident management program, take a look at Info-Tech’s blueprint Develop and Implement a Security Incident Management Program.
If you do not have a formalized problem management process, take a look at Info-Tech’s blueprint Incident and Problem Management. |
If you do not have a formalized IT incident management process, take a look at Info-Tech’s blueprint Develop and Implement a Security Incident Management Program.
If you do not have formalized crisis management, take a look at Info-Tech’s blueprint Implement Crisis Management Best Practices. |
Input: Existing incident response processes, Existing crisis communications plans
Output: Alignment of vulnerability management program with existing incident management processes
Materials: Whiteboard, Whiteboard markers, Vulnerability Management SOP Template
Participants: IT Security Manager, SecOps team members, ITOps team members, including tiers 1, 2, and 3, CISO, CIO
Note: Most incident processes will cover some sort of root cause analysis and investigation of the incident. If a vulnerability of any kind is detected within this analysis it needs to be reported on and treated as a detected vulnerability, thus warranting the full vulnerability mitigation process.
Download the Vulnerability Management SOP Template
Phase 11.1 What is vulnerability management? |
Phase 22.1 Triage vulnerabilities |
||
Phase 33.1 Assessing remediation options |
Phase 44.1 Metrics, KPIs & CSFs |
Examine the elements that you will use to triage and analyze vulnerabilities, prioritizing using a risk-based approach, and prepare for remediation options.
Review your vulnerability information sources and determine a methodology that will be used to consistently evaluate vulnerabilities as your scanning tool alerts you to them.
A consistent, documented process for the evaluation of vulnerabilities in your environment.
Triage & prioritizeStep 2.1 | Step 2.2 | Step 2.3 | Step 2.4 |
When evaluating numerous vulnerabilities, use the following three factors to help determine the urgency of vulnerabilities:
Intrinsic qualities of the vulnerability — Vulnerabilities need to be examined for the inherent risk they pose specifically to the organization, which includes if an exploit has been identified or if the industry views this as a serious and likely threat.
Business criticality of the affected asset — Assets with vulnerabilities need to be assessed for their criticality to the business. Vulnerabilities on systems that are critical to business operations or customer interactions are usually top of mind.
Sensitivity of the data of the affected asset — Beyond just the criticality of the business, there must be consideration of the sensitivity of the data that may be compromised or modified as a result of any vulnerabilities.
This methodology allows you to determine urgency of vulnerabilities, but your remediation approach needs to be risk-based, within the context of your organization.
Triaging enables your vulnerability management program to focus on what it should focus on.
Use the Info-Tech Vulnerability Mitigation Process Template to define how to triage vulnerabilities as they first appear. Triaging is an important step in vulnerability management, whether you are facing ten to tens of thousands of vulnerability notifications.
|
The Info-Tech methodology for initial triaging of vulnerabilities:![]() Even if neither of these use cases apply to your organization, triaging still addresses the issues of false positives. Triaging provides a quick way to determine if vulnerabilities are relevant. |
Input: Visio workflow of Info-Tech’s vulnerability management process
Output: Adjusted workflow to reflect your current processes, Vulnerability Tracking Tool
Materials: Whiteboard, Whiteboard markers, Vulnerability Management SOP Template
Participants: IT Security Manager, SecOps team members, ITOps team members, including tiers 1, 2, and 3, CISO, CIO
Using the criteria from the previous slide, Info-Tech has created a methodology to evaluate your vulnerabilities by examining their intrinsic qualities.
The methodology categorizes the vulnerabilities into high, medium, and low risk importance categorizations, before assigning final urgency scores in the later steps.
Download the Vulnerability Management SOP Template
Determining high-level business criticality and data classifications will help ensure that IT security is aligned with what is critical to the business. This will be very important when decisions are made around vulnerability risk and the urgency of remediation action.
Understanding and consistency in how business criticality and business data is assessed by IT in the vulnerability management process.
Triage & prioritizeStep 2.1 | Step 2.2 | Step 2.3 | Step 2.4 |
Use the questions below to help assess which operations are critical for the business to continue functioning.
For example, email is often thought of as a business-critical operation when this is not always the case. It is important to the business, but as regular operations can continue for some time without it, it would not be considered extremely business critical.
|
Don’t start from scratch – your disaster recovery plan (DRP) may have a business impact analysis (BIA) that can provide insight into which applications and operations are considered business critical.
Analyst PerspectiveWhen assessing the criticality of business operations, most core business applications may be deemed business critical over the long term. Consider instead what the impact is over the first 24 or 48 hours of downtime. |
Input: List of business operations, Insight into business operations impacts to the business
Output: List of business operations and their criticality and impact to the business
Materials: Vulnerability Management SOP Template
Participants: Participants from the business, IT Security Manager, CISO, CIO
Example prioritization of business operations for a manufacturing company: | ![]() |
Questions to ask:
|
Download the Vulnerability Management SOP Template
To properly classify your data, consider how the confidentiality, integrity, and availability of that data would be affected if it were to be exploited by a vulnerability. Review the table below for an explanation for each objective.
If you wish to build a whole data classification methodology, refer to our Discover and Classify Your Data blueprint. |
How to determine data classification when CIA differs:
The overall ranking of the data will be impacted by the highest objective’s ranking. For example, if confidentiality and availability are low, but integrity is high, the overall impact is high. This process was developed in part by Federal Information Processing Standards Publication 199. |
Input: Knowledge of data use and sensitivity
Output: Adjusted workflow to reflect your current processes, Vulnerability Tracking Tool
Materials: Whiteboard, Whiteboard markers, Vulnerability Management SOP Template
Participants: IT Security Manager, CISO, CIO
If your organization has formal data classification in place, it should be leveraged to determine the high, medium, and low rankings necessary for the process flows. However, if there is no formal data classification in place, the process below can be followed:
Download the Vulnerability Management SOP Template
This process should be part of your larger data classification program. If you need assistance in building this out, review the Info-Tech research, Discover and Classify Your Data.
Your defense-in-depth controls are the existing layers of security technology that protects your environment. These are relevant when considering the urgency and risk of vulnerabilities in your environment, as they will mitigate some of the risk.
Understanding and documentation of your current defense-in-depth controls.
Triage & prioritizeStep 2.1 | Step 2.2 | Step 2.3 | Step 2.4 |
What you have today matters.
|
![]() |
What does your network look like?
|
What’s the relevance to vulnerability management?
For a vulnerability to be exploited, a malicious actor must find a way to access the vulnerable system to make use of the vulnerability in question. Any enterprise architecture characteristics that you have in place may lessen the probability of a successful vulnerability exploit. This may potentially “buy time” for SecOps to address and remediate the vulnerability. |
Note: Defense-in-depth controls do not entirely mitigate vulnerability risk. They provide a way in which the vulnerability cannot be exploited, but it continues to exist on the application. This must be kept in mind as the controls or applications themselves change, as it can re-open the vulnerability and cause potential problems. |
Examples of defense-in-depth controls can consist of any of the following:
|
Input: List of technologies within your environment, List of IT security controls that are in place
Output: List of defense-in-depth controls
Materials: Whiteboard/flip charts, Vulnerability Management SOP Template
Participants: IT Security Manager, Infrastructure Manager, IT Director, CISO
Download the Vulnerability Management SOP Template |
![]() |
Assessing risk will be the cornerstone of how you evaluate vulnerabilities and what priority you place on remediation. This is actual risk to the organization and not simply what the tool reports without the context of your defense-in-depth controls.
A risk matrix tailored to your organization, based on impact and likelihood. This will provide a consistent, unambiguous way to assess risk across the vulnerability types that is reported by your scanning tool.
Triage & prioritizeStep 2.1 | Step 2.2 | Step 2.3 | Step 2.4 |
Vulnerabilities must be addressed to mitigate risk to the business.
|
![]() Info-Tech InsightRisk to the organization is business language that everyone can understand. This is particularly true when the risk is to productivity or to the company’s bottom line. |
CVSS scores are just the starting point!
Vulnerabilities are constant.
|
Info-Tech InsightVulnerability scanning is a valuable function, but it does not tell the full picture. You must determine how urgent a vulnerability truly is, based on your specific environment. |
|
Mitigate the risk surface by reducing the time across the phases![]() |
Risk = Impact x Likelihood
Info-Tech InsightRisk determination should be done within the context of your current environment and not simply based on what your vulnerability tool is reporting. |
A risk matrix is useful in calculating a risk rating for vulnerabilities. ![]() |
Input: Knowledge of IT environment, Knowledge of business impact for each IT component or service
Output: Vulnerability Management Risk Assessment Tool formatted to your organization
Materials: Vulnerability Management Risk Assessment Tool
Participants: Functional Area Managers, IT Security Manager, CISO
Risk always has a negative impact, but the size of the impact can vary considerably in terms of cost, number of people or sites affected, and the severity of the impact. Impact questions tend to be more objective and quantifiable than likelihood questions.
Note that you are looking to baseline vulnerability types, rather than categorizing every single vulnerability your scanning tool reports. The volume of vulnerabilities will be high, but vulnerabilities can be categorized into types on a regular basis.
Download the Vulnerability Management Risk Assessment Tool |
![]() |
Input: Knowledge of IT environment, Knowledge of business impact for each IT component or service
Output: Vulnerability Management Risk Assessment Tool formatted to your organization
Materials: Vulnerability Management Risk Assessment Tool
Participants: Functional Area Managers, IT Security Manager, CISO
Risk always has a negative impact, but the size of the impact can vary considerably in terms of cost, number of people or sites affected, and the severity of the impact. Impact questions tend to be more objective and quantifiable than likelihood questions.
Note that you are looking to baseline vulnerability types, rather than categorizing every single vulnerability that your scanning tool reports. The volume of vulnerabilities will be high, but vulnerabilities can be categorized into types on a regular basis.
Download the Vulnerability Management Risk Assessment Tool |
![]() |
Select the best remediation option to minimize risk.
Through the combination of the identified risk and remediation steps in this phase, the prioritization for vulnerabilities will become clear. Vulnerabilities will be assigned a priority once their intrinsic qualities and threat potential to business function and data have been identified.
|
Prioritization
Remediation plays an incredibly important role in the entire program. It plays a large part in wider risk management when you must consider the risk of the vulnerability, the risk of the remediation option, and the risk associated with the overall process. |
Phase 11.1 What is vulnerability management? |
Phase 22.1 Triage vulnerabilities |
||
Phase 33.1 Assessing remediation options |
Phase 44.1 Metrics, KPIs & CSFs |
This phase will allow organizations to build out the specific processes for remediating vulnerabilities. The overall process will be the same but what will be critical is the identification of the correct material. This includes building the processes around:
Each remediation option carries a different level of risk that the organization needs to consider and accept by building out this program. |
It is necessary to be prepared to do this in real time. Careful documentation is needed when dealing with vulnerabilities. Use the Vulnerability Tracking Tool to assist with documentation in real time. This is separate from using the process template but can assist in the documentation of vulnerabilities. |
With the risk assessment from the previous activity, we can now examine remediation options and make a decision. This activity will guide us through that.
List of remediation options and criteria on when to consider each.
Remediate vulnerabilitiesStep 3.1 | Step 3.2 | Step 3.3 |
There are four options when it comes to vulnerability remediation.
Patches and Updates
Patches are software or pieces of code that are meant to close vulnerabilities or provide fixes to any bugs within existing software. These are typically provided by the vendor to ensure that any deployed software is properly protected after vulnerabilities have been detected. |
Configuration Changes
Configuration changes involve administrators making significant changes to the system or network to remediate against the vulnerability. This can include disabling the vulnerable application or specific element and can even extend to removing the application altogether. |
Remediation |
|
Compensating Controls
By leveraging security controls, such as your IDS/IPS, firewalls, or access control, organizations can have an added layer of protection against vulnerabilities beyond the typical patches and configuration changes. This can be used as a measure while waiting to implement another option (if one exists) to reduce the risk of the vulnerability in the short or long term. |
Risk Acceptance
Whenever a vulnerability is not remediated, either indefinitely or for a short period of time, the organization is accepting the associated risk. Segregation of the vulnerable system can occur in this instance. This can occur in cases where a system or application cannot be updated without detrimental effect to the business. |
When to use
|
When to avoid
|
When to consider other remediation options
|
|
Examples of compensating controls
|
When to use
|
When to avoid
|
When to consider other remediation options
|
Info-Tech InsightRemember your existing processes: configuration changes may need to be approved and orchestrated through your organization’s configuration and change management processes. |
Case StudyRemediation options do not have to be used separately. Use the Shellshock 2014 case as an example. |
INDUSTRY: All
|
Challenge
Bashdoor, more commonly known as Shellshock, was announced on September 24, 2014. This bug involved the Bash shell, which normally executes user commands, but this vulnerability meant that malicious attackers could exploit it. This was rated a 10/10 by CVSS – the highest possible score. Within hours of the announcement, hackers began to exploit this vulnerability across many organizations. |
Solution
Organizations had to react quickly and multiple remediation options were identified:
|
Results
Companies began to protect themselves against these vulnerabilities. While many organizations installed patches as quickly as possible, some also wished to test the patch and leveraged defense-in-depth controls in the interim. However, even today, many still have the Shellshock vulnerability and exploits continue to occur. |
Every time that a vulnerability is not remediated, it continues to pose a risk to the organization. While it may seem that every vulnerability needs to be remediated, this is simply not possible due to limited resources. Further, it can take away resources from other security initiatives as opposed to low-priority vulnerabilities that are extremely unlikely to be exploited.
Common criteria for vulnerabilities that are not remediated:
Risk acceptance is not uncommon…
|
Enterprise risk management
While these are common criteria, they must be aligned to the enterprise risk management framework and approved by management.
Don’t forget the variables that were assessed in Phase 2. This includes the risk from potential lateral movement or if there is an existing exploit. |
When determining if risk acceptance is appropriate, consider the cost of not mitigating vulnerabilities.
With risk acceptance, it is important to review the financial impact of a security incident resulting from that vulnerability. There is always the possibility of exploitation for vulnerabilities. A simple metric taken from NIST SP800-40 to use for this is:
Cost not to mitigate = W * T * RWhere (W) is the number of work stations, (T) is the time spent fixing systems or lost in productivity, and (R) is the hourly rate of the time spent. |
|
As an example provided by NIST SP800-40 Version 2.0, Creating a Patch and Vulnerability Management Program:
“For an organization where there are 1,000 computers to be fixed, each taking an average of 8 hours of down time (4 hours for one worker to rebuild a system, plus 4 hours the computer owner is without a computer to do work) at a rate of $70/hour for wages and benefits: 1,000 computers * 8 hours * $70/hour = $560,000” |
Info-Tech InsightAlways consider the financial impact that can occur from an exploited vulnerability that was not remediated. |
Input: List of remediation options
Output: List of remediation options sorted into “when to use” and “when to avoid” lists
Materials: Whiteboard/flip charts, Vulnerability Management SOP Template
Participants: IT Security Manager, IT Infrastructure Manager, IT Operations Manager, Corporate Risk Officer, CISO
It is important to define and document your organization-specific criteria for when a remediation option is appropriate and inappropriate.
When to use:
|
When to avoid:
|
Download the Vulnerability Management SOP Template
None for this section.
Although there are no specific activities for this section, it will walk you through your existing processes configuration and change management to ensure that you are leveraging those activities in your vulnerability remediation actions.
Gained understanding of how IT operations processes configuration and change management can be leveraged for the vulnerability remediation process. Don’t reinvent the wheel!
Remediate vulnerabilitiesStep 3.1 | Step 3.2 | Step 3.3 |
Vulnerability management converges with your IT operations functions.
|
![]() |
For guidance on implementing or improving your release management process, refer to Info-Tech’s Stabilize Release and Deployment Management blueprint or speak to one of our experts. |
Info-Tech InsightMany organizations don’t have a separate release team. Rather, whomever is doing the deployment will submit a change request and the testing details are vetted through the organization’s change management process. For guidance on the change management process review our Optimize Change Management blueprint. |
Leverage change control, interruption management, approval, and scheduling.
For further guidance on implementing or improving your change management process, refer to Info-Tech’s Optimize Change Management blueprint or speak to one of our experts. |
“With no controls in place, IT gets the blame for embarrassing outages. Too much control, and IT is seen as a roadblock to innovation.” (VP IT, Federal Credit Union) |
Vulnerability remediation isn’t a “set it and forget it” activity.
|
A scan with your vulnerability management software after remediation can be a way to verify that the overall risk has been reduced, if remediation was done by way of patching/updates.
Info-Tech InsightAfter every change completion, whether due to vulnerability remediation or not, it is a good idea to ensure that your infrastructure team increases its monitoring diligence and that your service desk is ready for any sudden influx of end-user calls. |
None for this section.
Although this section has no activities, it will review the process by which you may continually improve vulnerability management.
An understanding of the importance of ongoing improvements to the vulnerability management program.
Remediate vulnerabilitiesStep 3.1 | Step 3.2 | Step 3.3 |
|
“The success rate for continual improvement efforts is less than 60 percent. A major – if not the biggest – factor affecting the deployment of long-term continual improvement initiatives today is the fundamental change taking place in the way companies manage and execute work.” (Industry analyst at a consulting firm, 2014) |
Continuously re-evaluate the vulnerability management process.
As your systems and assets change, your vulnerability management program may need updates in two ways.
When new assets and systems are introduced:
Effective systems and asset management are needed to track this. Review Info-Tech’s Implement Systems Management to Improve Availability and Visibility blueprint for more help. Document any changes to the vulnerability management program in the Vulnerability Management SOP Template. |
When defense-in-depth capabilities are modified:
To assist in building a defense-in-depth model, review Build an Information Security Strategy. |
Phase 11.1 What is vulnerability management? |
Phase 22.1 Triage vulnerabilities |
||
Phase 33.1 Assessing remediation options |
Phase 44.1 Metrics, KPIs & CSFs |
After a review of the differences between raw metrics, key performance indicators (KPI), and critical success factors (CSF), compile a list of what metrics you will be tracking, why, and the business goals for each.
Outline of metrics you can configure your vulnerability scanning tool to report on.
Measure and formalizeStep 4.1 | Step 4.2 | Step 4.3 | Step 4.4 |
|
![]() |
Tracking the right information and making the information relevant.
|
The activity tracker on your wrist is a wealth of metrics, KPIs, and CSFs.
If you wear an activity tracker, you are likely already familiar with the differences between metrics, key performance indicators, and critical success factors:
Your security systems can be similarly measured and tracked – transfer this skill! |
Business Goal |
Critical Success Factor |
Key Performance Indicator |
Metric to track |
Minimize overall risk exposure | Reduction of overall risk due to vulnerabilities | Decrease in vulnerabilities | Track the number of vulnerabilities year after year. |
Appropriate allocation of time and resources | Proper prioritization of vulnerability mitigation activities | Decrease of critical and high vulnerabilities | Track the number of high-urgency vulnerabilities. |
Consistent timely remediation of threats to the business | Minimize risk when vulnerabilities are detected | Remediate vulnerabilities more quickly | Mean time to detect: track the average time between the identification to remediation. |
Track effectiveness of scanning tool | Minimize the ratio, indicating that the tool sees everything | Ratio between known assets and what the scanner tracks | Scanner coverage compared to known assets in the organization. |
Having effective tools to track and address | Accuracy of the scanning tool | Difference or ratio between reported vulnerabilities and verified ones | Number of critical or high vulnerabilities verified, between the scanning tool’s criticality rating and actual criticality. |
Reduction of exceptions to ensure minimal exposure | Visibility into persistent vulnerabilities and risk mitigation measures | Number of exceptions granted | Number of vulnerabilities in which little or no remediation action was taken. |
Input: List of metrics current being measured by the vulnerability management tool
Output: List of relevant metrics to track, and the KPIs, CSFs, and business goals related to the metric
Materials: Whiteboard/flip charts, Vulnerability Management SOP Template
Participants: IT Security Manager, IT operations management, CISO
Metrics can offer a way to view how the organization is dealing with vulnerabilities and if there is improvement.
Download the Vulnerability Management SOP Template
If you have a vulnerability management policy, this activity may help augment it. Otherwise, if you don’t have one, this would be a great starting point.
An inaugural policy covering vulnerability management
Measure and formalizeStep 4.1 | Step 4.2 | Step 4.3 | Step 4.4 |
Policies provide governance and enforcement of processes.
|
![]() |
Input: Vulnerability Management SOP, HR guidance on policy creation and approval
Output: Completed Vulnerability Management Policy
Materials: Vulnerability Management SOP, Vulnerability Management Policy Template
Participants: IT Security Manager, IT operations management, CISO, Human resources representative
After having built your entire process in this project, formalize it into a vulnerability management policy. This will set the standards and expectations for vulnerability management in the organization, while the process will be around the specific actions that need to be taken around vulnerability management.
This is separate and distinct from the Vulnerability Management SOP Template, which is a process and procedure document.
|
![]() |
Download the Vulnerability Management Policy Template
If you need to select a new vulnerability scanning tool, or replace your existing one, this activity will help set up a request for proposal (RFP).
The provisions needed for you to create and deploy an RFP for a vulnerability management tool.
Measure and formalizeStep 4.1 | Step 4.2 | Step 4.3 | Step 4.4 |
Similar in nature, yet provide different security functions.
Vulnerability Scanning Tools
Scanning tools focus on the network and operating systems. These tools look for items such as missing patches or open ports. They won’t detect specific application vulnerabilities. |
Exploitation Tools
These tools will look to exploit a detected vulnerability to validate it. |
Penetration Tests
A penetration test simulates the actions of an external or internal cyber attacker that aims to breach the information security of the organization. (Formal definition of penetration test) |
|
‹————— What’s the difference again? —————› | |||
Vulnerability scanning tools are just one type of tool. | When you add an exploitation tool to the mix, you move down the spectrum. | Penetration tests will use scanning tools, exploitation tools, and people. | |
What is the value of each?
|
What’s the implication for me?Info-Tech Recommends:
|
Scanning tools will benefit areas beyond just vulnerability management
Vulnerability Detection Use CaseMost organizations use scanners to identify and assess system vulnerabilities and prioritize efforts. Compliance Use CaseOthers will use scanners just for compliance, auditing, or larger GRC reasons. Asset Discovery Use CaseMany organizations will use scanners to perform active host and application identification. |
Scanning Tool Market TrendsVulnerability scanning tools have expanded value from conventional checking for vulnerabilities to supporting configuration checking, asset discovery, inventory management, patch management, SSL certificate validation, and malware detection. Expect to see network and system vulnerability scanners develop larger vulnerability management functions and develop exploitation tool functionality. This will become a table stakes option enabling organizations to provide higher levels of validation of detected vulnerabilities. Some tools already possess these capabilities:
Device proliferation (BYOD, IoT, etc.) is increasing the need for stronger vulnerability management and scanners. This is driving the need for numerous device types and platform support and the development of baseline and configuration norms to support system management. Increased regulatory or compliance controls are also stipulating the need for vulnerability scanning, especially by a trusted third party. Organizations are outsourcing security functions or moving to cloud-based deployment options for any security technology they can. Expect to see massive growth of vulnerability scanning as a service. |
Vulnerability Exploitation Tools
|
Scanning Tool Market Trends
Web Application Scanning ToolsThese tools perform dynamic application security testing (DAST) and static application security testing (SAST). Application Scanning and Testing Tools
|
|
|
|||||||||||||||||||||
Common areas people mistake as tool differentiators:
For more information on vulnerability scanning tools and how they rate, review the Vulnerability Management category on SoftwareReviews. |
Option |
Description |
Pros |
Cons |
Use Cases |
On-Premises | Either an on-premises appliance or an on-premises virtualized machine that performs external and internal scanning. |
|
|
|
Cloud | Either hosted on a public cloud infrastructure or hosted by a third party and offered “as a service.” |
|
|
|
Managed | A third party is contracted to manage and maintain your vulnerability scanner so you can dedicate resources elsewhere. |
|
|
|
Method |
Description |
Pros |
Cons |
Use Cases |
Agent-Based Scanning | Locally installed software gives the information needed to evaluate the security posture of a device. |
|
|
|
Authenticated Active Scanning | Tool uses authenticated credentials to log in to a device or application to perform scanning. |
|
|
|
Unauthenticated Active Scanning | Scanning of devices without any authentication. |
|
|
|
Passive Scanning | Scanning of network traffic. |
|
|
|
Scanning on IPv4Scanning tools create databases of systems and devices with IP addresses.
|
Current Problem With IP AddressesIP addresses are becoming no longer manageable or even owned by organizations. They are often provided by ISPs or other third parties. Even if it is your range, chances are you don't do static IP ranges today. Info-Tech Recommends:
|
Scanning on IPv6First, you need to know if your organization is moving to IPv6. IPv6 is not strategically routed yet for most organizations. If you are moving to IPv6, Info-Tech recommends the following:
If you are already on IPv6, Info-Tech recommends the following:
|
Input: List of key feature requirements for the new tool, List of intersect points with current software, Network topology and layout of servers and applications
Output: Completed RFP document that can be distributed to vendor proponents
Materials: Whiteboard/flip charts, Vulnerability Scanning Tool RFP Template
Participants: IT Security Manager, IT operations managers, CISO, Procurement department representative
Use a request for proposal (RFP) template to convey your desired scanning tool requirements to vendors and outline the proposal and procurement steps set by your organization.
Download the Vulnerability Scanning Tool RFP Template
Things to Consider:
|
Info-Tech RFP Table of Contents:
|
Download the Vulnerability Scanning Tool RFP Template
We will review penetration testing, its distinction from vulnerability management, and why you may want to engage a penetration testing service.
We provide a request for proposal (RFP) template that we can review if this is an area of interest.
An understanding of penetration testing, and guidance on how to get started if there is interest to do so.
Measure and formalizeStep 4.1 | Step 4.2 | Step 4.3 | Step 4.4 |
Penetration tests are critical parts of any strong security program.
Penetration testing will emulate the methods an attacker would use in the real world to circumvent your security controls and gain access to systems and data.
Penetration testing is much more than just running a scanner or other automated tools and then generating a report. Penetration testing performs critical exploit validation to create certainty around your vulnerability. The primary objective of a penetration test is to identify and validate security weaknesses in an organization’s security systems. Reasons to Test:
Regulatory Considerations:
|
How and where is the value being generated?Penetration testing is a service provided by trained and tested professionals with years of experience. The person behind the test is the most important part of the test. The person is able to emulate a real-life attacker better than any computer. It is just a vulnerability scan if you use tools or executables alone. “A penetration test is an audit with validation.” (Joel Shapiro, Vice President Sales, Digital Boundary Group) |
Network Penetration Tests
Conventional testing of network defences. Testing vectors include:
|
Application Penetration Tests
Core business functions are now being provided through web applications, either to external customers or to internal end users. Types: Web apps, non-web apps, mobile apps Application penetration and security testing encompasses:
|
Human-Centric Testing
|
Your pen test should use multiple methods. Demonstrating weakness in one area is good but easy to identify. When you blend techniques, you get better success at breaching and it becomes more life-like. Think about prevention, detection, and response testing to provide full insight into your security defenses.
Network, Application, or HumanEvaluate your need to perform different types of penetration testing.Some level of network and application testing is most likely appropriate. The more common decision point is to consider to what degree your organization requires human-centric penetration testing. |
External or InternalExternal: Attacking an organization’s perimeter and internet-facing systems. For these, you generally provide some level of information to the tester. The test will begin with publicly available information gathering followed by some kind of network scanning or probing against externally visible servers or devices (DNS server, email server, web server, firewall, etc.) Internal: Carried out within the organization’s network. This emulates an attack originating from an internal point (disgruntled employee, authorized user, etc.). The idea is to see what could happen if the perimeter is breached. |
Transparent, Semi-Transparent, or Opaque BoxOpaque Box: The penetration tester is not provided any information. This emulates a real-life attack. Test team uses publicly available information (corporate website, DNS, USENET, etc.) to start the test. These tests are more time consuming and expensive. They often result in exploitation of the easiest vulnerability. Use cases: full assessment of security controls; testing of attacker traversal capabilities. |
Aggressiveness of the TestNot Aggressive: Very slow and careful penetration testing. Usually spread out in terms of packets being sent and number of calls to individuals. It attempts to not set off any alarm bells.Aggressive: A full DoS attack or something similar. These would be DoS attacks that take down systems or full SQL injection attacks all at once versus small injections over time. Testing options cover anything including physical tests, network tests, social engineering, and data extraction and exfiltration. This is more costly and time consuming. Assessing Aggressiveness: How aggressive the test should be is based on the threats you are concerned with. Assess who you are concerned with: random individuals on the internet, state-sponsored attacks, criminals, hacktivists, etc. Who you are concerned with will determine the appropriate aggressiveness of the test. |
Determining the scope of what is being tested is the most important part of a penetration test. Organizations need to be as specific as possible so the vendor can actually respond or ask questions.
Organizations need to define boundaries, objectives, and key success factors.
For scope:
|
Boundaries to scope before a test:
|
Objectives and key success factors to scope:
|
Usual instances to conduct a penetration test:
Specific timing considerations: Testing should be completed during non-production times of day. Testing should be completed after a backup has been performed. |
Assess your threats to determine your appropriate test type:
Penetration testing is about what threats you are concerned about. Understand your risk profile, risk tolerance level, and specific threats to see how relevant penetration tests are.
ANALYST PERSPECTIVE: Do a test only after you take a first pass. |
Input: List of criteria and scope for the penetration test, Systems and application information if white box
Output: Completed RFP document that can be distributed to vendor proponents
Materials: Whiteboard/flip charts, Penetration Test RFP Template
Participants: IT Security Manager, IT operations managers, CISO, Procurement department representative
Use an RFP template to convey your desired penetration test requirements to vendors and outline the proposal and procurement steps set by your organization.
Download the Penetration Test RFP Template
Steps of a penetration test:
|
Info-Tech RFP Table of Contents:
|
Download the Penetration Test RFP Template
Professional Services Firms. These firms will often provide a myriad of professional services across auditing, financial, and consulting services. If they offer security-related consulting services, they will most likely offer some level of penetration testing.
Security Service Firms. These are dedicated security consulting or advisory firms that will offer a wide spectrum of security-related services. Penetration testing may be one aspect of larger security assessments and strategy development services.
Dedicated Penetration Testing Firms. These are service providers that will often offer the full gamut of penetration testing services.
Managed Security Service Providers. These providers will offer penetration testing. For example, Dell SecureWorks offers numerous services including penetration testing. For organizations like this, you need to be skeptical of ulterior motives. For example, expect recommendations around outsourcing from Dell SecureWorks.
Regional or Small Integrators. These are service providers that provide security services of some kind. For example, they would help in the implementation of a firewall and offer penetration testing services as well.
Communication With Service Provider
|
Communication With Internal StaffDo you tell your internal staff that this is happening?This is sometimes called a “double blind test” when you don’t let your IT team know of the test occurring. Pros to notifying:
|
A final results report will state all findings including what was done by the testers, what vulnerabilities or exploitations were detected, how they were compromised, the related risk, and related remediation recommendations.
Expect four major sections:
Prioritization
|
Remediation
|
At the conclusion of this blueprint, you will have created a full vulnerability management program that will allow you to take a risk-based approach to vulnerability remediation.
Assessing a vulnerability’s risk will enable you to properly determine the true urgency of a vulnerability within the context of your organization; this ensures you are not just blindly following what the tool is reporting.
The risk-based approach will allow you to prioritize your discovered vulnerabilities and take immediate action on critical and high vulnerabilities while allowing your standard remediation cycle to address the medium to low vulnerabilities.
With your program defined and developed, you now need to configure your vulnerability scanning tool or acquire one if you don’t already have a tool in place.
Lastly, while vulnerability management will help address your systems and applications, how do you know if you are secure from external malicious actors? Penetration testing will offer visibility, allowing you to plug those holes and attain an environment with a smaller risk surface.
Contact your account representative for more information.
If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.
![]() |
Contact your account representative for more information. workshops@infotech.com 1-888-670-8889 |
To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
![]() Review of the Implement Vulnerability Management storyboard |
![]() Build your vulnerability management SOP |
Contributors from 2016 version of this project:
Contributors from current version of this project:
Arya. “COVID-19 Impact: Vulnerability Management Solution Market | Strategic Industry Evolutionary Analysis Focus on Leading Key Players and Revenue Growth Analysis by Forecast To 2028 – FireMon, Digital Shadows, AlienVault.” Bulletin Line, 6 Aug. 2020. Accessed 6 Aug. 2020.
Campagna, Rich. “The Lean, Mean Vulnerability Management Machine.” Security Boulevard, 31 Mar. 2020. Accessed 15 Aug. 2020.
Constantin, Lucian. “What are vulnerability scanners and how do they work?” CSO Online, 10 Apr. 2020. Accessed 1 Sept. 2020.
“CVE security vulnerabilities published in 2019.” CVE Details. Accessed 22 Sept. 2020.
Garden, Paul, et al. “2019 Year End Report – Vulnerability QuickView.” Risk Based Security, 2020. Accessed 22 Sept. 2020.
Keary, Eoin. “2019 Vulnerability Statistics Report.” Edgescan, Feb. 2019. Accessed 22 Sept. 2020.
Lefkowitz, Josh. ““Risk-Based Vulnerability Management is a Must for Security & Compliance.” SecurityWeek, 1 July 2019. Accessed 1 Nov. 2020.
Mell, Peter, Tiffany Bergeron, and David Henning. “Creating a Patch and Vulnerability Management Program.” Creating a Patch and Vulnerability Management Program. NIST, Nov. 2005. Web.
“National Vulnerability Database.” NIST. Accessed 18 Oct. 2020.
“OpenVAS – Open Vulnerability Assessment Scanner.” OpenVAS. Accessed 14 Sept. 2020.
“OVAL.” OVAL. Accessed 21 Oct. 2020.
Paganini, Pierluigi. “Exploiting and Verifying Shellshock: CVE-2014-6271.” INFOSEC, 27 Sept. 2014. Web.
Pritha. “Top 10 Metrics for your Vulnerability Management Program.” CISO Platform, 28 Nov. 2019. Accessed 25 Oct. 2020.
“Risk-Based Vulnerability Management: Understanding Vulnerability Risk With Threat Context And Business Impact.” Tenable. Accessed 21 Oct. 2020.
Stone, Mark. “Shellshock In-Depth: Why This Old Vulnerability Won’t Go Away.” SecurityIntelligence, 6 Aug. 2020. Web.
“The Role of Threat Intelligence in Vulnerability Management.” NOPSEC, 18 Sept. 2014. Accessed 18 Aug. 2020.
“Top 15 Paid and Free Vulnerability Scanner Tools in 2020.” DNSstuff, 6 Jan. 2020. Accessed 15 Sept. 2020.
Truta, Filip. “60% of Breaches in 2019 Involved Unpatched Vulnerabilities.” Security Boulevard, 31 Oct. 2019. Accessed 2 Nov. 2020.
“Vulnerability Management Program.” Core Security. Accessed 15 Sept. 2020.
“What is Risk-Based Vulnerability Management?” Balbix. Accessed 15 Sept. 2020.
White, Monica. “The Cost Savings of Effective Vulnerability Management (Part 1).” Kenna Security, 23 April 2020. Accessed 20 Sept. 2020.
Wilczek, Marc. “Average Cost of a Data Breach in 2020: $3.86M.” Dark Reading, 24 Aug. 2020. Accessed 5 Nov 2020.
By signing an agreement with Gert Taeymans bvba, Client declares that he agrees with the Terms and Conditions referred to hereafter. Terms and conditions on Client's order form or any other similar document shall not be binding upon Gert Taeymans bvba.
The prices, quantities and delivery time stated in any quotation are not binding upon Gert Taeymans bvba. They are commercial estimates only which Gert Taeymans bvba will make reasonable efforts to achieve. Prices quoted in final offers will be valid only for 30 days. All prices are VAT excluded and do not cover expenses, unless otherwise agreed in writing. Gert Taeymans bvba reserves the right to increase a quoted fee in the event that Client requests a variation to the work agreed.
The delivery times stated in any quotation are of an indicative nature and not binding upon Gert Taeymans bvba, unless otherwise agreed in writing. Delivery times will be formulated in working days. In no event shall any delay in delivery be neither cause for cancellation of an order nor entitle Client to any damages.
Amendments or variations of the initial agreement between Client and Gert Taeymans bvba will only be valid when accepted by both parties in writing.
Any complaints concerning the performance of services must be addressed to Gert Taeymans bvba in writing and by registered mail within 7 working days of the date of the performance of the services.
In no event shall any complaint be just cause for non-payment or deferred payment of invoices. Any invoice and the services described therein will be deemed irrevocably accepted by Client if no official protest of non-payment has been sent by Client within 7 working days from the date of the mailing of the invoice.
Client shall pay all invoices of Gert Taeymans bvba within thirty (30) calendar days of the date of invoice unless otherwise agreed in writing by Gert Taeymans bvba. In the event of late payment, Gert Taeymans bvba may charge a monthly interest on the amount outstanding at the rate of two (2) percent with no prior notice of default being required, in which case each commenced month will count as a full month. Any late payment will entitle Gert Taeymans bvba to charge Client a fixed handling fee of 300 EUR. All costs related to the legal enforcement of the payment obligation, including lawyer fees, will be charged to Client.
In no event will Gert Taeymans bvba be liable for damages of any kind, including without limitation, direct, incidental or consequential damages (including, but not limited to, damages for lost profits, business interruption and loss of programs or information) arising out of the use of Gert Taeymans bvba services.
Gert Taeymans bvba collects personal data from Client for the performance of its services and the execution of its contracts. Such personal data can also be used for direct marketing, allowing Gert Taeymans bvba to inform Client of its activities on a regular basis. If Client objects to the employment of its personal data for direct marketing, Client must inform Gert Taeymans bvba on the following address: gert@gerttaeymans.consulting.
Client can consult, correct or amend its personal data by addressing such request to Gert Taeymans bvba by registered mail. Personal data shall in no event be sold, rented or made available to other firms or third parties where not needed for the execution of the contract. Gert Taeymans bvba reserves the right to update and amend its privacy policy from time to time to remain consistent with applicable privacy legislation.
The logo of the Client will be displayed on the Gert Taeymans bvba website, together with a short description of the project/services.
Any changes to Client’s contact information such as addresses, phone numbers or e-mail addresses must be communicated to Gert Taeymans bvba as soon as possible during the project.
Both parties shall maintain strict confidence and shall not disclose to any third party any information or material relating to the other or the other's business, which comes into that party's possession and shall not use such information and material. This provision shall not, however, apply to information or material, which is or becomes public knowledge other than by breach by a party of this clause.
Gert Taeymans bvba has the right at any time to change or modify these terms and conditions at any time without notice.
The agreement shall be exclusively governed by and construed in accordance with the laws of Belgium. The competent courts of Antwerp, Belgium will finally settle any dispute about the validity, the interpretation or the execution of this agreement.
These Terms and Conditions are the only terms and conditions applicable to both parties.
If any provision or provisions of these Terms and Conditions shall be held to be invalid, illegal or unenforceable, such provision shall be enforced to the fullest extent permitted by applicable law, and the validity, legality and enforceability of the remaining provisions shall not in any way be affected or impaired thereby.
Getting a seat at the table is your first objective in building a strategic roadmap. Knowing what the business wants to do and understanding what it will need in the future is a challenge for most IT departments.
This could be a challenge such as:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
In this section you will develop a vision and mission statement and set goals that align with the business vision and goals. The outcome will deliver your guiding principles and a list of goals that will determine your initiatives and their priorities.
Consider your future state by looking at technology that will help the business in the future. Complete an analysis of your past spending to determine your future spend. Complete a SWOT analysis to determine suitability.
Develop a risk framework that may slow or hinder your strategic initiatives from progressing and evaluate your technical debt. What is the current state of your infrastructure? Generate and prioritize your initiatives, and set dates for completion.
After creating your roadmap, communicate it to your audience. Identify who needs to be informed and create an executive brief with the template download. Finally, create KPIs to measure what success looks like.
Infrastructure roadmaps are an absolute necessity for all organizations. An organization's size often dictates the degree of complexity of the roadmap, but they all strive to paint the future picture of the organization's IT infrastructure.
Infrastructure roadmaps typically start with the current state of infrastructure and work on how to improve. That thinking must change! Start with the future vision, an unimpeded vision, as if there were no constraints. Now you can see where you want to be.
Look at your past to determine how you have been spending your infrastructure budget. If your past shows a trend of increased operational expenditures, that trend will likely continue. The same is true for capital spending and staffing numbers.
Now that you know where you want to go, and how you ended up where you are, look at the constraints you must deal with and make a plan. It's not as difficult as it may seem, and even the longest journey begins with one step.
Speaking of that first step, it should be to understand the business goals and align your roadmap with those same goals. Now you have a solid plan to develop a strategic infrastructure roadmap; enjoy the journey!
There are many reasons why you need to build a strategic IT infrastructure roadmap, but your primary objectives are to set the long-term direction, build a framework for decision making, create a foundation for operational planning, and be able to explain to the business what you are planning. It is a basis for accountability and sets out goals and priorities for the future.
Other than knowing where you are going there are four key benefits to building the roadmap.
When complete, you will be able to communicate to your fellow IT teams what you are doing and get an understanding of possible business- or IT-related roadblocks, but overall executing on your roadmap will demonstrate to the business your competencies and ability to succeed.
PJ Ryan
Research Director
Infrastructure & Operations Practice
Info-Tech Research Group
John Donovan
Principal Research Director
Infrastructure & Operations Practice
Info-Tech Research Group
Your Challenge
When it comes to building a strategic roadmap, getting a seat at the table is your first objective. Knowing what the business wants to do and understanding its future needs is a challenge for most IT organizations.
Challenges such as:
Common Obstacles
Fighting fires, keeping the lights on, patching, and overseeing legacy debt maintenance – these activities prevent your IT team from thinking strategically and looking beyond day-to-day operations. Issues include:
Procrastinating when it comes to thinking about your future state will get you nowhere in a hurry.
Info-Tech's Approach
Look into your past IT spend and resources that are being utilized.
Build your roadmap by setting priorities, understanding risk and gaps both in finance and resources. Overall, your roadmap is never done, so don't worry if you get it wrong on the first pass.
Info-Tech Insight
Have a clear vision of what the future state is, and know that when creating an IT infrastructure roadmap, it is never done. This will give your IT team an understanding of priorities, goals, business vision, and risks associated with not planning. Understand what you are currently paying for and why.
"Planning is bringing the future into the present so that you can do something about it now."
Source: Alan Lakein, Libquotes
Many organizations' day-to-day IT operations are tactical and reactive. This needs to change; the IT team needs to become strategic and proactive in its planning and execution. Forward thinking bridges the gap from your current state, to what the organization is, to what it wants to achieve. Your strategic objectives need to align to the business vision and goals and keep it running.
Identify what the business needs to meet its goals; this should be reflected in your roadmap priorities. Then identify the tasks and projects that can get you there. Business alignment is key, as these projects require prioritization. Strategic initiatives that align to business outcomes will be your foundation for planning on those priorities. If you do not align your initiatives, you will end up spinning your wheels. A good strategic roadmap will have all the elements of forward thinking and planning to execute with the right resources, right priorities, and right funding to make it happen.
Measure the cost of "keeping the lights on" as a baseline for your budget that is earmarked and already spent. Determine if your current spend is holding back innovation due to:
A successful strategic roadmap will be determined when you have a good handle on your current spending patterns and planning for future needs that include resources, budget, and know-how. Without a plan and roadmap, that plan will not get business buy-in or funding.
Time seepage
Technical debt
The strategic IT roadmap allows Dura to stay at the forefront of automotive manufacturing.
INDUSTRY: Manufacturing
SOURCE: Performance Improvement Partners
Challenge
Following the acquisition of Dura, MiddleGround aimed to position Dura as a leader in the automotive industry, leveraging the company's established success spanning over a century.
However, prior limited investments in technology necessitated significant improvements for Dura to optimize its processes and take advantage of digital advancements.
Solution
MiddleGround joined forces with PIP to assess technology risks, expenses, and prospects, and develop a practical IT plan with solutions that fit MiddleGround's value-creation timeline.
By selecting the top 15 most important IT projects, the companies put together a feasible technology roadmap aimed at advancing Dura in the manufacturing sector.
Results
Armed with due diligence reports and a well-defined IT plan, MiddleGround and Dura have a strategic approach to maximizing value creation.
By focusing on key areas such as analysis, applications, infrastructure and the IT organization, Dura is effectively transforming its operations and shaping the future of the automotive manufacturing industry.
A mere 25% of managers
can list three of the company's
top five priorities.
Based on a study from MIT Sloan, shared understanding of strategic directives barely exists beyond the top tiers of leadership.
29% |
Less than one-third of all IT projects finish on time. |
---|---|
200% |
85% of IT projects average cost overruns of 200% and time overruns of 70%. |
70% |
70% of IT workers feel as though they have too much work and not enough time to do it. |
Source: MIT Sloan
Refresh strategies are still based on truisms (every three years for servers, every seven years for LAN, etc.) more than risk-based approaches.
Opportunity Cost
Assets that were suitable to enable business goals need to be re-evaluated as those goals change.
See Info-Tech's Manage Your Technical Debt blueprint
Initiatives collectively support the business goals and corporate initiatives, and improve the delivery of IT services.
A CIO has three roles: enable business productivity, run an effective IT shop, and drive technology innovation. Your key initiative plan must reflect these three mandates and how IT strives to fulfill them.
Manage
the lifecycle of aging equipment against current capacity and capability demands.
Curate
a portfolio of enabling technologies to meet future capacity and capability demands.
Initiate
a realistic schedule of initiatives that supports a diverse range of business goals.
Adapt
to executive feedback and changing business goals.
(Source: BMC)
Business metric | Source(s) | Primary infrastructure drivers | Secondary infrastructure drivers |
---|---|---|---|
Sales revenue |
Online store |
Website/Server (for digital businesses) |
|
# of new customers |
Call center |
Physical plant cabling in the call center |
|
You may not be able to directly influence the primary drivers of the business, but your infrastructure can have a major impact as a secondary driver.
Mission and Vision Statement
Goal Alignment (Slide 28)
Construct your vision and mission aligned to the business.
Strategic Infrastructure Roadmap tool
Build initiatives and prioritize them. Build the roadmap.
Infrastructure Domain Study
What is stealing your time from getting projects done?
Initiative Templates Process Maps & Strategy
Build templates for initiates, build process map, and develop strategies.
“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”
“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”
“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”
“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”
1. Align Strategy and Goals |
2. Envision Future and Analyze Constraints |
3. Align and Build the Roadmap |
4. Communicate and Improve the Process |
|
---|---|---|---|---|
Phase steps |
1.1 Develop the infrastructure strategy 1.2 Define the goals |
2.1 Define the future state 2.2 Analyze constraints |
3.1 Align the roadmap 3.2 Build the roadmap |
4.1 Identify the audience 4.2 Improve the process |
Phase Outcomes |
|
|
|
|
Phase 0 | Phase 1 | Phase 2 | Phase 3 | Phase 4 |
---|---|---|---|---|
Call #1: Scope requirements, objectives, and your specific challenges. |
Call #2: Define mission and vision statements and guiding principles to discuss strategy scope. |
Call #4: Conduct a spend analysis and a time resource study. |
Call #6: Develop a risk framework and address technical debt. |
Call #10: Identify your audience and communicate. |
A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.
A typical GI is 8 to 12 calls over the course of 4 to 6 months.
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
Session 0 (Pre-workshop) |
Session 1 |
Session 2 |
Session 3 |
Session 4 |
Session 5 (Post-workshop) |
---|---|---|---|---|---|
Elicit business context | Align Strategy and Goals | Envision Future and Analyze Constraints | Align and Build the Roadmap | Communicate and Improve the Process | Wrap-up (offsite) |
0.1 Complete recommended diagnostic programs. |
1.1 Infrastructure strategy. 1.2 Business goal alignment |
2.1 Define the future state. 2.2 Analyze your constraints |
3.1 Align the roadmap 3.2 Build the roadmap. |
4.2 Identify the audience 4.2 Improve the process |
5.1 Complete in-progress deliverables from previous four days. |
|
|
|
|
|
|
Phase 1 | Phase 2 | Phase 3 | Phase 4 |
---|---|---|---|
1.1 Infrastructure strategy 1.2 Goal alignment | 2.1 Define your future 2.2 Conduct constraints analysis | 3.1 Drive business alignment 3.2. Build the roadmap | 4.1 Identify the audience 4.2 Process improvement and measurements |
This phase will walk you through the following activities:
This phase involves the following participants:
1.1.1 Review/validate the business context
1.1.2 Construct your mission and vision statements
1.1.3 Elicit your guiding principles and finalize IT strategy scope
This step requires the following inputs:
This step involves the following participants:
Outcomes of this step
Use the IT Infrastructure Strategy and Roadmap Report Template to document the results from the following activities:
A mission statement
"A mission statement focuses on the purpose of the brand; the vision statement looks to the fulfillment of that purpose."
A vision statement
"A vision statement provides a concrete way for stakeholders, especially employees, to understand the meaning and purpose of your business. However, unlike a mission statement – which describes the who, what, and why of your business – a vision statement describes the desired long-term results of your company's efforts."
Source: Business News Daily, 2020
A strong mission statement has the following characteristics:
A strong vision statement has the following characteristics:
Ensure there is alignment between the business and IT statements.
Note: Mission statements may remain the same unless the IT department's mandate is changing.
Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).
Step 1:
Step 2:
Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.
Input
Output
Materials
Participants
Objective: Help teams define their purpose (why they exist) to build a mission statement (if one doesn't already exist).
This step involves reviewing individual mission statements, combining them, and building one collective mission statement for the team.
Use the 20x20 rule for group decision-making. Give the group no more than 20 minutes to craft a collective team purpose with no more than 20 words.
Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.
Input
Output
Materials
Participants
Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.
Input
Output
Materials
Participants
Step 5:
Step 6:
Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.
Input
Output
Materials
Participants
Source: Hyper Island
Input
Output
Materials
Participants
Strong IT mission statements have the following characteristics:
Sample IT Mission Statements:
Strong IT vision statements have the following characteristics:
Sample IT vision statements:
Quoted From ITtoolkit, 2020
INDUSTRY: Professional Services
COMPANY: This case study is based on a real company but was anonymized for use in this research.
Business |
IT | ||
---|---|---|---|
Mission |
Vision |
Mission |
Vision |
We help IT leaders achieve measurable results by systematically improving core IT processes, governance, and critical technology projects. |
Acme Corp. will grow to become the largest research firm across the industry by providing unprecedented value to our clients. |
IT provides innovative product solutions and leadership that drives growth and success. |
We will relentlessly drive value to our customers through unprecedented innovation. |
Strategic guiding principles advise the IT organization on the boundaries of the strategy.
Guiding principles are a priori decisions that limit the scope of strategic thinking to what is acceptable organizationally, from budgetary, people, and partnership standpoints. Guiding principles can cover other dimensions, as well.
Organizational stakeholders are more likely to follow IT principles when a rationale is provided.
After defining the set of IT principles, ensure that they are all expanded upon with a rationale. The rationale ensures principles are more likely to be followed because they communicate why the principles are important and how they are to be used. Develop the rationale for each IT principle your organization has chosen.
IT guiding principles = IT strategy boundaries
Breadth
of the IT strategy can span across the eight perspectives: people, process, technology, data, process, sourcing, location, and timing.
Defining which of the eight perspectives is in scope for the IT strategy is crucial to ensuring the IT strategy will be comprehensive, relevant, and actionable.
Depth
of coverage refers to the level of detail the IT strategy will go into for each perspective. Info-Tech recommends that depth should go to the initiative level (i.e. individual projects).
Organizational coverage
will determine which part of the organization the IT strategy will cover.
Planning horizon
of the IT strategy will dictate when the target state should be reached and the length of the roadmap.
Approach focused | IT principles are focused on the approach, i.e. how the organization is built, transformed, and operated, as opposed to what needs to be built, which is defined by both functional and non-functional requirements. |
---|---|
Business relevant | Create IT principles that are specific to the organization. Tie IT principles to the organization's priorities and strategic aspirations. |
Long lasting | Build IT principles that will withstand the test of time. |
Prescriptive | Inform and direct decision-making with IT principles that are actionable. Avoid truisms, general statements, and observations. |
Verifiable | If compliance can't be verified, the principle is less likely to be followed. |
Easily digestible | IT principles must be clearly understood by everyone in IT and by business stakeholders. IT principles aren't a secret manuscript of the IT team. IT principles should be succinct; wordy principles are hard to understand and remember. |
Followed | Successful IT principles represent a collection of beliefs shared among enterprise stakeholders. IT principles must be continuously reinforced to all stakeholders to achieve and maintain buy-in. In organizations where formal policy enforcement works well, IT principles should be enforced through appropriate governance processes. |
IT principle name |
IT principle statement |
---|---|
1. Enterprise value focus | We aim to provide maximum long-term benefits to the enterprise as a whole while optimizing total costs of ownership and risks. |
2. Fit for purpose | We maintain capability levels and create solutions that are fit for purpose without over engineering them. |
3. Simplicity | We choose the simplest solutions and aim to reduce operational complexity of the enterprise. |
4. Reuse > buy > build | We maximize reuse of existing assets. If we can't reuse, we procure externally. As a last resort, we build custom solutions. |
5. Managed data | We handle data creation, modification, and use enterprise-wide in compliance with our data governance policy. |
6. Controlled technical diversity | We control the variety of technology platforms we use. |
7. Managed security | We manage security enterprise-wide in compliance with our security governance policy. |
8. Compliance to laws and regulations | We operate in compliance with all applicable laws and regulations. |
9. Innovation | We seek innovative ways to use technology for business advantage. |
10. Customer centricity | We deliver best experiences to our customers with our services and products. |
Source: Hyper Island
Download the ITRG IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.
Input
Output
Materials
Participants
Quoted From: Office of Information Technology, 2014; Future of CIO, 2013
INDUSTRY: Professional Services
COMPANY: Acme Corp.
The following guiding principles define the values that drive IT's strategy in FY23 and provide the criteria for our 12-month planning horizon.
Your mission and vision statements and your guiding principles should be the first things you communicate on your IT strategy document.
Why is this important?
Input information into the IT Strategy Presentation Template.
If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
1.2.1 Intake identification and analysis
1.2.2 Survey results analysis
1.2.3 Goal brainstorming
1.2.4 Goal association and analysis
This step requires the following inputs:
This step involves the following participants:
"Typically, IT thinks in an IT first, business second, way: 'I have a list of problems and if I solve them, the business will benefit.' This is the wrong way of thinking. The business needs to be thought of first, then IT."
– Fred Chagnon, Infrastructure Director,
Info-Tech Research Group
If you're not soliciting input from or delivering on the needs of the various departments in your company, then who is? Be explicit and track how you communicate with each individual unit within your company.
It may not be a democracy, but listening to everyone's voice is an essential step toward generating a useful roadmap.
Building good infrastructure requires an understanding of how it will be used. Explicit consultation with stakeholders maximizes a roadmap's usefulness and holds the enterprise accountable in future roadmap iterations as goals change.
Who are the customers for infrastructure?
Internal customer examples:
External customer examples:
Discussion:
Input
Output
Materials
Participants
INDUSTRY: Education
COMPANY: Collegis Education
Challenge
In 2019, Saint Francis University decided to expand its online program offering to reach students outside of its market.
It had to first transform its operations to deliver a high-quality, technology-enabled student experience on and off campus. The remote location of the campus posed power outages, Wi-Fi issues, and challenges in attracting and retaining the right staff to help the university achieve its goals.
It began working with an IT consulting firm to build a long-term strategic roadmap.
Solution
The consultant designed a strategic multi-year roadmap for digital transformation that would prioritize developing infrastructure to immediately improve the student experience and ultimately enable the university to scale its online programs. The consultant worked with school leadership to establish a virtual CIO to oversee the IT department's strategy and operations. The virtual CIO quickly became a key advisor to the president and board, identifying gaps between technology initiatives and enrollment and revenue targets. St. Francis staff also transitioned to the consultant's technology team, allowing the university to alleviate its talent acquisition and retention challenges.
Results
A simple graph showing the breakdown of projects by business unit is an excellent visualization of who is getting the most from infrastructure services.
Show everyone in the organization that the best way to get anything done is by availing themselves of the roadmap process.
Technology-focused IT staff are notoriously disconnected from the business process and are therefore often unable to explain the outcomes of their projects in terms that are meaningful to the business.
When business, IT, and infrastructure goals are aligned, the business story writes itself as you follow the path of cascading goals upward.
So many organizations we speak with don't have goals written down. This rarely means that the goals aren't known, rather that they're not clearly communicated.
When goals aren't clear, personal agendas can take precedence. This is what often leads to the disconnect between what the business wants and what IT is delivering.
Discussion:
Examples: The VP of Operations is looking to reduce office rental costs over the next three years. The VP of Sales is focused on increasing the number of face-to-face customer interactions. Both can potentially be served by IT activities and technologies that increase mobility.
Input
Output
Materials
Participants
Discussion:
Is there a lot of agreement within the group? What does it mean if there are 10 or 15 groups with equal numbers of sticky notes? What does it mean if there are a few top groups and dozens of small outliers?
How does the group's understanding compare with that of the Director and/or CIO?
What mechanisms are in place for the business to communicate their goals to infrastructure? Are they effective? Does the team take the time to reimagine those goals and internalize them?
What does it mean if infrastructure's understanding differs from the business?
Input
Output
Materials
Participants
Now that infrastructure has a consensus on what it thinks the business' goals are, suggest a meeting with leadership to validate this understanding. Once the first picture is drawn, a 30-minute meeting can help clear up any misconceptions.
With a framework of cascading goals in place, a roadmap is a Rosetta Stone. Being able to map activities back to governance objectives allows you to demonstrate value regardless of the audience you are addressing.
(Info-Tech, Build a Business-Aligned IT Strategy 2022)
Wherever possible use the language of your customers to avoid confusion, but at least ensure that everyone in infrastructure is using a common language.
Discussion:
Input
Output
Materials
Participants
If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
Phase 1 | Phase 2 | Phase 3 | Phase 4 |
---|---|---|---|
1.1 Infrastructure strategy 1.2 Goal alignment | 2.1 Define your future 2.2 Conduct constraints analysis | 3.1 Drive business alignment 3.2. Build the roadmap | 4.1 Identify the audience 4.2 Process improvement and measurements |
This phase will walk you through the following activities:
This phase involves the following participants:
2.1.1 Define your future infrastructure vision
2.1.2 Document desired future state
2.1.3 Develop a new technology identification process
2.1.4 Conduct a SWOT analysis
This step requires the following inputs:
This step involves the following participants:
Outcomes of this step
"Very few of us are lucky enough to be one of the first few employees in a new organization. Those of you who get to plan the infrastructure with a blank slate and can focus all of your efforts on doing things right the first time."
BMC, 2018
"A company's future state is ultimately defined as the greater vision for the business. It's where you want to be, your long-term goal in terms of the ever-changing state of technology and how that applies to your present-day business."
"Without a definitive future state, a company will often find themselves lacking direction, making it harder to make pivotal decisions, causing misalignment amongst executives, and ultimately hindering the progression and growth of a company's mission."
Source: Third Stage Consulting
"When working with digital technologies, it is imperative to consider how such technologies can enhance the solution. The future state should communicate the vision of how digital technologies will enhance the solutions, deliver value, and enable further development toward even greater value creation."
Source: F. Milani
Define your infrastructure roadmap as if you had a blank slate – no constraints, no technical debt, and no financial limitations. Imagine your future infrastructure and let that vision drive your roadmap.
This is not intended to be a thesis grade research project, nor an onerous duty. Most infrastructure practitioners came to the field because of an innate excitement about technology! Harness that excitement and give them four to eight hours to indulge themselves.
An output of approximately four slides per technology candidate should be sufficient to decided if moving to PoC or pilot is warranted.
Including this material in the roadmap helps you control the technology conversation with your audience.
Don't start from scratch. Recall the original sources from your technology watchlist. Leverage vendors and analyst firms (such as Info-Tech) to give the broad context, letting you focus instead on the specifics relevant to your business.
Implementing every new promising technology would cost prodigious amounts of money and time. Know the costs before choosing what to invest in.
The risk of a new technology failing is acceptable. The risk of that failure disrupting adjacent core functions is unacceptable. Vet potential technologies to ensure they can be safely integrated.
Best practices for new technologies are nonexistent, standards are in flux, and use cases are fuzzy. Be aware of the unforeseen that will negatively affect your chances of a successful implementation.
"Like early pioneers crossing the American plains, first movers have to create their own wagon trails, but later movers can follow in the ruts."
Harper Business, 2014
The right technology for someone else can easily be the wrong technology for your business.
Even with a mature Enterprise Architecture practice, wrong technology bets can happen. Minimize the chance of this occurrence by making selection an infrastructure-wide activity. Leverage the practical knowledge of the day-to-day operators.
First Mover |
47% failure rate |
Fast Follower |
8% failure rate |
Objective: Help teams define their future infrastructure state (assuming zero constraints or limitations).
Discussion:
Download the IT Infrastructure Strategy and Roadmap Report Template and document your mission and vision statements in Section 1.
Input
Output
Materials
Participants
Steps:
Discussion:
Infrastructure Future State Vision | ||
---|---|---|
Item | Focus Area | Future Vision |
1 | Residing on Microsoft 365 | |
2 | Servers | Hosted in cloud - nothing on prem. |
3 | Endpoints | virtual desktops on Microsoft Azure |
4 | Endpoint hardware | Chromebooks |
5 | Network | internet only |
6 | Backups | cloud based but stored in multiple cloud services |
7 |
Download Info-Tech's Infrastructure Strategy and Roadmap Tool and document your future state vision in the Infrastructure Future State tab.
Input
Output
Materials
Participants
Discussion:
Input
Output
Materials
Participants
It is impractical for everyone to present their tech briefing at the monthly meeting. But you want to avoid a one-to-many exercise. Keep the presenter a secret until called on. Those who do not present live can still contribute their material to the technology watchlist database.
Four to eight hours of research per technology can uncover a wealth of relevant information and prepare the infrastructure team for a robust discussion. Key research elements include:
Download the IT Infrastructure Strategy and Roadmap Report Template slides 21, 22, 23 for sample output.
Beware airline magazine syndrome! |
Symptoms |
Pathology |
---|---|---|
|
Outbreaks tend to occur in close proximity to
|
Effective treatment options
While no permanent cure exists, regular treatment makes this chronic syndrome manageable.
You want to present a curated landscape of technologies, demonstrating that you are actively maintaining expertise in your chosen field.
Most enterprise IT shops buy rather than develop their technology, which means they want to focus effort on what is market available. The outcome is that infrastructure sponsors and delivers new technologies whose capabilities and features will help the business achieve its goals on this roadmap.
If you want to think more like a business disruptor or innovator, we suggest working through the blueprint Exploit Disruptive Infrastructure Technology.
Explore technology five to ten years into the future!
The ROI of any individual effort is difficult to justify – in aggregate, however, the enterprise always wins!
Money spent on Google Glass in 2013 seemed like vanity. Certainly, this wasn't enterprise-ready technology. But those early experiences positioned some visionary firms to quickly take advantage of augmented reality in 2018. Creative research tends to pay off in unexpected and unpredictable ways.
.
Discussion:
Input
Output
Materials
Participants
2.2.1 Historical spend analysis
2.2.2 Conduct a time study
2.2.3 Identify roadblocks
This step requires the following inputs:
This step involves the following participants:
Outcomes of this step
"A Budget is telling your money where to go, instead of wondering where it went."
-David Ramsay
"Don't tell me where your priorities are. Show me where you spend your money and I'll tell you what they are"
-James Frick, Due.com
Annual IT budgeting aligns with business goals | |
![]() |
50% of businesses surveyed see that improvements are necessary for IT budgets to align to business goals, while 18% feel they require significant improvements to align to business goals |
Challenges in IT spend visibility |
|
![]() |
Visibility of all spend data for on-prem, SaaS and cloud environments |
The challenges that keep IT leaders up at night |
|
![]() |
Lack of visibility in resource usage and cost |
Download the Infrastructure Roadmap Financial Analysis Tool
( additional Deep Dive available if required)
Input
Output
Materials
Participants
Download the Infrastructure Roadmap Financial Analysis Tool
( additional Deep Dive available if required)
Input
Output
Materials
Participants
Internal divisions that seem important to infrastructure may have little or even negative value when it comes to users accessing their services.
Domains are the logical divisions of work within an infrastructure practice. Historically, the organization was based around physical assets: servers, storage, networking, and end-user devices. Staff had skills they applied according to specific best practices using physical objects that provided functionality (computing power, persistence, connectivity, and interface).
Modern enterprises may find it more effective to divide according to activity (analytics, programming, operations, and security) or function (customer relations, learning platform, content management, and core IT). As a rule, look to your organizational chart; managers responsible for buying, building, deploying, or supporting technologies should each be responsible for their own domain.
Regardless of structure, poor organization leads to silos of marginally interoperable efforts working against each other, without focus on a common goal. Clearly defined domains ensure responsibility and allow for rapid, accurate, and confident decision making.
The medium is the message. Do stakeholders talk about switches or storage or services? Organizing infrastructure to match its external perception can increase communication effectiveness and improve alignment.
IT infrastructure that makes employees happier
INDUSTRY: Services
SOURCE: Network Doctor
Challenge
Atlas Electric's IT infrastructure was very old and urgently needed to be refreshed. Its existing server hardware was about nine years old and was becoming unstable. The server was running Windows 2008 R2 server operating systems that was no longer supported by Microsoft; security updates and patches were no longer available. They also experienced slowdowns on many older PCs.
Recommendations for an upgrade were not approved due to budgetary constraints. Recommendations for upgrading to virtual servers were approved following a harmful phishing attack.
Solution
The following improvements to their infrastructure were implemented.
Results
Virtualization, consolidating servers, and desktops have made assets more flexible and simpler to manage.
Improved levels of efficiency, reliability, and productivity.
Enhanced security level.
An upgraded backup and disaster recovery system has improved risk management.
Not all time is spent equally, nor is it equally valuable. Analysis lets us communicate with others and gives us a shared framework to decide where our priorities lie.
There are lots of frameworks to help categorize our activities. Stephen Covey (Seven Habits of Highly Effective People) describes a four-quadrant system along the axes of importance and urgency. Gene Kim, through his character Erik in The Phoenix Project,speaks instead of business projects, internal IT projects, changes, and unplanned work.
We propose a similar four-category system.
Project | Maintenance | Administrative |
Reactive |
---|---|---|---|
Planned activity spent pursuing a business objective |
Planned activity spent on the upkeep of existing IT systems |
Planned activity required as a condition of employment |
Unplanned activity requiring immediate response |
This is why we are valuable to our company |
We have it in our power to work to reduce these three in order to maximize our time available for projects |
Verifiable data sources are always preferred but large groups can hold each other's inherent biases in check to get a reasonable estimate.
Discussion
Input
Output
Materials
Participants
Strategic Infrastructure Roadmap Tool, Tab 2, Capacity Analysis
In order to quickly and easily build some visualizations for the eventual final report, Info-Tech has developed the Strategic Infrastructure Roadmap Tool.
Please note that this tool requires Microsoft's Power Pivot add-in to be installed if you are using Excel 2010 or 2013. The scatter plot labels on tabs 5 and 8 may not function correctly in Excel 2010.
Strong IT strategy favors top-down: activities enabling clearly dictated goals. The bottom-up approach aggregates ongoing activities into goals.
Systematic approach
External stakeholders prioritize a list of goals requiring IT initiatives to achieve.
Roadblocks:
Organic approach
Practitioners aggregate initiatives into logical groups and seek to align them to one or more business goals.
Roadblocks:
A successful roadmap respects both approaches.
Perfection is anathema to practicality. Draw the first picture and not only expect but welcome conflicting feedback! Socialize it and drive the conversation forward to a consensus.
Identify the systemic roadblocks to executing infrastructure projects
1 hour
Affinity diagramming is a form of structured brainstorming that works well with larger groups and provokes discussion.
Discussion
Categorize each roadblock identified as either internal or external to infrastructure's control.
Attempt to understand the root cause of each roadblock. What would you need to ask for in order to remove the roadblock?
Additional Research
Also called the KJ Method (after its inventor, Jiro Kawakita, a 1960s Japanese anthropologist), this activity helps organize large amounts of data into groupings based on natural relationships while reducing many social biases.
Input
Output
Materials
Participants
Which roadblocks do you need to work on? How do you establish a group sense of these priorities? This exercise helps establish priorities while reducing individual bias.
Total the number of passes (ticks) for each roadblock. A large number indicates a notionally low priority. No passes indicates a high priority.
Are the internal or external roadblocks of highest priority? Were there similarities among participants' 0th and NILs compared to each other or to the final results?
Input
Output
Materials
Participants
Review performance from last fiscal year
If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
Phase 1 | Phase 2 | Phase 3 | Phase 4 |
---|---|---|---|
1.1 Infrastructure strategy 1.2 Goal alignment | 2.1 Define your future 2.2 Conduct constraints analysis | 3.1 Drive business alignment 3.2. Build the roadmap | 4.1 Identify the audience 4.2 Process improvement and measurements |
This phase will walk you through the following activities:
This phase involves the following participants:
3.1.1 Develop a risk framework
3.1.2 Evaluate technical debt
This step requires the following inputs:
This step involves the following participants:
Outcomes of this step
Time has been a traditional method for assessing the fitness of infrastructure assets – servers are replaced every five years, core switches every seven, laptops and desktops every three. While quick, this framework of assessment is overly simplistic for most modern organizations.
Building one that is instead based on the likelihood of asset failure plotted against the business impact of that failure is not overly burdensome and yields more practical results. Infrastructure focuses on its strength (assessing IT risk) and validates an understanding with the business regarding the criticality of the service(s) enabled by any given asset.
Rather than fight on every asset individually, agree on a framework with the business that enables data-driven decision making.
IT Risk Factors
Age, Reliability, Serviceability, Conformity, Skill Set
Business Risk Factors
Suitability, Capacity, Safety, Criticality
Infrastructure in a cloud-enabled world: As infrastructure operations evolve it is important to keep current with the definition of an asset. Software platforms such as hypervisors and server OS are just as much an asset under the care and control of infrastructure as are cloud services, managed services from third-party providers, and traditional racks and switches.
Discussion:
Input
Output
Materials
Participants
Identify the key elements that make up risk in order to refine your framework.
A shared notional understanding is good, but in order to bring the business onside a documented defensible framework is better.
Discussion
How difficult was it to agree on the definitions of the IT risk elements? What about selecting the scale? What was the voting distribution like? Were there tiers of popular elements or did most of the dots end up on a limited number of elements? What are the implications of having more elements in the analysis?
Input
Output
Materials
Participants
Alternate: Identify the key elements that make up risk in order to refine your framework
A shared notional understanding is good, but in order to bring the business onside a documented defensible framework is better.
1 hour
What was the total number of elements required in order to contain the full set of every participant's first-, second-, and third-ranked risks? Does this seem a reasonable number?
Why did some elements contain both the lowest and highest rankings? Was one (or more) participant thinking consistently different from the rest of the group? Are they seeing something the rest of the group is overlooking?
This technique automatically puts the focus on a smaller number of elements – is this effective? Or is it overly simplistic and reductionist?
Input
Output
Materials
Participants
How much framework is too much? Complexity and granularity do not guarantee accuracy. What is the right balance between effort and result?
Does your granular assessment match your notional assessment? Why or why not? Do you need to go back and change weightings? Or reduce complexity?
Is this a more reasonable and valuable way of periodically evaluating your infrastructure?
Input
Output
Materials
Participants
3.2.1 Build templates and visualize
3.2.2 Generate new initiatives
3.2.3 Repatriate shadow IT initiatives
3.2.4 Finalize initiative candidates
This step requires the following inputs:
This step involves the following participants:
Develop a high-level document that travels with the initiative from inception through executive inquiry and project management, and finally to execution. Understand an initiative's key elements that both IT and the business need defined and that are relatively static over its lifecycle.
Initiatives are the waypoints along a roadmap leading to the eventual destination, each bringing you one step closer. Like steps, initiatives need to be discrete: able to be conceptualized and discussed as a single largely independent item. Each initiative must have two characteristics:
"Learn a new skill"– not an effective initiative statement.
"Be proficient in the new skill by the end of the year" – better.
"Use the new skill to complete a project and present it at a conference by Dec 15" – best!
Info-Tech Insight
Bundle your initiatives for clarity and manageability.
Ruthlessly evaluate if an initiative should stand alone or can be rolled up with another. Fewer initiatives increases focus and alignment, allowing for better communication.
Step 1: Open Info-Tech's Strategic Roadmap Initiative Template. Determine and describe the goals that the initiative is enabling or supporting.
Step 2: State the current pain points from the end-user or business perspective. Do not list IT-specific pain points here, such as management complexity.
Step 3: List both the tangible (quantitative) and ancillary (qualitative) benefits of executing the project. These can be pain relievers derived from the pain points, or any IT-specific benefit not captured in Step 1.
Step 4: List any enabled capability that will come as an output of the project. Avoid technical capabilities like "Application-aware network monitoring." Instead, shoot for business outcomes like "Ability to filter network traffic based on application type."
Sell the project to the mailroom clerk! You need to be able to explain the outcome of the project in terms that non-IT workers can appreciate. This is done by walking as far up the goals cascade as you have defined, which gets to the underlying business outcome that the initiative supports.
Strategic Roadmap Initiative Template, p. 2
Step 5: State the risks to the business for not executing the project (and avoid restating the pain points).
Step 6: List any known or anticipated roadblocks that may come before, during, or after executing the project. Consider all aspects of people, process, and technology.
Step 7: List any measurable objectives that can be used to gauge the success of the projects. Avoid technical metrics like "number of IOPS." Instead think of business metrics such as "increased orders per hour."
Step 8: The abstract is a short 50-word project description. Best to leave it as the final step after all the other aspects of the project (risks and rewards) have been fully fleshed out. The abstract acts as an executive summary – written last, read first.
Every piece of information that is not directly relevant to the interests of the audience is a distraction from the value proposition.
Discussion:
Did everyone use the goal framework adopted earlier? Why not?
Are there recurring topics or issues that business leaders always seem concerned about?
Of all the information available, what consistently seems to be the talking points when discussing an initiative?
Input
Output
Materials
Participants
Strategic Infrastructure Roadmap Tool, Tab 8, "Roadmap"
Visuals aren't always as clear as we assume them to be.
We've spent an awful lot of time setting the stage, deciding on frameworks so we agree on what is important. We know how to have an effective conversation – now what do we want to say?
Discussion:
Did everyone use the goal framework adopted earlier? Why not?
Do we think we can find business buy-in or sponsorship? Why or why not?
Are our initiatives at odds with or complementary to the ones proposed through the normal channels?
Input
Output
Materials
Participants
Discussion:
Do participants tend to think their idea is the best and rank it accordingly?
If so, then is it better to look at the second, third, and fourth rankings for consensus instead?
What is a reasonable number of initiatives to suggest? How do we limit ourselves?
Input
Output
Materials
Participants
Shadow IT operates outside of the governance and control structure of Enterprise IT and so is, by definition, a problem. an opportunity!
Except for that one thing they do wrong, that one small technicality, they may well do everything else right.
Consider:
In short, shadow IT can provide fully vetted infrastructure initiatives that with a little effort can be turned into easy wins on the roadmap.
Shadow IT can include business-ready initiatives, needing only minor tweaking to align with infrastructure's best practices.
Discussion:
Did you learn anything from working directly with in-the-trenches staff? Can those learnings be used elsewhere in infrastructure? Or in larger IT?
Input
Output
Materials
Participants
Also called scrum poker (in Agile software circles), this method reduces anchoring bias by requiring all participants to formulate and submit their estimates independently and simultaneously.
Equipment: A typical scrum deck shows the Fibonacci sequence of numbers, or similar progression, with the added values of ∞ (project too big and needs to be subdivided), and a coffee cup (need a break). Use of the (mostly) Fibonacci sequence helps capture the notional uncertainty in estimating larger values.
Discussion:
How often was the story unclear? How often did participants have to ask for additional information to make their estimate? How many rounds were required to reach consensus?
Does number of person, days, or weeks, make more sense than dollars? Should we estimate both independently?
Source: Scrum Poker
Input
Output
Materials
Participants
Add your ideas to the visualization.
We started with eight simple questions. Logically, the answers suggest sections for a published report. Developing those answers in didactic method is effective and popular among technologists as answers build upon each other. Business leaders and journalists, however, know never to bury the lead.
Report Section Title | Roadmap Activity or Step |
---|---|
Sunshine diagram | Visualization |
Priorities | Understand business goals |
Who we help | Evaluate intake process |
How we can help | Create initiatives |
What we're working on | Review initiatives |
How you can help us | Assess roadblocks |
What is new | Assess new technology |
How we spend our day | Conduct a time study |
What we have | Assess IT platform |
We can do better! | Identify process optimizations |
If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
Phase 1 | Phase 2 | Phase 3 | Phase 4 |
---|---|---|---|
1.1 Infrastructure strategy 1.2 Goal alignment | 2.1 Define your future 2.2 Conduct constraints analysis | 3.1 Drive business alignment 3.2. Build the roadmap | 4.1 Identify the audience 4.2 Process improvement and measurements |
This phase will walk you through the following activities:
This phase involves the following participants:
Identify the audience
4.1.1 Identify required authors and target audiences
4.1.2 Planning the process
4.1.3 Identifying supporters and blockers
This step requires the following inputs:
This step involves the following participants:
And you thought we were done. The roadmap is a process. Set a schedule and pattern to the individual steps.
Publishing an infrastructure roadmap once a year as a lead into budget discussion is common practice. But this is just the last in a long series of steps and activities. Balance the effort of each activity against its results to decide on a frequency. Ensure that the frequency is sufficient to allow you to act on the results if required. Work backwards from publication to develop the schedule.
A lot of work has gone into creating this final document. Does a single audience make sense? Who else may be interested in your promises to the business? Look back at the people you've asked for input. They probably want to know what this has all been about. Publish your roadmap broadly to ensure greater participation in subsequent years.
Who needs to hear (and more importantly believe) your message? Who do you need to hear from? Build a communications plan to get the most from your roadmap effort.
Discussion:
How many people appear in both lists? What are the implications of that?
Input
Output
Materials
Participants
Due Date (t) | Freq | Mode | Participants | Infrastructure Owner | |
---|---|---|---|---|---|
Update & Publish | Start of Budget Planning |
Once |
Report |
IT Steering Committee |
Infrastructure Leader or CIO |
Evaluate Intakes | (t) - 2 months (t) - 8 months |
Biannually |
Review |
PMO Service Desk |
Domain Heads |
Assess Roadblocks | (t) - 2 months (t) - 5 months (t) - 8 months (t) - 11 months |
Quarterly |
Brainstorming & Consensus |
Domain Heads |
Infrastructure Leader |
Time Study | (t) - 1 month (t) - 4 months (t) - 7 months (t) - 10 months |
Quarterly |
Assessment |
Domain Staff |
Domain Heads |
Inventory Assessment | (t) - 2 months |
Annually |
Assessment |
Domain Staff |
Domain Heads |
Business Goals | (t) - 1 month |
Annually |
Survey |
Line of Business Managers |
Infrastructure Leader or CIO |
New Technology Assessment | monthly (t) - 2 months |
Monthly/Annually |
Process |
Domain Staff |
Infrastructure Leader |
Initiative Review | (t) - 1 month (t) - 4 months (t) - 7 months (t) - 10 months |
Quarterly |
Review |
PMO Domain Heads |
Infrastructure Leader |
Initiative Creation | (t) - 1 month |
Annually |
Brainstorming & Consensus |
Roadmap Team |
Infrastructure Leader |
The roadmap report is just a point-in-time snapshot, but to be most valuable it needs to come at the end of a full process cycle. Know your due date, work backwards, and assign responsibility.
Discussion:
Input
Output
Materials
Participants
Certain stakeholders will not only be highly involved and accountable in the process but may also be responsible for approving the roadmap and budget, so it's essential that you get their buy-in upfront.
You may want to restrict participation to senior members of the roadmap team only.
This activity requires a considerable degree of candor in order to be effective. It is effectively a political conversation and as such can be sensitive.
Steps:
Input
Output
Materials
Participants
4.2.1 Evaluating the value of each process output
4.2.2 Brainstorming improvements
4.2.3 Setting realistic measures
This step requires the following inputs:
This step involves the following participants:
You started with a desire – greater satisfaction with infrastructure from the business. All of the inputs, processes, and outputs exist only, and are designed solely, to serve the attainment of that outcome.
The process outlined is not dogma; no element is sacrosanct. Ruthlessly evaluate the effectiveness of your efforts so you can do better next time.
You would do no less after a server migration, network upgrade, or EUC rollout.
Leadership
If infrastructure leaders aren't committed, then this will quickly become an exercise of box-checking rather than candid communication.
Data
Quantitative or qualitative – always try to go where the data leads. Reduce unconscious bias and be surprised by the insight uncovered.
Metrics
Measurement allows management but if you measure the wrong thing you can game the system, cheating yourself out of the ultimate prize.
Focus
Less is sometimes more.
Discussion:
Did the group agree on the intended outcome of each step? Did the group think the step was effective? Was the outcome clear and did it flow naturally to where it was useful?
Is the effort required for each step commensurate with its value? Are we doing too much for not enough return?
Are we acting on the information we're gathering? Is it informing or changing decisions throughout the year or period?
Input
Output
Materials
Participants
Freq. | Method | Measures | Success criteria | Areas for improvement | Expected change | |
---|---|---|---|---|---|---|
Evaluate intakes | Biannually | PMO Intake & Service Requests | Projects or Initiatives | % of departments engaged | Actively reach out to underrepresented depts. | +10% engagement |
Assess roadblocks | Quarterly | IT All-Staff Meeting | Roadblocks | % of identified that have been resolved | Define expected outcomes of removing roadblock | Measurable improvements |
Time study | Quarterly | IT All-Staff Meeting | Time | Confidence value of data | Real data sources (time sheets, tools, etc.) | 85% of sources defensible |
Legacy asset assessment | Annually | Domain effort | Asset Inventory | Completeness of Inventory |
|
|
Understand business goals | Annually | Roadmap Meeting | Goal list | Goal specificity | Survey or interview leadership directly | 66% directly attributable participation |
New technology assessment | Monthly/Annually | Team/Roadmap Meeting | Technologies Reviewed | IT staff participation/# SWOTs | Increase participation from junior members | 50% presentations from junior members |
Initiative review | Quarterly | IT All-Staff Meeting |
|
|
|
|
Initiative creation | Annually | Roadmap Meeting | Initiatives | # of initiatives proposed | Business uptake | +25% sponsorship in 6 months (biz) |
Update and publish | Annually | PDF report | Roadmap Final Report | Leadership engagement | Improve audience reach | +15% of LoB managers have read the report |
Baseline metrics will improve through:
Metric description | Current metric | Future goal |
---|---|---|
# of critical incidents resulting from equipment failure per month | ||
# of service provisioning delays due to resource (non-labor) shortages | ||
# of projects that involve standing up untested (no prior infrastructure PoC) technologies | ||
# of PoCs conducted each year | ||
# of initiatives proposed by infrastructure | ||
# of initiatives proposed that find business sponsorship in >1yr | ||
% of long-term projects reviewed as per goal framework | ||
# of initiatives proposed that are the only ones supporting a business goal | ||
# of technologies deployed being used by more than the original business sponsor | ||
# of PMO delays due to resource contention |
Insight 1
Draw the first picture.
Highly engaged and effective team members are proactive rather than reactive. Instead of waiting for clear inputs from the higher ups, take what you do know, make some educated guesses about the rest, and present that to leadership. Where thinking diverges will be crystal clear and the necessary adjustments will be obvious.
Insight 2
Infrastructure must position itself as the broker for new technologies.
No man is an island; no technology is a silo. Infrastructure's must ensure that everyone in the company benefits from what can be shared, ensure those benefits are delivered securely and reliably, and prevent the uninitiated from making costly technological mistakes. It is easier to lead from the front, so infrastructure must stay on top of available technology.
Insight 3
The roadmap is a process that is business driven and not a document.
In an ever-changing world the process of change itself changes. We know the value of any specific roadmap output diminishes quickly over time, but don't forget to challenge the process itself from time to time. Striving for perfection is a fool's game; embrace constant updates and incremental improvement.
Insight 4
Focus on the framework, not the output.
There usually is no one right answer. Instead make sure both the business and infrastructure are considering common relevant elements and are working from a shared set of priorities. Data then, rather than hierarchical positioning or a d20 Charisma roll, becomes the most compelling factor in making a decision. But since your audience is in hierarchical ascendency over you, make the effort to become familiar with their language.
Metric description | Metric goal |
Checkpoint 1 |
Checkpoint 2 |
Checkpoint 3 |
---|---|---|---|---|
# of critical incidents resulting from equipment failure per month | >1 | |||
# of service provisioning delays due to resource (non-labor) shortages | >5 | |||
# of projects that involve standing up untested (no prior infrastructure PoC) technologies | >10% | |||
# of PoCs conducted each year | 4 | |||
# of initiatives proposed by infrastructure | 4 | |||
# of initiatives proposed that find business sponsorship in >1 year | 1 | |||
# of initiatives proposed that are the only ones supporting a business goal | 1 | |||
% of long-term projects reviewed as per goal framework | 100% |
Review performance from last fiscal year
If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
Build a Business-Aligned IT Strategy
Success depends on IT initiatives clearly aligned to business goals, IT excellence, and driving technology innovation.
Document your Cloud Strategy
A cloud strategy might seem like a big project, but it's just a series of smaller conversations. The methodology presented here is designed to facilitate those conversations using a curated list of topics, prompts, participant lists, and sample outcomes. We have divided the strategy into four key areas.
Develop an IT Asset Management Strategy
ITAM is a foundational IT service that provides accurate, accessible, actionable data on IT assets. But there's no value in data for data's sake. Enable collaboration between IT asset managers, business leaders, and IT leaders to develop an ITAM strategy that maximizes the value they can deliver as service provider.
Infrastructure & Operations Research Center
Practical insights, tools, and methodologies to systematically improve IT Infrastructure & Operations.
Knowledge gained
Processes optimized
Deliverables completed
If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
"10 Essential KPIs for the IT Strategic Planning Process." Apptio Inc, Dec. 2021. Accessed Nov. 2022.
Amos, Justin. "8 areas your 2022 IT Infrastructure roadmap should cover." Soma, 24 Jan 2022 Accessed Nov. 2022
Ahmed, Anam. "Importance of Mission Vision in Organizational Strategy." Chron, 14 March 2019. Accessed 10 May 2021. ."
Barker, Joel A. "Joel A Barker Quote about Vision." Joel A Barker.com. Accessed 10 Nov 2022
Bhagwat, Swapnil ."Top IT Infrastructure Management Strategies For 2023 , Atlas Systems, 23 Oct 2022. Accessed Nov. 2022.
Blank, Steve. "You're Better Off Being A Fast Follower Than An Originator." Business Insider. 5 Oct. 2010. Web.
Bridges, Jennifer . "IT Risk Management Strategies and Best Practices." Project Manager, 6 Dec 2019. Accessed Nov. 2022.
"Building a Technology Roadmap That Stabilizes and Transforms." Collegis Education. Accessed Dec 2022.
Collins, Gavin. "WHY AN IT INFRASTRUCTURE ROAD MAP?." Fifth Step, Date unknown. Accessed Nov. 2022.
"Define the Business Context Needed to Complete Strategic IT Initiatives: 2018 Blueprint - ResearchAndMarkets.com." Business Wire, 1 Feb. 2018. Accessed 9 June 2021.
De Vos, Colton. “Well-Developed IT Strategic Plan Example." Resolute Tech Solutions, 6 Jan 2020. Accessed Nov. 2022.
Gray, Dave. "Post-Up." Gamestorming, 15 Oct. 2010. Accessed 10 Nov 2022
Helm, Clay. "Majority of Surveyed Companies are Not Prepared for IT Needs of the Future." IBM Study, 4 Jan 2021. Accessed Nov. 2022.
Hertvik, Joe. "8 Components of A Great IT Strategy, BMC Blogs, 29 May. 2020. Accessed Nov. 2022.
ISACA, "Effective governance at your Fingertips". COBIT Framework, Accessed Dec 2022
"IT Guiding Principles." Office of Information Technology, NC State University, 2014-2020. Accessed 9 Nov 2022.
""IT Infrastructure That Makes Employees Happier." Network Doctor, 2021. Accessed Dec 2022
"IT Road mapping Helps Dura Remain at the Forefront of Auto Manufacturing." Performance Improvement Partners, ND. Accessed Dec 2022.
ITtoolkit.com. "The IT Vision: A Strategic Path to Lasting IT Business Alignment." ITtoolkit Magazine, 2020. Accessed 9 June 2021.
Kark, Khalid. "Survey: CIOs Are CEOs' Top Strategic Partner." CIO Journal, The Wall Street Journal, 22 May 2020. Accessed 11 May 2021.
Kimberling, Eric. "What is "Future State" and Why is it Important?" Third Stage Consulting, 11 June 2021. Accessed Nov. 2022.
Kishore. "The True Cost of Keeping the Lights On." Optanix, 1 Feb. 2017. Accessed Nov. 2022.
Lakein, Alan. Libquotes.
Mindsight. "THE ULTIMATE GUIDE TO CREATING A TECHNOLOGY ROADMAP" Mind sight, 12 Dec 2021. Accessed Nov. 2022.
Milani, F. (2019). Future State Analysis. In: Digital Business Analysis. Springer, Cham. https://doi.org/10.1007/978-3-030-05719-0_13
Newberry, Dennis. "Meeting the Challenges of Optimizing IT Cost and Capacity Management." BMC, 2021, Accessed 12 Nov 2022.
Peek, Sean. "What Is a Vision Statement?" Business News Daily, 7 May 2020. Accessed 10 Nov 2022.
Ramos, Diana. "Infrastructure Management 101: A Beginner's Guide to IT Infrastructure Management." Smartsheet.com. 30 Nov 2021. Accessed 09 Dec 2022.
Ramsey, Dave. "Dave Rant: How to Finally Take Control of Your Money." Ramseysolutions. 26 Aug 2021. Accessed 10 Nov 2022.
Richards-Gustafson, Flora. "5 Core Operational Strategies." Chron, 8 Mar 2019. Accessed 9 June 2021.
Richardson, Nigel. "What are the differences between current and future state maps?." Nexus, 18 Oct 2022. Accessed Nov. 2022.
Roush, Joe. "IT Infrastructure Planning: How To Get Started." BMC. 05 January, 2018. Accessed 24 Jan 2023.
Shields, Corey. "A Complete Guide to IT Infrastructure Management." Ntiva, 15 Sept. 2020. Accessed 28 Nov. 2022.
Snow, Shane. "Smartcuts: How Hackers, Innovators, and Icons Accelerate Success." Harper Business, 2014.
Strohlein, Marc. "The CIO's Guide to Aligning IT Strategy with the Business." IDC, 2019. Accessed Nov 2022.
Sull, Sull, and Yoder. "No One Knows Your Strategy — Not Even Your Top Leaders." MIT Sloan. 12 Feb 2018. Accessed 26 Jan 2023.
"Team Purpose & Culture." Hyper Island. Accessed 10 Nov. 2022
"Tech Spend Pulse, 2022." Flexera, Jan 2022, Accessed 15 Nov 2022
"Tech Spend Pulse." Flexera, Dec. 2022. Accessed Nov. 2022.
"The Definitive Guide to Developing an IT Strategy and Roadmap" CIO Pages.com , 5 Aug 13 2022. Accessed 30 Nov. 2022.
Wei, Jessica. "Don't Tell Me Where Your Priorities Are – James W. Frick." Due.com, 21 Mar 2022. Accessed 23 Nov 2022.
Zhu, Pearl. "How to Set Guiding Principles for an IT Organization." Future of CIO, 1 July 2013. Accessed 9 June 2021.
Follow Info-Tech’s path in this blueprint to:
After following the program in this blueprint, you will be prepared to advise the organization on how to best leverage the rapidly shifting work management options within M365 and the place of MS Project within it.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Assess your work management tool landscape, current state maturity, and licensing needs to inform a purpose-built work management action plan.
Get familiar with Project for the web’s extensibility as well as the MS Gold Partner ecosystem as you contemplate the best implementation approach(s) for your organization.
Prepare a boardroom-ready presentation that will help you communicate your MS Project and M365 action plan to PMO and organizational stakeholders.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Assess the goals and needs as well as the risks and constraints of a work management optimization.
Take stock of your organization’s current work management tool landscape.
Clear goals and alignment across workshop participants as well as an understanding of the risks and constraints that will need to be mitigated to succeed.
Current-state insight into the organization’s work management tool landscape.
1.1 Review the business context.
1.2 Explore the M365 work management landscape.
1.3 Identify driving forces for change.
1.4 Analyze potential risks.
1.5 Perform current-state analysis on work management tools.
Business context
Current-state understanding of the task, project, and portfolio management options in M365 and how they align with the organization’s ways of working
Goals and needs analysis
Risks and constraints analysis
Work management tool overview
Determine your organization’s work management tool needs as well as its current level of project management and project portfolio management process maturity.
An understanding of your tooling needs and your current levels of process maturity.
2.1 Review tool audit dashboard and conduct the final audit.
2.2 Identify current Microsoft licensing.
2.3 Assess current-state maturity for project management.
2.4 Define target state for project management.
2.5 Assess current-state maturity for project portfolio management.
2.6 Define target state for project portfolio management.
Tool audit
An understanding of licensing options and what’s needed to optimize MS Project options
Project management current-state analysis
Project management gap analysis
Project portfolio management current-state analysis
Project portfolio management gap analysis
Take stock of your implementation options for Microsoft old project tech and new project tech.
An optimized implementation approach based upon your organization’s current state and needs.
3.1 Prepare a needs assessment for Microsoft 365 and Project Plan licenses.
3.2 Review the business case for Microsoft licensing.
3.3 Get familiar with Project for the web.
3.4 Assess the MS Gold Partner Community.
3.5 Conduct a feasibility test for PFTW.
M365 and Project Plan needs assessment
Business case for additional M365 and MS Project licensing
An understand of Project for the web and how to extend it
MS Gold Partner outreach plan
A go/no-go decision for extending Project for the web on your own
Determine the best implementation approach for your organization and prepare an action plan.
A purpose-built implementation approach to help communicate recommendations and needs to key stakeholders.
4.1 Decide on the implementation approach.
4.2 Identify the audience for your proposal.
4.3 Determine timeline and assign accountabilities.
4.4 Develop executive summary presentation.
An implementation plan
Stakeholder analysis
A communication plan
Initial executive presentation
Finalize your M365 and MS Project work management recommendations and get ready to communicate them to key stakeholders.
Time saved in developing and communicating an action plan.
Stakeholder buy-in.
5.1 Complete in-progress deliverables from previous four days.
5.2 Set up review time for workshop deliverables and to discuss next steps.
Finalized executive presentation
A gameplan to communicate your recommendations to key stakeholders as well as a roadmap for future optimization
Microsoft Project has dominated its market since being introduced in the 1980s, yet the level of adoption and usage per license is incredibly low.
The software is ubiquitous, mostly considered to represent its category for “Project Management.” Yet, the software is conflated with its “Portfolio Management” offerings as organizations make platform decisions with Microsoft Project as the incorrectly identified incumbent.
And incredibly, Microsoft has dominated the next era of productivity software with the “365” offerings. Yet, it froze the “Project” family of offerings and introduced the not-yet-functional “Project for the web.”
Having a difficult time understanding what to do with, and about, Microsoft Project? You’re hardly alone. It’s not simply a question of tolerating, embracing, or rejecting the product: many who choose a competitor find they’re still paying for Microsoft Project-related licensing for years to come.
If you’re in the Microsoft 365 ecosystem, use this research to understand your rapidly shifting landscape of options.
(Barry Cousins, Project Portfolio Management Practice Lead, Info-Tech Research Group)You use Microsoft (MS) tools to manage your work, projects, and/or project portfolio.
Their latest offering, Project for the web, is new and you’re not sure what to make of it. Microsoft says it will soon replace Microsoft Project and Project Online, but the new software doesn’t seem to do what the old software did.
The organization has adopted M365 for collaboration and work management. Meetings happen on Teams, projects are scoped a bit with Planner, and the operations group uses Azure Boards to keep track of what they need to get done.
Despite your reservations about the new project management software, Microsoft software has become even more ubiquitous.
M365 provides the basic components for managing tasks, projects, and project portfolios, but there is no instruction manual for making those parts work together.
M365 isn’t the only set of tools at play. Business units and teams across the organization have procured other non-Microsoft tools for work management without involving IT.
Microsoft’s latest project offering, Project for the web, is still evolving and you’re never sure if it is stable or ready for prime time. The missing function seems to involve the more sophisticated project planning disciplines, which are still important to larger, longer, and costlier projects.
Follow Info-Tech’s path in this blueprint to:
After following the program in this blueprint, you will be prepared to advise the organization on how to best leverage the rapidly shifting work management options within M365 and the place of MS Project within it.
Accelerated partly by the pandemic and the move to remote work, Microsoft’s market share in the work productivity space has grown exponentially in the last two years.
70% of Fortune 500 companies purchased 365 from Sept. 2019 to Sept. 2020. (Thexyz blog, 2020)
In its FY21 Q2 report, Microsoft reported 47.5 million M365 consumer subscribers – an 11.2% increase from its FY20 Q4 reporting. (Office 365 for IT Pros, 2021)
As of September 2020, there were 258,000,000 licensed O365 users. (Thexyz blog, 2020)
In this blueprint, we’ll look at what the what the phenomenal growth of M365 means for PMOs and project portfolio practitioners who identify as Microsoft shops
For many PMO and project portfolio practitioners, the footprint of M365 in their organizations’ work management cultures is forcing a renewed look at Microsoft’s suite of project offerings.
The complicating factor is this renewed look comes at a transitional time in Microsoft’s suite of project and portfolio offerings.
Microsoft Project has 66% market share in the project management tool space. (Celoxis, 2018)
A copy of MS project is sold or licensed every 20 seconds. (Integent, 2013)
Common opinion 1: “Plans and estimates that are granular enough to be believable are too detailed to manage and maintain.”
Common opinion 2: “Plans simple enough to publish aren’t detailed enough to produce believable estimates.”
In other words, software simple enough to get widely adopted doesn’t produce believable plans. Software that can produce believable plans is too complex to use at scale.
A viable task and project management option must walk the line between these dichotomies.
Common perception still sees Microsoft Project as a rich software tool. Thus, when we consider the next generation of Microsoft Project, it’s easy to expect a newer and friendlier version of what we knew before.
In truth, the new solution is a collection of partially integrated but largely disparate tools that each satisfy a portion of the market’s needs. While it looks like a rich collection of function when viewed through high-level requirements, users will find:
1. Determine Your Tool Needs |
2. Weigh Your MS Project Implementation Options |
3. Finalize Your Implementation Approach |
|
Phase Steps |
|
|
|
Phase Outcomes |
|
|
|
The various MS Project offerings (but most notably the latest, Project for the web) hold the promise of integrating with the rest of M365 into a unified work management solution. However, out of the box, Project for the web and the various platforms within M365 are all disparate utilities that need to be pieced together in a purpose-built manner to make use of them for holistic work management purposes.
If you’re looking for a cohesive product out of the box, look elsewhere. If you’re looking to assemble a wide array of work, project, and portfolio management functions across different functions and departments, you may have found what you seek
Rather than choosing tools based on your gaps, make sure to assess your current maturity level so that you optimize your investment in the Microsoft landscape.
Microsoft’s new Project plans (P1, P3, and P5) suggest there is a meaningful connection out of the box between its old tech (Project desktop, Project Server, and Project Online) and its new tech (Project for the web).
However, the offerings are not always interoperable.
Organizations are changing as fast as the software we use to run them.
If you’re implementing parts of this platform, keep the changes small as you monitor the vendors for new software versions and integrations.
Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:
The Action Plan will help culminate and present:
Assess your organization's current work management tool landscape and determine what tools drive value for individual users and teams and which ones can be rationalized.
Document the driving and resisting forces for making a change to your work management tools.
Use these assessments to identify gaps in project management and project portfolio management processes. The results will help guide process improvement efforts and measure success and progress.
Determine the best licensing options and approaches for your implementation of Microsoft Project.
DIY Toolkit |
Guided Implementation |
Workshop |
Consulting |
"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." | "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." | "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." | "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project." |
A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.
A typical GI is between 6 to 8 calls over the course of 3 to 4 months.
Day 1
|
Day 2
|
Day 3
|
Day 4
|
Day 5
|
|
Activities |
|
|
|
|
|
Deliverables |
|
|
|
|
|
Phase 1: Determine Your Tool Needs |
Phase 2: Weigh Your Implementation Options | Phase 3: Finalize Your Implementation Approach |
|
|
|
38% of the worldwide office suite market belongs to Microsoft. (Source: Statistica, 2021)
1 in 3 small to mid-sized organizations moving to Microsoft Project say they are doing so because it integrates well with Office 365. (Source: CBT Nuggets, 2018)
There’s a gravity to the Microsoft ecosystem.
And while there is no argument that there are standalone task management tools, project management tools, or portfolio management tools that are likely more robust, feature-rich, and easier to adopt, it’s rare that you find an ecosystem that can do it all, to an acceptable level.
That is the value proposition of Microsoft: the ubiquity, familiarity, and versatility. It’s the Swiss army knife of software products.
Workers lose up to 40% of their time multi-tasking and switching between applications. (Bluescape, 2018)
25 Context switches – On average, workers switch between 10 apps, 25 times a day. (Asana, 2021)
“Work management” is among the latest buzzwords in IT consulting.
What is work management? It was born of a blurring of the traditional lines between operational or day-to-day tasks and project management tasks, as organizations struggle to keep up with both operational and project demands.
To make the software easier to use, modern work management doesn’t involve the complexities from days past. You won’t find anywhere to introduce complex predecessor-successor relationships, unbalanced assignments with front-loading or back-loading, early-start/late-finish, critical path, etc.
Indeed, with Project for the web, Azure Boards, Planner, and other M365 utilities, Microsoft is attempting to compete with lighter and better-adopted tools (e.g. Trello, Wike, Monday.com).
The slides ahead explain each of these modes of working in the Microsoft ecosystem in turn. Further, Info-Tech’s Task, Project, and Project Portfolio Management Tool Guides explain these areas in more detail.
Download Info-Tech’s Task Management, Project Management, and Project Portfolio Management Tool Guides
Download the M365 Task Management Tool Guide
Utilities like Planner and To-Do make it easier to turn what are often ad hoc approaches into a more repeatable process.
Teams has opened personal task management tactics up to more collaborative approaches.
Project Server: This product serves many large enterprise clients, but Microsoft has stated that it is at end of life. It is appealing to industries and organizations where privacy is paramount. This is an on-premises system that combines servers like SharePoint, SQL, and BI to report on information from Project Desktop Client. To realize the value of this product, there must be adoption across the organization and engagement at the project-task level for all projects within the portfolio.
Project Online: This product serves many medium enterprise clients. It is appealing for IT departments who want to get a rich set of features that can be used to intake projects, assign resources, and report on project portfolio health. It is a cloud solution built on the SharePoint platform, which provides many users a sense of familiarity. However, due to the bottom-up reporting nature of this product, again, adoption across the organization and engagement at the project task level for all projects within the portfolio is critical.
Project for the web: This product is the newest on the market and is quickly being evolved. Many O365 enthusiasts have been early adopters of Project for the web despite its limited features when compared to Project Online. It is also a cloud solution that encourages citizen developers by being built on the MS Power Platform. This positions the product well to integrate with Power BI, Power Automate, and Power Apps. It is, so far, the only MS product that lends itself to abstracted portfolio management, which means it doesn’t rely on project task level engagement to produce portfolio reports. The portfolio can also run with a mixed methodology by funneling Project, Azure Boards, and Planner boards into its roadmap function.
Download the M365 Project Management Tool Guide
For better or worse, Microsoft’s core solution is veritably synonymous with project management itself and has formally contributed to the definition of the project management space.
Download the M365 Project Portfolio Management Tool Guide
Integration between Project for the web and Power Apps allows for custom approaches.
A robust and intensive bottom-up approach that requires task level roll-ups from projects to inform portfolio level data. For this model to work, reconciliation of individual resource capacity must be universal and perpetually current.
If your organization has low or no maturity with PPM, this approach will be tough to make successful.
In fact, most organizations under adopt the tools required to effectively operate with the traditional project portfolio management. Once adopted and operationalized, this combination of tools gives the executives the most precise view of the current state of projects within the portfolio.
Download the M365 Project Portfolio Management Tool Guide
Microsoft’s established network of Gold Partners helps to make this deployment a viable option.
Download Info-Tech’s Tool Audit Workbook
Input: Information on tools used to complete task, project, and portfolio tasks
Output: Analyzed list of tools
Materials: Whiteboard/Flip Charts, Tool Audit Workbook
Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers, Business Stakeholders
1-3 hours
Input: List of key PPM decision points, List of who is accountable for PPM decisions, List of who has PPM decision-making authority
Output: Prioritized list of PPM decision-making support needs
Materials: Whiteboard/Flip Charts, Tool Audit Workbook
Participants: Portfolio Manager (PMO Director), PMO Admin Team, CIO
Discuss the outputs of the Dashboards tab to inform your decision maker on whether to pass or fail the tool for each use case.
1 hour
Input: List of key PPM decision points, List of who is accountable for PPM decisions, List of who has PPM decision-making authority
Output: Prioritized list of PPM decision-making support needs
Materials: Whiteboard/Flip Charts, Tool Audit Workbook
Participants: Portfolio Manager (PMO Director), PMO Admin Team, CIO
Download Info-Tech's Force Field Analysis Tool
Input: Opportunities associated with determining the use case for Microsoft Project and M365 in your organization
Output: Plotted opportunities based on probability and impact
Materials: Whiteboard/Flip Charts, Force Field Analysis Tool
Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers
Download the Force Field Analysis Tool
In column B on tab 1, note the specific opportunities the group would like to call out.
In column C, categorize the goal or need being articulated by the list of drop-down options: will it accelerate the time to benefit? Will it help to integrate systems and data sources? Will it mature processes and the organization overall? Will it help to scale across the organization? Choose the option that best aligns with the opportunity.
In column D, categorize the source of the goal or need as internal or external.
In column E, use the drop-down menus to indicate the ease of realizing each goal or need for the organization. Will it be relatively easy to manifest or will there be complexities to implementing it?
In column F, use the drop-down menus to indicate the positive impact of realizing or achieving each need on the PMO and/or the organization.
On tab 3 of the Force Field Analysis Workbook, your inputs on tab 1 are summarized in graphical form from columns B to G. On tab 3, these goals and needs results are contrasted with your inputs on tab 2 (see next slide).
30 minutes
Input: Risks associated with determining the use case for Microsoft Project and M365 in your organization
Output: Plotted risks based on probability and impact
Materials: Whiteboard/Flip Charts, Force Field Analysis Tool
Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers
Download the Force Field Analysis Tool
In column B on tab 2, note the specific risks and constraints the group would like to call out.
In column C, categorize the risk or constraint being articulated by the list of drop-down options: will it impact or is it impacted by time, resources, budget, culture or maturity?
In column D, categorize the source of the goal or need as internal or external.
In column E, use the drop-down menus to indicate the likelihood of each risk or constraint materializing during your implementation. Will it definitely occur or is there just a small chance it could come to light?
In column F, use the drop-down menus to indicate the negative impact of the risk or constraint to achieving your goals and needs.
On tab 3 of the Force Field Analysis Workbook, your inputs on tab 2 are summarized in graphical form from columns I to N. On tab 3, your risk and constraint results are contrasted with your inputs on tab 1 to help you gauge the relative weight of driving vs. opposing forces.
Navigating Microsoft licensing is never easy, and Project for the web has further complicated licensing needs for project professionals.
As we’ll cover in step 2.1 of this blueprint, Project for the web can be extended beyond its base lightweight work management functionality using the Power Platform (Power Apps, Power Automate, and Power BI). Depending on the scope of your implementation, this can require additional Power Platform licensing.
Download Info-Tech’s Modernize Your Microsoft Licensing for the Cloud Era
Bundles are extremely common and can be more cost effective than à la carte options for the Microsoft products.
The biggest differentiator between M365 and O365 is that the M365 product also includes Windows 10 and Enterprise Mobility and Security.
The color coding in the diagram indicates that the same platform/application suite is available.
Platform or Application | M365 E3 | M365 E5 | O365 E1 | O365 E3 | O365 E5 |
Microsoft Forms | X | X | X | X | X |
Microsoft Lists | X | X | X | X | X |
OneDrive | X | X | X | X | X |
Planner | X | X | X | X | X |
Power Apps for Office 365 | X | X | X | X | X |
Power Automate for Office | X | X | X | X | X |
Power BI Pro | X | X | |||
Power Virtual Agents for Teams | X | X | X | X | X |
SharePoint | X | X | X | X | X |
Stream | X | X | X | X | X |
Sway | X | X | X | X | X |
Teams | X | X | X | X | X |
To Do | X | X | X | X | X |
Everything in Project Plan 1 plus the following:
Everything in Project Plan 3 plus the following:
MS Project Capabilities | Info-Tech's Editorial Description | P1 | P3 | P5 |
Project Home | Essentially a landing page that allows you to access all the project plans you've created or that you're assigned to. It amalgamates plans created in Project for the web, the Project for the web app in Power Apps, and Project Online. | X | X | X |
Grid view | One of three options in which to create your project plans in Project for the web (board view and timeline view are the other options). You can switch back and forth between the options. | X | X | X |
Board view | One of three options in which to create your project plans in Project for the web (grid view and timeline view are the other options). You can switch back and forth between the options. | X | X | X |
Timeline (Gantt) view | One of three options in which to create your project plans in Project for the web (board view and grid view are the other options). You can switch back and forth between the options. | X | X | X |
Collaboration and communication | This references the ability to add Project for the web project plans to Teams channels. | X | X | X |
Coauthoring | Many people can have access to the same project plan and can update tasks. | X | X | X |
Project planning and scheduling | For this the marketing lingo says "includes familiar scheduling tools to assign project tasks to team members and use different views like Grid, Board, and Timeline (Gantt chart) to oversee the schedule." Unclear how this is different than the project plans in the three view options above. | X | X | X |
X - Functionality Included in Plan
O - Functionality Not Included in Plan
MS Project Capabilities | Info-Tech's Editorial Description | P1 | P3 | P5 |
Reporting | This seems to reference Excel reports and the Power BI Report Template App, which can be used if you're using Project Online. There are no pre-built reports for Project for the web, but third-party Power Apps are available. | O | X | X |
Roadmap | Roadmap is a platform that allows you to take one or more projects from Project for the web and Azure DevOps and create an organizational roadmap. Once your projects are loaded into Roadmap you can perform additional customizations like color status reporting and adding key days and milestones. | O | X | X |
Timesheet submission | Project Online and Server 2013 and 2016 allow team members to submit timesheets if the functionality is required. | O | X | X |
Resource management | The rich MS Project client supports old school, deterministic project scheduling at the project level. | O | X | X |
Desktop client | The full desktop client comes with P3 and P5, where it acts as the rich editor for project plans. The software enjoys a multi-decade market dominance as a project management tool but was never paired with an enterprise collaboration server engine that enjoyed the same level of success. | O | X | X |
Portfolio selection and optimization | Portfolio selection and optimization has been offered as part of the enterprise project and portfolio suite for many years. Most people taking advantage of this capability have used a Microsoft Partner to formalize and operationalize the feature. | O | O | X |
Demand Management | Enterprise demand management is targeted at the most rigorous of project portfolio management practices. Most people taking advantage of this capability have used a Microsoft Partner to formalize and operationalize the feature. | O | O | X |
Enterprise resource planning and management | The legacy MS Project Online/Server platform supports enterprise-wide resource capacity management through an old-school, deterministic task and resource scheduling engine, assuming scaled-out deployment of Active Directory. Most people succeeding with this capability have used a Microsoft Partner to formalize and operationalize the feature. | O | O | X |
X - Functionality Included in Plan
O - Functionality Not Included in Plan
Download Info-Tech's Microsoft Project & M365 Licensing Tool
1-2 hours
Input: List of key user groups/profiles, Number of users and current licenses
Output: List of Microsoft applications/capabilities included with each license, Analysis of user group needs for Microsoft Project Plan licenses
Materials: Microsoft Project & 365 Licensing Tool
Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers
Download Info-Tech's Microsoft Project & M365 Licensing Tool
"There's been a chicken-egg debate raging in the PPM world for decades: What comes first, the tool or the process? It seems reasonable to say, ‘We don't have a process now, so we'll just adopt the one in the tool.’ But you'll soon find out that the tool doesn't have a process, and you needed to do more planning and analysis before buying the tool." (Barry Cousins, Practice Lead, Project Portfolio Management)
Take the time to consider and reflect on the current and target state of the processes for project portfolio management and project management.
Download Info-Tech’s Project Portfolio Management Maturity Assessment Tool and Project Management Maturity Assessment Tool
Once this is documented, take some time to describe the type of tool being used to do this (commercial, home-grown, standardized document) and provide additional details, where applicable.
Define the target state: Repeat the assessment of activity statements for the target state. Then gauge the organizational impact and complexity of improving each capability on a scale of very low to very high.
Screenshot your results and put them into the MS Project and M365 Action Plan Template.
Analyze the applications used to support your project management and project portfolio management processes.
Look for:
Reflect on the overlap between process areas with pain points and the current tools being used to complete this process.
Consider the sustainability of the target-state tool choice
You have the option to create an action plan for each of the areas of improvement coming out of your maturity assessment.
This can include:
Phase 1: Determine Your Tool Needs | Phase 2: Weigh Your Implementation Options | Phase 3: Finalize Your Implementation Approach |
|
|
|
Out of the box, PFTW occupies a liminal space when it comes to work management options
The table to the right shows some of the functionality in PFTW in relation to the task management functionality of Planner and the enterprise project and portfolio management functionality of Project Online.
Table 2.1a | Planner | Project for the web | Project Online |
Coauthoring on Tasks | X | X | |
Task Planning | X | X | X |
Resource Assignments | X | X | X |
Board Views | X | X | X |
MS Teams Integration | X | X | X |
Roadmap | X | X | |
Table and Gantt Views | X | X | |
Task Dependency Tracking | X | X | |
Timesheets | X | ||
Financial Planning | X | ||
Risks and Issues Tracking | X | ||
Program Management | X | ||
Advanced Portfolio Management | X |
PFTW is Microsoft’s proposed future-state antidote to this challenge. Its success will depend on how well users are able to integrate the solution into a wider M365 work management setting.
"We are committed to supporting our customers on Project Online and helping them transition to Project for the Web. No end-of-support has been set for Project Online, but when the time comes, we will communicate our plans on the transition path and give you plenty of advance notice." (Heather Heide, Program Manager, Microsoft Planner and Project. This comment was made during the “Overview of Microsoft Project” session during the Reimagine event.)
Microsoft plans to sunset Project Online in favor of PFTW will at first be a head-scratcher for those familiar with the extensive PPM functionality in Project Online and underwhelmed by the project and portfolio management in PFTW.
However, having built the solution upon the Power Platform, Microsoft has made it possible to take the base functionality in PFTW and extend it to create a more custom, organizationally specific user experience.
Before users get too excited about using these tools to build a custom PPM approach, we should consider the time, effort, and skills required. The slides ahead will take you through a series of considerations to help you gauge whether your PMO is ready to go it alone in extending the solution.
Table 2.1a in this step displayed the functionality in PFTW in relation to the task management tool Planner and the robust PPM functionality in Online.
The table to the right shows how the functionality in PFTW can differ from the base solution and Project Online when it is extended using the model-driven app option in Power Apps.
Caveat: The list of functionality and processes in this table is sample data.
This functionality is not inherent in the solution as soon as you integrate with Power Apps. Rather it must be built – and your success in developing these functions will depend upon the time and skills you have available.
Table 2.1b | Project for the web | PFTW extended with PowerApps | Project Online |
Critical Path | X | ||
Timesheets | X | ||
Financial Planning | X | X | |
Risks and Issues Tracking | X | X | |
Program Management | X | ||
Status Updates | X | ||
Project Requests | X | ||
Business Cases | X | ||
Project Charters | X | ||
Resource Planning and Capacity Management | X | X | |
Project Change Requests | X |
Long story short: Extending PFTW in Power Apps is time consuming and can be frustrating for the novice to intermediate user.
It can take days, even weeks, just to find your feet in Power Apps, let alone to determine requirements to start building out a custom model-driven app. The latter activity can entail creating custom columns and tables, determining relationships between tables to get required outputs, in addition to basic design activities.
Time-strapped and resource-constrained practitioners should pause before committing to this deployment approach. To help better understand the commitment, the slides ahead cover the basics of extending PFTW in Power Apps:
See Info-Tech’s M365 Project Portfolio Management Tool Guide for more information on Power Apps in general.
While extending Project for the web with Power Apps does not at this time, in normal deployments, require additional licensing from what is included in a E3 or E5 license, it is not out of the realm of possibility that a more complex deployment could incur costs not included in the Power Apps for 365 that comes with your enterprise agreement.
The table to the right shows current additional licensing options.
Power Apps, Per User, Per App Plan |
Per User Plan |
Cost: US$10 per user per app per month, with a daily Dataverse database capacity of 40 MB and a daily Power Platform request capacity of 1,000. | Cost: US$40 per user per month, with a daily Dataverse database capacity of 250 MB and a daily Power Platform request capacity of 5,000. |
What's included? This option is marketed as the option that allows organizations to “get started with the platform at a lower entry point … [or those] that run only a few apps.” Users can run an application for a specific business case scenario with “the full capabilities of Power Apps” (meaning, we believe, that unlicensed users can still submit data via an app created by a licensed user). | What's included? A per-user plan allows licensed users to run unlimited canvas apps and model-driven apps – portal apps, the licensing guide says, can be “provisioned by customers on demand.” Dataverse database limits (the 250 MB and 5,000 request capacity mentioned above) are pooled at the per tenant, not the per user plan license, capacity. |
For more on Power Apps licensing, refer to Info-Tech’s Modernize Your Microsoft Licensing for the Cloud Era for more information.
From the Power Apps main page in 365, you can change your environment by selecting from the options in the top right-hand corner of the screen.
Screenshot of the Power Apps “Apps” page in a sandbox environment. The Project App will appear as “Project” when the application is installed, though it is also easy to create an app from scratch.
In Power Apps, tables (formerly called entities and still referred to as entities in the Power Apps Designer) function much like tables in Excel: they are containers of columns of data for tracking purposes. Tables define the data for your app, and you build your app around them.
In general, there are three types of tables:
Tables can be accessed under Data banner on the left-hand panel of your Power Apps screen.
The below is a list of standard tables that can be used to customize your Project App.
Table Name |
Display Name |
msdyn_project | Project |
msdyn_projectchange | Change |
msdyn_projectprogram | Program |
msdyn_projectrequest | Request |
msdyn_projectrisk | Risk |
msdyn_projectissue | Issue |
msdyn_projectstatusreport | Status |
The Site Map determines the navigation for your app, i.e. it is where you establish the links and pages users will navigate. We will review the basics of the sitemap on the next few slides.
The tables that come loaded into your Project Power App environment (at this time, 37) via the manual install will appear in the Power Apps Designer in the Entity View pane at the bottom of the page. You do not have to use all of them in your design.
As addressed in the previous slide, the sitemap determines the navigation for your app, i.e. it is where you establish the links and the pages that users will navigate.
To get to the Sitemap Designer, highlight the Project App from your list of apps on the Apps page and click “Edit” in the ribbon above. If you’re creating a model-driven app from scratch, Designer will open past the “Create a New App” intro screen.
Drag and drop the relevant components from the panel on the right-hand side of the screen into the main window to design the core pieces that will be present within your user interface.
For each subarea in your design, use the pop-up panel on the right-hand side of the screen to connect your component the relevant table from within your Dataverse environment.
The names or titles for your Areas and Groups can be customized within the Sitemap Designer.
The names or titles for your Subareas is dependent upon your table name within the Dataverse.
Area: App users can toggle the arrows to switch between Areas.
Group: These will change to reflect the chosen Area.
Subarea: The tables and forms associated with each subarea.
The Tables page under the Data banner in Power Apps houses all of the tables available in your Dataverse environment. Do not be overwhelmed or get too excited. Only a small portion of the tables in the Tables folder in Power Apps will be relevant when it comes to extending PFTW.
Find the table you would like to customize and/or employ in your app and select it. The next slides will look at customizing the table (if you need to) and designing an app based upon the table.
To access all the tables in your environment, you’ll need to ensure your filter is set correctly on the top right-hand corner of the screen, otherwise you will only see a small portion of the tables in your Dataverse environment.
If you’re a novice, it will take you some time to get familiar with the table structure in the Dataverse.
We recommend you start with the list of tables listed on slide. You can likely find something there that you can use or build from for most PPM purposes.
In this screenshot, we are clicked into the msdyn_project (display name: Project) table. As you can see, there are a series of tabs below the name of the table, and we are clicked into the Columns tab. This is where you can see all of the data points included in the table.
You are not able to customize all columns. If a column that you are not able to customize does not meet your needs, you will need to create a custom column from the “+Add column” option.
“Required” or “Optional” status pertains to when the column or field is used within your app. For customizable or custom columns this status can be set when you click into each column.
By way of illustrating how you might need to customize a table, we’ll highlight the “msdyn_project_statecode” (display name: Project Status) column that comes preloaded in the Project (msdyn_project) table.
From within the Choices tab, click “+New choice” option to create a custom choice.
A pane will appear to the right of your screen. From there you can give your choice a name, and under the “Items” header, add your list of options.
Click save. Your custom choice is now saved to the Choices tab in the Dataverse environment and can be used in your table. Further customizations can be made to your choice if need be.
Start by selecting “+ Add Column” at the top left-hand side of your table. A window will appear on the right-hand side of the page, and you will have options to name your column and choose the data type.
As you can see in this screenshot to the left, data type options include text, number and date types, and many more. Because we are looking to use our custom choice for this example, we are going to choose “Choice.”
When you select “Choice” as your data type, all of the choice options available or created in your Dataverse environment will appear. Find your custom choice – in this example the one name “RYG Status” – and click done. When the window closes, be sure to select “Save Table.”
When the Project app is first installed in your environment, the main user form will be lacking, with only a few basic data options.
This form can be customized and additional tabs can be added to your user interface.
Select the Forms tab.
Start with the form that has “Main” as its Format Type.
You can add element like columns or sections to your form by selecting the Components window.
In this example, we are adding a 1-Column section. When you select that option from the menu options on the left of the screen, a window will open to the right of the screen where you can name and format the section.
Choose the component you would like to add from the layout options. Depending on the table element you are looking to use, you can also add input options like number inputs and star ratings and pull in related data elements like a project timeline.
If you click on the “Table Columns” option on the left-hand pane, all of the column options from within your table will appear in alphabetical order.
When clicked within the form section you would like to add the new column to, select the column from the list of option in the left-hand pane. The new data point will appear within the section. You can order and format section elements as you would like.
When you are done editing the form, click the “Save” icon in the top right-hand corner. If you are ready for your changes to go live within your Project App, select the “Publish” icon in the top right-hand corner. Your updated form will go live within all of the apps that use it.
The content in this step has not instructed users how to extend PFTW; rather, it has covered three basic core pieces of Power Apps that those interesting in PFTW need to be aware of: Dataverse environments, the Power Apps and Sitemaps Designers, and Tables and associated Forms.
Because we have only covered the very tip of the iceberg, those interested in going further and taking a DIY approach to extending PFTW will need to build upon these basics to unlock further functionality. Indeed, it takes work to develop the product into something that begins to resemble a viable enterprise project and portfolio management solution. Here are some of the good and the bad elements associated with that work:
"The move to Power Platform and low code development will […increase] maintenance overhead. Will low code solution hit problems at scale? [H]ow easy will it be to support hundreds or thousands of small applications?
I can hear the IT support desks already complaining at the thought of this. This part of the puzzle is yet to hit real world realities of support because non developers are busy creating lots of low code applications." (Ben Hosking, Software Developer and Blogger, "Why low code software development is eating the world")
As we’ve suggested, and as the material in this step indicates, extending PFTW in a DIY fashion is not small task. You need a knowledge of the Dataverse and Power Apps, and access to the requisite skills, time, and resources to develop the solution.
To determine whether your PMO and organization are ready to go it alone in extending PFTW, perform the following activity:
Go to tab 5 of the Microsoft Project & M365 Licensing Tool
See next slide for additional activity details
Input: The contents of this step, The Project for the Web Extensibility Feasibility Test (tab 5 in the Microsoft Project & 365 Licensing Tool)
Output: Initial recommendations on whether to proceed and how to proceed with a DIY approach to extending Project for the web
Materials: The Project for the Web Extensibility Feasibility Test (tab 5 in the Microsoft Project & 365 Licensing Tool)
Participants: Portfolio Manager (PMO Director), Project Managers, Other relevant PMO stakeholders
If the content in the previous step seemed too technical or overly complex in a way that scared you away from a DIY approach to extending Microsoft’s latest project offering (and at some point in the near future, soon to be its only project offering), Project for the web, fear not.
You do not have to wade into the waters of extending Project for the web alone, or for that matter, in implementing any other MS Project solution.
Instead, Microsoft nurtures a community of Silver and Gold partners who offer hands-on technical assistance and tool implementation services. While the specific services provided vary from partner to partner, all can assist in the customization and implementation of any of Microsoft’s Project offerings.
In this step we will cover what to look for in a Partner and how to assess whether you are a good candidate for the services of a Partner. We will also highlight three Partners from within the North American market.
Simply put, an MS Gold Partner is a software or professional services organization that provides sales and services related to Microsoft products.
They’re resellers, implementors, integrators, software manufacturers, trainers, and virtually any other technology-related business service.
Microsoft Partner Network |
Microsoft Action Pack |
Silver Competency |
Gold Competency |
|
What is it? |
The Microsoft Partner Network (MPN) is a community that offers members tools, information, and training. Joining the MPN is an entry-level step for all partners. | The Action Pack is an annual subscription offered to entry-level partners. It provides training and marketing materials and access to expensive products and licenses at a vastly reduced price. | Approximately 5% of firms in the Microsoft Partner Network (MPN) are silver partners. These partners are subject to audits and annual competency exams to maintain silver status. | Approximately 1% of firms in the Microsoft Partner Network (MPN) are gold partners. These partners are subject to audits and annual competency exams to maintain Gold status. |
Requirements |
Sign up for a membership | Annual subscription fee | While requirements can vary across competency area, broadly speaking, to become a silver partner firms must:
|
While requirements can vary across competency area, broadly speaking, to become a gold partner firms must:
|
Annual Fee |
No Cost | $530 | $1800 | $5300 |
When you need to get results faster than your staff can grow the needed capabilities.
When the complexity of the purchase decision, implementation, communication, training, configuration, and/or customization cannot be cost-justified for internal staff, often because you’ll only do it once.
When your needs cannot be met by the core Microsoft technology without significant extension or customization.
As part of our research process for this blueprint, Info-Tech asked Microsoft Canada for referrals and introductions to leading Microsoft Partners. We spent six months collaborating with them on fresh research into the underlying platform.
These vendors are listed below and are highlighted in subsequent slides.
Please Note: While these vendors were referred to us by Microsoft Canada and have a footprint in the Canadian market, their footprints extend beyond this to the North American and global markets.
Our researchers have been working with Microsoft Project Online and Microsoft Project Server clients for years, and it’s fair to say that most of these clients (at some point) used a Microsoft Partner in their deployment. They’re not really software products, per se; they’re platforms. As a Microsoft Partner in 2003 when Project Server got its first big push, I heard it loud and clear: “Some assembly required. You might only make 7% on the licensing, but the world’s your oyster for services.”
In the past few years, Microsoft froze the market for major Microsoft Project decisions by making it clear that the existing offering is not getting updates while the new offering (Project for the web) doesn’t do what the old one did. And in a fascinating timing coincidence, the market substantially adopted Microsoft 365 during that period, which enables access to Project for the web.
Many of Info-Tech’s clients are justifiably curious, confused, and concerned, while the Microsoft Partners have persisted in their knowledge and capability. So, we asked Microsoft Canada for referrals and introductions to leading Microsoft Partners and spent six months collaborating with them on fresh research into the underlying platform.
Disclosure: Info-Tech conducted collaborative research with the partners listed on the previous slide to produce this publication. Market trends and reactions were studied, but the only clients identified were in case studies provided by the Microsoft Partners. Info-Tech’s customers have been, and remain, anonymous. (Barry Cousins, Project Portfolio Management Practice Lead, Info-Tech Research Group)
Beyond its ability to integrate with existing solutions, as a software product, OnePlan has modules for resource planning, strategic portfolio planning, financial planning, time tracking, and more.
"OnePlan offers a strategic portfolio, financial and resource management solution that fits the needs of every PMO. Optimize your portfolio, financials and resources enterprise wide." (Paul Estabrooks, Vice President at OnePlan)
This case study was provided to Info-Tech by OnePlan.
Overview: Brambles plays a key role in the delivery or return of products amongst global trading partners such as manufacturers, distributors and retailers.
Brambles had a variety of Project Management tools with no easy way of consolidating project management data. The proliferation of project management solutions was hindering the execution of a long-term business transformation strategy. Brambles needed certain common and strategic project management processes and enterprise project reporting while still allowing individual project management solutions to be used as part of the PPM platform.
As part of the PMO-driven business transformation strategy, Brambles implemented a project management “operating system” acting as a foundation for core processes such as project intake, portfolio management, resource, and financial planning and reporting while providing integration capability for a variety of tools used for project execution.
OnePlan’s new Adaptive PPM platform, combining the use of PowerApps and OnePlan, gives Brambles the desired PPM operating system while allowing for tool flexibility at the execution level.
Solution Details
Partner Resources. OnePlan facilitates regular ongoing live webinars on PPM topics that anyone can sign up for on the OnePlan website.
For more information on upcoming webinars, or to access recordings of past webinars, see here.
"While selecting an appropriate PPM tool, the PMO should not only evaluate the standard industry tools but also analyze which tool will best fit the organization’s strategy, budget, and culture in the long run." (Neeta Manghnani, PMO Strategist, PMO Outsource Ltd.)
This case study was provided to Info-Tech by PMO Outsource Ltd.
Partner Resources. PMO Outsource Ltd.’s approach is rooted within a robust and comprehensive PPM framework that is focused on driving strategic outcomes and business success.
For a full overview of its PPM framework, see here.
"One of our principles is to begin with the end in mind. This means that we will work with you to define a roadmap to help you advance your strategic portfolio … and project management capabilities. The roadmap for each customer is different and based on where you are today, and where you need to get to." (Western Principles, “Your Strategic Portfolio Management roadmap,” Whitepaper)
Partner Resources. Western Principles provides a multitude of current case studies on its home page. These case studies let you know what the firm is working on this year and the type of support it provides to its clientele.
To access these case studies, see here.
Download Info-Tech’s Analyst-Partner Briefing Videos (OnePlan & PMO Outsource Ltd.)
Input: Contents of this step, List of additional MS Gold Partners
Output: A completed partner outreach program
Materials: MS Project & M365 Action Plan Template
Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers, CIO
Download the Microsoft Project & M365 Action Plan Template
1-3 hours
Input: Project Portfolio Management Maturity Assessment, Project Management Maturity Assessment
Output: MS Project & M365 Action Plan Template
Materials: Project Portfolio Management Maturity Assessment, Project Management Maturity Assessment, MS Project & M365 Action Plan Template
Participants: Portfolio Manager (PMO Director), PMO Admin Team, Project Managers, CIO
Download the Microsoft Project & M365 Action Plan Template
Phase 1: Determine Your Tool Needs | Phase 2: Weigh Your Implementation Options | Phase 3: Finalize Your Implementation Approach |
|
|
|
An action plan concerning what to do with MS Project and M365 for your PMO or project organization.
Before jumping into licensing and third-party negotiations, ensure you’ve clearly assessed the impact of change.
Master Organizational Change Management Practices blueprint
After careful analysis and planning, it’s time to synthesize your findings to those most impacted by the change.
"In failed transformations, you often find plenty of plans, directives, and programs, but no vision…A useful rule of thumb: If you can’t communicate the vision to someone in five minutes or less and get a reaction that signifies both understanding and interest, you are not yet done…" (John P. Kotter, Leading Change)
Get ready to compile the analysis completed throughout this blueprint in the subsequent activities. The outputs will come together in your Microsoft Project and M365 Action Plan.
Download Info-Tech’s Microsoft Project & M365 Action Plan Template
1-3 hours
Input: Force Field Analysis Tool, Tool Audit Workbook, Project Management Maturity Assessment Tool, Project Portfolio Management Maturity Assessment Tool
Output: Section 1: Executive Brief, Section 2: Context and Constraints
Materials: Microsoft Project and M365 Action Plan Template
Participants: PMO Director, PMO Admin Team, Business Analysts, Project Managers
Download the Microsoft Project & M365 Action Plan Template
Input: List of key PPM decision points, List of who is accountable for PPM decisions, List of who has PPM decision-making authority
Output: Section 3: DIY Implementation Approach
Materials: Microsoft Project and M365 Action Plan Template
Participants: PMO Director, PMO Admin Team, Business Analysts, Project Managers
Download the Microsoft Project and M365 Action Plan Template
1-3 hours; Note: This is only applicable if you have chosen the Partner route
Input: Microsoft Project and M365 Licensing Tool, Information on Microsoft Partners
Output: Section 4: Microsoft Partner Implementation Route
Materials: Microsoft Project and M365 Action Plan Template
Participants: PMO Director, PMO Admin Team, Business Analysts, Project Managers
Microsoft Project and M365 Action Plan Template
1-2 hours
Input: Outputs from the exercises in this blueprint
Output: Section 5: Future-State Vision and Goals
Materials: Microsoft Project and M365 Action Plan Template
Participants: PMO Director, PMO Admin Team, Business Analysts, Project Managers
Microsoft Project and M365 Action Plan Template
There are multiple audiences for your pitch, and each audience requires a different level of detail when addressed. Depending on the outcomes expected from each audience, a suitable approach must be chosen. The format and information presented will vary significantly from group to group.
Audience |
Key Contents |
Outcome |
Business Executives |
|
|
IT Leadership |
|
|
Business Managers |
|
|
Business Users |
|
|
If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop
To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
Gain insight into the tools that drive value or fail to drive value across your work management landscape with a view to streamline the organization’s tool ecosystem.
Prepare the right work management tool recommendations for your IT teams and/or business units and develop a boardroom-ready presentation to communicate needs and next steps.
Neeta Manghnani
PMO Strategist
PMO Outsource Ltd.
Robert Strickland
Principal Consultant & Owner
PMO Outsource Ltd.
“13 Reasons not to use Microsoft Project.” Celoxis, 14 Sept. 2018. Accessed 17 Sept. 2021.
Advisicon. “Project Online vs Project for the Web.” YouTube, 13 Nov. 2013. Accessed 17 Sept. 2021.
Branscombe, Mary. “Is Project Online ready to replace Microsoft Project?” TechRepublic, 23 Jan. 2020. Accessed 17 Sept. 2021.
Chemistruck, Dan. “The Complete Office 365 and Microsoft 365 Licensing Comparison.” Infused Innovations, 4 April 2019. Accessed 17 Sept. 2021.
“Compare Project management solutions and costs.” Microsoft. Accessed 17 Sept. 2021.
Day to Day Dynamics 365. “Microsoft Project for the web - Model-driven app.” YouTube, 29 Oct. 2019. Accessed 17 Sept. 2021.
“Deploying Project for the web.” Microsoft, 24 Aug. 2021. Accessed 17 Sept. 2021.
“Differentiate your business by attaining Microsoft competencies.” Microsoft, 26 Jan. 2021. Accessed 17 Sept. 2021.
“Extend & Integrate Microsoft Project.” Western Principles. Accessed 17 Sept. 2021.
“Get Started with Project Power App.” Microsoft. Accessed 17 Sept. 2021.
Hosking, Ben. “Why low code software development is eating the world.” DevGenius, May 2021. Accessed 17 Sept. 2021.
“How in the World is MS Project Still a Leading PM Software?” CBT Nuggets, 12 Nov. 2018. Accessed 17 Sept. 2021.
Integent. “Project for the Web - Create a Program Entity and a model-driven app then expose in Microsoft Teams.” YouTube, 25 Mar. 2020. Accessed 17 Sept. 2021.
“Introducing the Project Accelerator.” Microsoft, 10 Mar. 2021. Accessed 17 Sept. 2021.
“Join the Microsoft Partner Network.” Microsoft. Accessed 17 Sept. 2021.
Kaneko, Judy. “How Productivity Tools Can Lead to a Loss of Productivity.” Bluescape, 2 Mar. 2018 Accessed 17 Sept. 2021.
Kotter, John. Leading Change. Harvard Business School Press, 1996.
Leis, Merily. “What is Work Management.” Scoro. Accessed 17 Sept. 2021.
Liu, Shanhong. “Number of Office 365 company users worldwide as of June 2021, by leading country.” Statistica, 2021. Web.
Manghnani, Neeta. “5 Benefits of PPM tools and PMO process automation.” PMO Outsource Ltd., 11 Apr. 2021. Accessed 17 Sept. 2021.
“Microsoft 365 and Office 365 plan options.” Microsoft, 31 Aug. 2021. Accessed 17 Sept. 2021.
“Microsoft 365 for enterprise.” Microsoft. Accessed 17 Sept. 2021
“Microsoft Office 365 Usage Statistics.” Thexyz blog, 18 Sept. 2020. Accessed 17 Sept. 2021.
“Microsoft Power Apps, Microsoft Power Automate and Microsoft Power Virtual Agents Licensing Guide.” Microsoft, June 2021. Web.
“Microsoft Project service description.” Microsoft, 31 Aug. 2021. Accessed 17 Sept. 2021.
“Microsoft Project Statistics.” Integent Blog, 12 Dec. 2013. Accessed 17 Sept. 2021.
Nanji, Aadil . Modernize Your Microsoft Licensing for the Cloud Era. Info-Tech Research Group, 12 Mar. 2020. Accessed 17 Sept. 2021.
“Number of Office 365 company users worldwide as of June 2021, by leading country.” Statista, 8 June 2021. Accessed 17 Sept. 2021.
“Overcoming disruption in a digital world.” Asana. Accessed 17 Sept. 2021.
Pajunen, Antti. “Customizing and extending Project for the web.” Day to Day Dynamics 365, 20 Jan. 2020. Accessed 17 Sept. 2021.
“Partner Center Documentation.” Microsoft. Accessed 17 Sept. 2021.
Pragmatic Works. “Building First Power Apps Model Driven Application.” YouTube, 21 June 2019. Accessed 17 Sept. 2021.
“Project architecture overview.” Microsoft, 27 Mar. 2020. Accessed 17 Sept. 2021.
“Project for the web Accelerator.” GitHub. Accessed 17 Sept. 2021.
“Project for the web admin help.” Microsoft, 28 Oct. 2019. Accessed 17 Sept. 2021.
“Project for the Web – The New Microsoft Project.” TPG. Accessed 17 Sept. 2021.
“Project for the Web Security Roles.” Microsoft, 1 July 2021. Accessed 17 Sept. 2021.
“Project Online: Project For The Web vs Microsoft Project vs Planner vs Project Online.” PM Connection, 30 Nov. 2020. Accessed 17 Sept. 2021.
Redmond, Tony. “Office 365 Insights from Microsoft’s FY21 Q2 Results.” Office 365 for IT Pros, 28 Jan. 2021. Accessed 17 Sept. 2021.
Reimagine Project Management with Microsoft. “Advanced deployment for Project for the web.” YouTube, 4 Aug. 2021. Accessed 17 Sept. 2021.
Reimagine Project Management with Microsoft. “Overview of Microsoft Project.” YouTube, 29 July 2021. Accessed 17 Sept. 2021.
“See which partner offer is right for you.” Microsoft. Accessed 17 Sept. 2021.
Shalomova, Anna. “Microsoft Project for Web 2019 vs. Project Online: What’s Best for Enterprise Project Management?” FluentPro, 23 July 2020. Accessed 17 Sept. 2021.
Speed, Richard. “One Project to rule them all: Microsoft plots end to Project Online while nervous Server looks on.” The Register, 28 Sept. 2018. Accessed 17 Sept. 2021.
Spataro, Jared. “A new vision for modern work management with Microsoft Project.” Microsoft, 25 Sept. 2018. Accessed 17 Sept. 2021.
Stickel, Robert. “OnePlan Recognized as Winner of 2021 Microsoft Project & Portfolio Management Partner of the Year.” OnePlan, 8 July 2021. Accessed 17 Sept. 2021.
Stickel, Robert. “The Future of Project Online.” OnePlan, 2 Mar. 2021. Accessed 17 Sept. 2021.
Stickel, Robert. “What It Means to be Adaptive.” OnePlan, 24 May 2021. Accessed 17 Sept. 2021.
“The Future of Microsoft Project Online.” OnePlan. Accessed 17 Sept. 2021.
Weller, Joe. “Demystifying Microsoft Project Licensing.” Smartsheet, 10 Mar. 2016. Accessed 17 Sept. 2021.
Western Principles Inc. “Dump the Spreadsheets for Microsoft Project Online.” YouTube, 2 July 2020. Accessed 17 Sept. 2021.
Western Principles Inc. “Project Online or Project for the web? Which project management system should you use?” YouTube, 11 Aug. 2020. Accessed 17 Sept. 2021.
“What is Power Query?” Microsoft, 22 July 2021. Web.
Wicresoft. “The Power of the New Microsoft Project and Microsoft 365.” YouTube, 29 May 2020. Accessed 17 Sept. 2021.
Wicresoft. “Why the Microsoft Power Platform is the Future of PPM.” YouTube, 11 June 2020. Accessed 17 Sept. 2021.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
This blueprint helps you to establish a relationship with your stakeholders, both within and outside of IT. You’ll learn how to embed relationship management throughout your organization.
Use this tool to capture your findings as you work through the blueprint.
Customize this tool to obtain buy in from leadership and other stakeholders. As you continue through the blueprint, continue to leverage this template to communicate what your BRM program is about.
This worksheet template is used to outline what the BRM practice will do and associate the expectations and tasks with the roles throughout your organization. Use this to communicate that while your BRM role has a strategic focus and perspective of the relationship, other roles will continue to be important for relationship management.
This worksheet allows you to list the stakeholders and their priority in order to establish how you want to engage with them.
These job descriptions will provide you with list of competencies and qualifications necessary for a BRM operating at different levels of maturity. Use this template as a guide, whether hiring internally or externally, for the BRM role.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Set the foundation for your BRM practice – understand your current state and set the vision.
An understanding of current pain points and benefits to be addressed through your BRM practice. Establish alignment on what your BRM practice is – use this to start obtaining buy-in from stakeholders.
1.1 Define BRM
1.2 Analyze Satisfaction
1.3 Assess SWOT
1.4 Create Vision
1.5 Create the BRM Mission
1.6 Establish Goals
BRM definition
Identify areas to be addressed through the BRM practice
Shared vision, mission, and understanding of the goals for the brm practice
Determine where the BRM fits and how they will operate within the organization.
Learn how the BRM practice can best act on your goals.
2.1 Establish Guiding Principles
2.2 Determine Where BRM Fits
2.3 Establish BRM Expectations
2.4 Identify Roles With BRM Responsibilities
2.5 Align Capabilities
An understanding of where the BRM sits in the IT organization, how they align to their business partners, and other roles that support business relationships
Determine how to identify and work with key stakeholders.
Determine ways to engage with stakeholders in ways that add value.
3.1 Brainstorm Sources of Business Value
3.2 Identify Key Influencers
3.3 Categorize the Stakeholders
3.4 Create the Prioritization Map
3.5 Create Your Engagement Plan
Shared understanding of business value
A plan to engage with stakeholders
Determine how to continuously improve the BRM practice.
An ongoing plan for the BRM practice.
4.1 Create Metrics
4.2 Prioritize Your Projects
4.3 Create a Portfolio Investment Map
4.4 Establish Your Annual Plan
4.5 Build Your Transformation Roadmap
4.6 Create Your Communication Plan
Measurements of success for the BRM practice
Prioritization of projects
BRM plan
As long as humans are involved in enabling technology, it will always remain important to ensure that business relationships support business needs. At the cornerstone of those relationships is trust and the establishment of business value. Without trust, you won’t be believed, and without value, you won’t be invited to the business table.
Business relationship management can be a role, a capability, or a practice – either way it’s essential to ensure it exists within your organization. Show that IT can be a trusted partner by showing the value that IT offers.
![]() |
Allison Straker
|
Is IT saying this about business partners?
I don’t know what my business needs and so we can’t add as much value as we’d like. My partners don’t give us the opportunity to provide new ideas to solve business problems My partners listen to third parties before they listen to IT. We’re too busy and don’t have the capacity to help my partners. |
![]() |
Are business partners saying this about IT?
IT does not create and deliver valuable services/solutions that resolve my business pain points. IT does not come to me with innovative solutions to my business problems/challenges/issues. IT blocks my efforts to drive the business forward using innovative technology solutions. IT does not advocate for my needs with the decision makers in the organization. |
While organizations realize they need to do better, they often don’t know how to improve.
… these are all things that a mature business relationship can do to improve your organization.
Key improvement areas identified by business leaders and IT leaders
Business relationships can take a strategic, tactical, or operational perspective.
While all levels are needed, focus on a strategic perspective for optimal outcomes.
Create business value through:
IT Benefits
|
Business Benefits
|
||
![]() |
Increase your business benefits by moving up higher – from operational to tactical to strategic. |
![]() |
When business partners are satisfied that IT understands their needs, they have a higher perception of the value of overall IT
The relationship between the perception of IT value and business satisfaction is strong (r=0.89). Can you afford not to increase your understanding of business needs?
(Source: Info-Tech Research Group diagnostic data/Business-Aligned IT Strategy blueprint (N=652 first-year organizations that completed the CIO Business Vision diagnostic))
A tale of two IT partners![]() One IT partner approached their business partner without sufficient background knowledge to provide insights. The relationship was not strong and did not provide the business with the value they desired. |
Research your business and be prepared to apply your knowledge to be a better partner.![]() The other IT partner approached with knowledge of the business and external parties (vendors, competitors, industry). The business partners received this positively. They invited the IT partners to meetings as they knew IT would bring value to their sessions. |
1) Survey your stakeholders to measure improvements in customer satisfaction | 2) Measure BRM success against the goals for the practice | |
Business satisfaction survey
|
![]() |
![]() |
![]() |
Info-Tech has developed an approach that can be used by any organization to improve or successfully implement BRM.
![]() |
Become a Trusted Partner and Advisor | |
KNOWLEDGE OF INDUSTRY
STRATEGIC |
Value Creator and Innovator
Strategic view of IT and the business with knowledge of the market and trends; a connector driving value-added services. |
|
KNOWLEDGE OF FUNCTIONS
TACTICAL |
Influencer and Advocate
Two-way voice between IT and business, understanding business processes and activities including IT touchpoints and growing tactical and strategic view of services and value. |
|
TABLE STAKES:
COMMUNICATION SERVICE DELIVERY PROJECT DELIVERY OPERATIONAL |
Deliver
Communication, service, and project delivery and fulfillment, initial engagement with and knowledge of the business. |
|
Foundation: Define and communicate the meaning and vision of BRM |
IT | Partner | What to do to move to the next level | ||
Strategic PartnerShared goals for maximizing value and shared risk and reward | 5 | Strategic view of IT and the business with knowledge of the market and trends; a connector driving value-added services. Value Creator and Innovator | See partners as integral to business success and growth | Focus on continuous learning and improvement. |
Trusted AdvisorCooperation based on mutual respect and understanding | 4 | Partners understand, work with, and help improve capabilities. Influencer and Advocate | Sees IT as helpful and reliable | Strategic: IT needs to demonstrate and apply knowledge of business, industry, and external influences. |
Service ProviderRoutine – innovation is a challenge | 3 | Two-way voice between IT and business; understanding business processes and activities including IT touchpoints and growing tactical and strategic view of services and value. Priorities set but still always falling behind. | Views IT as helpful but they don’t provide guidance | IT needs to excel in portfolio and transition management. Business needs to engage IT in strategy. |
Order TakerDistrust, reactive | 2 | Focuses on communication, service, and project delivery and fulfillment, initial engagement with and knowledge of the business. Delivery Service | Engages with IT on an as-needed basis | Improve Tactical: IT needs to demonstrate knowledge of the business they are in. IT to improve BRM and service management. Business needs to embrace BRM role and service management. |
Ad HocLoudest in, first out | 1 | Too busy doing the basics; in firefighter mode. | Low satisfaction (cost, duration, quality) | Improve Operational Behavior: IT to show value with “table stakes” – communication, service delivery, project delivery. IT needs to establish intake/demand management.
|
(Adapted from BRM Institute Maturity Model and Info-Tech’s own model)
Business relationship management isn’t just about having a pleasant relationship with stakeholders, nor is it about just delivering things they want. It’s about driving business value in everything that IT does and leveraging relationships with the business and IT, both within and outside your organization.
Every organization will apply the BRM practice differently. Understand what’s needed within your organization to create the best fit.
When implemented properly, a BRM is a value creator, advocate, innovator, and influencer.
Before you can create incremental business value, you must master the fundamentals of service and project delivery.
Knowledge of your current situation is only half the battle; knowledge of the business/industry is key.
DIY Toolkit |
Guided Implementation |
Workshop |
Consulting |
"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." | "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." | "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." | "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project." |
Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:
Key deliverable:
Executive Buy-In and Communication Presentation TemplateExplain the need for the BRM practice and obtain buy-in from leadership and staff across the organization.
|
BRM WorkbookCapture the thinking behind your organization’s BRM program. |
![]() |
BRM Stakeholder Engagement Plan WorksheetWorksheet to capture how the BRM practice will engage with stakeholders across the organization. |
![]() |
BRM Role Expectations WorksheetHow business relationship management will be supported throughout the organization at a strategic, tactical, and operational level. |
![]() |
A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.
A typical GI is between 8 to 12 calls over the course of 4 to 6 months.
What does a typical GI on this topic look like?
Phase 1 |
Phase 2 |
Phase 3 |
Phase 4 |
Phase 5 |
Call #1: Discuss goals, current state, and an overview of BRM.
Call #2: Examine business satisfaction and discuss results of SWOT. |
Call #3: Establish BRM mission, vision, and goals. | Call #4: Develop guiding principles.
Call #5: Establish the BRM operating model and role expectations. |
Call #6: Establish business value. Discuss stakeholders and engagement planning. | Call #7: Develop metrics. Discuss portfolio management.
Call #8: Develop a communication or rollout plan. |
Workshop OverviewComplete the CIO-Business Vision diagnostic prior to the workshop. |
Contact your account representative for more information.
|
Day 1 | Day 2 | Day 3 | Day 4 | Post-Workshop | |
Activities |
Set the FoundationAssess & Situate |
Define the Operating ModelPlan |
Define EngagementImplement |
Implement BRMReassess |
Next steps and Wrap-Up (offsite) |
1.1 Discuss rationale and importance of business relationship management 1.2 Review CIO BV results 1.3 Conduct SWOT analysis (analyze strengths, weaknesses, opportunities, and threats) 1.4 Establish BRM vision and mission 1.5 Define objectives and goals for maturing the practice |
2.1 Create your list of guiding principles (optional) 2.2 Define business value 2.3. Establish the operating model for the BRM practice 2.4 Define capabilities |
3.1. Identify key stakeholders 3.2 Map, prioritize, and categorize the stakeholders 3.4 Create an engagement plan |
4,1 Define metrics 4.2 Identify remaining enablers/blockers for practice implementation 4.3 Create roadmap 4.4 Create communication plan |
5.1 Complete in-progress deliverables from previous four days 5.2 Set up review time for workshop deliverables and to discuss next steps |
|
Deliverables |
|
|
|
|
|
Assess
1.1 Define BRM 1.2 Analyze Satisfaction 1.3 Assess SWOT |
Situate
2.1 Create Vision 2.2 Create the BRM Mission 2.3 Establish Goals |
Plan
3.1 Establish Guiding Principles 3.2 Determine Where BRM Fits 3.3 Establish BRM Expectations 3.4 Identify Roles With BRM Responsibilities 3.5 Align Capabilities |
||
Implement
4.1 Brainstorm Sources of Business Value 4.2 Identify Key Influencers 4.3 Categorize the Stakeholders 4.4 Create the Prioritization Map 4.5 Create Your Engagement Plan |
Reassess & Embed
5.1 Create Metrics 5.2 Prioritize Your Projects 5.3 Create a Portfolio Investment Map 5.4 Establish Your Annual Plan 5.5 Build Your Transformation Roadmap 5.6 Create Your Communication Plan |
Who are BRM relationships with? | ![]() |
The BRM has multiple arms/legs to ensure they’re aligned with multiple parties – the partners within the lines of business, external partners, and technology partners. | |
What does a BRM do? | Engage the right stakeholders – orchestrate key roles, resources, and capabilities to help stimulate, shape, and harvest business value.
Connect partners (IT and other business) with the resources needed. Help stakeholders navigate the organization and find the best path to business value. |
![]() |
|
What does a BRM focus on? | ![]() |
Demand Shaping – Surfacing and shaping business demand
Value Harvesting – Identifying ways to increase business value and providing insights Exploring – Rationalizing demand and reviewing new business, technology, and industry insights Servicing – Managing expectations and facilitating business strategy; business capability road mapping |
|
Many organizations face business dissatisfaction because they do not understand what the role of a BRM should be.
A BRM Is NOT:
|
A BRM Is:
|
Input: Your preliminary thoughts and ideas on BRM
Output: Themes summarizing what BRM will be at your organization
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Download the BRM Workbook
Download the Executive Buy-In and Communication Template
Leverage the CIO Business Vision Diagnostic to provide clarity on:
|
![]() |
1 hour
Input: CIO-Business Vision Diagnostic, Other business feedback
Output: Summary of your partners’ view of the IT relationship
Materials: Whiteboard/flip charts (physical or electronic)
Participants: CIO, IT management team
Use the BRM Workbook to capture ideas
Polish the goals in the Executive Buy-In and Communication Template
A SWOT analysis is a structured planning method organizations use to evaluate the effects of internal strengths and weaknesses and external opportunities and threats on a project or business venture.
Strengths (Internal)
|
Weaknesses (Internal)
|
Opportunities (External)
|
Threats (External)
|
1 hour
Input: IT and business stakeholder expertise
Output: Analysis of internal and external factors impacting the IT organization
Materials: Whiteboard/flip charts (physical or electronic)
Participants: CIO, IT management team
Capture in the BRM Workbook
Assess 1.1 Define BRM 1.2 Analyze Satisfaction 1.3 Assess SWOT | Situate 2.1 Create Vision 2.2 Create the BRM Mission 2.3 Establish Goals | Plan 3.1 Establish Guiding Principles 3.2 Determine Where BRM Fits 3.3 Establish BRM Expectations 3.4 Identify Roles With BRM Responsibilities 3.5 Align Capabilities | ||
Implement 4.1 Brainstorm Sources of Business Value 4.2 Identify Key Influencers 4.3 Categorize the Stakeholders 4.4 Create the Prioritization Map 4.5 Create Your Engagement Plan | Reassess & Embed 5.1 Create Metrics 5.2 Prioritize Your Projects 5.3 Create a Portfolio Investment Map 5.4 Establish Your Annual Plan 5.5 Build Your Transformation Roadmap 5.6 Create Your Communication Plan |
Your strategy is a critical input into your program. Extract critical components of your strategy and convert them into a set of actionable principles that will guide the selection of your operating model.
|
|
Establish the vision of what your BRM practice will achieve.
Your vision will paint a picture for your stakeholders, letting them know where you want to go with your BRM practice.
![]() The vision will also help motivate and inspire your team members so they understand how they contribute to the organization. Your strategy must align with and support your organization’s strategy. |
Good Visions
|
When Visions Fail
|
![]() |
Begin the process of deriving the business relationship management vision statement by examining your business and user concerns. These are the problems your organization is trying to solve.
Paint the picture for your team and stakeholders so that they align on what BRM will achieve. |
Sample vision statements:
1 hour
Input: IT and business strategies
Output: Vision statement
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Strong vision statements have the following characteristics |
|
|
Use the BRM Workbook to capture ideas
Polish the goals in the Executive Buy-In and Communication Template
![]() |
Make sure the practice’s mission statement reflects answers to the questions below:
The questions:
|
“A mission statement illustrates the purpose of the organization, what it does, and what it intends on achieving. Its main function is to provide direction to the organization and highlight what it needs to do to achieve its vision.” (Joel Klein, BizTank (in Hull, “Answer 4 questions to get a great mission statement.”))
Sample mission statements
|
To enhance the lives of our end users through our products so that our brand becomes synonymous with user-centricity. To enable innovative services that are seamless and enjoyable to our customers so that together we can inspire change. Apple’s mission statement: “To bring the best user experience to its customers through its innovative hardware, software, and services.” (Mission Statement Academy, May 2019.) Coca Cola’s mission statement: “To refresh the world in mind, body, and spirit, to inspire moments of optimism and happiness through our brands and actions, and to create value and make a difference.” (Mission Statement Academy, August 2019.) Tip: Using the “To … so that” format helps to keep your mission focused on the “why.” |
1 hour
Input: IT and business strategies, Vision
Output: Mission statement
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
“People don't buy what you do; they buy why you do it and what you do simply proves what you believe.” (Sinek, Transcript of “How Great Leaders Inspire Action.”)
Download the BRM Workbook
Download the Executive Buy-In and Communication Template
VALUE HARVESTING
|
![]() |
DEMAND SHAPING
|
SERVICING
|
EXPLORING
|
![]() |
VALUE HARVESTING
Success may mean that you:
|
DEMAND SHAPING
Success may mean that you:
|
SERVICING
Success may mean that you:
|
EXPLORING
Success may mean that you:
|
1 hour
Input: Mission and vision statements
Output: List of goals
Materials: Whiteboard/flip charts (physical or electronic)
Participants: CIO, IT management team, BRM team
Download the BRM Workbook
Download the Executive Buy-In and Communication Template
Assess 1.1 Define BRM 1.2 Analyze Satisfaction 1.3 Assess SWOT | Situate 2.1 Create Vision 2.2 Create the BRM Mission 2.3 Establish Goals | Plan 3.1 Establish Guiding Principles 3.2 Determine Where BRM Fits 3.3 Establish BRM Expectations 3.4 Identify Roles With BRM Responsibilities 3.5 Align Capabilities | ||
Implement 4.1 Brainstorm Sources of Business Value 4.2 Identify Key Influencers 4.3 Categorize the Stakeholders 4.4 Create the Prioritization Map 4.5 Create Your Engagement Plan | Reassess & Embed 5.1 Create Metrics 5.2 Prioritize Your Projects 5.3 Create a Portfolio Investment Map 5.4 Establish Your Annual Plan 5.5 Build Your Transformation Roadmap 5.6 Create Your Communication Plan |
Your guiding principles should define a set of loose rules that can be used to design your BRM practice to the specific needs of the organization and work that needs to be done. These rules will guide you through the establishment of your BRM practice and help you explain to your stakeholders the rationale behind organizing in a specific way. |
Sample Guiding Principles
|
Input: Mission and vision statements
Output: BRM guiding principles
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Download the BRM Workbook
Download the Executive Buy-In and Communication Template
It may be useful to pilot the BRM practice with a small group within the organization – this gives you the opportunity to learn from the pilot and share best practices as you expand your BRM practice.
You can leverage the pilot business unit’s feedback to help obtain buy-in from additional groups. Evaluate the approaches for your pilot: |
Work With an Engaged Business Unit
![]() This approach can allow you to find a champion group and establish quick wins. |
Target Underperforming Area(s)
![]() This approach can allow you to establish significant wins, providing new opportunities for value. |
Target the Area(s) Driving the Most Business Value
![]() Provide the largest positive impact on your portfolio’s ability to drive business value; for large strategic or transformative goals. |
Work Across a Single Business Process
![]() This approach addresses a single business process or operation that exists across business units, departments, or locations. This, again, will allow you to limit the number of stakeholders. |
Strategic BRMs are considered IT leaders, often reporting to the CIO.
In product-aligned organizations, the product owners will own the strategic business relationship from a product perspective (often across LOB), while BRMs will own the strategic role for the line(s) of businesses (often across products) that they hold a relationship with. The BRM role may be played by a product family leader.
BRMs may take on a more operational function when they are embedded within another group, such as the PMO. This manifests in:
Use the IT structure and the business structure to determine how to align BRM and business partners. Many organizations ensure that each LOB has a designated BRM, but each BRM may work with multiple LOBs. Ensure your alignment provides an even and manageable distribution of work.
![]() |
Business Relationship Manager: Portfolio View
|
The BRM will look holistically across a portfolio, rather than on specific projects or products. Their focus is ensuring value is delivered that impacts the overall organization. Multiple BRMs may be responsible for lines of businesses and ensure that products and project enable LOBs effectively. |
Business Analyst: Product or Project View
|
The BA tends to be involved in project work – to that end, they are often brought in a bit before a project begins to better understand the context. They also often remain after the project is complete to ensure project value is delivered. However, their main focus is on delivering the objectives within the project. | |
Product Owner: Product View
|
The Product Owner bridges the gap between the business and delivery to ensure their product continuously delivers value. Their focus is on the product. |
Input: BRM goals, IT organizational structure, Business organizational structure
Output: BRM operating model
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Download the BRM Workbook
Download the Executive Buy-In and Communication Template
Some titles that may reflect alignment with your partners:
Support BRM team members might have “analyst” or “coordinator” as part of their titles. |
Caution when using these titles:
|
Act as a Relationship Manager
|
Service Delivery
Service delivery breaks out into three activities: service status, changes, and service desk tickets
|
Knowledge of the Business
Understand the main business activities for each department:
|
Influence Business and IT Stakeholders
|
Value Creator
|
Input: BRM goals
Output: BRM expectations
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Download the BRM Workbook
Download the Executive Buy-In and Communication Template
Various roles and levels within your organization may have a part of the BRM pieWhere the BRM sits will impact what they are able to get done.The BRM role is a strategic one, but other roles in the organization have a part to play in impacting IT-partner relationship.Some roles may have a more strategic focus, while others may have a more tactical or operational focus. |
![]() |
Input: BRM goals
Output: BRM-aligned roles
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Download the Role Expectations Worksheet
![]() |
STRATEGIC | Sets Direction: Focus of the activities is at the holistic, enterprise business level | “relating to the identification of long-term or overall aims and interests and the means of achieving them” | e.g. builds overarching relationships to enable and support the organization’s strategy; has strategic conversations |
![]() |
TACTICAL | Figures Out the How: Focuses on the tactics required to achieve the strategic focus | “skillful in devising means to ends” | e.g. builds relationships specific to tactics (projects, products, etc.) |
![]() |
OPERATIONAL | Executes on the Direction: Day-to-day operations; how things get done | “relating to the routine functioning and activities of a business or organization” | e.g. builds and leverages relationships to accomplish specific goals (within a project or product) |
Input: Current-state model, Business value matrix, Objectives and goals
Output: BRM-aligned roles
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Leverage the Role Expectations Worksheet
Assess 1.1 Define BRM 1.2 Analyze Satisfaction 1.3 Assess SWOT | Situate 2.1 Create Vision 2.2 Create the BRM Mission 2.3 Establish Goals | Plan 3.1 Establish Guiding Principles 3.2 Determine Where BRM Fits 3.3 Establish BRM Expectations 3.4 Identify Roles With BRM Responsibilities 3.5 Align Capabilities | ||
Implement 4.1 Brainstorm Sources of Business Value 4.2 Identify Key Influencers 4.3 Categorize the Stakeholders 4.4 Create the Prioritization Map 4.5 Create Your Engagement Plan | Reassess & Embed 5.1 Create Metrics 5.2 Prioritize Your Projects 5.3 Create a Portfolio Investment Map 5.4 Establish Your Annual Plan 5.5 Build Your Transformation Roadmap 5.6 Create Your Communication Plan |
Value is not only about revenue or reduced expenses. Use this internal-external and capability-financial business value matrix to more holistically consider what is valuable to stakeholders.
|
Business Value Matrix Axes:Financial Benefits vs. Improved Capabilities
|
Input: Product and service knowledge, Business process knowledge
Output: Understanding of different sources of business value
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
![]() |
Use the BRM Workbook to capture sources of business value |
See appendix for more information on value drivers:![]() |
Example:
|
A stakeholder is any group or individual who is impacted by (or impacts) your objectives. Challenges with stakeholder management can result from a self-focused point of view. Avoid these challenges by taking on the other’s perspectives – what’s in it for them. The key objectives of stakeholder management are to improve outcomes, increase confidence, and enhance trust in IT.
|
Challenges
|
Implications
|
List the people who are identified through the following questions: | Take a 360-degree view of potential internal and external stakeholders who might be impacted by the initiative. | |||
|
|
Executives Peers Direct reports Partners Customers |
![]() |
Subcontractors Suppliers Contractors Lobby groups Regulatory agencies |
Follow the trail of breadcrumbs from your direct stakeholders to their influencers to uncover hidden stakeholders.
Your stakeholder map defines the influence landscape your BRM team operates in. It is every bit as important as the teams who enhance, support, and operate your products directly.
Input: List of stakeholders
Output: Relationships among stakeholders and influencers
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Use the BRM Workbook to capture stakeholders |
There are four areas in the map and the stakeholders within each area should be treated differently.
Input: Stakeholder Map
Output: Categorization of stakeholders and influencers
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
|
Level of Influence
Level of InterestHow much are the stakeholder’s individual performance and goals directly tied to the success or failure of the product? |
Use the BRM Workbook to map your stakeholders
Type | Quadrant | Actions |
Players | High influence; high interest | Actively Engage
Keep them engaged through continuous involvement. Maintain their interest by demonstrating their value to its success. |
Mediators | High influence; low interest | Keep Satisfied
They can be the game changers in groups of stakeholders. Turn them into supporters by gaining their confidence and trust, and include them in important decision-making steps. In turn, they can help you influence other stakeholders. |
Noisemakers | Low influence; high interest | Keep Informed
Try to increase their influence (or decrease it if they are detractors) by providing them with key information, supporting them in meetings, and using Mediators to help them. |
Spectators | Low influence; low interest | Monitor
They are followers. Keep them in the loop by providing clarity on objectives and status updates. |
There may be too many stakeholders to be able to manage them all. Focus your attention on the stakeholders that matter most.
Apply a third dimension for stakeholder prioritization: support.
Support, in addition to interest and influence, is used to prioritize which stakeholders are should receive the focus of your attention. This table indicates how stakeholders are ranked:
Support can be determined by rating the following question: how likely is it that your stakeholder would recommend IT at your organization/your group? Our four categories of support:
Input: Stakeholder Map
Output: Categorization of stakeholders and influencers
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
![]() |
Use the BRM Workbook to map your stakeholders |
BlockersPay attention to your “blockers,” especially those that appear in the high influence and high interest part of the quadrant. Consider how your engagement with them varies from supporters in this quadrant. Consider what is valuable to these stakeholders and focus your conversations on “what’s in this for them.” |
Neutral & EvangelistsStakeholders that are neutral or evangelists do not require as much attention as blockers and supporters, but they still can’t be ignored – especially those who are players (high influence and engagement). Focus on what’s in it for them to move them to become supporters. |
SupportersDo not neglect supporters – continue to engage with them to ensure that they remain supporters. Focus on the supporters that are influential and impacted, rather than the “spectators.” |
Input: Stakeholder Map/list of stakeholders
Output: Categorization of stakeholders and influencers
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Download and use the BRM Stakeholder Engagement Plan |
Agenda | |||||
Stakeholder | Information Type | Meeting Frequency | Lower Maturity | Mid-Level Maturity | Higher Maturity |
VP | Strategic | Quarterly |
|
|
|
Director | Strategic, Tactical | Monthly |
|
|
|
Manager | Tactical | Monthly |
|
|
|
Lower Maturity – Focus on service delivery, project delivery, and communication
Mid-Level Maturity – Focus on business pain points and a deeper knowledge of the business
Higher Maturity – Focus on creating value by leading innovative initiatives that drive the business forward
Stakeholder – Include both IT and business stakeholders at appropriate levels
Agenda – Manage stakeholders expectations, and clarify how your agenda will progress as the partnership matures
Assess 1.1 Define BRM 1.2 Analyze Satisfaction 1.3 Assess SWOT | Situate 2.1 Create Vision 2.2 Create the BRM Mission 2.3 Establish Goals | Plan 3.1 Establish Guiding Principles 3.2 Determine Where BRM Fits 3.3 Establish BRM Expectations 3.4 Identify Roles With BRM Responsibilities 3.5 Align Capabilities | ||
Implement 4.1 Brainstorm Sources of Business Value 4.2 Identify Key Influencers 4.3 Categorize the Stakeholders 4.4 Create the Prioritization Map 4.5 Create Your Engagement Plan | Reassess & Embed 5.1 Create Metrics 5.2 Prioritize Your Projects 5.3 Create a Portfolio Investment Map 5.4 Establish Your Annual Plan 5.5 Build Your Transformation Roadmap 5.6 Create Your Communication Plan |
Measure your BRM practice success
|
|
Questions to ask | Are your metrics achievable? | |
|
S pecific M easurable A chievable R ealistic T ime-bound |
Embedding the BRM practice within your organization must be grounded in achievable outcomes.
Ensure that the metrics your practice is measured against reflect realistic and tangible business expectations. Overpromising the impact the practice will have can lead to long-term implementation challenges. |
![]() | 1 | Survey your stakeholders to measure improvements in customer satisfaction. | Leverage the CIO Business Vision on a regular interval – most find that annual assessments drive success. Evaluate whether the addition or increased maturity of your BRM practice has improved satisfaction with IT. | |
Business satisfaction survey
| ![]() | |||
![]() |
![]() |
2 |
Measure BRM success against the goals for the practice. |
Evaluate whether the BRM practice has helped IT to meet the goals that you’ve established. For each of your goals, create metrics to establish how you will know if you’ve been successful. This might be how many or what type of interactions you have with your stakeholders, and/or it could be new connections with internal or external partners. Ensure you have established metrics to measure success at your goals. |
|
![]() |
Input: Goals, The attributes which can align to goal success
Output: Measurements of success
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
![]() |
Use the BRM Workbook |
Partner instructions:
Please indicate how much you agree with each of the following statements. Use a scale of 1-5, where 1 is low agreement and 5 indicates strong agreement: Demand Shaping: My BRM is at the table and seeks to understand my business. They help me understand IT and helps IT prioritize my needs. Exploring: My BRM surfaces new opportunities based on their understanding of my pain points and growth needs. They engage resources with a focus on the value to be delivered. Servicing: The BRM obtains an understanding of the services and service levels that are required, clarifies them, and communicates costs and risks. Value Harvesting: Focus on value is evident in discussions – the BRM supports IT in ensuring value realization is achieved and tracks value during and beyond deployment. |
![]() |
IT needs to juggle “keeping the lights on” initiatives with those required to add value to the organization. Partner with the appropriate resources (Project Management Office, Product Owners, System Owners, and/or others as appropriate within your organization) to ensure that all initiatives focus on value. Info-Tech InsightNot every organization will balance their portfolio in the same way. Some organizations have higher risk tolerance and so their higher priority goals may require that they accept more risk to potentially reap more returns. | ![]() 80% of organizations feel their portfolios are dominated by low-value initiatives that do not deliver value to the business. (Source: Stage-Gate International and Product Development Institute, March/April 2009) |
All new requests are not the same; establish a process for intake and manage expectations and IT’s capacity to deliver value.Ensure you communicate your process to support new ideas with your stakeholders. They’ll be clear on the steps to bring new initiatives into IT and will understand and be engaged in the process to demonstrate value. |
|
|
For support creating your intake process, go to Optimize Project Intake, Approval and Prioritization | ![]() |
Use value as your criteria to evaluate initiativesWork with project managers to ensure that all projects are executed in a way that meets business expectations.
Download Info-Tech’s Project Value Scorecard Development Tool. |
|
Input: Value criteria
Output: Prioritized project listing
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Download Info-Tech’s Project Value Scorecard Development Tool. |
Visualize where investments add value through an initiative portfolio mapAn initiative portfolio map is a graphic visualization of strategic initiatives overlaid on a business capability map. Leverage the initiative portfolio map to communicate the value of what IT is working on to your stakeholders. Info-Tech InsightProjects will often impact one or more capabilities. As such, your portfolio map will help you identify cross-dependencies when scaling up or scaling down initiatives. | Example initiative portfolio map
|
Input: Business capability map
Output: Portfolio investment map
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Download Info-Tech’s Initiative Portfolio Map Template. |
To support the BRM capability at your organization, you’ll want to communicate your plan. This will include:
|
![]() |
Input: Engagement plan, BRM goals
Output: Annual BRM plan
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Capture in the BRM Workbook
Communicate using the Executive Buy-In and Communication Template |
![]() |
Input: SWOT analysis
Output: Transformation roadmap
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
Example:
Enablers
| Blockers
| Mitigation
|
Capture in the BRM Workbook
Leaders of successful change spend considerable time developing a powerful change message, i.e. a compelling narrative that articulates the desired end state, and that makes the change concrete and meaningful to staff.
The change message should:
|
Five elements of communicating change
![]() (Source: The Qualities of Leadership: Leading Change) |
“We tend to use a lot of jargon in our discussions, and that is a sure fire way to turn people away. We realized the message wasn’t getting out because the audience wasn’t speaking the same language. You have to take it down to the next level and help them understand where the needs are.” (Jeremy Clement, Director of Finance, College of Charleston, Info-Tech Interview, 2018)
Be Relevant
|
Be Clear
|
Be Concise
|
Be Consistent
|
Input: Prioritized list of stakeholders
Output: Communication Plan
Materials: Whiteboard/flip charts (physical or electronic)
Participants: Team
AudienceAll BRM Staff |
Purpose
|
Communication Type
|
CommunicatorCIO |
Timing
|
Business Value
Service Catalog
Intake Management
|
![]() ![]() |
![]() ![]() ![]() |
“Apple Mission and Vision Analysis.” Mission Statement Academy, 23 May 2019. Accessed 5 November 2020.
Barnes, Aaron. “Business Relationship Manager and Plan Build Run.” BRM Institute, 8 April 2014.
Barnes, Aaron. “Starting a BRM Team - Business Relationship Management Institute.” BRM Institute, 5 June 2013. Web.
BRM Institute. “Business Partner Maturity Model.” Member Templates and Examples, Online Campus, n.d. Accessed 3 December 2021.
BRM Institute. “BRM Assessment Templates and Examples.” Member Templates and Examples, Online Campus, n.d. Accessed 24 November 2021.
Brusnahan, Jim, et al. “A Perfect Union: BRM and Agile Development and Delivery.” BRM Institute, 8 December 2020. Web.
Business Relationship Management: The BRMP Guide to the BRM Body of Knowledge. Second printing ed., BRM Institute, 2014.
Chapman, Chuck. “Building a Culture of Trust - Remote Leadership Institute.” Remote Leadership Institute, 10 August 2021. Accessed 27 January 2022.
“Coca Cola Mission and Vision Analysis.” Mission Statement Academy, 4 August 2019. Accessed 5 November 2020.
Colville, Alan. “Shared Vision.” UX Magazine, 31 October 2011. Web.
Cooper, Robert, G. “Effective Gating: Make product innovation more productive by using gates with teeth.” Stage-Gate International and Product Development Institute, March/April 2009. Web.
Heller, Martha. “How CIOs Can Make Business Relationship Management (BRM) Work.” CIO, 1 November 2016. Accessed 27 January 2022.
“How Many Business Relationship Managers Should You Have.” BRM Institute, 20 March 2013. Web.
Hull, Patrick. “Answer 4 Questions to Get a Great Mission Statement.” Forbes, 10 January 2013. Web.
Kasperkevic, Jana. “Bill Gates: Good Feedback Is the Key to Improvement.” Inc.com, 17 May 2013. Web.
Merlyn, Vaughan. “Relationships That Matter to the BRM.” BRM Institute, 19 October 2016. Web.
“Modernizing IT’s Business Relationship Manager Role.” The Hackett Group, 22 November 2019. Web.
Monroe, Aaron. “BRMs in a SAFe World...That Is, a Scaled Agile Framework Model.” BRM Institute, 5 January 2021. Web.
“Operational, adj." OED Online, Oxford University Press, December 2021. Accessed 29 January 2022.
Sinek, Simon. “Transcript of ‘How Great Leaders Inspire Action.’” TEDxPuget Sound, September 2009. Accessed 7 November 2020.
“Strategic, Adj. and n.” OED Online, Oxford University Press, December 2016. Accessed 27 January 2022.
“Tactical, Adj.” OED Online, Oxford University Press, September 2018. Accessed 27 January 2022.
“The Qualities of Leadership: Leading Change.” Cornelius & Associates, 23 September 2013. Web.
“Twice the Business Value in Half the Time: When Agile Methods Meet the Business Relationship Management Role.” BRM Institute, 10 April 2015. Web.
“Value Streams.” Scaled Agile Framework, 30 June 2020. Web.
Ward, John. “Delivering Value from Information Systems and Technology Investments: Learning from Success.” Information Systems Research Centre, August 2006. Web.
Make MoneyThis value driver is specifically related to the impact a product or service has on your organization’s ability to show value for the investments. This is usually linked to the value for money for an organization. Return on Investment can be derived from:
Be aware of the difference among your products and services that enable a revenue source and those which facilitate the flow of funding. |
Save MoneyThis value driver relates to the impact of a product or service on cost and budgetary constraints. Reduce costs value can be derived from:
Budgetary pressures tied to critical strategic priorities may defer or delay implementation of initiatives and revision of existing products and services. |
OperationsSome products and services are in place to facilitate and support the structure of the organization. These vary depending on what is important to your organization, but should be assessed in relation to the organizational culture and structure you have identified.
|
Risk and ComplianceA product or service may be required in order to meet a regulatory requirement. In these cases, you need to be aware of the organizational risk of NOT implementing or maintaining a service in relation to those risks. In this case, the product or service is required in order to:
|
Internal InformationUnderstanding internal operations is also critical for many organizations. Data captured through your operations provides critical insights that support efficiency, productivity, and many other strategic goals. Internal information value can be derived by:
|
Collaboration and Knowledge TransferCommunication is integral and products and services can be the link that ties your organization together. In this case, the value generated from products and services can be to:
|
PolicyProducts and services can also be assessed in relation to whether they enable and support the required policies of the organization. Policies identify and reinforce required processes, organizational culture, and core values. Policy value can be derived from:
|
Customer RelationsProducts and services are often designed to facilitate goals of customer relations; specifically, improve satisfaction, retention, loyalty, etc. This value type is most closely linked to brand management and how a product or service can help execute brand strategy. Customers, in this sense, can also include any stakeholders who consume core offerings. Customer satisfaction value can be derived from:
|
Market InformationUnderstanding demand and market trends is a core driver for all organizations. Data provided through understanding the ways, times, and reasons that consumers use your services is a key driver for growth and stability. Market information value can be achieved when an app:
|
Market ShareMarket share represents the percentage of a market or market segment that your business controls. In essence, market share can be viewed as the potential for more or new revenue sources. Assess the impact on market share. Does the product or service:
|
Service design involves an examination of the people, process and technology involved in delivering a service to your customers.
Service blueprinting provides a visual of how these are connected together. It enables you to identify and collaborate on improvements to an existing service.
The main components of a service blueprint are:
Customer actions – this anchors the service in the experiences of the customer
Front-stage – this shows the parts of the service that are visible to the customer
Back-stage – this is the behind-the-scenes actions necessary to deliver the experience to the customer
Support processes – this is what’s necessary to deliver the back-stage (and front-stage/customer experience), but is not aligned from a timing perspective (e.g. it doesn’t matter if the fridge is stocked when the order is put in, as long as the supplies are available for the chef to use)
Physical Evidence and Time are blueprint components can be added in to provide additional context & support
Personalize
|
Show Proof
|
Reference
|
Test & Learn
|
Download the Job Descriptions:
You have a mandate to create an accurate and actionable database of the IT assets in your environment, but:
ITAM is a foundational IT service that provides accurate, accessible, actionable data on IT assets. But there’s no value in data for data’s sake. Enable collaboration between IT asset managers, business leaders, and IT leaders to develop an ITAM strategy that maximizes the value they can deliver as service providers.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
This two-phase, step-by-step methodology will guide you through the activities to build a business-aligned, coherent, and durable approach to ITAM. Review the executive brief at the start of the slide deck for an overview of the methodology and the value it can provide to your organization.
Use this template to document your IT asset management strategy and approach.
Use this tool to estimate key data points related to your IT asset estate, as well as your confidence in your estimates.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Align key stakeholders to the potential strategic value of the IT asset management practice.
Ensure the ITAM practice is focused on business-aligned goals.
Define a business-aligned direction and expected outcomes for your ITAM program.
1.1 Brainstorm ITAM opportunities and challenges.
1.2 Conduct an executive alignment working session.
1.3 Set ITAM priorities, goals and tactics.
1.4 Identify target and current state ITAM maturity.
ITAM opportunities and challenges
Align executive priorities with ITAM opportunities.
ITAM metrics and KPIs
ITAM maturity
Translate goals into specific and coherent actions to enable your ITAM practice to deliver business value.
A business-aligned approach to ITAM, encompassing scope, structure, tools, audits, budgets, documentation and more.
A high-level roadmap to achieve your vision for the ITAM practice.
2.1 Define ITAM scope.
2.2 Acquire ITAM services (outsourcing and contracting).
2.3 Centralize or decentralize ITAM capabilities.
2.4 Create a RACI for the ITAM practice.
2.5 Align ITAM with other service management practices.
2.6 Evaluate ITAM tools and integrations.
2.7 Create a plan for internal and external audits.
2.8 Improve your budget processes.
2.9 Establish a documentation framework.
2.10 Create a roadmap and communication plan.
Your ITAM approach
ITAM roadmap and communication plan
17 Phase 1: Establish Business-Aligned ITAM Goals and Priorities
59 Phase 2: Support ITAM Goals and Priorities
116 Bibliography
Track hardware and software. Seems easy, right?
It’s often taken for granted that IT can easily and accurately provide definitive answers to questions like “how many laptops do we have at Site 1?” or “do we have the right number of SQL licenses?” or “how much do we need to budget for device replacements next year?” After all, don’t we know what we have? IT can’t easily provide these answers because to do so you must track hardware and software throughout its lifecycle – which is not easy. And unfortunately, you often need to respond to these questions on very short notice because of an audit or to support a budgeting exercise. IT Asset Management (ITAM) is the solution. It’s not a new solution – the discipline has been around for decades. But the key to success is to deploy the practice in a way that is sustainable, right-sized, and maximizes value. Use our practical methodology to develop and document your approach to ITAM that is aligned with the goals of your organization.
|
Realize the value of asset management
Cost optimization, application rationalization and reduction of technical debt are all considered valuable to right-size spending and improve service outcomes. Without access to accurate data, these activities require significant investments of time and effort, starting with creation of point-in-time inventories, which lengthens the timeline to reaching project value and may still not be accurate. Cost optimization and reduction of technical debt should be part of your culture and technical roadmap rather than one-off projects. Why? Access to accurate information enables the organization to quickly make decisions and pivot plans as needed. Through asset management, ongoing harvest and redeployment of assets improves utilization-to-spend ratios. We would never see any organization saying, “We’ve closed our year end books, let’s fire the accountants,” but often see this valuable service relegated to the back burner. Similar to the philosophy that “the best time to plant a tree is 20 years ago and the next best time is now,” the sooner you can start to collect, validate, and analyze data, the sooner you will find value in it.
|
Your Challenge
You have a mandate to create an accurate and actionable database of the IT assets in your environment, but:
|
Common Obstacles
It is challenging to make needed changes because:
|
Info-Tech’s Approach
|
ITAM is a foundational IT service that provides accurate, accessible, actionable data on IT assets. But there’s no value in data for data’s sake. Enable collaboration between IT asset managers, business leaders, and IT leaders to develop an ITAM strategy that maximizes the value they can deliver as service providers.
Unlock business value with IT asset management
This blueprint will help you develop your approach for the management of IT hardware and software, including cloud services. Leverage other Info-Tech methodologies to dive directly into developing hardware asset management procedures, software asset management procedures, or to implement configuration management best practices. |
Info-Tech Members report significant savings from implementing our hardware and software asset management frameworks. In order to maximize value from the process-focused methodologies below, develop your ITAM strategy first. Implement Hardware Asset Management (Based on Info-Tech Measured Value Surveys results from clients working through these blueprints, as of February 2022.)
|
ITAM provides both early and ongoing valueITAM isn’t one-and-done. Properly supported, your ITAM practice will deliver up-front value that will help demonstrate the value ongoing ITAM can offer through the maintenance of an accurate, accessible, and actionable ITAM database. |
Example: Software Savings from ITAM![]() This chart shows the money saved between the first quote and the final price for software and maintenance by a five-person ITAM team. Over a year and a half, they saved their organization a total of $7.5 million from a first quote total of $21 million over that period. This is a perfect example of the direct value that ITAM can provide on an ongoing basis to the organization, when properly supported and integrated with IT and the business. |
|
Examples of up-front value delivered in the first year of the ITAM practice:
|
Examples of long-term value from ongoing governance, management, and operational ITAM activities:
|
The rulebook is available, but hard to follow
|
ITAM is a mature discipline with well-established standards, certifications, and tools, but we still struggle with it.
|
Adopt, manage, and mature activities to enable business value thorugh actionable, accessible, and accurate ITAM data
![]() |
Enable Business Value | ![]() |
Business-Aligned Spend
|
Facilitate IT Services
|
Context-Aware Risk Management
|
Plan & GovernBusiness Goals, Risks, and Structure
Ongoing Management Commitment
Culture
|
![]() |
Build & ManageTools & Data
Process
People, Policies, and Providers
|
ITAM is a foundational IT service that provides actionable, accessible, and accurate data on IT assets. But there's no value in data for data's sake. Use this methodology to enable collaboration between ITAM, the business, and IT to develop an approach to ITAM that maximizes the value the ITAM team can deliver as service providers.
IT asset management requires ongoing practice – you can’t just implement it and walk away.
Our methodology will help you build a business-aligned strategy and approach for your ITAM practice with the following outputs:
|
Each step of this blueprint is designed to help you create your IT asset management strategy:
![]() |
1. Establish business-aligned ITAM goals and priorities | 2. Identify your approach to support ITAM priorities and goals | |
Phase Steps |
|
|
Phase Outcomes | Defined, business-aligned goals and priorities for ITAM. | Establish an approach to achieving ITAM goals and priorities including scope, structure, tools, service management integrations, documentation, and more. |
Project Outcomes | Develop an approach and strategy for ITAM that is sustainable and aligned with your business priorities. |
ITAM is a foundational IT service that provides accurate, accessible, actionable data on IT assets. Enable collaboration between IT asset managers, business leaders, and IT leaders to develop an approach to ITAM that maximizes the value they can deliver as service providers.
ITAM is often viewed (when it’s viewed at all) as a low-value administrative task that doesn’t directly drive business value. This can make it challenging to build a case for funding and resources.
Your ITAM strategy is a critical component to help you define how ITAM can best deliver value to your organization, and to stop creating data for the sake of data or just to fight the next fire.
To align ITAM practices to deliver organizational value, you need a very clear understanding of the organization’s goals – both in the moment and as they change over time.
Ensure your ITAM team has clear line of sight to business strategy, objectives, and decision-makers, so you can continue to deliver value as priorities change
ITAM teams rely heavily on staff, systems, and data beyond their direct area of control. Identify how you will influence key stakeholders, including technicians, administrators, and business partners.
Help them understand how ITAM success relies on their support, and highlight how their contributions have created organizational value to encourage ongoing support.
Benefits for IT
|
![]() |
Benefits for the business
|
DIY Toolkit |
Guided Implementation |
Workshop |
Consulting |
"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." | "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." | "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." | "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project." |
Diagnostics and consistent frameworks used throughout all four options |
A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.
A typical GI around 12 calls over the course of 6 months.
What does a typical GI on this topic look like?
Call #1: Scope requirements, objectives, and your specific challenges.
Call #2: Review business priorities. Call #3: Identify ITAM goals & target maturity. |
Call #4: Identify metrics and KPIs. | Call #5: Define ITAM scope.
Call #6: Acquire ITAM services. |
Call #7: ITAM structure and RACI.
Call #8: ITAM and service management. Tools and integrations. |
Call #10: Internal and external audits.
Call #11: Budgets & documentation Call #12: Roadmap, comms plan. Wrap-up. |
Phase 1 | Phase 2 |
Workshop Overview |
Contact your account representative for more information.
|
Day 1 | Day 2 | Day 3 | Day 4 | Day 5 | |
Identify ITAM priorities & goals, maturity, metrics and KPIs |
Identify your approach to support ITAM priorities and goals |
Next Steps and wrap-Up (offsite) |
|||
Activities |
1.1 Define ITAM. 1.2 Brainstorm ITAM opportunities and challenges. Conduct an executive alignment working session: 1.3 Review organizational priorities, strategy, and key initiatives. 1.4 Align executive priorities with ITAM opportunities. 1.5 Set ITAM priorities. |
2.1 Translate opportunities into ITAM goals and tactics. 2.2 Identify target and current state ITAM maturity. 2.3 Create mission and vision statements. 2.4 Identify key ITAM metrics and KPIs. |
3.1 Define ITAM scope. 3.2 Acquire ITAM services (outsourcing and contracting) 3.3 Centralize or decentralize ITAM capabilities. 3.4 Create a RACI for the ITAM practice. 3.5 Align ITAM with other service management practices. 3.6 Evaluate ITAM tools and integrations. |
4.1 Create a plan for internal and external audits. 4.2 Improve your budget processes. 4.3 Establish a documentation framework and identify documentation gaps. 4.4 Create a roadmap and communication plan. |
5.1 Complete in-progress deliverables from previous four days. 5.2 Set up review time for workshop deliverables and to discuss next steps. |
Deliverables |
|
|
|
|
Phase 1:Establish business-aligned ITAM goals and priorities |
Phase 11.1 Define ITAM and brainstorm opportunities and challenges. Executive Alignment Working Session: 1.2 Review organizational priorities, strategy, and key initiatives. 1.3 Align executive priorities with ITAM opportunities & priorities. 1.4 Identify business-aligned ITAM goals and target maturity. 1.5 Write mission and vision statements. 1.6 Define ITAM metrics and KPIs. |
Phase 22.1 Define ITAM scope. 2.2 Acquire ITAM services (outsourcing and contracting). 2.3 Centralize or decentralize ITAM capabilities. 2.4 Create a RACI for the ITAM practice. 2.5 Align ITAM with other service management practices. 2.6 Evaluate ITAM tools and integrations. 2.7 Create a plan for internal and external audits. 2.8 Improve your budget processes. 2.9 Establish a documentation framework. 2.10 Create a roadmap and communication plan. |
Defined, business-aligned goals, priorities, and KPIs for ITAM. A concise vision and mission statement. The direction you need to establish a practical, right-sized, effective approach to ITAM for your organization.
Set yourself up for success with these three steps:
|
1. Identify participantsReview recommended roles and identify who should participate in the development of your ITAM strategy. |
2. Estimate assets managed todayWork through an initial assessment to establish ease of access to ITAM data and your level of trust in the data available to you. |
3. Create a working folderCreate a repository to house your notes and any work in progress, including your copy of the ITAM Strategy Template. |
Output: List of key roles for the strategy exercises outlined in this methodology
Participants: Project sponsor, Lead facilitator, ITAM manager and SMEs
This methodology relies on having the right stakeholders in the room to identify ITAM goals, challenges, roles, structure, and more. On each activity slide in this deck, you’ll see an outline of the recommended participants. Use the table below to translate the recommended roles into specific people in your organization. Note that some people may fill multiple roles.
Role | Expectations | People |
Project Sponsor | Accountable for the overall success of the methodology. Ideally, participates in all exercises in this methodology. May be the asset manager or whoever they report to. | Jake Long |
Lead Facilitator | Leads, schedules, and manages all working sessions. Guides discussions and ensures activity outputs are completed. Owns and understands the methodology. Has a working knowledge of ITAM. | Robert Loblaw |
Asset Manager(s) | SME for the ITAM practice. Provides strategic direction to mature ITAM practices in line with organizational goals. Supports the facilitator. | Eve Maldonado |
ITAM Team | Hands-on ITAM professionals and SMEs. Includes the asset manager. Provide input on tactical ITAM opportunities and challenges. | Bruce Wayne, Clark Kent |
IT Leaders & Managers | Leaders of key stakeholder groups from across the IT department – the CIO and direct reports. Provide input on what IT needs from ITAM, and the role their teams should play in ITAM activities. May include delegates, particularly those familiar with day-to-day processes relevant to a particular discussion or exercise. | Marcelina Hardy, Edmund Broughton |
ITAM Business Partners | Non-IT business stakeholders for ITAM. This could include procurement, vendor management, accounting, and others. | Zhang Jin, Effie Lamont |
Business Executives | Organizational leaders and executives (CFO, COO, CEO, and others) or their delegates. Will participate in a mini-workshop to identify organizational goals and initiatives that can present opportunities for the ITAM practice. | Jermaine Mandar, Miranda Kosuth |
Output: Estimates of quantity and spend related to IT assets, Confidence/margin of error on estimates
Participants: IT asset manager, ITAM team
This exercise will help you evaluate the size of the challenge ahead in terms of the raw number of assets in your environment, the spend on those assets, and the level of trust your organization has in the ITAM data.
It is also a baseline snapshot your ability to relay key ITAM metrics quickly and confidently, so you can measure progress (in terms of greater confidence) over time.
Download the IT Asset Estimation Tracker |
“Any time there is doubt about the data and it doesn’t get explained or fixed, then a new spreadsheet is born. Data validation and maintenance is critical to avoid the hidden costs of having bad data” Allison Kinnaird,
|
Output: A repository for templates and work in progress
Participants: Lead facilitator
Create a central repository for collaboration – it seems like an obvious step, but it’s one that gets forgotten about
|
![]() |
Don’t wait until the end to write down your good ideas.
|
![]() |
“ITAM is a cultural shift more than a technology shift.” (Rory Canavan, SAM Charter)
Any piece of technology can be considered an asset, but it doesn’t mean you need to track everything. | ![]() |
|
![]() |
According to the ISO 19770 standard on ITAM, an IT Asset is “[an] item, thing, or entity that can be used to acquire, process, store and distribute digital information and has potential or actual value to an organization.”
|
|
![]() |
IT assets are distinct from capital assets. Some IT assets will also be capital assets, but not all will be. And not all capital assets are IT assets, either. |
|
![]() |
IT assets are typically tracked by IT, not by finance or accounting.
|
|
![]() |
It’s important to track IT assets in a way that enables IT to deliver value to the business – and an important part of this is understanding what not to track. This list should be aligned to the needs of your organization. |
What is IT asset management?
What IT Asset Management is NOT:Configuration Management: Configuration management databases (CMDBs) often draw from the same data pool as ITAM (many configuration items are assets, and vice versa), but they focus on the interaction, interconnection, and interoperation of configuration items within the IT estate. In practice, many configuration items will be IT assets (or parts of assets) and vice versa. Configuration and asset teams should work closely together as they develop different but complementary views of the IT environment. Use Info-Tech’s methodology to harness configuration management superpowers. Organizational Data Management: Leverage a different Info-Tech methodology to develop a digital and data asset management program within Info-Tech’s DAM framework. |
“Asset management’s job is not to save the organization money, it’s not to push back on software audits. It’s to keep the asset database as up-to-date and as trustworthy as possible. That’s it.” (Jeremy Boerger, Consultant & Author) “You can’t make any real decisions on CMDB data that’s only 60% accurate. You start extrapolating that out, you’re going to get into big problems.” (Mike Austin, Founder & CEO, MetrixData 360) |
What is an ITAM strategy?Our strategy document will outline a coherent, sustainable, business-aligned approach to ITAM.No single approach to ITAM fits all organizations. Nor will the same approach fit the same organization at different times. A world-leading research university, a state government, and a global manufacturer all have very different goals and priorities that will be best supported by different approaches to ITAM. This methodology will walk you through these critical decisions that will define your approach to ITAM:
|
“A good strategy has coherence, coordinating actions, policies, and resources so as to accomplish an important end. Most organizations, most of the time, don’t have this. Instead, they have multiple goals and initiatives that symbolize progress, but no coherent approach to accomplish that progress other than ‘spend more and try harder.’” (Good Strategy, Bad Strategy, Richard Rumelt) |
If you’ve never experienced a mature ITAM program before, it is almost certainly more rewarding than you’d expect once it’s functioning as intended.
Each of the below activities can benefit from accessible, actionable, and accurate ITAM data.
Manage Risk: Effective ITAM practices provide data and processes that help mitigate the likelihood and impact of potentially damaging IT risks.
ITAM supports the following practices that help manage organizational risk:
|
Optimize Spend: Asset data is essential to maintaining oversight of IT spend, ensuring that scarce resources are allocated where they can have the most impact.
ITAM supports these activities that help optimize spend:
|
Improve IT Services: Asset data can help inform solutions development and can be used by service teams to enhance and improve IT service practices.
Use ITAM to facilitate these IT services and initiatives:
|
Input: Stakeholders with a vision of what ITAM could provide, if resourced and funded adequately
Output: A collection of ideas that, when taken together, create a vision for the future ITAM practice
Materials: ITAM strategy template, Whiteboard or virtual whiteboard
Participants: ITAM team, IT leaders and managers, ITAM business partners
It can be easy to lose sight of long-term goals when you’re stuck in firefighting mode. Let’s get the working group into a forward-looking mindset with this exercise.
Think about what ITAM could deliver with unlimited time, money, and technology.
As you hear your peers describe what they hope and expect to achieve with ITAM, a shared vision of what ITAM could be will start to emerge.
30 minutes
Input: The list of common challenges on the next slide, Your estimated visibility into IT assets from the previous exercise, The experience and knowledge of your participants
Output: Identify current ITAM challenges
Materials: Your working copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers, ITAM business partners
What’s standing in the way today of delivering the ITAM practices you want to achieve?
Review the list of common challenges on the next slide as a group.
Add your results to your copy of the ITAM Strategy Template |
“The problem – the reason why asset management initiatives keep falling on their face – is that people attack asset management as a problem to solve, instead of a practice and epistemological construct.” (Jeremy Boerger, Consultant & Author) |
|
|
What Else? |
Copy results to your copy of the ITAM Strategy Template
Enter the executivesDeliver on leadership priorities
|
“What outcomes does the organization want from IT asset management? Often, senior managers have a clear vision for the organization and where IT needs to go, and the struggle is to communicate that down.” (Kylie Fowler, ITAM Intelligence) ![]() |
A note to the lead facilitator and project sponsor:
Consider working through these exercises by yourself ahead of time. As you do so, you’ll develop your own ideas about where these discussions may go, which will help you guide the discussion and provide examples to participants.
Input: Organizational strategy documents
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: The diagram in the next slide, and/or a whiteboard, Your copy of the ITAM Strategy Template
Participants: Asset manager, IT leadership, Business executives or delegates
Welcome your group to the working session and outline the next few exercises using the previous slide.
Ask the most senior leader present to provide a summary of the following:
The facilitator or a dedicated note-taker should record key points on a whiteboard or flipchart paper.
30 minutes
Input: Organizational strategy documents
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: The diagram in the next slide, and/or a whiteboard, Your copy of the ITAM Strategy Template
Participants: Asset manager, IT leadership, Business executives or delegates
Ask the most senior leader present to provide a summary of the following: What transformative business and IT initiatives are planned? When will they begin and end?
Using one box per initiative, draw the initiatives in a timeline like the one below.
Add your results to your copy of the ITAM Strategy Template
45 minutes
Input: Organizational strategy documents
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: The diagram in the next slide, and/or a whiteboard, Your copy of the ITAM Strategy Template
Participants: Asset manager, IT leaders and managers, Business executives or delegates
In this exercise, we’ll use the table on the next slide to identify the top priorities of key business and IT stakeholders and connect them to opportunities for the ITAM practice.
Add your results to your copy of the ITAM Strategy Template
ITAM is for the… | Who wants to… | Which presents these ITAM opportunities |
CEO | Deliver transformative business initiatives | Acquire the right tech at the right time to support transformational initiatives. |
Establish a data-driven culture of stewardship | Improve data to increase IT spend transparency. | |
COO | Improve organizational efficiency | Increase asset use.
Consolidate major software contracts to drive discounts. |
CFO | Accurately forecast spending | Track and anticipate IT asset spending. |
Control spending | Improve data to increase IT spend transparency.
Consolidate major software contracts to drive discounts. |
|
CIO | Demonstrate IT value | Use data to tell a story about value delivered by IT assets. |
Govern IT use | Improve data to increase IT spend transparency. | |
CISO | Manage IT security and compliance risks | Identify abandoned or out-of-spec IT assets.
Provide IT asset data to support controls development. |
Respond to security incidents | Support security incident teams with IT asset data. | |
Apps Leader | Build, integrate, and support applications | Identify opportunities to retire applications with redundant functionality.
Connect applications to relevant licensing and support agreements. |
IT Infra Leader | Build and support IT infrastructure. | Provide input on opportunities to standardize hardware and software.
Provide IT asset data to technicians supporting end users. |
10-15 minutes
Input: The outputs from the previous exercise
Output: Executive priorities, sorted into the three categories at the right
Materials: The table in this slide, The outputs from the previous exercise
Participants: Lead facilitator
Give your participants a quick break. Quickly sort the identified ITAM opportunities into the three main categories below as best you can.
We’ll use this table as context for the next exercise.
Example: | Optimize Spend | Enhance IT Services | Manage Risk |
ITAM Opportunities |
|
|
|
Add your results to your copy of the ITAM Strategy Template
30 minutes
Input: Organizational strategy documents
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: Whiteboard, The template on the next slide, Your copy of the ITAM Strategy Template
Participants: Asset manager, IT leaders and managers, Business executives or delegates
The objective of this exercise is to prioritize the outcomes your organization wants to achieve from its ITAM practice, given the context from the previous exercises.
Review the image below. The three points of the triangle are the three core goals of ITAM: Enhance IT Service, Manage Risk, and Optimize Spend. This exercise was first developed by Kylie Fowler of ITAM Intelligence. It is an essential exercise to understand ITAM priorities and the tradeoffs associated with those priorities. These priorities aren’t set in stone and should be revisited periodically as technology and business priorities change.
Draw the diagram on the next slide on a whiteboard. Have the most senior leader in the room place the dot on the triangle – the closer it is to any one of the goals, the more important that goal is to the organization. Note: The center of the triangle is off limits! It’s very rarely possible to deliver on all three at once.
Track notes on what’s being prioritized – and why – in the template on the next slide. |
![]() |
Add your results to your copy of the ITAM Strategy Template
The priorities of the ITAM practice are to:
|
![]() |
“ITAM is really no different from the other ITIL practices: to succeed, you’ll need some ratio of time, treasure, and talent… and you can make up for less of one with more of the other two.” (Jeremy Boerger, Consultant and Author)
15-30 minutes
Input: Organizational strategy documents
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers
Narrow down the list of opportunities to identify specific goals for the ITAM practice.
The highlighted opportunities are your near- and medium-term objectives.
Optimize Spend | Enhance IT Services | Manage Risk | |
Priority | Critical | Normal | High |
ITAM Opportunities |
|
|
|
30 minutes
Input: Organizational strategy documents
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers
Let’s dig down a little deeper. Connect the list of opportunities from earlier to specific ITAM tactics that allow the team to seize those opportunities.
Add another row to the earlier table for ITAM tactics. Brainstorm tactics with your participants (e.g. sticky notes on a whiteboard) and align them with the priorities they’ll support.
Optimize Spend | Enhance IT Services | Manage Risk | |
Priority | Critical | Normal | High |
ITAM Opportunities |
|
|
|
ITAM Tactics to Seize Opportunities |
|
|
|
Add your results to your copy of the ITAM Strategy Template
20 minutes
Input: Organizational strategy documents
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers
We’ll use this exercise to identify the current and one-year target state of ITAM using Info-Tech’s ITAM maturity framework.
Add your results to your copy of the ITAM Strategy Template
![]() |
Innovator – Optimized Asset Management
|
|
![]() |
Innovator – Optimized Asset Management Business & Technology Partner – Proactive Asset Management Trusted Operator – Controls Assets Firefighter – Reactive Asset Tracking Unreliable - Struggles to Support |
Create two short, compelling statements that encapsulate:
Why bother creating mission and vision statements? After all, isn’t it just rehashing or re-writing all the work we’ve just done? Isn’t that (at best) a waste of time? There are a few very important reasons to create mission and vision statements:
|
“Brevity is the soul of wit.” (Hamlet, Act 2, Scene 2) “Writing is easy. All you have to do is cross out the wrong words.” (Mark Twain) |
30 minutes
Input: Organizational strategy documents
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: A whiteboard, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT Leaders and managers
Your vision statement describes the ITAM practice as it will be in the far future. It is a target to aspire to, beyond your ability to achieve in the near or medium term.
Examples of ITAM vision statements:
Develop the single accurate view of IT assets, available to anyone who needs it.
Indispensable data brokers that support strategic decisions on the IT environment.
Provide sticky notes to participants. Write out the three questions below on a whiteboard side by side. Have participants write their answers to the questions and post them below the appropriate question. Give everyone 10 minutes to write and post their ideas.
Review the answers and combine them into one focused vision statement. Use the 20x20 rule: take no more than 20 minutes and use no more than 20 words. If you’re not finished after 20 minutes, the ITAM manager should make any final edits offline.
Document your vision statement in your ITAM Strategy Template.
Add your results to your copy of the ITAM Strategy Template
30 minutes
Input: Organizational strategy documents
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers
Your ITAM mission statement is an expression of what your IT asset management function brings to your organization today. It should be presented in straightforward language that is compelling, easy to understand, and sharply focused.
Examples of ITAM mission statements:
Maintain accurate, actionable, accessible on data on all IT assets.
Support IT and the business with centralized and integrated asset data.
Provide sticky notes to participants. Write out the questions below on a whiteboard side by side. Have participants write their answers to the questions and post them below the appropriate question. Give everyone 10 minutes to write and post their ideas.
Review the answers and combine them into one focused vision statement. Use the 20x20 rule: take no more than 20 minutes and use no more than 20 words. If you’re not finished after 20 minutes, the ITAM manager should make any final edits offline.
Document your vision statement in your ITAM Strategy Template.
Add your results to your copy of the ITAM Strategy Template
Navigate a universe of ITAM metricsWhen you have the data, how will you use it?
|
ITAM Metrics
|
Drill down by:
|
60 minutes
Input: Organizational strategy documents
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers
Use this exercise to identify as many potentially useful ITAM metrics and reports as possible, and narrow them down to a few high-priority metrics. Leverage the list of example metrics on the next slide for your own exercise. If you have more than six participants, consider splitting into two or more groups, and divide the table between groups to minimize overlap.
Role | Compliance | Quality | Quantity | Cost | Time | Progress |
IT Asset Manager | Owned devices not discovered in last 60 days | Discrepancies between discovery data and ITAM DB records | # of corporate-owned devices | Spend on hardware (recent and future/ planned) | Average time, maximum time to deploy end-user devices | Number of ITAM roadmap items in progress |
Service Desk | … |
Add your results to your copy of the ITAM Strategy Template
Compliance | Quality | Quantity | Cost | Time/Duration/Age | Progress |
Owned devices not discovered in last 60 days | Discrepancies between discovery data and ITAM DB records | # of corporate-owned devices | Spend on hardware (recent and future/planned) | Average time, maximum time to deploy end-user devices | Number of ITAM roadmap items in progress or completed |
Disposed devices without certificate of destruction | Breakage rates (in and out of warranty) by vendor | # of devices running software title X, # of licenses for software title X | Spend on software (recent and future/planned) | Average time, maximum time to deploy end user software | Number of integrations between ITAM DB and other sources |
Discrepancies between licenses and install count, by software title | RMAs by vendor, model, equipment type | Number of requests by equipment model or software title | Spend on cloud (recent and future/planned) | Average & total time spent on software audit responses | Number of records in ITAM database |
Compliance reports (e.g. tied to regulatory compliance or grant funding) | Tickets by equipment type or software title | Licenses issued from license pool in the last 30 days | Value of licenses issued from license pool in the last 30 days (cost avoidance) | Devices by age | Software titles with an up-to-date ELP report |
Reports on lost and stolen devices, including last assigned, date reported stolen, actions taken | User device satisfaction scores, CSAT scores | Number of devices retired or donated in last year | Number of IT-managed capital assets | Number of hardware/software request tickets beyond time-to-fulfil targets | Number of devices audited (by ITAM team via self-audit) |
Number of OS versions, unpatched systems | Number of devices due for refresh in the next year | Spend saved by harvesting unused software | Number of software titles, software vendors managed by ITAM team | ||
Audit accuracy rate | Equipment in stock | Cost savings from negotiations | |||
# of users assigned more than one device | Number of non-standard devices or requests | Dollars charged during audit or true-up |
Key performance indicators (KPIs) are metrics with targets aligned to goals.
Targets could include one or more of:
You may track many metrics, but you should have only a few KPIs (typically 2-3 per objective). A breached KPI should be a trigger to investigate and remediate the root cause of the problem, to ensure progress towards goals and priorities can continue. Which KPIs you track will change over the life of the practice, as ITAM goals and priorities shift. For example, KPIs may initially track progress towards maturing ITAM practices. Once you’ve reached target maturity, KPIs may shift to track whether the key service targets are being met. |
![]() |
20 minutes
Input: Organizational strategy documents
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers
Good KPIs are a more objective measure of whether you’re succeeding in meeting the identified priorities for the ITAM practice.
Identify metrics that can measure progress or success against the priorities and goals set earlier. Aim for around three metrics per goal. Identify targets for the metric you think are SMART (specific, measurable, achievable, relevant, and timebound). Track your work using the example table below.
Goal | Metric | Target |
Consolidate major software contracts to drive discounts | Amount spent on top 10 software contracts | Decrease by 10% by next year |
Customer satisfaction scores with enterprise software | Satisfaction is equal to or better than last year | |
Value of licenses issued from license pool | 30% greater than last year | |
Identify abandoned or out-of-spec IT assets | # of security incidents involving undiscovered assets | Zero |
% devices with “Deployed” status in ITAM DB but not discovered for 30+ days | ‹1% of all records in ITAM DB | |
Provide IT asset data to technicians for service calls | Customer satisfaction scores | Satisfaction is equal to or better than last year |
% of end-user devices meeting minimum standards | 97% |
Add your results to your copy of the ITAM Strategy Template
Develop an IT Asset Management Strategy
Phase 2:Identify your approach to support ITAM priorities and goals | Phase 11.1 Define ITAM and brainstorm opportunities and challenges. Executive Alignment Working Session: 1.2 Review organizational priorities, strategy, and key initiatives. 1.3 Align executive priorities with ITAM opportunities & priorities. 1.4 Identify business-aligned ITAM goals and target maturity. 1.5 Write mission and vision statements. 1.6 Define ITAM metrics and KPIs. | Phase 22.1 Define ITAM scope. 2.2 Acquire ITAM services (outsourcing and contracting). 2.3 Centralize or decentralize ITAM capabilities. 2.4 Create a RACI for the ITAM practice. 2.5 Align ITAM with other service management practices. 2.6 Evaluate ITAM tools and integrations. 2.7 Create a plan for internal and external audits. 2.8 Improve your budget processes. 2.9 Establish a documentation framework. 2.10 Create a roadmap and communication plan. |
Establish an approach to achieving ITAM goals and priorities, including scope, structure, tools, service management integrations, documentation, and more.
Create a roadmap that enables you to realize your approach.
Not all categories of assets require the same level of tracking, and some equipment and software should be excluded from the ITAM practice entirely.
In some organizations, portions of the environment won’t be tracked by the asset management team at all. For example, some organizations will choose to delegate tracking multi-function printers (MFPs) or proprietary IoT devices to the department or vendor that manages them. Due to resourcing or technical limitations, you may decide that certain equipment or software is out of scope for the moment. |
What do other organizations typically track in detail?
|
45 minutes
Input: Organizational strategy documents
Output: ITAM scope, in terms of types of assets tracked and not tracked
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers, ITAM business partners
Establish the hardware and software that are within the scope of the ITAM program by updating the tables below to reflect your own environment. The “out of scope” category will include asset types that may be of value to track in the future but for which the capability or need don’t exist today.
Hardware | Software | Out of Scope |
|
|
|
The following locations will be included in the ITAM program: All North and South America offices and retail locations.
Add your results to your copy of the ITAM Strategy Template
“We would like our clients to come to us with an idea of where they want to get to. Why are you doing this? Is it for savings? Because you want to manage your security attack surface? Are there digital initiatives you want to move forward? What is the end goal?” (Mike Austin, MetrixData 360)
Allow your team to focus on strategic, value-add activities by acquiring services that free them from commodity tasks.
|
Business Enablement
|
![]() Vendor’s Performance Advantage
|
Ask yourself:
You may ultimately choose to engage a single vendor or a combination of multiple vendors who can best meet your ITAM needs. Establishing effective vendor management processes, where you can maximize the amount of service you receive while relying on the vendor’s expertise and ability to scale, can help you make your asset management practice a net cost-saver. |
ITAM activities and capabilities
|
ITAM-adjacent activities and capabilities
|
1-2 hours
Input: Understanding of current ITAM processes and challenges
Output: Understanding of potential outsourcing opportunities
Materials: The table in this slide, and insight in previous slides, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers, ITAM business partners
At a high level, discuss which functions of ITAM are good candidates for outsourcing.
Start with the previous slide for examples of outsourcing activities or capabilities directly related to or adjacent to the ITAM practice. Categorize these activities as follows:
Outsource | Potentially Outsource | Insource |
|
|
|
Go through the list of activities to potentially or definitely outsource and confirm:
Answering “no” to more than one of these questions suggests a need to further review options to ensure the goals are aligned with the potential value of the service offerings available.
Add your results to your copy of the ITAM Strategy Template
ITAM’s structure will typically align with the larger business and IT structure. The wrong structure will undermine your ability to meet ITAM goals and lead to frustration, missed work, inefficiency, and loss of value.
Which of the four archetypes below reflects the structure you need?
|
Example: Centralized
![]()
|
| Example: Decentralized
|
| Example: Federation
|
| Example: Shared Services
|
Why centralize?
|
Why decentralize?
|
Requirements for success:
|
Requirements for success:
|
Why centralize?
|
Why decentralize?
|
Requirements for success:
|
Requirements for success:
|
Why centralize?
|
Why decentralize?
|
Requirements for success:
|
Requirements for success:
|
1-2 hours
Input: Understanding of current organizational structure, Understanding of challenges and opportunities related to the current structure
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers, ITAM business partners
Outline the current model for your organization and identify opportunities to centralize or decentralize ITAM-related activities.
Centralize | Decentralize | |
Data collection & analysis |
|
|
Budget and contract management |
|
|
Technology management |
|
|
Add your results to your copy of the ITAM Strategy Template
There’s too much change in the technology and business environment to expect ITAM to be “a problem to solve.” It is a practice that requires care and feeding through regular iteration to achieve success. At the helm of this practice is your asset manager, whose approach and past experience will have a significant impact on how you approach ITAM.
The asset manager role requires a variety of skills, knowledge, and abilities including:
|
“Where your asset manager sits, and what past experience they have, is going to influence how they do asset management.” (Jeremy Boerger, Consultant & Author) “It can be annoying at times, but a good IT asset manager will poke their nose into activities that do not obviously concern them, such as programme and project approval boards and technical design committees. Their aim is to identify and mitigate ITAM risks BEFORE the technology is deployed as well as to ensure that projects and solutions ‘bake in’ the necessary processes and tools that ensure IT assets can be managed effectively throughout their lifecycle.” (Kylie Fowler, ITAM by Design, 2017) |
|
![]() |
|
Align authority and accountability.
|
|
1-2 hours
Input: An understanding of key roles and activities in ITAM practices, An understanding of your organization, High-level structure of your ITAM program
Output: A RACI diagram for IT asset management
Materials: The table in the next slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers, ITAM business partners
Let’s face it – RACI exercises can be dry. We’ve found that the approach below is more collaborative, engaging, and effective compared to filling out the table as a large group.
Add your results to your copy of the ITAM Strategy Template
Configuration Management Database (CMDB)A database of uniquely identified configuration items (CIs). Each CI record may include information on:Service AttributesSupported Service(s)
CI RelationshipsPhysical Connections
|
![]() |
Hardware InformationSerial, Model and Specs
Software InstallationsHypervisor & OS
|
![]() |
Asset Management Database (AMDB)A database of uniquely identified IT assets. Each asset record may include information on:Procurement/PurchasingPurchase Request/Purchase Order
Asset AttributesModel, Title, Product Info, License Key
|
||||
![]() |
||||||||
IT Security SystemsVulnerability Management
|
IT Service Management (ITSM) SystemChange Tickets
|
Financial System/ERPGeneral Ledger
|
45 minutes
Input: Knowledge of the organization’s configuration management processes
Output: Define how ITAM and configuration management will support one another
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers, Configuration manager
Work through the table below to identify how you will collaborate and synchronize data across ITAM and configuration management practices and tools.
What are the goals (if any currently exist) for the configuration management practice? | Connect configuration items to services to support service management. |
How will configuration and asset management teams collaborate? | Weekly status updates. As-needed working sessions.
Shared visibility on each others’ Kanban tracker. Create tickets to raise and track issues that require collaboration or attention from the other team. |
How can config leverage ITAM? | Connect CIs to financial, contractual, and ownership data. |
How can ITAM leverage config? | Connect assets to services, changes, incidents. |
What key fields will be primarily tracked/managed by ITAM? | Serial number, unique ID, user, location, PO number, … |
What key fields will be primarily tracked/managed by configuration management? | Supported service(s), dependencies, service description, service criticality, network address… |
Add your results to your copy of the ITAM Strategy Template
Decoupling asset management from other service management practices can result in lost value. Establish how asset management can support other service management practices – and how those practices can support ITAM.
Incident Management
What broke?
|
ITAM
|
Request Management
What can this user request or purchase?
|
What IT assets are related to the known issue?
|
What assets are related to the change?
|
45 minutes
Input: Knowledge of existing organizational IT service management processes
Output: Define how ITAM will help other service management processes, and how other service management processes will help ITAM
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers, Service leads
Complete the table below to establish what ITAM can provide to other service management practices, and what other practices can provide to ITAM.
Practice | ITAM will help | Will help ITAM |
Incident Management | Provide context on assets involved in an incident (e.g. ownership, service contracts). | Track when assets are involved in incidents (via incident tickets). |
Request Management | Oversee request & procurement processes. Help develop asset standards. | Enter new assets in ITAM database. |
Problem Management | Collect information on assets related to known issues. | Report back on models/titles that are generating known issues. |
Change Enablement | Provide context on assets for change review. | Ensure EOL assets are retired and licenses are returned during changes. |
Capacity Management | Identify ownership, location for assets at capacity. | Identify upcoming refreshes or purchases. |
Availability Management | Connect uptime and reliability to assets. | Identify assets that are causing availability issues. |
Monitoring and Event Management | Provide context to events with asset data. | Notify asset of unrecognized software and hardware. |
Financial Management | Establish current and predict future spending. | Identify upcoming purchases, renewals. |
Add your results to your copy of the ITAM Strategy Template
“Everything is connected. Nothing is also connected.” (Dirk Gently’s Holistic Detective Agency)
ITAM data quality relies on tools and integrations that are managed by individuals or teams who don’t report directly to the ITAM function.
Without direct line of sight into tools management, the ITAM team must influence rather than direct improvement initiatives that are in some cases critical to the performance of the ITAM function. To more effectively influence improvement efforts, you must explicitly identify what you need, why you need it, from which tools, and from which stakeholders.
|
“Active Directory plays a huge role in audit defense and self-assessment, but no-one really goes out there and looks at Active Directory.
I was talking to one organization that has 1,600,000 AD records for 100,000 employees.” (Mike Austin, Founder, MetrixData 360) |
30 minutes
Input: Knowledge of existing ITAM tools
Output: A list of prioritized organizational goals, An initial assessment of how ITAM can support these goals
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers
Identify the use, limitations, and next steps for existing ITAM tools, including those not directly managed by the ITAM team.
Existing Tool | Use | Constraints | Owner | Proposed Action? |
ITAM Module |
|
|
ITAM Team/Service Management |
|
Active Directory |
|
Major data quality issues | IT Operations |
|
Add your results to your copy of the ITAM Strategy Template
30 minutes
Input: Knowledge of tooling gaps, An understanding of available tools that could remediate gaps
Output: New tools that can improve ITAM capabilities, including expected value and proposed next steps
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers
Identify tools that are required to support the identified goals of the ITAM practice.
New Tool | Expected Value | Proposed Next Steps |
SAM tool |
|
|
Add your results to your copy of the ITAM Strategy Template
Compare Tool Records
Audit your data by comparing records in the ITAM system to other discovery sources.
|
IT-led Audit
Conduct a hands-on investigation led by ITAM staff and IT technicians.
|
User-led audit
Have users validate the IT assets assigned to them.
|
30 minutes
Input: An understanding of current data audit capabilities and needs
Output: An outline of how you’ll approach data audits, including frequency, scope, required resources
Materials: Your copy of the ITAM Strategy Template
Participants: ITAM team
Review the three internal data audit approaches outlined on the previous slide, and identify which of the three approaches you’ll use. For each approach, complete the fields in the table below.
Audit Approach | How often? | What scope? | Who’s involved? | Comments |
Compare tool records | Monthly | Compare ITAM DB, Intune/ConfigMgr, and Vulnerability Scanner Data; focus on end-user devices to start | Asset manager will lead at first.
Work with tool admins to pull data and generate reports. |
|
IT-led audit | Annual | End-user devices at a subset of locations | Asset manager will work with ITSM admins to generate reports. In-person audit to be conducted by local techs. | |
User-led audit | Annual | Assigned personal devices (start with a pilot group) | Asset coordinator to develop procedure with ITSM admin. Run pilot with power users first. |
Add your results to your copy of the ITAM Strategy Template
Are you ready when software vendors come knocking?
| “If software audits are a big part of your asset operations, you have problems. You can reduce the time spent on audits and eliminate some audits by having a proactive ITAM practice.” (Sandi Conrad, Principal Research Director)Info-Tech InsightAudit defense starts long before you get audited. For an in-depth review of your audit approach, see Info-Tech’s Prepare and Defend Against a Software Audit. |
|
“The reality is, software vendors prey on confusion and complication. Where there’s confusion, there’s opportunity.” (Mike Austin, Founder, MetrixData 360) |
|
|
1 hour
Input: Organizational knowledge on your current audit response procedures
Output: Audit response team membership, High-level audit checklist, A list of things to start, stop, and continue doing as part of the audit response
Materials: Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers, ITAM business partners
Example Audit Checklist
Add your results to your copy of the ITAM Strategy Template
Some examples of what ITAM can bring to the budgeting table:
Being part of the budgeting process positions ITAM for success in other ways:
|
“Knowing what you have [IT assets] is foundational to budgeting, managing, and optimizing IT spend.” (Dave Kish, Info-Tech, Practice Lead, IT Financial Management) ![]() |
20 minutes
Input: Context on IT budgeting processes
Output: A list of things to start, stop, and continue doing as part of budgeting exercises
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers, ITAM business partners
What should we start, stop, and continue doing to support organizational budgeting exercises?
Start | Stop | Continue |
|
|
|
Add your results to your copy of the ITAM Strategy Template
Long-term planning and governance
Operational documentation
|
|
|
15-30 minutes
Input: An understanding of existing documentation gaps and risks
Output: Documentation gaps, Identified owners, repositories, access rights, and review/update protocols
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, Optional: IT managers, ITAM business partners
Discuss and record the following:
Need to Create | Owner | Stored in | Accessible by | Trigger for review |
Hardware asset management SOP | ITAM manager | ITAM SharePoint site › Operating procedures folder |
|
|
Add your results to your copy of the ITAM Strategy Template
“Understand that this is a journey. This is not a 90-day project. And in some organizations, these journeys could be three or five years long.” (Mike Austin, MetrixData 360)
30-45 minutes
Input: Organizational strategy documents
Output: A roadmap that outlines next steps
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers, Project sponsor
Add your results to your copy of the ITAM Strategy Template
45 minutes
Input: Key initiatives, Ideas for ITAM improvement collected over the course of previous exercises
Output: Concrete action items to support each initiative
Materials: The table in the next slide, Your copy of the ITAM Strategy Template
Participants: ITAM team, IT leaders and managers, Project sponsor
As you’ve been working through the previous exercises, you have been tracking ideas for improvement – now we’ll align them to your roadmap.
Add your results to your copy of the ITAM Strategy Template
Initiative 1: Develop hardware/software standards | ||
Task | Target Completion | Owner |
Laptop standards | Q1-2023 | ITAM manager |
Identify/eliminate contracts for unused software using scan tool | Q2-2023 | ITAM manager |
Review O365 license levels and standard service | Q3-2023 | ITAM manager |
Initiative 2: Improve ITAM data quality | ||
Task | Target Completion | Owner |
Implement scan agent on all field laptops | Q3-2023 | Desktop engineer |
Conduct in person audit on identified data discrepancies | Q1-2024 | ITAM team |
Develop and run user-led audit | Q1-2024 | Asset manager |
Initiative 3: Acquire & implement a new ITAM tool | ||
Task | Target Completion | Owner |
Select an ITAM tool | Q3-2023 | ITAM manager |
Implement ITAM tool, incl. existing data migration | Q1-2024 | ITAM manager |
Training on new tool | Q1-2024 | ITAM manager |
Build KPIs, executive dashboards in new tool | Q2-2024 | Data analyst |
Develop user-led audit functionality in new tool | Q3-2024 | ITAM coordinator |
45 minutes
Input: Proposed ITAM initiatives, Stakeholder priorities and goals, and an understanding of how ITAM can help them meet those goals
Output: A high-level communication plan to communicate the benefits and impact of proposed changes to the ITAM program
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: IT asset manager, Project sponsor
Develop clear, consistent, and targeted messages to key ITAM stakeholders.
Group | ITAM Benefits | Impact | Channel(s) | Timing |
CFO |
|
|
Face-to-face – based on their availability | Within the next month |
CIO |
|
|
Standing bi-monthly 1:1 meetings | Review strategy at next meeting |
IT Managers | ||||
Field Techs |
Add your results to your copy of the ITAM Strategy Template
30 minutes
Input: Proposed ITAM initiatives, Stakeholder priorities and goals, and an understanding of how ITAM can help them meet those goals
Output: A high-level communication plan to communicate the benefits and impact of proposed changes to the ITAM program
Materials: The table in this slide, Your copy of the ITAM Strategy Template
Participants: IT asset manager, Project sponsor
You’re almost done! Do a final check of your work before you send a copy to your participants.
Add your results to your copy of the ITAM Strategy Template
Kylie Fowler
Principal Consultant ITAM Intelligence Kylie is an experienced ITAM/FinOps consultant with a track record of creating superior IT asset management frameworks that enable large companies to optimize IT costs while maintaining governance and control. She has operated as an independent consultant since 2009, enabling organizations including Sainsbury's and DirectLine Insurance to leverage the benefits of IT asset management and FinOps to achieve critical business objectives. Recent key projects include defining an end-to-end SAM strategy, target operating model, policies and processes which when implemented provided a 300% ROI. She is passionate about supporting businesses of all sizes to drive continuous improvement, reduce risk, and achieve return on investment through the development of creative asset management and FinOps solutions. |
Rory Canavan
Owner and Principal Consultant SAM Charter Rory is the founder, owner, and principal consultant of SAM Charter, an internationally recognized consultancy in enterprise-wide Software & IT Asset Management. As an industry leader, SAM Charter is uniquely poised to ensure your IT & SAM systems are aligned to your business requirements. With a technical background in business and systems analysis, Rory has a wide range of first-hand experience advising numerous companies and organizations on the best practices and principles pertaining to software asset management. This experience has been gained in both military and civil organizations, including the Royal Navy, Compaq, HP, the Federation Against Software Theft (FAST), and several software vendors. |
Jeremy Boerger
Founder, Boerger Consulting Author of Rethinking IT Asset Management Jeremy started his career in ITAM fighting the Y2K bug at the turn of the 21st century. Since then, he has helped companies in manufacturing, healthcare, banking, and service industries build and rehabilitate hardware and software asset management practices. These experiences prompted him to create the Pragmatic ITAM method, which directly addresses and permanently resolves the fundamental flaws in current ITAM and SAM implementations. In 2016, he founded Boerger Consulting, LLC to help business leaders and decision makers fully realize the promises a properly functioning ITAM can deliver. In his off time, you will find him in Cincinnati, Ohio, with his wife and family. |
Mike Austin
Founder and CEO MetrixData 360 Mike Austin leads the delivery team at MetrixData 360. Mike brings more than 15 years of Microsoft licensing experience to his clients’ projects. He assists companies, from Fortune 500 to organizations with as few as 500 employees, with negotiations of Microsoft Enterprise Agreements (EA), Premier Support Contracts, and Select Agreements. In addition to helping negotiate contracts, he helps clients build and implement software asset management processes. Previously, Mike was employed by Microsoft for more than 8 years as a member of the global sales team. With Microsoft, Mike successfully negotiated more than a billion dollars in new and renewal EAs. Mike has also negotiated legal terms and conditions for all software agreements, developed Microsoft’s best practices for global account management, and was awarded Microsoft’s Gold Star Award in 2003 and Circle of Excellence in 2008 for his contributions. |
“Asset Management.” SFIA v8. Accessed 17 March 2022.
Boerger, Jeremy. Rethinking IT Asset Management. Business Expert Press, 2021.
Canavan, Rory. “C-Suite Cheat Sheet.” SAM Charter, 2021. Accessed 17 March 2022.
Fisher, Matt. “Metrics to Measure SAM Success.” Snow Software, 26 May 2015. Accessed 17 March 2022.
Flexera (2021). “State of ITAM Report.” Flexera, 2021. Accessed 17 March 2022.
Fowler, Kylie. “ITAM by design.” BCS, The Chartered Institute for IT, 2017. Accessed 17 March 2022.
Fowler, Kylie. “Ch-ch-ch-changes… Is It Time for an ITAM Transformation?” ITAM Intelligence, 2021. Web. Accessed 17 March 2022.
Fowler, Kylie. “Do you really need an ITAM policy?” ITAM Accelerate, 15 Oct. 2021. Accessed 17 March 2022.
Hayes, Chris. “How to establish a successful, long-term ITAM program.” Anglepoint, Sept. 2021. Accessed 17 March 2022.
ISO/IEC 19770-1-2017. IT Asset Management Systems – Requirements. Third edition. ISO, Dec 2017.
Joret, Stephane. “IT Asset Management: ITIL® 4 Practice Guide”. Axelos, 2020.
Jouravlev, Roman. “IT Service Financial Management: ITIL® 4 Practice Guide”. Axelos, 2020.
Pagnozzi, Maurice, Edwin Davis, Sam Raco. “ITAM Vs. ITSM: Why They Should Be Separate.” KPMG, 2020. Accessed 17 March 2022.
Rumelt, Richard. Good Strategy, Bad Strategy. Profile Books, 2013.
Stone, Michael et al. “NIST SP 1800-5 IT Asset Management.” Sept, 2018. Accessed 17 March 2022.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
This publication will validate if the PMP certification is still valuable and worth your time. In addition, you will gain different perspectives related to other PMI and non-PMI certifications. You will gain a better understanding of the evolution of the PMBOK Guide, and the significant changes made from PMBOK 6th edition to the 7th edition.
I often get asked, “Is the PMP worth it?” I then proceed with a question of my own: “If it gets you an interview or a foot in the door or bolsters your salary, would it be worth it?” Typically, the answer is a resounding “YES!”
CIO magazine ranked the PMP as the top project management certification in North America because it demonstrates that you have the specific skills employers seek, dedication to excellence, and the capacity to perform at the highest levels.
Given its popularity and the demand in the marketplace, I strongly believe it is still worth your time and investment. The PMP is a globally recognized certification that has dominated for decades. It is hard to overlook the fact that the Project Management Institute (PMI) has more than 1.2 million PMP certification holders worldwide and is still considered the gold standard for project management.
Yes, it’s worth it. It gets you interviews, a foot in the door, and bolsters your salary. Oh, and it makes you a more complete project manager.
Your Challenge
The PMP certification has lost its sizzle while other emerging certifications have started to penetrate the market. It’s hard to distinguish which certification still holds weight. |
Common Obstacles
There are other, less intensive certifications available. It’s unclear what will be popular in the future. |
Info-Tech's Approach
There are a lot of certification options out there, and every day there seems to be a new one that pops up. Wait and see how the market reacts before investing your time and money in a new certification. |
The PMP certification is still valuable and worthy of your time in 2023.
DIY Toolkit"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." |
Guide Implementation"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." |
Workshop"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." |
Consulting"Our team does not have the time or knowledge to take this project on. We need assistance through the entirety of the this project." |
The PMI’s flagship PMP certification numbers have not significantly increased from 2021 to 2022. However, PMP substantially outpaces all competitors with over 1.2 million certified PMPs.
Source: projectmanagement.com
Source: PMI, “PMP Certification.” PMI, “Why You Should Get the PMP.”
79% of project managers surveyed have the PMP certification out of 30,000 respondents in 40 countries.
The PMP became table stakes for jobs in project management and PMO’s.
Source: PMI’s Earning Power: Project Management Salary Survey—Twelfth Edition (2021)
Timeline adapted from Wikipedia, “Project Management Body of Knowledge.”
Roughly every 3-5 years, the PMI has released a new PMBOK version. It’s unclear if there will be an eighth edition.
Source: projectmanagement.com as of July 2022
PMP – Project Management Professional
It is a concerning trend that their bread and butter, the PMP flagship certification, has largely stalled in 2022. We are unsure if this was attributed to them being displaced by competitors such as the Agile Alliance, their own Agile offerings, or the market’s lackluster reaction to PMBOK Guide – Seventh Edition.
Source: projectmanagement.com as of July 2022
The PMI’s membership appears to have a direct correlation to the PMP numbers. As the PMP number stalls, so do the PMI’s memberships.
Source: projectmanagement.com as of July 2022
Source: projectmanagement.com as of July 2022
PRINCE2 and CSM appear to be the more popular ones in the market.
In April 2022, CIO.com outlined other popular project management certifications outside of the PMI.
Source: CIO.com
Source: PMI, Narrowing The Talent Gap, 2021
Source: PMI, “Agile Certifications,” and ScrumAlliance, “Become a Certified ScrumMaster.”
There is a lot of chatter about which Agile certification is better, and the jury is still out with no consensus. There are pros and cons to both certifications. We believe the PMI-ACP will give you more mileage and flexibility because of its breath of coverage in the Agile practice compared to the CSM.
1. PMI, Talent Gap, 2021.
2. PM Network, 2019.
The median salary for PMP holders in the US is 25% higher than those without PMP certification.
On a global level, the Project Management Professional (PMP) certification has been shown to bolster salary levels. Holders of the PMP certification report higher median salaries than those without a PMP certification – 16% higher on average across the 40 countries surveyed.
Source: PMI, Earning Power, 2021
Source: PMI, Narrowing The Talent Gap, 2021.
According to the PMI Megatrends 2022 report, they have identified six areas as the top digital-age skills for product delivery:
Many organizations aren’t considering candidates who don’t have project-related qualifications. Indeed, many more are increasing the requirements for their qualifications than those who are reducing it.
Source: PMI, Narrowing The Talent Gap, 2021
Currently, there is an imbalance with more emphasis of training on tools, processes, techniques, and methodologies rather than business acumen skills, collaboration, and management skills. With the explosion of remote work, training needs to be revamped and, in some cases, redesigned altogether to accommodate remote employees.
Lack of strategic prioritization is evident in how training and development is being done, with organizations largely not embracing a diversity of learning preferences and opportunities.
Source: PMI, Narrowing The Talent Gap, 2021
Project managers are evolving. No longer creatures of scope, schedule, and budget alone, they are now – enabled by new technology – focusing on influencing outcomes, building relationships, and achieving the strategic goals of their organizations.
Source: PMI, Narrowing the Talent Gap, 2021
Talent managers will need to retool their toolbox to fill the capability gap and to look beyond where the role is geographically based by embracing flexible staffing models.
They will need to evolve their talent strategies in line with changing business priorities.
Organizations should be actively working to increase the diversity of candidates and upskilling young people in underrepresented communities as a priority.
Most organizations are still relying on traditional approaches to recruit talent. Although we are prioritizing power skills and business acumen, we are still searching in the same, shrinking pool of talent.
Source: PMI, Narrowing the Talent Gap, 2021.
“Agile Certifications for Every Step in Your Career.” PMI. Web.
“Become a Certified ScrumMaster and Help Your Team Thrive.” ScrumAlliance. Web.
“Become a Project Manager.” PMI. Accessed 14 Sept. 2022.
Bucero, A. “The Next Evolution: Young Project Managers Will Change the Profession: Here's What Organizations Need to Know.” PM Network, 2019, 33(6), 26–27.
“Certification Framework.” PMI. Accessed 14 Sept. 2022.
“Certifications.” PMI. Accessed 14 Sept. 2022.
DePrisco, Mike. Global Megatrends 2022. “Foreword.” PMI, 2022. Accessed 14 Sept. 2022.
Earning Power: Project Management Salary Survey. 12th ed. PMI, 2021. Accessed 14 Sept. 2022.
“Global Research From PMI and PwC Reveals Attributes and Strategies of the World’s Leading Project Management Offices.” PMI, 1 Mar. 2022. Press Release. Accessed 14 Sept. 2022.
Narrowing the Talent Gap. PMI, 2021. Accessed 14 Sept. 2022.
“PMP Certification.” PMI. Accessed 4 Aug. 2022.
“Project Management Body of Knowledge.” Wikipedia, Wikimedia Foundation, 29 Aug. 2022.
“Project Portfolio Management Pulse Survey 2021.” PwC. Accessed 30 Aug. 2022.
Talent Gap: Ten-Year Employment Trends, Costs, and Global Implications. PMI. Accessed 14 Sept. 2022.
“The Critical Path.” ProjectManagement.com. Accessed 14 Sept. 2022.
“True Business Agility Starts Here.” PMI. Accessed 14 Sept. 2022.
White, Sarah K. and Sharon Florentine. “Top 15 Project Management Certifications.” CIO.com, 22 Apr. 2022. Web.
“Why You Should Get the PMP.” PMI. Accessed 14 Sept. 2022.
Provide better end-user device support to a remote workforce:
Approach zero-touch provisioning and patching from the end user’s experience:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Design the user’s experience and build a vision to direct your zero-touch provisioning project. Update your ITAM practices to reflect the new experience.
Leverage new tools to manage remote endpoints, keep those devices patched, and allow users to get the apps they need to work.
Create a roadmap for migrating to zero-touch provisioning.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Read our concise Executive Brief to find out how you can reduce your IT cost in the short term while establishing a foundation for long-term sustainment of IT cost containment.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Partner with the business to determine goals and establish high-level scope.
Find out what the target organization’s I&O looks like.
Build a plan to achieve a day 1 MVP.
Chart a roadmap for long-term integration.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Establish goals and conduct discovery.
Alignment with business goals
Documentation of target organization’s current state
0.1 Consult with stakeholders.
0.2 Establish M&A business goals.
0.3 Conduct target discovery.
0.4 Document own environment.
0.5 Clarify goals.
Stakeholder communication plan
M&A business goals
I&O M&A Discovery Template
Current state of organization
Assess risk and value of target organization.
Accurate scope of I&O integration
Risk mitigation plans
Value realization strategies
1.1 Scope I&O M&A project.
1.2 Assess risks.
1.3 Assess value.
I&O M&A Project Napkin
Risk assessment
Value assessment
Establish day 1 integration project plan.
Smoother day 1 integration
2.1 Determine Day 1 minimum viable operating model post M&A.
2.2 Identify gaps.
2.3 Build day 1 project plan.
2.4 Estimate required resources.
Day 1 project plan
Draw long-term integration roadmap.
Improved alignment with M&A goals
Greater realization of the deal’s value
3.1 Set long-term future state goals.
3.2 Create a long-term project plan.
3.3 Consult with business stakeholders on the long-term plan.
Long-term integration project plan
Prepare for organization and culture change.
Refine M&A I&O integration process.
Smoother change management
Improved M&A integration process
4.1 Complete a change management plan.
4.2 Conduct a process post-mortem.
Change management plan
Process improvements action items
Business and IT leaders aiming to recruit and select the best talent need to:
To create a great candidate experience, IT departments must be involved in the process at key points, recruitment and selection is not a job for HR alone!
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Train your IT department to get involved in the recruitment process to attract and select the best talent.
Use this tool in conjunction with the Improve you IT Recruitment Process to document your action plans
To get useful information from an interview, the interviewer should be focused on what candidates are saying and how they are saying it, not on what the next question will be, what probes to ask, or how they will score the responses. This Interview Guide Template will help interviewers stay focused and collect good information about candidates.
Hiring managers can choose from a comprehensive collection of core, functional, and leadership competency-based behavioral interview questions.
Use this template to develop a well-written job posting that will attract the star candidates and, in turn, deflect submission of irrelevant applications by those unqualified.
The most innovative technology isn’t necessarily the right solution. Review talent acquisition (TA) solutions and evaluate the purpose each option serves in addressing critical challenges and replacing critical in-person activities.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Establish the employee value proposition (EVP) and employer brand.
Have a well-defined EVP that you communicate through your employer brand.
1.1 Gather feedback.
1.2 Build key messages.
1.3 Assess employer brand.
Content and themes surrounding the EVP
Draft EVP and supporting statements
A clearer understanding of the current employer brand and how it could be improved
Develop job postings and build a strong sourcing program.
Create the framework for an effective job posting and analyze existing sourcing methods.
2.1 Review and update your job ads.
2.2 Review the effectiveness of existing sourcing programs.
2.3 Review job ads and sourcing methods for bias.
Updated job ad
Low usage sourcing methods identified for development
Minimize bias present in ads and sourcing methods
Create a high-quality interview process to improve candidate assessment.
Training on being an effective interviewer.
3.1 Create an ideal candidate scorecard.
3.2 Map out your interview process.
3.3 Practice behavioral interviews.
Ideal candidate persona
Finalized interview and assessment process
Practice interviews
Drive employee engagement and retention with a robust program that acclimates, guides, and develops new hires.
Evaluation of current onboarding practice.
4.1 Evaluate and redesign the onboarding program.
Determine new onboarding activities to fill identified gaps.
Follow this blueprint to:
|
|
Effective Interviewing |
Onboarding: Setting up New Hires For Success |
|||||||||
Awareness | → | Research | → | Application | → | Screening | → | Interview and Assessment | → | Follow Up | → | Onboarding |
Talent is a priority for the entire organization:
Respondents rated “recruitment” as the top issue facing organizations today (McLean & Company 2022 HR Trends Report).
37% of IT departments are outsourcing roles to fill internal skill shortages (Info-Tech Talent Trends 2022 Survey).
Yet bad hires are alarmingly common:
Hiring is one of the least successful business processes, with three-quarters of managers reporting that they have made a bad hire (Robert Half, 2021).
48% of survey respondents stated improving the quality of hires was the top recruiting priority for 2021 (Jobvite, 2021).
Prework |
Day 1 |
Day 2 |
Day 3 |
Day 4 |
Post work |
|
---|---|---|---|---|---|---|
Current Process and Job Descriptions Documented |
Establish the Employee Value Proposition (EVP) and Employer Brand |
Develop Job Postings and Build a Strong Sourcing Program |
Effective Interviewing |
Onboarding and Action Planning |
Putting the Action Plan Into Action! |
|
Activities |
|
1.1 Introduce the Concept of an EVP 1.2 Brainstorm Unique Benefits of Working at Your Organization 1.2 Employer Brand Introduction |
2.1 What Makes an Attractive Job Posting 2.2 Create the Framework for Job Posting 2.3 Improve the Sourcing Process 2.4 Review Process for Bias |
3.1 Creating an Interview Process 3.2 Selecting Interview Questions 3.3 Avoiding Bias During Interviews 3.4 Practice Interviews |
4.1 Why Onboarding Matters 4.2 Acclimatize New Hires and Set Them Up for Success 4.3 Action Plan |
5.1 Review Outputs and Select Priorities 5.2 Consult With HR and Senior Management to Get Buy-In 5.3 Plan to Avoid Relapse Behaviors |
Deliverables |
|
|
|
|
Develop a strong employee value proposition
The employee value proposition is your opportunity to showcase the unique benefits and opportunities of working at your organization, allowing you to attract a wider pool of candidates.
AN EMPLOYEE VALUE PROPOSITION IS: |
AN EMPLOYEE VALUE PROPOSITION IS NOT: |
||
|
|
||
THE FOUR KEY COMPONENTS OF AN EMPLOYEE VALUE PROPOSITION |
|||
Rewards |
Organizational Elements |
Working Conditions |
Day-to-Day Job Elements |
|
|
|
|
Creating a compelling EVP that presents a picture of your employee experience, with a focus on diversity, will attract a wide pool of diverse candidates to your team. This can lead to many internal and external benefits for your organization.
Existing Employee Value Proposition: If your organization or IT department has an existing employee value proposition, rather than starting from scratch, we recommend leveraging that and moving to the testing phase to see if the EVP still resonates with staff and external parties.
Employee Engagement Results: If your organization does an employee engagement survey, review the results to identify the areas in which the IT organization is performing well. Identify and document any key comment themes in the report around why employees enjoy working for the organization or what makes your IT department a great place to work.
Social Media Sites. Prepare for the good, the bad, and the ugly. Social media websites like Glassdoor and Indeed make it easier for employees to share their experiences at an organization honestly and candidly. While postings on these sites won’t relate exclusively to the IT department, they do invite participants to identify their department in the organization. You can search these to identify any positive things people are saying about working for the organization and potentially opportunities for improvement (which you can use as a starting point in the retention section of this report).
Download the Recruitment Workbook
Input |
Output |
|
|
Materials |
Participants |
|
|
Examples below.
Input | Output |
|
|
Materials | Participants |
|
|
Shopify |
“We’re Shopify. Our mission is to make commerce better for everyone – but we’re not the workplace for everyone. We thrive on change, operate on trust, and leverage the diverse perspectives of people on our team in everything we do. We solve problems at a rapid pace. In short, we get shit done.” |
---|---|
Bettercloud |
“At Bettercloud, we have a smart, ambitious team dedicated to delighting our customers. Our culture of ownership and transparency empowers our team to achieve goals they didn’t think possible. For all those on board, it’s going to be a challenging and rewarding journey – and we’re just getting started.” |
Ellevest |
“As a team member at Ellevest, you can expect to make a difference through your work, to have a direct impact on the achievement of a very meaningful mission, to significantly advance your career trajectory, and to have room for fun and fulfillment in your daily life. We know that achieving a mission as critical as ours requires incredible talent and teamwork, and team is the most important thing to us.” |
INTERNAL TEST REVOLVES AROUND THE 3A’s |
EXTERNAL TEST REVOLVES AROUND THE 3C’s |
---|---|
ALIGNED: The EVP is in line with the organization’s purpose, vision, values, and processes. Ensure policies and programs are aligned with the organization’s EVP. |
CLEAR: The EVP is straightforward, simple, and easy to understand. Without a clear message in the market, even the best intentioned EVPs can be lost in confusion. |
ACCURATE: The EVP is clear and compelling, supported by proof points. It captures the true employee experience, which matches the organization’s communication and message in the market. |
COMPELLING: The EVP emphasizes the value created for employees and is a strong motivator to join this organization. A strong EVP will be effective in drawing in external candidates. The message will resonate with them and attract them to your organization. |
ASPIRATIONAL: The EVP inspires both individuals and the IT organization as a whole. Identify and invest in the areas that are sure to generate the highest returns for employees. |
COMPREHENSIVE: The EVP provides enough information for the potential employee to understand the true employee experience and to self-assess whether they are a good fit for your organization. If the EVP lacks depth, the potential employee may have a hard time understanding the benefits and rewards of working for your organization. |
Market your EVP to potential candidates: Employer Brand
The employer brand is the perception internal and external stakeholders hold of the organization and exists whether it has been curated or not. Curating the employer brand involves marketing the organization and employee experience. Grounding your employer brand in your EVP enables you to communicate and market an accurate portrayal of your organization and employee experience and make you desirable to both current and potential employees.
![]() |
The unique offering an employer provides to employees in return for their effort, motivating them to join or remain at the organization. The perception internal and external stakeholders hold of the organization. |
Alignment between the EVP, employer brand, and corporate brand is the ideal branding package. An in-sync marketing strategy ensures stakeholders perceive and experience the brand the same way, creating brand ambassadors.
How you present your employer brand is just as important as the content. Ideally, you want the viewer to connect with and personalize the material for the message to have staying power. Use Marketing’s expertise to help craft impactful promotional materials to engage and excite the viewer.
Visuals
Images are often the first thing viewers notice. Use visuals that connect to your employer brand to engage the viewer’s attention and increase the likelihood that your message will resonate. However, if there are too many visuals this may detract from your content – balance is key!
Language
Wordsmithing is often the most difficult aspect of marketing. Your message should be accurate, informative, and engaging. Work with Marketing to ensure your wording is clever and succinct – the more concise, the better.
Composition
Integrate visuals and language to complete your marketing package. Ensure that the text and images are balanced to draw in the viewer.
This case study is happening in real time. Please check back to learn more as Goddard continues to recruit for the position.
Goddard Space Center is the largest of NASA’s space centers with approximately 11,000 employees. It is currently recruiting for a senior technical role for commercial launches. The position requires consulting and working with external partners and vendors.
NASA is a highly desirable employer due to its strong culture of inclusivity, belonging, teamwork, learning, and growth. Its culture is anchored by a compelling vision, “For the betterment of Humankind,” and amplified by a strong leadership team that actively lives their mission and vision daily.
Firsthand lists NASA as #1 on the 50 most prestigious internships for 2022.
The position is in a rural area of Eastern Shore Virginia with a population of approximately 60,000 people, which translates to a small pool of candidates. Any hire from outside the area will be expected to relocate as the senior technician must be onsite to support launches twice a month. Financial relocation support is not offered and the position is a two-year assignment with the option of extension that could eventually become permanent.
“Looking for a Talent Unicorn: a qualified, experienced candidate with both leadership skills and deep technical expertise that can grow and learn with emerging technologies.”
Steve Thornton
Acting Division Chief, Solutions Division, Goddard Space Flight Center, NASA
Culture takes the lead in NASA's job postings, which attract a high number of candidates. Postings begin with a link to a short video on working at NASA, its history, and how it lives its vision. The video highlights NASA's diversity of perspectives, career development, and learning opportunities.
NASA's company brand and employer brand are tightly intertwined, providing a consistent view of the organization.
The employer vision is presented in the best place to reach NASA's ideal candidate: usajobs.gov, the official website of the United States Government and the “go-to” for government job listings. NASA also extends its postings to other generic job sites as well as LinkedIn and professional associations.
Interview with Robert Leahy
Chief Information Officer, Goddard Space Flight Center, NASA
You can use sites like:
Input | Output |
|
|
Materials | Participants |
|
|
Create engaging job ads to attract talent to the organization
A job description is an internal document that includes sections such as general job information, major responsibilities, key relationships, qualifications, and competencies. It communicates job expectations to incumbents and key job data to HR programs.
A job ad is an externally facing document that advertises a position with the intent of attracting job applicants. It contains key elements from the job description as well as information on the organization and its EVP.
A job description informs a job ad, it doesn’t replace it. Don’t be lulled into using a job description as a posting when there’s a time crunch to fill a position. Refer to job postings as job advertisements to reinforce that their purpose is to attract attention and talent.
Position Title |
|
---|---|
Company |
|
Summary Description |
|
Responsibilities |
|
Position Characteristics |
|
Position Requirements |
|
Work Conditions |
|
Process to Apply |
|
Bottom Line: A truly successful job posting ferrets out those hidden stars that may be over cautious and filters out hundreds of applications from the woefully under qualified.
DON’T overlook the power of words. Avoid phrases like “strong English language skills” as this may deter non-native English speakers from applying and a “clean-shaven” requirement can exclude candidates whose faith requires them to maintain facial hair. DON’T post a long requirements list. A study showed that the average jobseeker spends only 49.7 seconds reviewing a listing before deciding it's not a fit.* DON’T present a toxic work culture; phrases such as “work hard, play hard” can put off many candidates and play into the “bro- culture” stereotype in tech. |
Position Title: Senior Lorem Ipsum Salary Band: $XXX to $XXX Diversity is a core value at ACME Inc. We believe that diversity and inclusion is our strength, and we’re passionate about building an environment where all employees are valued and can perform at their best. As a … you will … Our ideal candidate …. Required Education and Experience
Required Skills
Preferred Skills
At ACME Inc. you will find … |
DO promote pay equity by being up front and honest about salary expectations. DO emphasize your organization’s commitment to diversity and an inclusive workplace by adding an equity statement. DO limit your requirements to “must haves” or at least showcase them first before the “nice-to-haves.” DO involve current employees or members of your employee resource groups when creating job descriptions to ensure that they ask for what you really need. DO focus on company values and criteria that are important to the job, not just what’s always been done. |
☑ | Does the job posting highlight your organization’s EVP |
☐ | Does the job posting avoid words that might discourage women, people of color, and other members of underrepresented groups from applying? |
☑ | Has the position description been carefully reviewed and revised to reflect current and future expectations for the position, rather than expectations informed by the persons who have previously held the job? |
☐ | Has the hiring committee eliminated any unnecessary job skills or requirements (college degree, years or type of previous experience, etc.) that might negatively impact recruitment of underrepresented groups? |
☑ | Has the hiring committee posted the job in places (job boards, websites, colleges, etc.) where applicants from underrepresented groups will be able to easily view or access it? |
☐ | Have members of the hiring committee attended job fairs or other events hosted by underrepresented groups? |
☐ | Has the hiring committee asked current employees from underrepresented groups to spread the word about the position? |
☐ | Has the hiring committee worked with the marketing team to ensure that people from diverse groups are featured in the organization’s website, publications, and social media? |
☐ | es the job description clearly demonstrate the organization’s and leadership’s commitment to DEI? |
Input | Output |
|
|
Materials | Participants |
|
|
Get involved with sourcing to get your job ad seen
Social Media |
Social media has trained candidates to expect:
|
While the focus on the candidate experience is important throughout the talent acquisition process, social media, technology, and values have made it a critical component of sourcing. |
Technology |
Candidates expect to be able to access job ads from all platforms.
Job ads must be clear, concise, and easily viewed on a mobile device. |
|
Candidate Values |
Job candidate’s values are changing.
Authenticity remains important.
|
Internal Talent Mobility (ITM) Program
Social Media Program
Employee Referral Program
Alumni Program
Campus Recruiting Program
Other Sourcing Tactics
What is it?
Positioning the right talent in the right place, at the right time, for the right reasons, and supporting them appropriately.
Internal Talent Mobility (ITM) Program Social Media Program Employee Referral Program Alumni Program Campus Recruiting Program Other Sourcing Tactics | ITM program benefits:
Provide opportunities to develop professionally, whether in the current role or through promotions/lateral moves. Keep strong performers and high-potential employees committed to the organization. Address rapid change, knowledge drain due to retiring Baby Boomers, and frustration associated with time to hire or time to productivity. Reduce spend on talent acquisition, severance, time to productivity, and onboarding. Increase motivation and productivity by providing increased growth and development opportunities. Align with the organization’s offering and what is important to the employees from a development perspective. Support and develop employees from all levels and job functions. |
Internal Talent Mobility (ITM) Program Social Media Program Employee Referral Program Alumni Program Campus Recruiting Program Other Sourcing Tactics | What is it? The widely accessible electronic tools that enable anyone to publish and access information, collaborate on common efforts, and build relationships. Learning to use social media effectively is key to sourcing the right talent.
(Ku, 2021) | |
Benefits of social media:
| Challenges of social media: With the proliferation of social media and use by most organizations, social media platforms have become overcrowded. As a result:
|
“It is all about how we can get someone’s attention and get them to respond. People are becoming jaded.”
– Katrina Collier, Social Recruiting Expert, The Searchologist
Internal Talent Mobility (ITM) Program Social Media Program Employee Referral Program Alumni Program Campus Recruiting Program Other Sourcing Tactics | What is it? Employees recommend qualified candidates. If the referral is hired, the referring employee typically receives some sort of reward. Benefits of an employee referral program:
55% of organizations report that hiring a referral is less expensive that a non-referred candidate (Clutch, 2020). The average recruiting lifecycle for an employee referral is 29 days, compared with 55 days for a non referral (Betterup, 2022). 46% percent of employees who were referred stay at their organization for a least one year, compared to 33% of career site hires (Betterup, 2022). High performers are more likely to refer other high performers to an organization (The University of Chicago Press, 2019). |
Avoid the Like Me Bias: Continually evaluate the diversity of candidates sourced from the employee referral program. Unless your workforce is already diverse, referrals can hinder diversity because employees tend to recommend people like themselves.
Internal Talent Mobility (ITM) Program Social Media Program Employee Referral Program Alumni Program Campus Recruiting Program Other Sourcing Tactics | What is it? An alumni referral program is a formalized way to maintain ongoing relationships with former employees of the organization. Successful organizations use an alumni program:
Benefits of an alumni program:
|
Internal Talent Mobility (ITM) Program Social Media Program Employee Referral Program Alumni Program Campus Recruiting Program Other Sourcing Tactics | What is it? A formalized means of attracting and hiring individuals who are about to graduate from schools, colleges, or universities. Almost 70% of companies are looking to employ new college graduates every year (HR Shelf, 2022). Campus recruitment benefits:
|
Target schools that align with your culture and needs. Do not just focus on the most prestigious schools: they are likely more costly, have more intense competition, and may not actually provide the right talent.
Internal Talent Mobility (ITM) Program Social Media Program Employee Referral Program Alumni Program Campus Recruiting Program Other Sourcing Tactics | 1. Professional industry associations
| 5. Not-for-profit intermediaries
| American Expresscreated a boot camp for software engineers in partnership with Year Up and Gateway Community College to increase entry-level IT hires. Results:
(HBR, 2016) |
2. Special interest groups
| 6. Gamification
| ||
3. Customers
| PwC (Hungary) created Multiploy, a two-day game that allows students to virtually experience working in accounting or consulting at the organization. Results:
(Zielinski, 2015) | ||
4. Exit interviews
|
Use knowledge that already exists in the organization to improve talent sourcing capabilities.
Marketing |
HR |
---|---|
Marketing knows how to:
|
HR knows how to:
|
To successfully partner with other departments in your organization:
Encourage your team to seek out, and learn from, employees in different divisions. Training sessions with the teams may not always be possible but one-on-one chats can be just as effective and may be better received.
Input | Output |
|
|
Materials | Participants |
|
|
Create a high-quality interview process to improve candidate assessment
If you…
…then stop. Use this research!
Step 5: Define decision rights
Establish decision-making authority and veto power to mitigate post-interview conflicts over who has final say over a candidate’s status.
Follow these steps to create a positive interview experience for all involved.
Define the attributes of the ideal candidate…
Ideal candidate = Ability to do the job + Motivation to do the job + Fit |
|||
Competencies
|
|
|
|
Experiences
|
Data for these come from:
|
||
Data for these come from:
|
Caution: Evaluating for “organizational or cultural fit” can lead to interviewers falling into the trap of the “like me” bias, and excluding diverse candidates.
Non-negotiable = absolutely required for the job! Usually attributes that are hard to train, such as writing skills, or expensive to acquire after hire, such as higher education or specific technical skills. |
An Asset Usually attributes that can be trained, such as computer skills. It’s a bonus if the new hire has it. |
Nice-to-have Attributes that aren’t necessary for the job but beneficial. These could help in breaking final decision ties. |
Deal Breakers: Also discuss and decide on any deal breakers that would automatically exclude a candidate. |
“The hardest work is accurately defining what kind of person is going to best perform this job. What are their virtues? If you’ve all that defined, the rest is not so tough.”
– VP, Financial Services
Input | Output |
|
|
Materials | Participants |
|
|
The Screening Interview Template will help you develop a screening interview by providing:
Once completed, this template will help you or HR staff conduct candidate screening interviews with ease and consistency. Always do screening interviews over the phone or via video to save time and money.
Determine the goal of the screening interview – do you want to evaluate technical skills, communication skills, attitude, etc.? – and create questions based on this goal. If evaluating technical skill, have someone with technical competency conduct the interview.
Unstructured: A traditional method of interviewing that involves no constraints on the questions asked, no requirements for standardization, and a subjective assessment of the candidate. This format is the most prone to bias. |
Semi-Structured: A blend of structured and unstructured, where the interviewer will ask a small list of similar questions to all candidates along with some questions pertaining to the resume. |
Structured: An interview consisting of a standardized set of job-relevant questions and a scoring guide. The goal is to reduce interviewer bias and to help make an objective and valid decision about the best candidate. |
Components of a highly structured interview include:
The more of these components your interview has, the more structured it is, and the more valid it will be.
The purpose of interviewing is to assess, not just listen. Questions are what help you do this.
Use the Interview Question Planning Guide tab in the Candidate Interview Strategy and Planning Guide to prepare your interview questions.
Introduce yourself and ask if now is a good time to talk. (Before calling, prepare your sales pitch on the organization and the position.) |
You want to catch candidates off guard so that they don’t have time to prepare scripted answers; however, you must be courteous to their schedule. |
Provide an overview of the position, then start asking pre-set questions. Take a lot of notes. |
It is important to provide candidates with as much information as possible about the position – they are deciding whether they are interested in the role as much as you are deciding whether they are suitable. |
Listen to how the questions are answered. Ask follow-up questions when appropriate and especially if the candidate seems to be holding something back. |
If there are long pauses or the candidate’s voice changes, there may be something they aren’t telling you that you should know. |
Be alert to inconsistencies between the resume and answers to the questions and address them. |
It’s important to get to the bottom of issues before the in-person interview. If dates, titles, responsibilities, etc. seem to be inconsistent, ask more questions. |
Ask candidates about their salary expectations. |
It’s important to ensure alignment of the salary expectations early on. If the expectations are much higher than the range, and the candidate doesn’t seem to be open to the lower range, there is no point interviewing them. This would be a waste of everyone’s time. |
Answer the applicant’s questions and conclude the interview. |
|
Wait until after the interview to rate the applicant. |
Don’t allow yourself to judge throughout the interview, or it could skew questions. Rate the applicant once the interview is complete. |
When you have a shortlist of candidates to invite to an in-person interview, use the Candidate Communication Template to guide you through proper phone and email communications.
Question (traditional): “What would you identify as your greatest strength?” Answer: Ability to work on a team. |
Top-level interview questions set the stage for probing. Your interview script should contain the top two levels of questions in the pyramid and a few probes that you will likely need to ask. You can then drill down further depending on the candidate’s answers. |
|
Follow-Up Question: “Can you outline a particular example when you were able to exercise your teamwork skills to reach a team goal?” |
||
Probing questions start with asking what, when, who, why, and how, and gain insight into a candidate’s thought process, experiences, and successes. |
Probing Level 1: Probe around the what, how, who, when, and where. “How did you accomplish that?” |
How to develop probes? By anticipating the kinds of responses that candidates from different backgrounds or with different levels of experience are likely to give as a response to an interview question. Probes should provide a clear understanding of the situation, the behavior, and the outcome so that the response can be accurately scored. Common probes include:
|
Tailor probes to the candidate’s answers to evoke meaningful and insightful responses. |
Probing Level 2: Allow for some creativity. “What would you do differently if you were to do it again?” |
Consider leveraging behavioral interview questions in your interview to reduce bias.
Assessments are created by people that have biases. This often means that assessments can be biased, especially with preferences towards a Western perspective. Even if the same assessments are administered, the questions will be interpreted differently by candidates with varying cultural backgrounds and lived experiences. If assessments do not account for this, it ultimately leads to favoring the answers of certain demographic groups, often ones similar to those who developed the assessment.
Attribute you are evaluating Probing questions prepared Area to take notes |
![]() |
Exact question you will ask Place to record score Anchored scale with definitions of a poor, ok and great answer |
The must-haves:
“At the end of the day, it’s the supervisor that has to live with the person, so any decision that does not involve the supervisor is a very flawed process.” – VP, Financial Services
The nice-to-haves:
Record the interview team details in the Candidate Interview Strategy and Planning Guide template.
Who Should… Contact candidates to schedule interviews or communicate decisions?
Who Should… Be responsible for candidate welcomes, walk-outs, and hand-offs between interviews?
Who Should… Define and communicate each stakeholder’s role?
Who Should… Chair the preparation and debrief meetings and play the role of the referee when trying to reach a consensus?
“Unless you’ve got roles within the panel really detailed and agreed upon, for example, who is going to take the lead on what area of questions, you end up with a situation where nobody is in charge or accountable for the final interview assessment." – VP, Financial Services
Try a Two Lens Assessment: One interviewer assesses the candidate as a project leader while another assesses them as a people leader for a question such as “Give me an example of when you exercised your leadership skills with a junior team member.”
It is typical and acceptable that you, as the direct reporting manager, should have veto power, as do some executives. |
Veto Power Direct Supervisor or Manager |
Decision Makers: Must Have Consensus Other Stakeholders Direct Supervisor’s Boss Direct Supervisor |
Contributes Opinion HR Representative Peer |
After the preliminary interview, HR should not be involved in making the decision unless they have a solid understanding of the position. Peers can make an unfair assessment due to perceived competition with a candidate. Additionally, if a peer doesn’t want a candidate to be hired and the direct supervisor does hire the candidate, the peer may hold resentment against that candidate and set the team up for conflict. |
The decision should rest on those who will interact with the candidate on a daily basis and who manage the team or department that the candidate will be joining. |
The decisions being made can include whether or not to move a candidate onto the next phase of the hiring process or a final hiring decision. Deciding decision rights in advance defines accountability for an effective interview process.
Download the Behavioral Interview Question Library
Input | Output |
|
|
Materials | Participants |
|
|
Give candidates a warm, genuine greeting. Introduce them to other interviewers present. Offer a drink. Make small talk. |
“There are some real advantages to creating a comfortable climate for the candidate; the obvious respect for the individual, but people really let their guard down.” – HR Director, Financial Services |
Give the candidate an overview of the process, length, and what to expect of the interview. Indicate to the candidate that notes will be taken during the interview. |
If shorter than an hour, you probably aren’t probing enough or even asking the right questions. It also looks bad to candidates if the interview is over quickly. |
Start with the first question in the interview guide and make notes directly on the interview guide (written or typed) for each question. |
Take lots of notes! You think you’ll remember what was said, but you won’t. It also adds transparency and helps with documentation. |
Ask the questions in the order presented for interview consistency. Probe and clarify as needed (see next slide). |
Keep control of the interview by curtailing any irrelevant or long-winded responses. |
After all interview questions are complete, ask candidates if there was anything about their qualifications that was missed that they want to highlight. |
Lets you know they understand the job and gives them the feeling they’ve put everything on the table. |
Ask if the candidate has any questions. Respond to the questions asked. |
Answer candidate questions honestly because fit works both ways. Ensure candidates leave with a better sense of the job, expectations, and organizational culture. |
Review the compensation structure for the position and provide a realistic preview of the job and organization. |
Provide each candidate with a fair chance by maintaining a consistent interview process. |
Tell interviewees what happens next in the process, the expected time frame, and how they will be informed of the outcome. Escort them out and thank them for the interview. |
The subsequent slides provide additional detail on these eight steps to conducting an effective interview.
Like-me effect: An often-unconscious preference for, and unfairly positive evaluation of, a candidate based on shared interests, personalities, and experiences, etc.
Status effect: Overrating candidates based on the prestige of previously held positions, titles, or schools attended.
Recency bias: Placing greater emphasis on interviews held closer to the decision-making date.
Contrast effect: Rating candidates relative to those who precede or follow them during the interview process, rather than against previously determined data.
Solution
Assess candidates by using existing competency-based criteria.
Negative tone: Starting the interview on a negative or stressful note may derail an otherwise promising candidate.
Poor interview management: Letting the candidate digress may leave some questions unanswered and reduce the interview value.
Reliance of first impressions: Basing decisions on first impressions undermines the objectivity of competency-based selection.
Failure to ask probing questions: Accepting general answers without asking follow-up questions reduces the evidentiary value of the interview.
Solution
Follow the structured interview process you designed and practiced.
Do... |
Don’t… |
---|---|
Take control of the interview by politely interrupting to clarify points or keep the interviewee on topic. Use probing to drill down on responses and ask for clarification. Ask who, what, when, why, and how. Be cognizant of confidentiality issues. Ask for a sample of work from a past position. Focus on knowledge or information gaps from previous interviews that need to be addressed in the interview. Ensure each member of a panel interview speaks in turn and the lead is given due respect to moderate. |
Be mean when probing. Intimidation actually works against you and is stressful for candidates. When you’re friendly, candidates will actually open up more. Interrupt or undermine other panel members. Their comments and questions are just as valid as yours are, and treating others unprofessionally gives a bad impression to the candidate. Ask illegal questions. Questions about things like religion, disability, and marital and family status are off limits. |
Do... |
While listening to responses, also watch out for red and yellow flags. |
|
Listen to how candidates talk about their previous bosses – you want it to be mainly positive. If their discussion of past bosses reflects a strong sense of self-entitlement or a consistent theme of victimization, this could be a theme in their behavior and make them hard to work with. |
Red Flag A concern about something that would keep you from hiring the person. |
Yellow Flag A concern that needs to be addressed, but wouldn’t keep you from hiring the person. |
Pay attention to body language and tone. They can tell you a lot about candidate motivation and interest. |
↓ |
|
Listen to what candidates want to improve. It’s an opportunity to talk about development and advancement opportunities in the organization. |
Not all candidates have red flags, but it is important to keep them in mind to identify potential issues with the candidate before they are hired. | |
Don’t… |
||
Talk too much! You are there to listen. Candidates should do about 80% of the talking so you can adequately evaluate them. Be friendly, but ensure to spend the time allotted assessing, not chatting. If you talk too much, you may end up hiring a weak candidate because you didn’t perceive weaknesses or not hire a strong candidate because you didn’t identify strengths. |
What if you think you sense a red or yellow flag? Following the interview, immediately discuss the situation with others involved in the recruitment process or those familiar with the position, such as HR, another hiring manager, or a current employee in the role. They can help evaluate if it’s truly a matter of concern. |
When the interviewer makes a positive impression on a candidate and provides a positive impression of the organization it carries forward after they are hired.
In addition, better candidates can be referred over the course of time due to higher quality networking.
As much as choosing the right candidate is important to you, make sure the right candidate wants to choose you and work for your organization.
Believe everything candidates say. Most candidates embellish and exaggerate to find the answers they think you want. Use probing to drill down to specifics and take them off their game. |
Ask gimmicky questions like “what color is your soul?” Responses to these questions won’t give you any information about the job. Candidates don’t like them either! |
Focus too much on the resume. If the candidate is smart, they’ve tailored it to match the job posting, so of course the person sounds perfect for the job. Read it in advance, highlight specific things you want to ask, then ignore it. |
Oversell the job or organization. Obviously you want to give candidates a positive impression, but don’t go overboard because this could lead to unhappy hires who don’t receive what you sold them. Candidates need to evaluate fit just as much as you. |
Get distracted by a candidate’s qualifications and focus only on their ability to do the job. Just because they are qualified does not mean they have the attitude or personality to fit the job or culture. |
Show emotion at any physical handicap. You can’t discriminate based on physical disability, so protect the organization by not drawing attention to it. Even if you don’t say anything, your facial expression may. |
Bring a bad day or excess baggage into the interview, or be abrupt, rushed, or uninterested in the interview. This is rude behavior and will leave a negative impression with candidates, which could impact your chances of hiring them. |
Submit to first impression bias because you’ll spend the rest of the interview trying to validate your first impression, wasting your time and the candidate’s. Remain as objective as possible and stick to the interview guide to stay focused on the task at hand. |
“To the candidate, if you are meeting person #3 and you’re hearing questions that person #1 and #2 asked, the company doesn’t look too hot or organized.” – President, Recruiting Firm
Input | Output |
|
|
Materials | Participants |
|
|
Download the Behavioral Interview Question Library
Strategic Planning
Professional Development
Onboarding should pick up where candidate experience leaves off
Onboarding ≠ Orientation
Onboarding is more than just orientation. Orientation is typically a few days of completing paperwork, reading manuals, and learning about the company’s history, strategic goals, and culture. By contrast, onboarding is three to twelve months dedicated to welcoming, acclimating, guiding, and developing new employees – with the ideal duration reflecting the time to productivity for the role.
A traditional orientation approach provides insufficient focus on the organizational identification, socialization, and job clarity that a new hire requires. This is a missed opportunity to build engagement, drive productivity, and increase organizational commitment. This can result in early disengagement and premature departure.
Over the long term, effective onboarding has a positive impact on revenue and decreases costs.
The benefits of onboarding:
Help new hires feel connected to the organization by clearly articulating the mission, vision, values, and what the company does. Help them understand the business model, the industry, and who their competitors are. Help them feel connected to their new team members by providing opportunities for socialization and a support network. |
Help put new hires on the path to high performance by clearly outlining their role in the organization and how their performance will be evaluated. |
Help new hires receive the experience and training they require to become high performers by helping them build needed competencies. |
We recommend a three-to-twelve-month onboarding program, with the performance management aspect of onboarding extending out to meet the standard organizational performance management cycle.
The length of the onboarding program should align with the average time to productivity for the role(s). Consider the complexity of the role, the industry, and the level of the new hire when determining program length.
For example, call center workers who are selling a straight-forward product may only require a three-month onboarding, while senior leaders may require a year-long program.
Our primary and secondary research identified the following as the most commonly stated reasons why employees leave organizations prematurely. These issues will be addressed throughout the next section.
Acclimate |
Guide |
Develop |
|
|
|
“Onboarding is often seen as an entry-level HR function. It needs to rise in importance because it’s the first impression of the organization and can be much more powerful than we sometimes give it credit for. It should be a culture building and branding program.” – Doris Sims, SPHR, The Succession Consultant, and Author, Creative Onboarding Programs
Input | Output |
|
|
Materials | Participants |
|
|
![]() |
Sample challenges |
Potential solutions |
---|---|---|
Some paperwork cannot be completed digitally (e.g. I-9 form in the US). |
Where possible, complete forms with digital signatures (e.g. DocuSign). Where not possible, begin the process earlier and mail required forms to employees to sign and return, or scan and email for the employee to print and return. |
|
Required compliance training material is not available virtually. |
Seek online training options where possible. Determine the most-critical training needs and prioritize the replication of materials in audio/video format (e.g. recorded lecture) and distribute virtually. |
|
Employees may not have access to their equipment immediately due to shipping or supply issues. |
Delay employee start dates until you can set them up with the proper equipment and access needed to do their job. |
|
New hires can’t get answers to their questions about benefits information and setup. |
Schedule a meeting with an HR representative or benefits vendor to explain how benefits will work and how to navigate employee self-service or other tools and resources related to their benefits. |
One of the biggest challenges for remote new hires is the inability to casually ask questions or have conversations without feeling like they’re interrupting. Until they have a chance to get settled, providing formal opportunities for questions can help address this.
![]() | Sample challenges | Potential solutions |
---|---|---|
Key company information such as organizational history, charts, or the vision, mission, and values cannot be clearly learned by employees on their own. | Have the new hire’s manager call to walk through the important company information to provide a personal touch and allow the new hire to ask questions and get to know their new manager. | |
Keeping new hires up to date on crisis communications is important, but too much information may overwhelm them or cause unnecessary stress. | Sharing the future of the organization is a critical part of the company information stage of onboarding and the ever-changing nature of the COVID-19 crisis is informing many organizations’ future right now. Be honest but avoid over-sharing plans that may change. | |
New hires can’t get answers to their questions about benefits information and setup. | Schedule a meeting with an HR representative or benefits vendor to explain how benefits will work and how to navigate employee self-service or other tools and resources related to their benefits. |
![]() | Sample challenges | Potential solutions |
---|---|---|
Team introductions via a team lunch or welcome event are typically done in person. | Provide managers with a calendar of typical socialization events in the first few weeks of onboarding and provide instructions and ideas for how to schedule replacement events over videoconferencing. | |
New hires may not have a point of contact for informal questions or needs if their peers aren’t around them to help. | If it doesn’t already exist, create a virtual buddy program and provide instructions for managers to select a buddy from the new hire’s team. Explain that their role is to field informal questions about the company, team, and anything else and that they should book weekly meetings with the new hire to stay in touch. | |
New hires will not have an opportunity to learn or become a part of the informal decision-making networks at the organization. | Hiring managers should consider key network connections that new hires will need by going through their own internal network and asking other team members for recommendations. | |
New hires will not be able to casually meet people around the office. | Provide the employee with a list of key contacts for them to reach out to and book informal virtual coffee chats to introduce themselves. |
![]() | Sample challenges | Potential solutions |
---|---|---|
Performance management (PM) processes have been paused given the current crisis. | Communicate to managers that new hires still need to be onboarded to the organization’s performance management process and that goals and feedback need to be introduced and the review process outlined even if it’s not currently happening. | |
Goals and expectations differ or have been reprioritized during the crisis. | Ask managers to explain the current situation at the organization and any temporary changes to goals and expectations as a result of new hires. | |
Remote workers often require more-frequent feedback than is mandated in current PM processes. | Revamp PM processes to include daily or bi-weekly touchpoints for managers to provide feedback and coaching for new hires for at least their first six months. | |
Managers will not be able to monitor new hire work as effectively as usual. | Ensure there is a formal approach for how employees will keep their managers updated on what they're working on and how it's going, for example, daily scrums or task-tracking software. |
For more information on adapting performance management to a virtual environment, see Info-Tech’s Performance Management for Emergency Work-From-Home research.
Categorize the different types of formal and informal training in the onboarding process into the following three categories. For departmental and individual training, speak to managers to understand what is required on a department and role basis:
Organizational |
Departmental |
Individual |
---|---|---|
For example:
|
For example:
|
For example:
|
In a crisis, not every training can be translated to a virtual environment in the short term. It’s also important to focus on critical learning activities versus the non-critical. Prioritize the training activities by examining the learning outcomes of each and asking:
Lower priority or non-critical activities can be used to fill gaps in onboarding schedules or as extra activities to be completed if the new hire finds themselves with unexpected downtime to fill.
If there is a lack of resources, expertise, or time, outsource digital training to a content provider or through your LMS.
2021 Recruiter Nation Report. Survey Analysis, Jobvite, 2021. Web.
“5 Global Stats Shaping Recruiting Trends.” The Undercover Recruiter, 2022. Web.
Barr, Tavis, Raicho Bojilov, and Lalith Munasinghe. "Referrals and Search Efficiency: Who Learns What and When?" The University of Chicago Press, Journal of Labor Economics, vol. 37, no. 4, Oct. 2019. Web.
“How to grow your team better, faster with an employee referral program.” Betterup, 10 Jan. 2022. Web.
“Employee Value Proposition: How 25 Companies Define Their EVP.” Built In, 2021. Web.
Global Leadership Forecast 2021. Survey Report, DDI World, 2021. Web.
“Connecting Unemployed Youth with Organizations That Need Talent.” Harvard Business Review, 3 November 2016. Web.
Ku, Daniel. “Social Recruiting: Everything You Need To Know for 2022.” PostBeyond, 26 November 2021. Web.
Ladders Staff. “Shedding light on the job search.” Ladders, 20 May 2013. Web.
Merin. “Campus Recruitment – Meaning, Benefits & Challenges.” HR Shelf, 1 February 2022. Web.
Mobile Recruiting. Smart Recruiters, 2020. Accessed March 2022.
Roddy, Seamus. “5 Employee Referral Program Strategies to Hire Top Talent.” Clutch, 22 April 2020. Web.
Sinclair, James. “What The F*dge: That's Your Stranger Recruiting Budget?” LinkedIn, 11 November 2019. Web.
“Ten Employer Examples of EVPs.” Workology, 2022. Web
“The Higher Cost of a Bad Hire.” Robert Half, 15 March 2021. Accessed March 2022.
Trost, Katy. “Hiring with a 90% Success Rate.” Katy Trost, Medium, 8 August 2022. Web.
“Using Social Media for Talent Acquisition.” SHRM, 20 Sept. 2017. Web.
The time has come to hire a new major incident manager. How do you go about that? How do you choose the right candidate? Major incident managers must have several typically conflicting traits, so how do you pick the right person? Let's dive into that.
Operations... make sure that the services and products you offer your clients are delivered in the most efficient way possible. IT Operations makes sure that the applications and infrastructure that your delivery depends on is solid.
Gert Taeymans has over 20 years experience in directing the implementation and management of mission-critical services for businesses in high-volume international markets. Strong track record in risk management, crisis management including disaster recovery, service delivery and change & config management.
The ways you measure success as a business are based on the typical business environment, but during a crisis like a pandemic, the business environment is rapidly changing or significantly different.
Measure what you have the data for and focus on managing the impacts to your employees, customers, and suppliers. Be willing to make decisions based on imperfect data. Don’t forget to keep an eye on the long-term objectives and remember that how you act now can reflect on your business for years to come.
Use Info-Tech’s approach to:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Identify the short-term goals for your organization and reconsider your long-term objectives.
Determine your tool for data collection and your data requirements and collect initial data.
Determine the appropriate cadence for reviewing the dashboard and action planning.
IT excels at hybrid location work and is more effective as a business function when location flexibility is an option for its employees. But hybrid work is just a start. A comprehensive flex work program extends beyond flexible location, so organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Identify prioritized employee segments, flexibility challenges, and the desired state to inform program goals.
Review, shortlist, and assess the feasibility of common types of flexible work. Identify implementation issues and cultural barriers.
Equip managers and employees to adopt flexible work options while addressing implementation issues and cultural barriers and aligning HR programs.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Gather information on organizational and employee flexibility needs.
Understand the flexibility needs of the organization and its employees to inform a targeted flex work program.
1.1 Identify employee and organizational needs.
1.2 Identify employee segments.
1.3 Establish program goals and metrics.
1.4 Shortlist flexible work options.
Organizational context summary
List of shortlisted flex work options
Perform a data-driven feasibility analysis on shortlisted work options.
A data-driven feasibility analysis ensures your flex work program meets its goals.
2.1 Conduct employee/manager focus groups to assess feasibility of flex work options.
Summary of flex work options feasibility per employee segment
Select the most impactful flex work options and create a plan for addressing implementation challenge
A data-driven selection process ensures decisions and exceptions can be communicated with full transparency.
3.1 Finalize list of approved flex work options.
3.2 Brainstorm solutions to implementation issues.
3.3 Identify how to overcome cultural barriers.
Final list of flex work options
Implementation barriers and solutions summary
Create supporting materials to ensure program implementation proceeds smoothly.
Employee- and manager-facing guides and policies ensure the program is clearly documented and communicated.
4.1 Design employee and manager guide prototype.
4.2 Align HR programs and policies to support flexible work.
4.3 Create a communication plan.
Employee and manager guide to flexible work
Flex work roadmap and communication plan
Put everything together and prepare to implement.
Our analysts will support you in synthesizing the workshop’s efforts into a cohesive implementation strategy.
5.1 Complete in-progress deliverables from previous four days.
5.2 Set up review time for workshop deliverables and to discuss next steps.
Completed flexible work feasibility workbook
Flexible work communication plan
IT excels at hybrid location work and is more effective as a business function when location flexibility is an option for its employees. But hybrid work is just a start. A comprehensive flex work program extends beyond flexible location, so organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent.
A 2022 LinkedIn report found that the following occurred between 2019 and 2021:
+362% |
Increase in LinkedIn members sharing content with the term "flexible work." |
---|---|
+83% |
Increase in job postings that mention "flexibility." |
In 2022, Into-Tech found that hybrid was the most commonly used location work model for IT across all industries.
("State of Hybrid Work in IT," Info-Tech Research Group, 2022)
90% |
of employees said they want schedule and location flexibility ("Global Employee Survey," EY, 2021). |
---|---|
17% |
of resigning IT employees cited lack of flexible work options as a reason ("IT Talent Trends 2022," Info-Tech Research Group, 2022). |
71% |
of executives said they felt "pressure to change working models and adapt workplace policies to allow for greater flexibility" (LinkedIn, 2021). |
Therefore, organizations who fail to offer flexibility will be left behind |
|
---|---|
Difficulty attracting and retaining talent |
98% of IT employees say flexible work options are important in choosing an employer ("IT Talent Trends 2022," Info-Tech Research Group, 2022). |
Worsening employee wellbeing and burnout |
Knowledge workers with minimal to no schedule flexibility are 2.2x more likely to experience work-related stress and are 1.4x more likely to suffer from burnout (Slack, 2022; N=10,818). |
IT departments that offer some degree of location flexibility are more effective at supporting the organization than those who do not.
35% of service desk functions report improved service since implementing location flexibility.
("State of Hybrid Work in IT," Info-Tech Research Group, 2023).
Employees are 2.1x more likely to recommend their employer to others when they are satisfied with their organization's flexible work arrangements (LinkedIn, 2021).
41% of IT departments cite an expanded hiring pool as a key benefit of hybrid work.
Organizations that mention "flexibility" in their job postings have 35% more engagement with their posts (LinkedIn, 2022).
IT employees who have more control over their working arrangement experience a greater sense of contribution and trust in leadership ("State of Hybrid Work in IT," Info-Tech Research Group, 2023).
81% of employees say flexible work will positively impact their work-life balance (FlexJobs, 2021).
Flexible work options are not a concession to lower productivity. Properly implemented, flex work enables employees to be more productive at reaching business goals.
IT employees were asked what percentage of IT roles were currently in a hybrid or remote work arrangement ("State of Hybrid Work in IT," Info-Tech Research Group, 2023).
However, the benefits of remote work are not available to all, which raises fairness and equity concerns between remote and onsite employees.
45% | of employers said, "one of the biggest risks will be their ability to establish fairness and equity among employees when some jobs require a fixed schedule or location, creating a 'have and have not' dynamic based on roles" ("Businesses Suffering," EY, 2021). |
---|
Offering schedule flexibility to employees who need to be fully onsite can be used to close the fairness and equity gap.
When offered the choice, 54% of employees said they would choose schedule flexibility over location flexibility ("Global Employee Survey," EY, 2021).
When employees were asked "What choice would you want your employer to provide related to when you have to work?" The top three choices were:
68% |
Flexibility on when to start and finish work |
---|---|
38% |
Compressed or four-day work weeks |
33% |
Fixed hours (e.g. 9am to 5pm) |
Disclaimer: "Percentages do not sum to 100%, as each respondent could choose up to three of the [five options provided]" ("Global Employee Survey," EY, 2021).
Understanding the needs of various employee segments in the organization is critical to the success of a flexible work program.
82% |
of working mothers desire flexibility in where they work. |
---|---|
48% |
of working fathers "want to work remotely 3 to 5 days a week." |
38% | "Thirty-eight percent of Black male employees and 33% of Black female employees would prefer a fully flexible schedule, compared to 25% of white female employees and 26% of white male employees." |
---|---|
33% |
84% |
of remote workers and 61% of onsite workers reported working longer hours post pandemic. Longer working hours were attributed to reasons such as pressure from management and checking emails after working hours (Indeed, 2021). |
---|---|
2.6x |
Respondents who either agreed or strongly agreed with the statement "Generally, I find my workload reasonable" were 2.6x more likely to be engaged compared to those who stated they disagreed or strongly disagreed (McLean & Company Engagement Survey Database;2022; N=5,615 responses). |
Longer hours and unsustainable workloads can contribute to stress and burnout, which is a threat to employee engagement and retention. With careful management (e.g. setting clear expectations and establishing manageable workloads), flexible work arrangement benefits can be preserved.
Employees' lived experiences and needs determine if people use flexible work programs – a flex program that has limited use or excludes people will not benefit the organization.
Overarching insight: IT excels at hybrid location work and is more effective as a business function when location, time, and time-off flexibility are an option for its employees.
Introduction | Step 1 insight |
Step 2 insight |
Step 3 insight |
---|---|---|---|
|
|
|
|
In 2020, Info-Tech implemented emergency work-from-home for its IT department, along with the rest of the organization. Now in 2023, hybrid work is firmly embedded in Info-Tech's culture, with plans to continue location flexibility for the foreseeable future.
Adjusting to the change came with lessons learned and future-looking questions.
Moving into remote work was made easier by certain enablers that had already been put in place. These included issuing laptops instead of desktops to the user base and using an existing cloud-based infrastructure. Much support was already being done remotely, making the transition for the support teams virtually seamless.
Continuing hybrid work has brought benefits such as reduced commuting costs for employees, higher engagement, and satisfaction among staff that their preferences were heard.
Every flexible work implementation is a work in progress and must be continually revisited to ensure it continues to meet organizational and employee needs. Current questions being explored at Info-Tech are:
“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”
“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”
“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”
“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”
What does a typical GI on this topic look like?
Preparation |
Step 1 |
Step 2 |
Step 3 |
Follow-up |
---|---|---|---|---|
Call #1: Scope requirements, objectives, and your specific challenges. |
Call #2: Assess employee and organizational needs. |
Call #3: Shortlist flex work options and assess feasibility. |
Call #4: Finalize flex work options and create rollout plan. |
Call #5: (Optional) Review rollout progress or evaluate pilot success. |
A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.
A typical GI is 3 to 5 calls over the course of 4 to 6 months.
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
Day 1 |
Day 2 |
Day 3 |
Day 4 |
Day 5 |
|
---|---|---|---|---|---|
Activities |
Prepare to assess flex work feasibility |
Assess flex work feasibility |
Finalize flex work options |
Prepare for implementation |
Next Steps and Wrap-Up (offsite) |
1.1 Identify employee and organizational needs. 1.2 Identify employee segments. 1.3 Establish program goals and metrics. 1.4 Shortlist flex work options. |
2.1 Conduct employee/manager focus groups to assess feasibility of flex work options. |
3.1 Finalize list of approved flex work options. 3.2 Brainstorm solutions to implementation issues. 3.2 Identify how to overcome cultural barriers. |
4.1 Design employee and manager guide prototype. 4.2 Align HR programs and policies to support flexible work. 4.3 Create a communication plan. |
5.1 Complete in-progress deliverables from previous four days. 5.2 Set up review time for workshop deliverables and to discuss next steps. |
|
Deliverables |
|
|
|
|
|
1. Assess employee and organizational flexibility needs
2. Identify potential flex options and assess feasibility
3. Implement selected option(s)
After completing this step you will have:
Organizational flexibility requires collaborative and cross-functional involvement to determine which flexible options will meet the needs of a diverse workforce. HR leads the project to explore flexible work options, while other stakeholders provide feedback during the identification and implementation processes.
HR |
|
---|---|
Senior Leaders |
|
Managers |
|
Flexible Workers |
|
Non-Flexible Workers |
|
Flexible work is a holistic team effort. Leaders, flexible workers, teammates, and HR must clearly understand their roles to ensure that teams are set up for success.
Current State |
Target State |
---|---|
Review:
|
Identify what is driving the need for flexible work options. Ask:
These drivers identify goals for the organization to achieve through targeted flexible work options. |
Hybrid work is a start. A comprehensive flex work program extends beyond flexible location, so organizations must understand the needs of unique employee groups to uncover the options that will attract and retain talent. Provide greater inclusivity to employees by broadening the scope to include flex location, flex time, and flex time off.
Identify employee segments with common characteristics to assess if they require unique flexible work options. Assess the feasibility options for the segments separately in Step 2.
Identify employee segments and sort them into groups based on the characteristics above.
Examples of segments:
Determine whether the organization needs flexible work options for the entire organization or specific employee segments.
For specific employee segments:
For the entire organization:
High priority: The employee segment has the lowest engagement scores or highest turnover within the organization. Segment sentiment is that current flexibility is nonexistent or not sufficiently meeting needs.
Medium priority: The employee segment has low engagement or high turnover. Segment sentiment is that currently available flexibility is minimal or not sufficiently meeting needs.
Low priority: The segment does not have the lowest engagement or the highest turnover rate. Segment sentiment is that currently available flexibility is sufficiently meeting needs.
Example challenges:
Follow the guidance on preceding slides to complete the following activities.
Note: If you are only considering remote or hybrid work, use the Fast-Track Hybrid Work Program Workbook. Otherwise, proceed with the Targeted Flexible Work Program Workbook.
Download the Targeted Flexible Work Program Workbook
Download the Fast-Track Hybrid Work Program Workbook
Sample program goals |
Sample metrics |
---|---|
Increase productivity |
|
Improve business satisfaction and perception of IT value |
|
Increase retention |
|
Improve the employee value proposition (EVP) and talent attraction |
|
Improve engagement and work-life balance |
|
Implementing flex work without solid performance metrics means you won't have a way of determining whether the program is enabling or hampering your business practices.
Use the examples on the preceding slide to identify program goals and metrics:
Download the Targeted Flexible Work Program Workbook
Download the IT Metrics Library
Download the HR Metrics Library
Work Duties |
Processes |
Operational Outcomes |
|
---|---|---|---|
High degree of flexibility |
|
|
Most or all operational outcomes can be achieved offsite (e.g. products/service delivery not impacted by WFH) |
|
|
Some operational outcomes can be achieved offsite (e.g. some impact of WFH on product/service delivery) |
|
Low degree of flexibility |
|
|
Operational outcomes cannot be achieved offsite (e.g. significant impairment to product/service delivery) |
If roles within the segment have differing levels of location flexibility, use the lowest results (e.g. if role A in the segment has a high degree of flexibility for work duties and role B has a low degree of flexibility, use the results for role B).
Work Duties | Processes | Operational Outcomes | |
---|---|---|---|
High degree of flexibility |
|
| Most or all operational outcomes are not time sensitive |
|
| Some operational outcomes are time sensitive and must be conducted within set date or time windows | |
Low degree of flexibility |
|
| Most or all operational outcomes are time sensitive and must be conducted within set date or time windows |
With additional coordination, flex time or flex time off options are still possible for employee segments with a low degree of flexibility. For example, with a four-day work week, the segment can be split into two teams – one that works Monday to Thursday and one that works Tuesday to Friday – so that employees are still available for clients five days a week.
Work Duties | Operational Outcomes | |
---|---|---|
High degree of flexibility |
|
|
|
| |
Low degree of flexibility |
|
|
For segments with a low degree of work deliverable flexibility (e.g. very constrained output), flexibility is still an option, but maintaining output would require additional headcount.
Use the guidelines on the preceding slides to document the parameters of each work segment.
Download the Targeted Flexible Work Program Workbook
1. Assess employee and organizational flexibility needs
2. Identify potential flex options and assess feasibility
3. Implement selected option(s)
After completing this step you will have:
First, review the Flexible Work Solutions Catalog |
Before proceeding to the next slide, review the Flexible Work Options Catalog to identify and shortlist five to seven flexible work options that are best suited to address the challenges faced for each of the priority employee segments identified in Step 1. |
---|---|
Then, assess the feasibility of implementing selected options using slides 29 to 32 |
Assess the feasibility of implementing the shortlisted solutions for the prioritized employee segments against the feasibility factors in this step. Repeat for each employee segment. Use the following slides to consult with and include leaders when appropriate.
|
Operational coverage |
Synchronous communication |
Time zones |
Face-to-face communication |
---|---|---|---|
To what extent are employees needed to deliver products or services?
|
To what extent do employees need to communicate with each other synchronously?
|
To what extent do employees need to coordinate work across time zones?
|
When do employees need to interact with each other or clients in person?
|
Info-Tech Insight
Every role is eligible for hybrid location work. If onsite work duties prevent an employee group from participating, see if processes can be digitized or automated. Flexible work is an opportunity to go beyond current needs to future-proof your organization.
Symbols | Values |
Behaviors |
---|---|---|
How supportive of flexible work are the visible aspects of the organization's culture?
|
How supportive are both the stated and lived values of the organization?
|
How supportive are the attitudes and behaviors, especially of leaders?
|
People |
Process |
Technology |
---|---|---|
Do employees have the knowledge, skills, and abilities to adopt this option?
|
How much will work processes need to change?
|
What new technologies will be required?
|
Data |
Health & Safety |
Legal |
---|---|---|
How will data be kept secure?
|
How will employees' health and safety be impacted?
|
What legal risks might be involved?
|
Flexible work options must balance organizational and employee needs. If an option is beneficial to employees but there is little or no benefit to the organization as a whole, or if the cost of the option is too high, it will not support the long-term success of the organization.
If you are only considering hybrid or remote work, skip to activity 2.1b. Use the guidelines on the preceding slides to conduct feasibility assessments.
Download the Targeted Flexible Work Program Workbook
Download the Flexible Work Options Catalog
Use the guidelines on the preceding slides to conduct a feasibility assessment. This exercise relies on having trialed hybrid or remote work before. If you have never implemented any degree of remote work, consider completing the full feasibility assessment in activity 2.1a.
Download the Fast-Track Hybrid Work Program Workbook
Prioritize flexible work options that employees want. Providing too many options often leads to information overload and results in employees not understanding what is available, lowering adoption of the flexible work program.
Running an IT pilot of flex work
If you are only considering hybrid or remote work, skip to activity 2.2b. Use the guidelines on the preceding slides to gather final feedback and finalize work option selections.
Download the Targeted Flexible Work Program Workbook
Use the guidelines on the preceding slides to gather final feedback and finalize work option selections.
Download the Fast-Track Hybrid Work Program Workbook
1. Assess employee and organizational flexibility needs
2. Identify potential flex options and assess feasibility
3. Implement selected option(s)
After completing this step, you will have:
Example: |
Issue |
Solution |
---|---|---|
Option 1: Hybrid work |
Brainstorming at the beginning of product development benefits from face-to-face collaboration. |
Block off a "brainstorming day" when all team members are required in the office. |
Employee segment: Product innovation team |
One team member needs to meet weekly with the implementation team to conduct product testing. |
Establish a schedule with rotating responsibility for a team member to be at the office for product testing; allow team members to swap days if needed. |
Misconceptions |
Tactics to overcome them |
---|---|
|
Make the case by highlighting challenges and expected benefits for both the organization and employees (e.g. same or increased productivity). Use data in the introductory section of this blueprint. Demonstrate operational feasibility by providing an overview of the feasibility assessment conducted to ensure operational continuity. Involve most senior leadership in communication. Encourage discovery and exploration by having managers try flexible work options themselves, which will help model it for employees. Highlight success stories within the organization or from competitors or similar industries. Invite input from managers on how to improve implementation and ownership, which helps to discover hidden options. |
Leaders' collective support of the flexible program determines the program's successful adoption. Don't sweep cultural barriers under the rug; acknowledge and address them to overcome them.
Provide managers and employees with a guide to flexible work |
Introduce appropriate organization policies |
Equip managers with the necessary tools and training |
---|---|---|
Use the guide to:
|
Use Info-Tech's customizable policy templates to set guidelines, outline arrangements, and scope the organization's flexible work policies. This is typically done by, or in collaboration with, the HR department. |
|
Download the Guide to Flexible Work for Managers and Employees |
Download the Flex Location Policy Download the Flex Time-Off Policy Download the Flex Time Policy |
Use the guidelines on the preceding slides to brainstorm solutions to implementation issues and prepare to communicate program rollout to stakeholders.
Download the Guide to Flexible Work for Managers and Employees
Download the Targeted Flexible Work Program Workbook
Prepare for pilot | Launch Pilot |
---|---|
Identify the flexible work options that will be piloted.
Select pilot participants.
Create an approach to collect feedback and measure the success of the pilot.
The length of the pilot will greatly vary based on which flexible work options were selected (e.g. seasonal hours will require a shorter pilot period compared to implementing a compressed work week). Use discretion when deciding on pilot length and be open to extending or shortening the pilot length as needed. |
Launch pilot.
Gather feedback.
Track metrics.
|
If you have run a team pilot prior to rolling out to all of IT, or run an IT pilot before an organizational rollout, use the following steps to transition from pilot to full rollout.
For a rollout beyond IT, HR will likely take over.
However, this is your chance to remain at the forefront of your organization's flexible work efforts by continuing to track success and gather feedback within IT.
Talent Management |
Learning & Development |
Talent Acquisition |
---|---|---|
Reinforce managers' accountability for the success of flexible work in their teams:
Support flexible workers' career progression:
|
Equip managers and employees with the knowledge and skills to make flexible work successful.
|
Incorporate the flexible work program into the organization's employee value proposition to attract top talent who value flexible work options.
|
Determine which organizational policies will be impacted as a result of the new flexible work options. For example, the introduction of flex time off can result in existing vacation policies needing to be updated.
Collect data
Collect data |
Act on data |
|
---|---|---|
Uptake |
Gather data on the proportion of employees eligible for each option who are using the option. |
If an option is tracking positively:
|
Satisfaction |
Survey managers and employees about their satisfaction with the options they are eligible for and provide an open box for suggestions on improvements. |
If an option is tracking negatively:
|
Program goal progress |
Monitor progress against the program goals and metrics identified in Step 1 to evaluate the impact on issues that matter to the organization (e.g. retention, productivity, diversity). |
|
Career progression |
Evaluate flexible workers' promotion rates and development opportunities to determine if they are developing. |
Negative performance of a flexible work option does not necessarily mean failure. Take the time to evaluate whether the option simply needs to be tweaked or whether it truly isn't working for the organization.
Overarching insight: IT excels at hybrid location work and is more effective as a business function when location, time, and time-off flexibility are an option for its employees.
Quinn Ross
CEO
The Ross Firm Professional Corporation
Margaret Yap
HR Professor
Ryerson University
Heather Payne
CEO
Juno College
Lee Nguyen
HR Specialist
City of Austin
Stacey Spruell
Division HR Director
Travis County
Don MacLeod
Chief Administrative Officer
Zorra Township
Stephen Childs
CHRO
Panasonic North America
Shawn Gibson
Sr. Director
Info Tech Research Group
Mari Ryan
CEO/Founder
Advancing Wellness
Sophie Wade
Founder
Flexcel Networks
Kim Velluso
VP Human Resources
Siemens Canada
Lilian De Menezes
Professor of Decision Sciences
Cass Business School, University of London
Judi Casey
WorkLife Consultant and former Director, Work and Family Researchers Network
Boston College
Chris Frame
Partner – Operations
LiveCA
Rose M. Stanley,
CCP, CBP, WLCP, CEBS
People Services Manager
Sunstate Equipment Co., LLC
Shari Lava
Director, Vendor Research
Info-Tech Research Group
Carol Cochran
Director of People & Culture
FlexJobs
Kidde Kelly
OD Practitioner
Dr. David Chalmers
Adjunct Professor
Ted Rogers School of Management, Ryerson University
Kashmira Nagarwala
Change Manager
Siemens Canada
Dr. Isik U. Zeytinoglu
Professor of Management and Industrial Relations McMaster University, DeGroote School of Business
Claire McCartney
Diversity & Inclusion Advisor
CIPD
Teresa Hopke
SVP of Client Relations
Life Meets Work – www.lifemeetswork.com
Mark Tippey
IT Leader and Experienced Teleworker
Dr. Kenneth Matos
Senior Director of Research
Families and Work Institute
1 anonymous contributor
See Info-Tech's Focus Group Guidefor guidance on setting up and delivering focus groups. Customize the guide with questions specific to flexible work (see sample questions below) to gain deeper insight into employee preferences for the feasibility assessment in Step 2 of this blueprint.
Document themes in the Targeted Flexible Work Program Workbook.
1. Program purpose |
Start with the name and high-level purpose of the program. |
---|---|
2. Business reasons for the program |
Share data you gathered in Step 1, illustrating challenges causing the need for the program and the benefits. |
3. Options selection process |
Outline the process followed to select options. Remember to share the involvement of stakeholders and the planning around employees' feedback, needs, and lived experiences. |
4. Options and eligibility |
Provide a brief overview of the options and eligibility. Specify that the organization is piloting these options and will modify them based on feedback. |
5. Approval not guaranteed |
Qualify that employees need to be "flexible about flexible work" – the options are not guaranteed and may sometimes be unavailable for business reasons. |
6. Shared responsibility |
Highlight the importance of everyone (managers, flexible workers, the team) working together to make flexible work achievable. |
7. Next steps |
Share any next steps, such as where employees can find the organization's Guide to Flexible Work for Managers and Employees, how to make flexible work a success, or if managers will be providing further detail in a team meeting. |
8. Ongoing communications |
Normalize the program and embed it in organizational culture by continuing communications through various media, such as the organization's newsletter or announcements in town halls. |
Baziuk, Jennifer, and Duncan Meadows. "Global Employee Survey - Key findings and implications for ICMIF." EY, June 2021. Accessed May 2022.
"Businesses suffering 'commitment issues' on flexible working," EY, 21 Sep. 2021. Accessed May 2022.
"IT Talent Trends 2022". Info-Tech Research Group, 2022.
"Jabra Hybrid Ways of Working: 2021 Global Report." Jabra, Aug. 2021. Accessed May 2022.
LinkedIn Talent Solutions. "2022 Global Talent Trends." LinkedIn, 2022. Accessed May 2022.
Lobosco, Mark. "The Future of Work is Flexible: 71% of Leaders Feel Pressure to Change Working Models." LinkedIn, 9 Sep. 2021. Accessed May 2022.
Ohm, Joy, et al. "Covid-19: Women, Equity, and Inclusion in the Future of Work." Catalyst, 28 May 2020. Accessed May 2022.
Pelta, Rachel. "Many Workers Have Quit or Plan to After Employers Revoke Remote Work." FlexJobs, 2021. Accessed May 2022.
Slack Future Forum. "Inflexible return-to-office policies are hammering employee experience scores." Slack, 19 April 2022. Accessed May 2022.
"State of Hybrid Work in IT: A Trend Report". Info-Tech Research Group, 2023.
Threlkeld, Kristy. "Employee Burnout Report: COVID-19's Impact and 3 Strategies to Curb It." Indeed, 11 March 2021. Accessed March 2022.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Assess your current state, define your cost allocation model, and define roles and responsibilities.
Define dashboards and reports, and document account structure and tagging requirements.
Establish governance for tagging and cost control, define processes for right-sizing, and define processes for purchasing commitment discounts.
Document process interactions, establish program KPIs, and build implementation roadmap and communication plan.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Establish clear lines of accountability and document roles and responsibilities to effectively manage cloud costs.
Chargeback/showback model to provide clear accountability for costs.
Understanding of key areas to focus on to improve cloud cost management capabilities.
1.1 Assess current state
1.2 Determine cloud cost model
1.3 Define roles and responsibilities
Cloud cost management capability assessment
Cloud cost model
Roles and responsibilities
Establish visibility into cloud costs and drivers of those costs.
Better understanding of what is driving costs and how to keep them in check.
2.1 Develop architectural patterns
2.2 Define dashboards and reports
2.3 Define account structure
2.4 Document tagging requirements
Architectural patterns; service cost cheat sheet
Dashboards and reports
Account structure
Tagging scheme
Develop processes, procedures, and policies to control cloud costs.
Improved capability of reducing costs.
Documented processes and procedures for continuous improvement.
3.1 Establish governance for tagging
3.2 Establish governance for costs
3.3 Define right-sizing process
3.4 Define purchasing process
3.5 Define notification and alerts
Tagging policy
Cost control policy
Right-sizing process
Commitment purchasing process
Notifications and Alerts
Document next steps to implement and improve cloud cost management program.
Concrete roadmap to stand up and/or improve the cloud cost management program.
4.1 Document process interaction changes
4.2 Define cloud cost program KPIs
4.3 Build implementation roadmap
4.4 Build communication plan
Changes to process interactions
Cloud cost program KPIs
Implementation roadmap
Communication plan
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Get value early by piloting a scorecard for objectively determining project value, and then examine your current state of project intake to set realistic goals for optimizing the process.
Take a deeper dive into each of the three processes – intake, approval, and prioritization – to ensure that the portfolio of projects is best aligned to stakeholder needs, strategic objectives, and resource capacity.
Plan a course of action to pilot, refine, and communicate the new optimized process using Info-Tech’s expertise in organizational change management.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Set the course of action for optimizing project intake, approval, and prioritization by examining the current state of the process, the team, the stakeholders, and the organization as a whole.
The overarching goal of optimizing project intake, approval, and prioritization process is to maximize the throughput of the best projects. To achieve this goal, one must have a clear way to determine what are “the best” projects.
1.1 Define the criteria with which to determine project value.
1.2 Envision your target state for your optimized project intake, approval, and prioritization process.
Draft project valuation criteria
Examination of current process, definition of process success criteria
Drill down into, and optimize, each of the project intake, approval, and prioritization process.
Info-Tech’s methodology systemically fits the project portfolio into its triple constraint of stakeholder needs, strategic objectives, and resource capacity, to effectively address the challenges of establishing organizational discipline for project intake.
2.1 Conduct retrospectives of each process against Info-Tech’s best practice methodology for project intake, approval, and prioritization process.
2.2 Pilot and customize a toolbox of deliverables that effectively captures the right amount of data developed for informing the appropriate decision makers for approval.
Documentation of new project intake, approval, and prioritization process
Tools and templates to aid the process
Reduce the risks of prematurely implementing an untested process.
Methodically manage the risks associated with organizational change and maximize the likelihood of adoption for the new process.
Engagement paves the way for smoother adoption. An “engagement” approach (rather than simply “communication”) turns stakeholders into advocates who can help boost your message, sustain the change, and realize benefits without constant intervention or process command-and-control.
3.1 Create a plan to pilot your intake, approval, and prioritization process to refine it before rollout.
3.2 Analyze the impact of organizational change through the eyes of PPM stakeholders to gain their buy-in.
Process pilot plan
Organizational change communication plan
Capacity-constrained intake is the only sustainable path forward.
"For years, the goal of project intake was to select the best projects. It makes sense and most people take it on faith without argument. But if you end up with too many projects, it’s a bad strategy. Don’t be afraid to say NO or NOT YET if you don’t have the capacity to deliver. People might give you a hard time in the near term, but you’re not helping by saying YES to things you can’t deliver."
Barry Cousins,
Senior Director, PMO Practice
Info-Tech Research Group
Most organizations approve more projects than they can finish. In fact, many approve more than they can even start, leading to an ever-growing backlog where project ideas – often good ones – are never heard from again.
The appetite to approve more runs directly counter to the shortage of resources that plagues most IT departments. This tension of wanting more from less suggests that IT departments need to be more disciplined in choosing what to take on.
“There is a minimal list of pending projects”
“Last year we delivered the number of projects we anticipated at the start of the year”
What is fiduciary duty?
Officers and directors owe their corporation the duty of acting in the corporation’s best interests over their own. They may delegate the responsibility of implementing the actions, but accountability can't be delegated; that is, they have the authority to make choices and are ultimately answerable for them.
No question is more important to the organization’s bottom line. Projects directly impact the bottom line because they require investment of resource time and money for the purposes of realizing benefits. The scarcity of resources requires that choices be made by those who have the right authority.
Who approves your projects?
Historically, the answer would have been the executive layer of the organization. However, in the 1990s management largely abdicated its obligation to control resources and expenditures via “employee empowerment.”
Controls on approvals became less rigid, and accountability for choosing what to do (and not do) shifted onto the shoulders of the individual worker. This creates a current paradigm where no one is accountable for the malinvestment…
…of resources that comes from approving too many projects. Instead, it’s up to individual workers to sink or swim as they attempt to reconcile, day after day, seemingly infinite organizational demand with their finite supply of working hours.
“Squeaky wheel”: Projects with the most vocal stakeholders behind them are worked on first.
“First in, first out”: Projects are approved and executed in the order they are requested.
80% of organizations feel that their portfolios are dominated by low-value initiatives that do not deliver value to the business (Source: Cooper).
Project intake is a key process of project portfolio management (PPM). The Project Management Institute (PMI) describes PPM as:
"Interrelated organizational processes by which an organization evaluates, selects, prioritizes, and allocates its limited internal resources to best accomplish organizational strategies consistent with its vision, mission, and values."
(PMI, Standard for Portfolio Management, 3rd ed.)
Triple Constraint Model of the Project Portfolio
Project Intake:
All three components are required for the Project Portfolio
Organizations practicing PPM recognize available resource capacity as a constraint and aim to select projects – and commit the said capacity – to projects that:
92% vs. 74%: 92% of high-performing organizations in PPM report that projects are well aligned to strategic initiatives vs. 74% of low performers (PMI, 2015).
82% vs. 55%: 82% of high-performing organizations in PPM report that resources are effectively reallocated across projects vs. 55% of low performers (PMI, 2015)
CEOs today perceive IT to be poorly aligned to business’ strategic goals:
43% of CEOs believe that business goals are going unsupported by IT (Source: Info-Tech’s CEO-CIO Alignment Survey (N=124)).
60% of CEOs believe that improvement is required around IT’s understanding of business goals (Source: Info-Tech’s CEO-CIO Alignment Survey (N=124)).
Business leaders today are generally dissatisfied with IT:
30% of business stakeholders are supporters of their IT departments (Source: Info-Tech’s CIO Business Vision Survey (N=21,367)).
The key to improving business satisfaction with IT is to deliver on projects that help the business achieve its strategic goals:
Optimized project intake not only improves the project portfolio’s alignment to business goals, but provides the most effective way to improve relationships with IT’s key stakeholders.
Benchmark your own current state with overall & industry-specific data using Info-Tech’s Diagnostic Program.
Many IT departments struggle to realistically estimate available project capacity in a credible way. Stakeholders question the validity of your endeavor to install capacity-constrained intake process, and mistake it for unwillingness to cooperate instead.
Project intake, approval, and prioritization involve the coordination of various departments. Therefore, they require a great deal of buy-in and compliance from multiple stakeholders and senior executives.
Many PMOs and IT departments simply lack the ability to decline or defer new projects.
Defining the project value is difficult because there are so many different and conflicting ways that are all valid in their own right. However, without it, it's impossible to fairly compare among projects to select what's "best."
Establishing intake discipline requires a great degree of cooperation and conformity among stakeholders that can be cultivated through strong processes.
Info-Tech’s Methodology | ||
---|---|---|
Project Intake | Project Approval | Project Prioritization |
Project requests are submitted, received, triaged, and scoped in preparation for approval and prioritization. | Business cases are developed, evaluated, and selected (or declined) for investment, based on estimated value and feasibility. | Work is scheduled to begin, based on relative value, urgency, and availability of resources. |
Stakeholder Needs | Strategic Objectives | Resource Capacity |
Project Portfolio Triple Constraint |
Our methodology is designed to tackle your hardest challenge first to deliver the highest-value part of the deliverable. Since the overarching goal of optimizing project intake, approval, and prioritization process is to maximize the throughput of the best projects, one must define how “the best projects” are determined.
In nearly all instances…a key challenge for the PPM team is reaching agreement over how projects should rank.
– Merkhofer
A Project Value Scorecard will help you:
The Project Value Scorecard Development Tool is designed to help you develop the project valuation scheme iteratively. Download the pre-filled tool with content that represents a common case, and then, customize it with your data.
Organizational change and stakeholder management are critical elements of optimizing project intake, approval, and prioritization processes because they require a great degree of cooperation and conformity among stakeholders, and the list of key stakeholders are long and far-reaching.
This blueprint will provide a clear path to not only optimize the processes themselves, but also for the optimization effort itself. This research is organized into three phases, each requiring a few weeks of work at your team’s own pace – or all in one week, through a workshop facilitated by Info-Tech analysts.
Tools and Templates:
Tools and Templates:
Tools and Templates:
Info-Tech uses PMI and ISACA frameworks for areas of this research.
PMI’s Standard for Portfolio Management, 3rd ed. is the leading industry framework, proving project portfolio management best practices and process guidelines.
COBIT 5 is the leading framework for the governance and management of enterprise IT.
In addition to industry-leading frameworks, our best-practice approach is enhanced by the insights and guidance from our analysts, industry experts, and our clients.
33,000+
Our peer network of over 33,000 happy clients proves the effectiveness of our research.
1,000+
Our team conducts 1,000+ hours of primary and secondary research to ensure that our approach is enhanced by best practices.
Optimized project intake, approval, and prioritization processes lead to a high PPM maturity, which will improve the successful delivery and throughput of your projects, resource utilization, business alignment, and stakeholder satisfaction ((Source: BCG/PMI).
Measure your success through the following metrics:
$44,700: In the past 12 months, Info-Tech clients have reported an average measured value of $44,700 from undertaking a guided implementation of this research.
Add your own organization-specific goals, success criteria, and metrics by following the steps in the blueprint.
Industry: Financial Services
Source: Info-Tech Client
Challenge
PMO plays a diverse set of roles, including project management for enterprise projects (i.e. PMI’s “Directive” PMO), standards management for department-level projects (i.e. PMI’s “Supportive” PMO), process governance of strategic projects (i.e. PMI’s “Controlling” PMO), and facilitation / planning / reporting for the corporate business strategy efforts (i.e. Enterprise PMO).
To facilitate the annual planning process, the PMO needed to develop a more data-driven and objective project intake process that implicitly aligned with the corporate strategy.
Solution
Info-Tech’s Project Value Scorecard tool was incorporated into the strategic planning process.
Results
The scorecard provided a simple way to list the competing strategic initiatives, objectively score them, and re-sort the results on demand as the leadership chooses to switch between ranking by overall score, project value, ability to execute, strategic alignment, operational alignment, and feasibility.
The Project Value Scorecard provided early value with multiple options for prioritized rankings.
“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”
“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”
“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”
“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”
1. Set Realistic Goals for Optimizing Process | 2. Build New Optimized Processes | 3. Integrate the New Processes into Practice | |
---|---|---|---|
Best-Practice Toolkit |
1.1 Define the criteria with which to determine project value.
|
2.1 Streamline intake to manage stakeholder expectations. 2.2 Set up steps of project approval to maximize strategic alignment while right-sizing the required effort. 2.3 Prioritize projects to maximize the value of the project portfolio within the constraint of resource capacity. |
3.1 Pilot your intake, approval, and prioritization process to refine it before rollout. 3.2 Analyze the impact of organizational change through the eyes of PPM stakeholders to gain their buy-in. |
Guided Implementations |
|
|
|
Onsite Workshop |
Module 1: Refocus on Project Value to Set Realistic Goals for Optimizing Project Intake, Approval, and Prioritization Process |
Module 2: Examine, Optimize, and Document the New Project Intake, Approval, and Prioritization Process |
Module 3: Pilot, Plan, and Communicate the New Process and Its Required Organizational Changes |
Phase 1 Outcome:
|
Phase 2 Outcome:
|
Phase 3 Outcome:
|
Contact your account representative or email Workshops@InfoTech.com for more information.
Workshop Day 1 | Workshop Day 2 | Workshop Day 3 | Workshop Day 4 | Workshop Day 5 | |
---|---|---|---|---|---|
Activities |
Benefits of optimizing project intake and project value definition 1.1 Complete and review PPM Current State Scorecard Assessment 1.2 Define project value for the organization 1.3 Engage key PPM stakeholders to iterate on the scorecard prototype |
Set realistic goals for process optimization 2.1 Map current intake, approval, and prioritization workflow 2.2 Enumerate and prioritize process stakeholders 2.3 Determine the current and target capability levels 2.4 Define the process success criteria and KPIs |
Optimize project intake and approval processes 3.1 Conduct focused retrospectives for project intake and approval 3.2 Define project levels 3.3 Optimize project intake processes 3.4 Optimize project approval processes 3.5 Compose SOP for intake and approval 3.6 Document the new intake and approval workflow |
Optimize project prioritization process plan for a process pilot 4.1 Conduct focused retrospective for project prioritization 4.2 Estimate available resource capacity 4.3 Pilot Project Intake and Prioritization Tool with your project backlog 4.4 Compose SOP for prioritization 4.5 Document the new prioritization workflow 4.6 Discuss process pilot |
Analyze stakeholder impact and create communication strategy 5.1 Analyze stakeholder impact and responses to impending organization change 5.2 Create message canvas for at-risk change impacts and stakeholders 5.3 Set course of action for communicating change |
Deliverables |
|
|
|
|
|
Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.
Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.
Guided Implementation 1: Set Realistic Goals for Project Intake, Approval, and Prioritization Process Proposed Time to Completion: 1-2 weeks |
---|
Step 1.1: Define the project valuation criteria Start with an analyst kick-off call:
Then complete these activities…
With these tools & templates: Project Value Scorecard Development Tool |
Step 1.2: Envision your process target state Start with an analyst kick-off call:
Then complete these activities…
With these tools & templates: Project Intake Workflow Template Project Intake, Approval, and Prioritization SOP Template |
Phase 1 Results & Insights:
|
Where traditional models of consulting can take considerable amounts of time before delivering value to clients, Info-Tech’s methodology for optimizing project intake, approval, and prioritization process gets you to value fast.
The overarching goal of optimizing project intake, approval, and prioritization process is to maximize the throughput of the best projects. To achieve this goal, one must have a clear way to determine what are “the best” projects.
In the first step of this blueprint, you will pilot a multiple-criteria scorecard for determining project value that will help answer that question. Info-Tech’s Project Value Scorecard Development Tool is pre-populated with a ready-to-use, real-life example that you can leverage as a starting point for tailoring it to your organization – or adopt as is.
Introduce objectivity and clarity to your discussion of maximizing the value of your project portfolio with Info-Tech’s practical IT research that drives measurable results.
Download Info-Tech’s Project Value Scorecard Development Tool.
PHASE 1 | PHASE 2 | PHASE 3 | ||||
1.1 Define project valuation criteria |
1.2 Envision process target state |
2.1 Streamline intake |
2.2 Right-size approval steps |
2.3 Prioritize projects to fit resource capacity |
3.1 Pilot your optimized process |
3.2 Communicate organizational change |
PPM’s goal is to maximize the throughput of projects that provide strategic and operational value to the organization. To do this, a PPM strategy must help to:
Info-Tech's Project Portfolio Management Process Model |
3. Status & Progress Reporting |
1. Intake, Approval & Prioritization | 2. Resource Management | 3. Project Management | 4. Project Closure | 5. Benefits Tracking |
Intake | Execution | Closure |
If you don’t yet have a PPM strategy in place, or would like to revisit your existing PPM strategy before optimizing your project intake, approval, and prioritization practices, see Info-Tech’s blueprint, Develop a Project Portfolio Management Strategy.
In today’s organizations, the desires of business units for new products and enhancements, and the appetites of senior leadership to approve more and more projects for those products and services, far outstrip IT’s ability to realistically deliver on everything.
The vast majority of IT departments lack the resourcing to meet project demand – especially given the fact that day-to-day operational demands frequently trump project work.
As a result, project throughput suffers – and with it, IT’s reputation within the organization.
Where does the time go? The portfolio manager (or equivalent) should function as the accounting department for time, showing what’s available in IT’s human resources budget for projects and providing ongoing visibility into how that budget of time is being spent.
Most of the problems that arise during the lifecycle of a project can be traced back to issues that could have been mitigated during the initiation phase.
More than simply a means of early problem detection at the project level, optimizing your initiation processes is also the best way to ensure the success of your portfolio. With optimized intake processes you can better guarantee:
80% of organizations feel their portfolios are dominated by low-value initiatives that do not deliver value to the business (Source: Cooper).
"(S)uccessful organizations select projects on the basis of desirability and their capability to deliver them, not just desirability" (Source: John Ward, Delivering Value from Information Systems and Technology Investments).
Every organization needs to explicitly define how to determine project value that will fairly represent all projects and provide a basis of comparison among them during approval and prioritization. Without it, any discussions on reducing “low-value initiatives” from the previous slide cannot yield any actionable plan.
However, defining the project value is difficult, because there are so many different and conflicting ways that are all valid in their own right and worth considering. For example:
This challenge is further complicated by the difficulty of identifying the right criteria for determining project value:
Managers fail to identify around 50% of the important criteria when making decisions (Source: Transparent Choice).
Sometimes it can be challenging to show the value of IT-centric, operational-type projects that maintain critical infrastructure since they don’t yield net-new benefits. Remember that benefits are only half the equation; you must also consider the costs of not undertaking the said project.
Scorecard-driven approach is an easy-to-understand, time-tested solution to a multiple-criteria decision-making problem, such as project valuation.
This approach is effective for capturing benefits and costs that are not directly quantifiable in financial terms. Projects are evaluated on multiple specific questions, or criteria, that each yield a score on a point scale. The overall score is calculated as a weighted sum of the scores.
Info-Tech’s Project Value Scorecard is pre-populated with a best-practice example of eight criteria, two for each category (see box at bottom right). This example helps your effort to develop your own project scorecard by providing a solid starting point:
60%: On their own, decision makers could only identify around 6 of their 10 most important criteria for making decisions (Source: Transparent Choice).
Finally, in addition, the overall scores of approved projects can be used as a metric on which success of the process can be measured over time.
Download Info-Tech’s Project Value Scorecard Development Tool.
This tab lists eight criteria that cover strategic alignment, operational alignment, feasibility, and financial benefits/risks. Each criteria is accompanied by a qualitative score description to standardize the analysis across all projects and analysts. While this tool supports up to 15 different criteria, it’s better to minimize the number of criteria and introduce additional ones as the organization grows in PPM maturity.
Type: It is useful to break down projects with similar overall scores by their proposed values versus ease of execution.
Scale: Five-point scale is not required for this tool. Use more or less granularity of description as appropriate for each criteria.
Blank Criteria: Rows with blank criteria are greyed out. Enter a new criteria to turn on the row.
In this tab, you can see how projects are prioritized when they are scored according to the criteria from the previous tab. You can enter the scores of up to 30 projects in the scorecard table (see screenshot to the right).
Value (V) or Execution (E) & Relative Weight: Change the relative weights of each criteria and review any changes to the prioritized list of projects change, whose rankings are updated automatically. This helps you iterate on the weights to find the right mix.
Feasibility: Custom criteria category labels will be automatically updated.
Overall: Choose the groupings of criteria by which you want to see the prioritized list. Available groupings are:
Ranks and weighted scores for each project is shown.
For example, click on the drop-down and choose “Execution.”
Project ranks are based only on execution criteria.
Follow the steps below to test Info-Tech’s example Project Value Scorecard and examine the prioritized list of projects.
INPUT
OUTPUT
Materials
Participants
Conduct a retrospective of the previous activity by asking these questions:
Iterate on the project valuation criteria:
INPUT
OUTPUT
Materials
Participants
In this step, you’ve begun improving the definition of project value. Getting it right will require several more iterations and will require a series of discussions with your key stakeholders.
The optimized intake process built around the new definition of project value will help evolve a conceptual discussion about project value into a more practical one. The new process will paint a picture of what the future state will look like for your stakeholders’ requested projects getting approved and prioritized for execution, so that they can provide feedback that’s concrete and actionable. To help you with that process, you will be taken through a series of activities to analyze the impact of change on your stakeholders and create a communication plan in the last phase of the blueprint.
For now, in the next step of this blueprint, you will undergo a series of activities to assess your current state to identify the specific areas for process optimization.
"To find the right intersection of someone’s personal interest with the company’s interest on projects isn’t always easy. I always try to look for the basic premise that you can get everybody to agree on it and build from there… But it’s sometimes hard to make sure that things stick. You may have to go back three or four times to the core agreement."
PHASE 1 | PHASE 2 | PHASE 3 | ||||
1.1 Define project valuation criteria | 1.2 Envision process target state | 2.1 Streamline intake | 2.2 Right-size approval steps | 2.3 Prioritize projects to fit resource capacity | 3.1 Pilot your optimized process | 3.2 Communicate organizational change |
This step is highly recommended but not required. Call 1-888-670-8889 to inquire about or request the PPM Diagnostics.
Info-Tech's Project Portfolio Management Assessmentprovides you with a data-driven view of the current state of your portfolio, including your intake processes. Our PPM Assessment measures and communicates success in terms of Info-Tech’s best practices for PPM.
Use the diagnostic program to:
* Steps denote the place in the blueprint where the steps are discussed in more detail.
Use this workflow as a baseline to examine your current state of the process in the next slide.
Conduct a table-top planning exercise to map out the processes currently in place for project intake, approval, and prioritization.
INPUT
OUTPUT
Materials
Participants
Document the results of the previous table-top exercise (Activity 1.1.1) into a flow chart. Flowcharts provide a bird’s-eye view of process steps that highlight the decision points and deliverables. In addition, swim lanes can be used to indicate process stages, task ownership, or responsibilities (example below).
Review and customize section 1.2, “Overall Process Workflow” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
"Flowcharts are more effective when you have to explain status and next steps to upper management."
– Assistant Director-IT Operations, Healthcare Industry
Browser-based flowchart tool examples
INPUT
OUTPUT
Materials
Participants
Download Info-Tech’s Project Intake Workflow Template (Visio and PDF)
In the previous activity, accountable and responsible stakeholders for each of the steps in the current intake, approval, and prioritization process were identified.
INPUT
OUTPUT
Materials
Participants
There are three dimensions for stakeholder prioritization: influence, interest, and support.
These parameters will inform how to prioritize your stakeholders according to the stakeholder priority heatmap (bottom right). This priority should inform how to focus your attention during the subsequent optimization efforts.
Level of Support | |||||
---|---|---|---|---|---|
Stakeholder Category | Supporter | Evangelist | Neutral | Blocker | |
Engage | Critical | High | High | Critical | |
High | Medium | Low | Low | Medium | |
Low | High | Medium | Medium | High | |
Passive | Low | Irrelevant | Irrelevant | Low |
There may be too many stakeholders to be able to achieve complete satisfaction. Focus your attention on the stakeholders that matter the most.
Use Info-Tech’s Intake Capability Framework to help define your current and target states for intake, approval, and prioritization.
Capability Level | Capability Level Description |
---|---|
Capability Level 5: Optimized | Our department has effective intake processes with right-sized administrative overhead. Work is continuously prioritized to keep up with emerging challenges and opportunities. |
Capability Level 4: Aligned | Our department has very strong intake processes. Project approvals are based on business cases and aligned with future resource capacity. |
Capability Level 3: Engaged | Our department has processes in place to track project requests and follow up on them. Priorities are periodically re-evaluated, based largely on the best judgment of one or several executives. |
Capability Level 2: Defined | Our department has some processes in place but no capacity to say no to new projects. There is a formal backlog, but little or no method for grooming it. |
Capability Level 1: Unmanaged | Our department has no formal intake processes in place. Most work is done reactively, with little ability to prioritize proactive project work. |
Refer to the subsequent slides for more detail on these capability levels.
Use these descriptions to place your organization at the appropriate level of intake capability.
Intake | Projects are requested through personal conversations and emails, with minimal documentation and oversight. |
---|---|
Approval | Projects are approved by default and rarely (if ever) declined. There is no definitive list of projects in the pipeline or backlog. |
Prioritization | Most work is done reactively, with little ability to prioritize proactive project work. |
PMOs at this level should work to have all requests funneled through a proper request form within six months. Decision rights for approval should be defined, and a scorecard should be in place within the year.
To get a handle on your backlog, start tracking all project requests using the “Project Data” tab in Info-Tech’s Project Intake and Prioritization Tool.
Use these descriptions to place your organization at the appropriate level of intake capability.
Intake | Requests are formally documented in a request form before they’re assigned, elaborated, and executed as projects. |
---|---|
Approval | Projects are approved by default and rarely (if ever) declined. There is a formal backlog, but little or no method for grooming it. |
Prioritization | There is a list of priorities but no process for updating it more than annually or quarterly. |
PMOs at this level should strive for greater visibility into the portfolio to help make the case for declining (or at least deferring) requests. Within the year, have a formal PPM strategy up and running.
Something PMOs at this level can accomplish quickly without any formal approval is to spend more time with stakeholders during the ideation phase to better define scope and requirements.
Use these descriptions to place your organization at the appropriate level of intake capability.
Intake | Processes and skills are in place to follow up on requests to clarify project scope before going forward with approval and prioritization. |
---|---|
Approval | Projects are occasionally declined based on exceptionally low feasibility or value. |
Prioritization | Priorities are periodically re-evaluated based largely on the best judgment of one or several executives. |
PMOs at this level should advocate for a more formal cadence for prioritization and, within the year, establish a formal steering committee that will be responsible for prioritizing and re-prioritizing quarterly or monthly.
At the PMO level, employ Info-Tech’s Project Intake and Prioritization Tool to start re-evaluating projects in the backlog. Make this data available to senior executives when prioritization occurs.
Use these descriptions to place your organization at the appropriate level of intake capability.
Intake | Occurs through a centralized process. Processes and skills are in place for follow-up. |
---|---|
Approval | Project approvals are based on business cases and aligned with future resource capacity. |
Prioritization | Project prioritization is visibly aligned with business goals. |
PMOs at this level can strive for more accurate and frequent resource forecasting, establishing a more accurate picture of project vs. non-project work within the year.
PMOs at this level can start using Info-Tech’s Business Case Template (Comprehensive or Fast Track) to help simplify the business case process.
Use these descriptions to place your organization at the appropriate level of intake capability.
Intake | Occurs through a centralized portal. Processes and skills are in place for thorough follow-up. |
---|---|
Approval | Project approvals are based on business cases and aligned with future resource capacity. |
Prioritization | Work is continuously prioritized to keep up with emerging challenges and opportunities. |
PMOs at this level should look at Info-Tech’s Manage an Agile Portfolio for comprehensive tools and guidance on maintaining greater visibility at the portfolio level into work in progress and committed work.
Current State: | |
---|---|
Target State: | |
Timeline for meeting target |
INPUT
OUTPUT
Materials
Participants
To frame the discussion on deciding what intake success will look like, review Info-Tech’s PPM strategic expectations:
For a more detailed discussion and insight on PPM strategic expectations see Info-Tech’s blueprint, Develop a Project Portfolio Management Strategy.
While assessing your current state, it is important to discuss and determine as a team how success will be defined.
Optimization Benefit | Objective | Timeline | Success Factor |
---|---|---|---|
Facilitate project intake, prioritization, and communication with stakeholders to maximize time spent on the most valuable or critical projects. | Look at pipeline as part of project intake approach and adjust priorities as required. | July 1st | Consistently updated portfolio data. Dashboards to show back capacity to customers. SharePoint development resources. |
Review and customize section 1.5, “Process Success Criteria” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
Establish realistic short-term goals. Even with optimized intake procedures, you may not be able to eliminate underground project economies immediately. Make your initial goals realistic, leaving room for those walk-up requests that may still appear via informal channels.
The current state explored and documented in this step will serve as a starting point for each step of the next phase of the blueprint. The next phase will take a deeper dive into each of the three components of Info-Tech’s project intake methodology, so that they can achieve the success criteria you’ve defined in the previous activity.
Info-Tech’s Project Intake, Approval, and Prioritization SOP Template is intended to capture the outcome of your process optimization efforts. This blueprint guides you through numerous activities designed for your core project portfolio management team to customize each section.
To maximize the chances of success, it is important that the team makes a concerted effort to participate. Schedule a series of working sessions over the course of several weeks for your team to work through it – or get through it in one week, with onsite Info-Tech analyst-facilitated workshops.
Download Info-Tech’s Project Intake, Approval, and Prioritization SOP.
Contact your account representative or email Workshops@InfoTech.com for more information.
Industry: Not-for-Profit
Source: Info-Tech Interview
Prioritization was a challenge. Initially, the organization had ad hoc prioritization practices, but they had developed a scoring criteria to give more formality and direction to the portfolio. However, the activity of formally prioritizing proved to be too time consuming.
Off-the-grid projects were a common problem, with initiatives consuming resources with no portfolio oversight.
After trying “heavy” prioritization, the PMO loosened up the process. PMO staff now go through and quickly rank projects, with two senior managers making the final decisions. They re-prioritize quarterly to have discussions around resource availability and to make sure stakeholders are in tune to what IT is doing on a daily basis. IT has a monthly meeting to go over projects consuming resources and to catch anything that has fallen between the cracks.
"Everything isn't a number one, which is what we were dealing with initially. We went through a formal prioritization period, where we painstakingly scored everything. Now we have evolved: a couple of senior managers have stepped up to make decisions, which was a natural evolution from us being able to assign a formal ranking. Now we are able to prioritize more easily and effectively without having to painstakingly score everything."
– PMO Director, Benefits Provider
1.1.1-2
Pilot Info-Tech’s Project Value Scorecard-driven prioritization method
Use Info-Tech’s example to prioritize your current project backlog to pilot a project value-driven prioritization, which will be used to guide the entire optimization process.
1.2.1-3
Map out and document current project intake, approval, and prioritization process, and the involved key stakeholders
A table-top planning exercise helps you visualize the current process in place and identify opportunities for optimization.
Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.
Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.
Guided Implementation 2: Build an Optimized Project Intake, Approval, and Prioritization Process Proposed Time to Completion: 3-6 weeks | ||
---|---|---|
Step 2.1: Streamline Intake Start with an analyst kick-off call:
Then complete these activities…
With these tools & templates:
| Step 2.2: Right-Size Approval Start with an analyst call:
Then complete these activities…
With these tools & templates:
| Step 3.3: Prioritize Realistically Start with an analyst call:
Then complete these activities…
With these tools & templates:
|
Phase 2 Results & Insights:
|
PHASE 1 | PHASE 2 | PHASE 3 | ||||
1.1 Define project valuation criteria | 1.2 Envision process target state | 2.1 Streamline intake | 2.2 Right-size approval steps | 2.3 Prioritize projects to fit resource capacity | 3.1 Pilot your optimized process | 3.2 Communicate organizational change |
Off-the-grid projects, i.e. projects that circumvent formal intake processes, lead to underground economies that can deplete resource capacity and hijack your portfolio.
These underground economies are typically the result of too much intake red tape. When the request process is made too complex or cumbersome, project sponsors may unsurprisingly seek alternative means to get their projects done.
While the most obvious line of defence against the appearance of underground economies is an easy-to-use and access request form, one must be cautious. Too little intake formality could lead to a Wild West of project intake where everyone gets their initiatives approved regardless of their business merit and feasibility.
Benefits of optimized intake | Risks of poor intake |
---|---|
Alignment of portfolio with business goals | Portfolio overrun by off-the-grid projects |
Resources assigned to high-value projects | Resources assigned to low-value projects |
Better throughput of projects in the portfolio | Ever-growing project backlog |
Strong stakeholder relations | Stakeholders lose faith in value of PMO |
Intake is intimately bound to stakeholder management. Finding the right balance of friction for your team is the key to successfully walking the line between asking for too much and not asking for enough. If your intake process is strong, stakeholders will no longer have any reason to circumvent formal process.
If you relate to the graphic below in any way, your first priority needs to be limiting the means by which projects get requested. A single, centralized channel with review and approval done in batches is the goal. Otherwise, with IT’s limited capacity, most requests will simply get added to the backlog.
The PMO needs to have the authority – and needs to exercise the authority – to enforce discipline on stakeholders. Organizations that solicit in verbal requests (by phone, in person, or during scrum) lack the orderliness required for PPM success. In these cases, it needs to be the mission of the PMO to demand proper documentation and accountability from stakeholders before proceeding with requests.
"The golden rule for the project documentation is that if anything during the project life cycle is not documented, it is the same as if it does not exist or never happened…since management or clients will never remember their undocumented requests or their consent to do something."
– Dan Epstein, “Project Initiation Process: Part Two”
1. Requestor fills out form and submits the request.
Project Request Form Templates
2. Requests are triaged into the proper queue.
Project Intake Classification Matrix
3. BA or PM prepares to develop requests into a project proposal.
Benefits Commitment Form Template
4. Requestor is given realistic expectations for approval process.
Optimizing project intake may not require a complete overhaul of your existing processes. You may only need to tweak certain templates or policies. Perhaps you started out with a strong process and simply lost resolve over time – in which case you will need to focus on establishing motivation and discipline, rather than rework your entire process.
Perform a start-stop-continue exercise with your team to help determine what should be salvaged, what should be abandoned, and what should be introduced:
1. On a whiteboard or equivalent, write “Start,” “Stop,” and “Continue” in three separate columns. | 3. As a group, discuss the responses and come to an agreement as to which are most valid. |
2. Equip your team with sticky notes or markers and have them populate the columns with ideas and suggestions surrounding your current processes. | 4. Document the responses to help structure your game plan for intake optimization. |
Start | Stop | Continue |
|
|
|
INPUT
OUTPUT
Materials
Participants
It is important to identify all of the ways through which projects currently get requested and initiated, especially if you have various streams of intake competing with each other for resources and a place in the portfolio. Directing multiple channels into a single, centralized funnel is step number one in optimizing intake.
To help you identify project sources within your organization, we’ve broken project requests into three archetypes: the good, the bad, and the ugly.
1. The Good – Proper Requests: written formal requests that come in through one appropriate channel.
The Bad – Walk-Ups: requests that do not follow the appropriate intake channel(s), but nevertheless make an effort to get into the proper queue. The most common instance of this is a portfolio manager or CIO filling out the proper project request form on behalf of, and under direction from, a senior executive.
The Ugly – Guerilla Tactics: initiatives that make their way into the portfolio through informal methods or that consume portfolio resources without formal approval, authority, or oversight. This typically involves a key resource getting ambushed to work on a stakeholder’s “side project” without any formal approval from, or knowledge of, the PMO.
Decide how you would funnel project requests on a single portal for submitting project requests. Determining the right portal for your organization will depend on your current infrastructure options, as well as your current and target state capability levels.
Below are examples of a platform for your project request portal.
Platform | Template document, saved in a repository or shared drive | Email-based form (Outlook forms) | Intranet form (SharePoint, internal CMS) | Dedicated intake solution (PPM tool, idea/innovation tool) |
---|---|---|---|---|
Pros | Can be deployed very easily | Consolidates requests into a single receiver | Users have one place to go from any device | All-in-one solution that includes scoring and prioritization |
Cons | Manual submission and intake process consumes extra effort | Can pose problems in managing requests across multiple people and platforms | Requires existing intranet infrastructure and some development effort | Solution is costly; requires adoption across all lines of business |
Increasing intake capability and infrastructure availability
The key to an effective intake process is determining the right amount of friction to include for your organization. In this context, friction comes from the level of granularity within your project request form and the demands or level of accountability your intake processes place on requestors. You will want to have more or less friction on your intake form, depending on your current intake pain points.
If you are inundated with a high volume of requests:
If you want to encourage the use of a formal channel:
Download Info-Tech’s Detailed Project Request Form.
Download Info-Tech’s Light Project Request Form.
Optimizing a process should not automatically mean reducing friction. Blindly reducing friction could generate a tidal wave of poorly thought-out requests, which only drives up unrealistic expectations. Mitigate the risk of unrealistic stakeholder expectations by carefully managing the message: optimize friction.
Review and customize section 2.2, “Receive project requests” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
The goal of optimizing this process is to consolidate multiple intake channels into a single funnel with the right amount of friction to improve visibility and manageability of incoming project requests.
The important decisions to document for this step include:
INPUT
OUTPUT
Materials
Participants
Whatever method of request collection you choose, ensure there is no doubt about how requesters can access the intake form.
Once a request has been submitted, it will need to be triaged. Triage begins as soon as the request is received. The end goal of the triage process is to set appropriate expectations for stakeholders and to ensure that all requests going forward for approval are valid requests.
PPM Triage Process
The PMO Triage Team
“Request Liaison” Role
The BAs and PMs who follow up on requests play an especially important role in the triage process. They serve as the main point of contact to the requestor as the request evolves into a business case. In this capacity they perform a valuable stakeholder management function, helping to increase confidence and enhance trust in IT.
What constitutes a project?
Another way of asking this question that gets more to the point for this blueprint – for what types of initiatives is project intake, approval, and prioritization rigor required?
This is especially true in IT where, for some smaller initiatives, there can be uncertainty in many organizations during the intake and initiation phase about what should be included on the formal project list and what should go to help desk’s queue.
As the definitions in the table below show, formal project management frameworks each have similar definitions of “a project.”
Source | Definition |
---|---|
PMI | A temporary endeavor undertaken to create a unique product, service, or result.” (553) |
COBIT | A structured set of activities concerned with delivering a defined capability (that is necessary but not sufficient to achieve a required business outcome) to the enterprise based on an agreed‐on schedule and budget.” (74) |
PRINCE2 | A temporary organization that is created for the purpose of delivering one or more business products according to an agreed business case. |
For each, a project is a temporary endeavor planned around producing a specific organizational/business outcome. The challenge of those small initiatives in IT is knowing when those endeavors require a business case, formal resource tracking, and project management rigor, and when they don’t.
In the next step, we will define a suggested minimum threshold for a small “level 1” project. While these level thresholds are good and necessary for a number of reasons – including triaging your project requests – you may still often need to exercise some critical judgment in separating the tickets from the projects. In addition to the level criteria that we will develop in this step, use the checklist below to help with your differentiating.
Service Desk Ticket | Small Project |
---|---|
|
|
Guard the value of the portfolio. Because tickets carry with them an implicit approval, you need to be wary at the portfolio level of those that might possess a larger scope than their status of ticket implies. Sponsors that, for whatever reason, resist the formal intake process may use the ticketing process to sneak projects in through the backdoor. When assessing tickets and small projects at the portfolio level, you need to ask: is it possible that someone at an executive level might want to get updates on this because of its duration, scope, risk, cost, etc.? Could someone at the management level get upset that the initiative came in as a ticket and is burning up time and driving costs without any visibility?
Non-Project | Small Project | |
---|---|---|
e.g. Time required | e.g. < 40 hours | e.g. 40 > hours |
e.g. Complexity | e.g. Very low | e.g. Moderate – Low Difficulty: Does not require highly developed or specialized skill sets |
e.g. Collaboration | e.g. None required | e.g. Limited coordination and collaboration between resources and departments |
e.g. Repeatability of work | e.g. Fully repeatable | e.g. Less predictable |
e.g. Frequency of request type | e.g. Hourly to daily | e.g. Weekly to monthly |
"If you worked for the help desk, over time you would begin to master your job since there is a certain rhythm and pattern to the work…On the other hand, projects are unique. This characteristic makes them hard to estimate and hard to manage. Even if the project is similar to one you have done before, new events and circumstances will occur. Each project typically holds its own challenges and opportunities"
– Jeffrey and Thomas Mochal
Follow the steps below to define the specifics of a “level 1” project for your organization.
INPUT
OUTPUT
Materials
Participants
During triaging, requestors should be notified as quickly as possible (a) that their request has been received and (b) what to expect next for the request. Make this forum as productive and informative as possible, providing clear direction and structure for the future of the request. Be sure to include the following:
The logistic of this follow-up will depend on a number of different factors.
Assign an official request number or project ID to all requests during this initial response. An official request number anchors the request to a specific and traceable dataset that will accompany the project throughout its lifecycle.
If you receive a high volume of requests or need a quick win for improving stakeholder relations:
Sample #1: Less detailed, automatic response
Hello Emma,
Thank you. Your project request has been received. Requests are reviewed and assigned every Monday. A business analyst will follow up with you in the next 5-10 business days. Should you have any questions in the meantime, please reply to this email.
Best regards,
Information Technology Services
If stakeholder management is a priority, and you want to emphasize the customer-facing focus:
Sample #2: More detailed, tailored response
Hi Darren,
Your project request has been received and reviewed. Your project ID number is #556. Business analyst Alpertti Attar has been assigned to follow up on your request. You can expect to hear from him in the next 5-10 business days to set up a meeting for preliminary requirements gathering.
If you have any questions in the meantime, please contact Alpertti at aattar@projectco.com. Please include the Project ID provided in this email in all future correspondences regarding this request.
Thank you for your request. We look forward to helping you bring this initiative to fruition.
Sincerely,
Jim Fraser
PMO Director, Information Technology Services
A simple request response will go a long way in terms of stakeholder management. It will not only help assure stakeholders that their requests are in progress but the request confirmation will also help to set expectations and take some of the mystery out of IT’s processes.
Review and customize section 2.3, “Triage project requests” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
The goal of optimizing this process is to divert non-project requests and set an appropriate initial set of stakeholder expectations for next steps. The important decisions to document for this step include:
INPUT
OUTPUT
Materials
Participants
Whatever method of request collection you choose, ensure there is no doubt about how requesters can access the intake form.
The purpose of this follow-up is to foster communication among the requestor, IT, and the sponsor to scope the project at a high level. The follow-up should:
Once a Request Liaison (RL) has been assigned to a request, it is their responsibility to schedule time (if necessary) with the requestor to perform a scoping exercise that will help define preliminary requirements. Ideally, this follow-up should occur no later than a week of the initial request.
Structure the follow-up for each request based on your preliminary estimates of project size (next slide). Use the “Key Pieces of Scope” to the left as a guide.
It may also be helpful for RLs and stakeholders to work together to produce a rough diagram or mock-up of the final deliverable. This will ensure that the stakeholder’s idea has been properly communicated, and it could also help refine or broaden this idea based on IT’s capabilities.
After the scoping exercise, it is the RL’s responsibility to inform the requestor of next steps.
More time spent with stakeholders defining high-level requirements during the ideation phase is key to project success. It will not only improve the throughput of projects, but it will enhance the transparency of IT’s capacity and enable IT to more effectively support business processes.
Project estimation is a common pain point felt by many organizations. At this stage, a range-of-magnitude (ROM) estimate is sufficient for the purposes of sizing the effort required for developing project proposals with appropriate detail.
A way to structure ROM estimates is to define a set of standard project levels. It will help you estimate 80% of projects with sufficient accuracy over time with little effort. The remaining 20% of projects that don’t meet their standard target dates can be managed as exceptions.
The increased consistency of most projects will enable you to focus more on managing the exceptions.
Example of standard project sizes:
Level | Primary unit of estimation | Target completion date* |
---|---|---|
1 | Weeks | 3 weeks – 3 months |
2 | Months | 3 months – 6 months |
3 | Quarters | 2 – 4 quarters |
3+ | Years | 1 year or more |
* Target completion date is simply that – a target, not a service level agreement (SLA). Some exceptions will far exceed the target date, e.g. projects that depend heavily on external or uncontrollable factors.
Project levelling is useful for right-sizing many downstream processes; it sets appropriate levels of detail and scrutiny expected for project approval and prioritization steps, as well as the appropriate extent of requirements gathering, project management, and reporting requirements afterwards.
Now that the minimum threshold for your smallest projects has been identified, it’s time to identify the maximum threshold in order to better apply project intake, approval, and prioritization rigor where it’s needed.
INPUT
OUTPUT
Materials
Participants
Project Level | Level 1 | Level 2 | Level 3 |
---|---|---|---|
Work Effort | 40-100 hours | 100-500 hours | 500+ hours |
Budget | $100,000 and under | $100,000 to $500,000 | $500,000 and over |
Technology | In-house expertise | Familiar | New or requires system-wide change/training |
Complexity | Well-defined solution; no problems expected | Solution is known; some problems expected | Solution is unknown or not clearly defined |
Cross-Functional Workgroups/Teams | 1-2 | 3-5 | > 6 |
Capture the project levels in Info-Tech’s Project Intake Classification Matrix Tool to benchmark your levelling criteria and to determine project levels for proposed projects.
Download Info-Tech’s Project Intake Classification Matrix tool.
In most organizations a project requires sponsorship from the executive layer, especially for strategic initiatives. The executive sponsor provides several vital factors for projects:
Sometimes a project request may be made directly by a sponsor; in other times, the Request Liaison may need to connect the project request to a project sponsor.
In either case, project request has a tentative buy-in and support of an executive sponsor before a project request is developed into a proposal and examined for approval – the subject of this blueprint’s next step.
PMs and Sponsors: The Disconnect
A study in project sponsorship revealed a large gap between the perception of the project managers and the perception of sponsors relative to the sponsor capability. The widest gaps appear in the areas of:
Source: Boston Consulting Group/PMI, 2014
Actively engaged executive sponsors continue to be the top driver of whether projects meet their original goals and business intent.
– PMI Pulse of the Profession, 2017
76% of respondents [organizations] agree that the role of the executive sponsor has grown in importance over the past five years.
– Boston Consulting Group/PMI, 2014
Review and customize section 2.4, “Follow up on project requests” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
The goal of optimizing this process is to initiate communication among the requestor, IT, and the sponsor to scope the project requests at a high level. The important decisions to document for this step include:
INPUT
OUTPUT
Materials
Participants
Review and customize section 2.1, “Project Intake Workflow” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
In Step 1.2 of the blueprint, you mapped out the current project intake, approval, and prioritization workflow and documented it in a flow chart. In this step, take the time to examine the new project intake process as a whole, and document the new workflow in the form of a flow chart.
Consider the following points:
INPUT
OUTPUT
Materials
Participants
Industry: Municipal Government
Source: Info-Tech Client
PHASE 1 | PHASE 2 | PHASE 3 | ||||
1.1 Define project valuation criteria | 1.2 Envision process target state | 2.1 Streamline intake | 2.2 Right-size approval steps | 2.3 Prioritize projects to fit resource capacity | 3.1 Pilot your optimized process | 3.2 Communicate organizational change |
Challenges | Info-Tech’s Advice |
---|---|
Project sponsors receive funding from their business unit or other source (possibly external, such as a grant), and assume this means their project is “approved” without any regard to IT costs or resource constraints. | Clearly define a series of approval steps, and communicate requirements for passing them. |
Business case documentation is rarely updated to reflect unforeseen costs, emerging opportunities, and changing priorities. As a result, time and money is spent finishing diminished priority projects while the value of more recent projects erodes in the backlog. | Approve projects in smaller pieces, with early test/pilot phases focused on demonstrating the value of later phases. |
Project business cases often focus on implementation and overlook ongoing operating costs imposed on IT after the project is finished. These costs further diminish IT’s capacity for new projects, unless investment in more capacity (such as hiring) is included in business cases. | Make ongoing support and maintenance costs a key element in business case templates and evaluations. |
Organizations approve new projects without regard to the availability of resource capacity (or lack thereof). Project lead times grow and stakeholders become more dissatisfied because IT is unable to show how the business is competing with itself for IT’s time. | Increase visibility into what IT is already working on and committed to, and for whom. |
Clearly define a series of approval steps, and communicate requirements for passing them. “Approval” can be a dangerous word in project and portfolio management, so it is important to clarify what is required to pass each step, and how long the process will take.
1 | 2 | 3 | 4 | |
---|---|---|---|---|
Approval step | Concept Approval | Feasibility Approval | Business Case Approval | Resource Allocation (Prioritization) |
Alignment Focus | Business need / Project sponsorship | Technology | Organization-wide business need | Resource capacity |
Possible dispositions at each gate |
|
|
|
|
Accountability | e.g. Project Sponsor | e.g. CIO | e.g. Steering Committee | e.g. CIO |
Deliverable | Benefits Commitment Form Template | Proposed Project Technology Assessment Tool | Business Case (Fast Track, Comprehensive) | Intake and Prioritization Tool |
In general, there are three different, mutually exclusive decision-making paradigms for approving projects:
Paradigm | Description | Benefits | Challenges | Recommendation |
---|---|---|---|---|
Unilateral authority | One individual makes decisions. | Decisions tend to be made efficiently and unambiguously. Consistency of agenda is easier to preserve. | Decisions are subject to one person’s biases and unseen areas. | Decision maker should solicit and consider input from others and seek objective rigor. |
Ad hoc deliberation | Stakeholders informally negotiate and communicate decisions between themselves. | Deliberation helps ensure different perspectives are considered to counterbalance individual biases and unseen areas. | Ad hoc decisions tend to lack documentation and objective rationale, which can perpetuate disagreement. | Use where unilateral decisions are unfeasible (due to complexity, speed of change, culture, etc.), and stakeholders are very well aligned or highly skilled negotiators and communicators. |
Formal steering committee | A select group that represent various parts of the organization is formally empowered to make decisions for the organization. | Formal committees can ensure oversight into decisions, with levers available to help resolve uncertainty or disagreement. | Formal committees introduce administrative overhead and effort that might not be warranted by the risks involved. | Formal steering committees are best where formality is warranted by the risks and costs involved, and the organizational culture has an appetite for administrative oversight. |
The individual or party who has the authority to make choices, and who is ultimately answerable for those decisions, is said to be accountable. Understanding the needs of the accountable party is critical to the success of the project approval process optimization efforts.
Optimizing project approval may not require a complete overhaul of your existing processes. You may only need to tweak certain templates or policies. Perhaps you started out with a strong process and simply lost resolve over time – in which case you will need to focus on establishing motivation and discipline, rather than rework your entire process.
Perform a start-stop-continue exercise with your team to help determine what should be salvaged, what should be abandoned, and what should be introduced:
1.On a whiteboard or equivalent, write “Start,” “Stop,” and “Continue” in three separate columns. | 3.As a group, discuss the responses and come to an agreement as to which are most valid. |
2.Equip your team with sticky notes or markers and have them populate the columns with ideas and suggestions surrounding your current processes. | 4.;Document the responses to help structure your game plan for intake optimization. |
Start | Stop | Continue |
---|---|---|
|
|
|
INPUT
OUTPUT
Materials
Participants
Review and customize section 3.2, “Project Approval Steps” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
The goal of this activity is to customize the definition of the approval steps for your organization, so that it makes sense for the existing organizational governance structure, culture, and need. Use the results of the start-stop-continue to inform what to customize. Consider the following factors:
INPUT
OUTPUT
Materials
Participants
Review and customize section 3.2, “Project Approval Steps” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
In the old reality, projects were approved and never heard back from again, which effectively gave your stakeholders a blanket default expectation of “declined.” With the new approval process, manage your stakeholder expectations more explicitly by refining your vocabulary around approval.
Within this, decision makers should view their role in approval as approving that which can and should be done. When a project is approved and slated to backlog, the intention should be to allocate resources to it within the current intake cycle.
Customize the table to the right with organizationally appropriate definitions, and update your SOP.
“No” | Declined. |
---|---|
“Not Now” | “It’s a good idea, but the time isn’t right. Try resubmitting next intake cycle.” |
“Concept Approval” | Approval to add the item to the backlog with the intention of starting it this intake cycle. |
“Preliminary Approval” | Approval for consumption of PMO resources to develop a business case. |
“Full Approval” | Project is greenlighted and project resources are being allocated to it. |
Refine the nomenclature. Add context to “approved” and “declined.” Speak in terms of “not now” or “you can have it when these conditions are met.” With clear expectations of the resources required to support each request, you can place accountability for keeping the request alive back on the sponsors.
Estimates that form the basis of business cases are often based on flawed assumptions. Use early project phases or sprints to build working prototypes to test the assumptions on which business cases are built, rather than investing time improving precision of estimates without improving accuracy.
The next several slides will take you through a series of tools and templates that help guide the production of deliverables. Each deliverable wireframes the required analysis of the proposed project for one step of the approval process, and captures that information in a document. This breaks down the overall work for proposal development into digestible chunks.
As previously discussed, aim to right-size the approval process rigor for project levels. Not all project levels may call for all steps of approval, or the extent of required analysis within an approval step may differ. This section will conclude by customizing the requirement for deliverables for each project level.
Tools and Templates for the Project Approval Toolbox
Project sponsors are accountable for the realization of project benefits. Therefore, for a project to be approved by a project sponsor, they must buy-in and commit to the proposed benefits.
Defining project benefits and obtaining project sponsor commitment has been demonstrated to improve the project outcome by providing the focal point of the project up-front. This will help reduce wasted efforts to develop parts of the proposals that are not ultimately needed.
Download Info-Tech’s Benefits Commitment Form Template.
Contents of a Benefits Commitment Form
For further discussion on benefits realization, use Info-Tech’s blueprint, Establish the Benefits Realization Process.
In some projects, there needs to be an initial idea of what the project might look like. Develop a high-level solution for projects that:
IT should advise and provide subject matter expertise on the technology requirements to those that ultimately approve the proposed projects, so that they can take into account additional costs or risks that may be borne from it.
Info-Tech’s Proposed Project Technology Assessment Tool has a series of questions to address eight categories of considerations to determine the project’s technological readiness for adoption. Use this tool to ensure that you cover all the bases, and help you devise alternate solutions if necessary – which will factor into the overall business case development.
Download Info-Tech’s Proposed Project Technology Assessment Tool.
Traditionally, a business case is centered around financial metrics. While monetary benefits and costs are matters of bottom line and important, financial metrics are only part of a project’s value. As the project approval decisions must be based on the holistic comparison of project value, the business case document must capture all the necessary – and only those that are necessary – information to enable it.
However, completeness of information does not always require comprehensiveness. Allow for flexibility to speed up the process of developing business plan by making a “fast-track” business case template available. This enables the application of the project valuation criteria with all other projects, with right-sized effort.
Alarming business case statistics
(Source: Wrike)
Download Info-Tech’s Comprehensive Business Case Template.
Download Info-Tech’s Fast Track Business Case Template.
Pass on that which is known. Valuable information about projects is lost due to a disconnect between project intake and project initiation, as project managers are typically not brought on board until project is actually approved. This will be discussed more in Phase 3 of this blueprint.
Review and customize section 3.3, “Project Proposal Deliverables” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
The goal of this activity is to customize the requirements for project proposal deliverables, so that it properly informs each of the approval steps discussed in the previous activity. The deliverables will also shape the work effort required for projects of various levels. Consider the following factors:
INPUT
OUTPUT
Materials
Participants
Review and customize section 3.1, “Project Approval Workflow” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
In Step 1.2 of the blueprint, you mapped out the current project intake, approval, and prioritization workflow and documented it in a flow chart. In this step, take the time to examine the new project intake process as a whole, and document the new workflow in the form of a flow chart.
1 | 2 | 3 | 4 | |
---|---|---|---|---|
Approval Step | Concept Approval | Feasibility Approval | Business Case Approval | Resource Allocation (Prioritization) |
Alignment Focus | Business need/ Project Sponsorship | Technology |
Organization-wide Business need |
Resource capacity |
Consider the following points:
INPUT
OUTPUT
Materials
Participants
PHASE 1 | PHASE 2 | PHASE 3 | ||||
1.1 Define project valuation criteria | 1.2 Envision process target state | 2.1 Streamline intake | 2.2 Right-size approval steps | 2.3 Prioritize projects to fit resource capacity | 3.1 Pilot your optimized process | 3.2 Communicate organizational change |
Organizations tend to bite off more than they can chew when it comes to project and service delivery commitments involving IT resources.
While the need for businesses to make an excess of IT commitments is understandable, the impacts of systemically over-allocating IT are clearly negative:
76%: 76% of organizations say they have too many projects on the go and an unmanageable and ever-growing backlog of things to get to.
– Cooper, 2014
70%: Almost 70% of workers feel as though they have too much work on their plates and not enough time to do it.
– Reynolds, 2016
Today, many IT departments use matrix organization. In this system, demands on a resource’s time come from many directions. While resources are expected to prioritize their work, they lack the authority to formally reject any demand. As a result, unconstrained, unmanaged demand frequently outstrips the supply of work-hours the resource can deliver.
When this happens, the resource has three options:
The result is an unsustainable system for all those involved:
Project Prioritization |
Capacity awareness Many IT departments struggle to realistically estimate available project capacity in a credible way. Stakeholders question the validity of your endeavor to install capacity-constrained intake process, and mistake it for unwillingness to cooperate instead. |
Lack of authority Many PMOs and IT departments simply lack the ability to decline or defer new projects. |
Many moving parts Project intake, approval, and prioritization involve the coordination of various departments. Therefore, they require a great deal of buy-in and compliance from multiple stakeholders and senior executives. |
Project Approval |
Unclear definition of value Defining the project value is difficult, because there are so many different and conflicting ways that are all valid in their own right. However, without it, it's impossible to fairly compare among projects to select what's "best." |
Unclear definition of value
In Step 1.1 of the blueprint, we took the first step toward resolving this challenge by prototyping a project valuation scorecard.
"Prioritization is a huge issue for us. We face the simultaneous challenges of not having enough resources but also not having a good way to say no. "
– CIO, governmental health agency
Intake and Prioritization Tool
Optimizing project prioritization may not require a complete overhaul of your existing processes. You may only need to tweak certain templates or policies. Perhaps you started out with a strong process and simply lost resolve over time – in which case you will need to focus on establishing motivation and discipline, rather than rework your entire process.
Perform a start-stop-continue exercise with your team to help determine what should be salvaged, what should be abandoned, and what should be introduced:
1. On a whiteboard or equivalent, write “Start,” “Stop,” and “Continue” in three separate columns. | 3. As a group, discuss the responses and come to an agreement as to which are most valid. |
2. Equip your team with sticky notes or markers and have them populate the columns with ideas and suggestions surrounding your current processes. | 4. Document the responses to help structure your game plan for intake optimization. |
Start | Stop | Continue |
---|---|---|
|
|
|
INPUT
OUTPUT
Materials
Participants
This tool builds on the Project Valuation Scorecard Tool to address the challenges in project prioritization:
Using standard project sizing, quickly estimate the size of the demand for proposed and ongoing projects and produce a report that recommends the list of projects to greenlight – and highlight the projects within that list that are at risk of being short-charged of resources – that will aim to help you tackle:
The next several slides will walk you through the tool and present activities to facilitate its use for your organization.
Download Info-Tech’s Project Intake and Prioritization Tool.
Estimate how many work-hours are at your disposal for projects using Info-Tech’s resource calculator.
1. Compile a list of each role within your department, the number of staff, and the hours in a typical work week.
2. Enter the foreseeable out-of-office time (vacation, sick time, etc.). Typically, this value is 12-16% depending on the region.
3. Enter how much working time is spent on non-projects for each role: administrative duties and “keep the lights on” work.
4. Select a period of time for breaking down available resource capacity in hours.
Project Work (%): Percentage of your working time that goes toward project work is calculated as what’s left after your non-project working time allocations have been subtracted.
Project (h) Total Percentage: Take a note of this percentage as your project capacity. This number will put the estimated project demand in context for the rest of the tool.
Example for a five-day work week:
Result: 7.4/52 weeks’ absence = 14%
Discover how many work-hours are at your disposal for project work.
INPUT
OUTPUT
Materials
Participants
Info-Tech’s PPM Current State Scorecard diagnostic provides a comprehensive view of your portfolio management strengths and weaknesses, including project portfolio management, project management, customer management, and resource utilization.
Use the wisdom of the crowd to estimate resource waste in:
Analyzing, fixing, and redeploying
50% of PPM resource is wasted on average, effectively halving your available project capacity.
Source: Info-Tech PPM Current State Scorecard
The resource capacity calculator in the previous tab yields a likely optimistic estimate for how much project capacity is available. Based on this estimate as a guide, enter your optimistic (maximum) and pessimistic (minimum) estimates of project capacity as a percentage of total capacity:
Info-Tech’s data shows that only about 50% of time spent on project work is wasted: cancelled projects, inefficiency, rework, etc. As a general rule, enter half of your maximum estimate of your project capacity.
Capacity in work hours is shown here from the previous tab, to put the percentages in context. This example shows a quarterly breakdown (Step 4 from the previous slide; cell N5 in Tab 2.).
Next, estimate the percentage of your maximum estimated project capacity that a single project would typically consume in the given period for prioritization.
These project sizes might not line up with the standard project levels from Step 2.1 of the blueprint: for example, an urgent mid-sized project that requires all hands on deck may need to consume almost 100% of maximum available project capacity.
Refine your estimates of project capacity supply and demand as it applies to a prioritization period.
Dedicated work needs dedicated break time
In a study conducted by the Draugiem Group, the ideal work-to-break ratio for maximizing focus and productivity was 52 minutes of work, followed by 17 minutes of rest (Evans). This translates to 75% of resource capacity yielding productive work, which could inform your optimistic estimate of project capacity.
INPUT
OUTPUT
Materials
Participants
Enter the scoring criteria, which was worked out from Step 1.1 of the blueprint. This workbook supports up to ten scoring criteria; use of more than ten may make the prioritization step unwieldy.
Leave unused criteria rows blank.
Choose “value” or “execution” from a drop-down.
Score does not need to add up to 100.
Finally, set up the rest of the drop-downs used in the next tab, Project Data. These can be customized to fit your unique project portfolio needs.
Ensure that each project has a unique name.
Completed (or cancelled) projects will not be included in prioritization.
Choose the standard project size defined in the previous tab.
Change the heading when you customize the workbook.
Days in Backlog is calculated from the Date Added column.
Overall weighted project prioritization score is calculated as a sum of value and execution scores.
Weighted value and execution scores are calculated according to the scoring criteria table in the 2. Settings tab.
Enter the raw scores. Weights will be taken into calculation behind the scenes.
Spaces for unused intake scores will be greyed out. You can enter data, but they will not affect the calculated scores.
Review and customize section 4.2, “Maintain Supply and Demand Data” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
The goal of this activity is to document the process with which the supply and demand information will be updated for projects. Consider the following factors:
INPUT
OUTPUT
Materials
Participants
The output of the Project Intake and Prioritization Tool is a prioritized list of projects with indicators to show that their demand on project capacity will fit within the estimated available project capacity for the prioritization period.
Status indicates whether the project is proposed or ongoing; completed projects are excluded.
Disposition indicates the course of recommended action based on prioritization.
Proposed projects display how long they have been sitting in the backlog.
Projects highlighted yellow are marked as “deliberate” for their dispositions. These projects pose risks of not getting properly resourced. One must proceed with caution if they are to be initiated or continued.
The prioritized list of proposed and ongoing projects, and an approximate indication for how they fill out the estimated available resource capacity, provide a meaningful starting ground for discussion on which projects to continue or initiate, to hold, or to proceed with caution.
However, it is important to recognize the limitation of the prioritization methodology. There may be legitimate reasons why some projects should be prioritized over another that the project valuation method does not successfully capture. At the end of the day, it’s the prerogative of the portfolio owners who carry on the accountabilities to steer the portfolio.
The portfolio manager has a responsibility to be prepared for reconciling the said steering with the unchanged available resource capacity for project work. What comes off the list of projects to continue or initiate? Or, will we outsource capacity if we must meet irreconcilable demand? The next slide will show how Info-Tech’s tool helps you with this process.
Strive to become the best co-pilot. Constantly iterate on the scoring criteria to better adapt to the portfolio owners’ preference in steering the project portfolio.
The Force Disposition list enables you to inject subjective judgment in project prioritization. Force include and outsource override project prioritization scores and include the projects for approval:
Choose a project name and a disposition using a drop-down.
Use this list to test out various scenarios, useful for what-if analysis.
Review and customize section 4.3, “Approve projects for initiation or continuation” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
The goal of this activity is to formalize the process of presenting the prioritized list of projects for review, modify the list based on steering decisions, and obtain the portfolio owners’ approval for projects to initiate or continue, hold, or terminate. Consider the following factors:
INPUT
OUTPUT
Materials
Participants
Once the proposed project is given a green light, the project enters an initiation phase.
No matter what project management methodology is employed, it is absolutely vital to pass on the knowledge gained and insights developed through the intake, approval, and prioritization processes. This ensures that the project managers and team are informed of the project’s purpose, business benefits, rationale for the project approval, etc. and be able to focus their efforts in realizing the project’s business goals.
Recognize that this does not aim to create any new artifacts. It is simply a procedural safeguard against the loss of important and costly information assets for your organization.
Information from the intake process directly feeds into, for example, developing a project charter.
Source: PMBOK, 6th edition
"If the project manager can connect strategy to the project they are leading (and therefore the value that the organization desires by sanctioning the project), they can ensure that the project is appropriately planned and managed to realize those benefits."
– Randall T. Black, P.Eng., PMP; source: PMI Today
Review and customize section 4.1, “Project Prioritization Workflow” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template.
In Step 1.2 of the blueprint, you mapped out the current project intake, approval, and prioritization workflow and documented it in a flow chart. In this step, take the time to examine the new project intake process as a whole, and document the new workflow in the form of a flow chart.
Consider the following points:
INPUT
OUTPUT
Materials
Participants
The project capacity estimates overlook a critical piece of the resourcing puzzle for the sake of simplicity: skills. You need the right skills at the right time for the right project. Use Info-Tech’s Balance Supply and Demand with Realistic Resource Management Practices blueprint to enhance the quality of information on your project supply. ![]() |
There is more to organizing your project portfolio than a strict prioritization by project value. For example, as with a financial investment portfolio, project portfolio must achieve the right investment mix to balance your risks and leverage opportunities. Use Info-Tech’s Maintain an Organized Portfolio blueprint to refine the makeup of your project portfolio. ![]() |
Continuous prioritization of projects allow organizations to achieve portfolio responsiveness. Use Info-Tech’s Manage an Agile Portfolio blueprint to take prioritization of your project portfolio to the next level. ![]() |
46% of organizations use a homegrown PPM solution. Info-Tech’s Grow Your Own PPM Solution blueprint debuts a spreadsheet-based Portfolio Manager tool that provides key functionalities that integrates those of the Intake and Prioritization Tool with resource management, allocation and portfolio reporting capabilities. ![]() |
2.1.2-6
Optimize your process to receive, triage, and follow up on project requests
Discussion on decision points and topics of consideration will be facilitated to leverage the diverse viewpoints amongst the workshop participants.
2.3.2-5
Set up a capacity-informed project prioritization process using Info-Tech’s Project Intake and Prioritization Tool
A table-top planning exercise helps you visualize the current process in place and identify opportunities for optimization.
Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.
Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.
Guided Implementation 3: Integrate the New Optimized Processes into Practice Proposed Time to Completion: 6-12 weeks | |
Step 3.1: Pilot your process to refine it prior to rollout Start with an analyst kick-off call:
Then complete these activities…
With these tools & templates:
| Step 3.2: Analyze the impact of organizational change Review findings with analyst:
Then complete these activities…
With these tools & templates:
|
Phase 3 Results & Insights:
|
PHASE 1 | PHASE 2 | PHASE 3 | ||||
1.1 Define project valuation criteria | 1.2 Envision process target state | 2.1 Streamline intake | 2.2 Right-size approval steps | 2.3 Prioritize projects to fit resource capacity | 3.1 Pilot your optimized process | 3.2 Communicate organizational change |
Rome wasn’t built in a day. Similarly, benefits of optimized project intake, approval, and prioritization process will not be realized overnight.
Resist the urge to deploy a big-bang roll out of your new intake practices. The approach is ill advised for two main reasons:
Start with a pilot phase. Identify receptive lines of business and IT resources to work with, and leverage their insights to help iron out the kinks in your process before unveiling your practices to IT and all business users at large.
This step will help you to:
Engagement paves the way for smoother adoption. An “engagement” approach (rather than simply “communication”) turns stakeholders into advocates who can help boost your message, sustain the change, and realize benefits without constant intervention or process command-and-control.
A process pilot is a limited scope of an implementation (constrained by time and resources involved) in order to test the viability and effectiveness of the process as it has been designed.
Download Info-Tech’s Process Pilot Plan Template
"The advantages to a pilot are several. First, risk is constrained. Pilots are closely monitored so if a problem does occur, it can be fixed immediately. Second, the people working in the pilot can become trainers as you roll the process out to the rest of the organization. Third, the pilot is another opportunity for skeptics to visit the pilot process and learn from those working in it. There’s nothing like seeing a new process working for people to change their minds."
Info-Tech recommends selecting PPM stakeholders who are aware of your role and some of the challenges in project intake, approval, and prioritization to assist in the implementation process.
INPUT
OUTPUT
Materials
Participants
Document the PPM stakeholders involved in your pilot in Section 3 of Info-Tech’s Process Pilot Plan Template.
Use Info-Tech’s Process Pilot Plan Template to design the details of your pilot.
Investing time into planning your pilot phase strategically will ensure a clear scope, better communications for those piloting the processes, and – overall – better, more actionable results for the pilot phase. The Pilot Plan Template is broken into five sections to assist in these goals:
The duration of your pilot should go at least one prioritization period, e.g. one to two quarters.
Estimates of time commitments should be captured for each stakeholder. During the retrospective at the end of the pilot you should capture actuals to help determine the time-cost of the process itself and measure its sustainability.
Once the Plan Template is completed, schedule time to share and communicate it with the pilot team and executive sponsors of the process.
While you should invest time in this planning document, continue to lean on the Intake, Approval, and Prioritization SOP throughout the pilot phase.
INPUT
OUTPUT
Materials
Participants
Some things to keep in mind during the pilot include:
Pilot projects allow you to validate your assumptions and leverage lessons learned. During the planning of the pilot, you should have scheduled a retrospective meeting with the pilot team to formally assess strengths and weaknesses in the process you have drafted.
An example of how to structure a Stop/Start/Continue activity on a whiteboard using sticky notes.
INPUT
OUTPUT
Materials
Participants
See the following slide for additional instructions.
As a group, discuss everyone’s responses and organize according to top priority (mark with a 1) and lower priority/next steps (mark with a 2). At this point, you can also remove any sticky notes that are repetitive or no longer relevant.
Once you have organized based on priority, be sure to come to a consensus with the group regarding which actions to take. For example, if the group agrees that they should “stop holding meetings weekly,” come to a consensus regarding how often meetings will be held, i.e. monthly.
Priority | Action Required | Who is Responsible | Implementation Date |
---|---|---|---|
Stop: Holding meetings weekly | Hold meetings monthly | Jane Doe, PMO | Next Meeting: August 1, 2017 |
Start: Discussing backlog during meetings | Ensure that backlog data is up to date for discussion on date of next meeting. | John Doe, Portfolio Manager | August 1, 2017 |
Create an action plan for the top priority items that require changes (the Stops and Starts). Record in this slide, or your preferred medium. Be sure to include who is responsible for the action and the date that it will be implemented.
Document the outcomes of the start/stop/continue and your action plan in Section 6 of Info-Tech’s Process Pilot Plan Template.
You will need to determine responsibilities and accountabilities for portfolio management functions within your team.
If you do not have a clearly identifiable portfolio manager at this time, you will need to clarify who will wear which hats in terms of facilitating intake and prioritization, high-level capacity awareness, and portfolio reporting.
Download Info-Tech’s Project Backlog Manager job description template.
Update section 1.2, “Overall Process Workflow” in Info-Tech’s Project Intake, Approval, and Prioritization SOP Template with the new process flow.
Revisit your SOP from Phase 2 and ensure it has been updated to reflect the process changes that were identified in activity 3.1.4.
Download Info-Tech’s Project Intake, Approval, and Prioritization SOP template.
Make your SOP high impact. SOPs are often at risk of being left unmaintained and languishing in disuse. Improve the SOP’s succinctness and usability by making it visual; consult Info-Tech’s blueprint, Create Visual SOP Documents that Drive Process Optimization, Not Just Peace of Mind.
PHASE 1 | PHASE 2 | PHASE 3 | ||||
1.1 Define project valuation criteria | 1.2 Envision process target state | 2.1 Streamline intake | 2.2 Right-size approval steps | 2.3 Prioritize projects to fit resource capacity | 3.1 Pilot your optimized process | 3.2 Communicate organizational change |
As you assess change impacts, keep in mind that no impact will be felt the same across the organization. Depth of impact can vary depending on the frequency (will the impact be felt daily, weekly, monthly?), the actions necessitated by it (e.g. will it change the way the job is done or is it simply a minor process tweak?), and the anticipated response of the stakeholder (support, resistance, indifference?).
Use the Organizational Change Depth Scale below to help visualize various depths of impact. The deeper the impact, the tougher the job of managing change will be.
Procedural | Behavioral | Interpersonal | Vocational | Cultural |
---|---|---|---|---|
Procedural change involves changes to explicit procedures, rules, policies, processes, etc. | Behavioral change is similar to procedural change, but goes deeper to involve the changing tacit or unconscious habits. | Interpersonal change goes beyond behavioral change to involve changing relationships, teams, locations, reporting structures, and other social interactions. | Vocational change requires acquiring new knowledge and skills, and accepting the loss or decline in the value or relevance of previously acquired knowledge and skills. | Cultural change goes beyond interpersonal and vocational change to involve changing personal values, social norms, and assumptions about the meaning of good vs. bad or right vs. wrong. |
Example: providing sales reps with mobile access to the CRM application to let them update records from the field. | Example: requiring sales reps to use tablets equipped with a custom mobile application for placing orders from the field. | Example: migrating sales reps to work 100% remotely. | Example: migrating technical support staff to field service and sales support roles. | Example: changing the operating model to a more service-based value proposition or focus. |
Info-Tech’s Drive Organizational Change from the PMO blueprint offers the OCM Impact Analysis Tool to helps document the change impact across multiple dimensions, enabling the project team to review the analysis with others to ensure that the most important impacts are captured.
This tool has been customized for optimizing project intake, approval, and prioritization process to deliver the same result in a more streamlined way. The next several slides will take you through the activities to ultimately create an OCM message canvas and a communication plan for your key stakeholders.
Download Info-Tech’s Intake and Prioritization Impact Analysis Tool.
"As a general principle, project teams should always treat every stakeholder initially as a recipient of change. Every stakeholder management plan should have, as an end goal, to change recipients’ habits or behaviors."
-PMI, 2015
In Tab 2, enter your stakeholders’ names. Represent stakeholders as a group if you expect the impact of change on them to be reasonably uniform, as well as their anticipated responses. Otherwise, consider adding them as individuals or subgroups.
In Tab 3, enter whether you agree or disagree with each statement that represents an element of organizational change that be introduced as the newly optimized intake process is implemented.
As a result of the change initiative in question:
Each change statement that you agreed with in Tab 3 are listed here in Tab 4 of the Intake and Prioritization Impact Analysis Tool. For each stakeholder, estimate and enter the following data:
Divide and conquer. Leverage the group to get through the seemingly daunting amount of work involved with impact analysis.
Suggested ways to divide up the impact analysis include:
Tip: use a spreadsheet tool that supports multi-user editing (e.g. Google Sheets, Excel Online).
INPUT
OUTPUT
Materials
Participants
Beware of bias. Groups are just as susceptible to producing overly optimistic or pessimistic analysis as individuals, just in different ways. Unrealistic change impact analysis will compromise your chances of arriving at a reasonable, tactful stakeholder communication plan.
These outputs are based on the impacts you analyzed in Tab 4 of the tool (Activity 3.2.1). They are organized in seven sections:
Use Info-Tech’s Message Canvas on this tab to help rationalize and elaborate the change vision for each group.
Elements of a Message Canvas
Change thy language, change thyself.
Jargon, acronyms, and technical terms represent deeply entrenched cultural habits and assumptions.
Continuing to use jargon or acronyms after a transition tends to drag people back to old ways of thinking and working.
You don’t need to invent a new batch of buzzwords for every change (nor should you), but every change is an opportunity to listen for words and phrases that have lost their meaning through overuse and abuse.
Remember these guidelines to help your messages resonate:
– Info-Tech Blueprint, Drive Organizational Change from the PMO
INPUT
OUTPUT
Materials
Participants
The communication plan creates an action plan around the message canvases to coordinate the responsibilities of delivering them, so the risks of “dropping the ball” on your stakeholders are minimized.
1. Choose a change impact from a drop-down menu.
2. Choose an intended audience...
… and the message canvas to reference.
3. Choose the method of delivery. It will influence how to craft the message for the stakeholder.
4. Indicate who is responsible for creating and communicating the message.
5. Briefly indicate goal of the communication and the likelihood of success.
6. Record the dates to plan and track the communications that take place.
Identify critical points in the change curve:
Based on Don Kelley and Daryl Conner’s Emotional Cycle of Change.
INPUT
OUTPUT
Materials
Participants
There will be challenges to watch for in evaluating the effectiveness of your intake processes. These may include circumvention of process by key stakeholders, re-emergence of off-the-grid projects and low-value initiatives.
As a quick and easy way to periodically assess your processes, consider the following questions:
If you answer “no” to any of these questions after a sufficient post-implementation period (approximately six to nine months, depending on the scope of your optimizing), you may need to tweak certain aspects of your processes or seek to align your optimization with a lower capability level in the short term.
Industry: Government
Source: Info-Tech Client
Challenge
There is an IT department for a large municipal government. Possessing a relatively low level of PPM maturity, IT is in the process of establishing more formal intake practices in order to better track, and respond to, project requests. New processes include a minimalist request form (sent via email) coupled with more thorough follow-up from BAs and PMs to determine business value, ROI, and timeframes.
Solution
Even with new user-friendly processes in place, IT struggles to get stakeholders to adopt, especially with smaller initiatives. These smaller requests frequently continue to come in outside of the formal process and, because of this, are often executed outside of portfolio oversight. Without good, reliable data around where staff time is spent, IT lacks the authority to decline new requests.
Results
IT is seeking further optimization through better communication. They are enforcing discipline on stakeholders and reiterating that all initiatives, regardless of size, need to be directed through the process. IT is also training its staff to be more critical. “Don’t just start working on an initiative because a stakeholder asks.” With staff being more critical and directing requests through the proper queues, IT is getting better at tracking and prioritizing requests.
"The biggest challenge when implementing the intake process was change management. We needed to shift our focus from responding to requests to strategically thinking about how requests should be managed. The intake process allows the IT Department to be transparent to customers and enables decision makers."
3.1.1
Select receptive stakeholders to work with during your pilot
Identify the right team of supportive PPM stakeholders to carry out the process pilot. Strategies to recruit the right people outside the workshop will be discussed if appropriate.
3.2.1
Analyze the stakeholder impact and responses to impending organizational change
Carry out a thorough analysis of change impact in order to maximize the effectiveness of the communication strategy in support of the implementation of the optimized process.
Kiron D. Bondale, PMP, PMI - RMP
Senior Project Portfolio & Change Management Professional
Scot Ganshert, Portfolio Group Manager
Larimer County, CO
Garrett McDaniel, Business Analyst II – Information Technology
City of Boulder, CO
Joanne Pandya, IT Project Manager
New York Property Insurance Underwriters
Jim Tom, CIO
Public Health Ontario
Develop a Project Portfolio Management Strategy blueprint"
Balance Supply and Demand with Realistic Resource Management Practices
Maintain an Organized Portfolio
Establish the Benefits Realization Process
Tailor Project Management Processes to Fit Your Projects
Project Portfolio Management Diagnostic Program
The Project Portfolio Management Diagnostic Program is a low-effort, high-impact program designed to help project owners assess and improve their PPM practices. Gather and report on all aspects of your PPM environment to understand where you stand and how you can improve.
Boston Consulting Group. “Executive Sponsor Engagement: Top Driver of Project and Program Success.” PMI, 2014. Web.
Boston Consulting Group. “Winning Through Project Portfolio Management: the Practitioners’ Perspective.” PMI, 2015. Web.
Bradberry, Travis. “Why The 8-Hour workday Doesn’t Work.” Forbes, 7 Jun 2016. Web.
Cook, Scott. Playbook: Best Practices. Business Week
Cooper, Robert, G. “Effective Gating: Make product innovation more productive by using gates with teeth.” Stage-Gate International and Product Development Institute. March/April 2009. Web.
Epstein, Dan. “Project Initiation Process: Part Two.” PM World Journal. Vol. IV, Issue III. March 2015. Web.
Evans, Lisa. “The Exact Amount of Time You Should Work Every Day.” Fast Company, 15 Sep. 2014. Web.
Madison, Daniel. “The Five Implementation Options to Manage the Risk in a New Process.” BPMInstitute.org. n.d. Web.
Merkhofer, Lee. “Improve the Prioritization Process.” Priority Systems, n.d. Web.
Miller, David, and Mike Oliver. “Engaging Stakeholder for Project Success.” PMI, 2015. Web.
Mind Tools. “Kelley and Conner’s Emotional Cycle of Change.” Mind Tools, n.d. Web.
Mochal, Jeffrey and Thomas Mochal. Lessons in Project Management. Appress: September 2011. Page 6.
Newcomer, Eric. “Getting Decisions to Stick.” Standish Group PM2go, 20 Oct 2017. Web.
“PMI Today.” Newtown Square, PA: PMI, Oct 2017. Web.
Project Management Institute. “Standard for Portfolio Management, 3rd ed.” Newtown Square, PA: PMI, 2013.
Project Management Institute. “Pulse of the Profession 2017: Success Rates Rise.” PMI, 2017. Web.
Transparent Choice. “Criteria for Project Prioritization.” n.p., n.d. Web.
University of New Hampshire (UNH) Project Management Office. “University of New Hampshire IT Intake and Selection Process Map.” UNH, n.d. Web.
Ward, John. “Delivering Value from Information Systems and Technology Investments: Learning from Success.” Information Systems Research Centre. August 2006. Web.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Define the business context needed to complete strategic IT initiatives.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Conduct analysis and facilitate discussions to uncover business needs for IT.
A baseline understanding of what business needs mean for IT
1.1 Define the strategic CIO initiatives our organization will pursue.
1.2 Complete the Business Context Discovery Tool.
1.3 Schedule relevant interviews.
1.4 Select relevant Info-Tech diagnostics to conduct.
Business context scope
Completed Business Context Discovery Tool
Completed Info-Tech diagnostics
Analyze the outputs from step 1 and uncover the business context gaps.
A thorough understanding of business needs and why IT should pursue certain initiatives
2.1 Conduct group or one-on-one interviews to identify the missing pieces of the business context.
Documentation of answers to business context gaps
Analyze the outputs from step 1 and uncover the business context gaps.
A thorough understanding of business needs and why IT should pursue certain initiatives
3.1 Conduct group or one-on-one interviews to identify the missing pieces of the business context.
Documentation of answers to business context gaps
Review findings and implications for IT’s strategic initiative.
A thorough understanding of business needs and how IT’s strategic initiatives addresses those needs
4.1 Review documented business context with IT team.
4.2 Discuss next steps for strategic CIO initiative execution.
Finalized version of the business context
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Know where to start and where to focus attention in the implementation of a big data strategy.
Decide the most correct tools to use in order to solve enterprise data management problems.
Compare the TCO of a SQL (scale up) with a NoSQL (scale out) deployment to determine whether NoSQL will save costs.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Explore the significant risks associated with metrics selection so that you can avoid them.
Learn about good practices related to metrics and how to apply them in your organization, then identify your team’s business-aligned goals to be used in SDLC metric selection.
Follow Info-Tech’s TAG approach to selecting effective SDLC metrics for your team, create a communication deck to inform your organization about your selected SDLC metrics, and plan to review and revise these metrics over time.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Learn that metrics are often misused and mismanaged.
Understand the four risk areas associated with metrics: Productivity loss Gaming behavior Ambivalence Unintended consequences
Productivity loss
Gaming behavior
Ambivalence
Unintended consequences
An appreciation of the dangers associated with metrics.
An understanding of the need to select and manage SDLC metrics carefully to avoid the associated risks.
Development of critical thinking skills related to metric selection and use.
1.1 Examine the dangers associated with metric use.
1.2 Share real-life examples of poor metrics and their impact.
1.3 Practice identifying and mitigating metrics-related risk.
Establish understanding and appreciation of metrics-related risks.
Solidify understanding of metrics-related risks and their impact on an organization.
Develop the skills needed to critically analyze a potential metric and reduce associated risk.
Develop an understanding of good practices related to metric selection and use.
Introduce Info-Tech’s TAG approach to metric selection and use.
Identify your team’s business-aligned goals for SDLC metrics.
Understanding of good practices for metric selection and use.
Document your team’s prioritized business-aligned goals.
2.1 Examine good practices and introduce Info-Tech’s TAG approach.
2.2 Identify and prioritize your team’s business-aligned goals.
Understanding of Info-Tech’s TAG approach.
Prioritized team goals (aligned to the business) that will inform your SDLC metric selection.
Apply Info-Tech’s TAG approach to rank and select your team’s SDLC metrics.
Identification of potential SDLC metrics for use by your team.
Collaborative scoring/ranking of potential SDLC metrics based on their specific pros and cons.
Finalize list of SDLC metrics that will support goals and minimize risk while maximizing impact.
3.1 Select your list of potential SDLC metrics.
3.2 Score each potential metric’s pros and cons against objectives using a five-point scale.
3.3 Collaboratively select your team’s first set of SDLC metrics.
A list of potential SDLC metrics to be scored.
A ranked list of potential SDLC metrics.
Your team’s first set of goal-aligned SDLC metrics.
Develop a rollout plan for your SDLC metrics.
Develop a communication plan.
SDLC metrics.
A plan to review and adjust your SDLC metrics periodically in the future.
Communication material to be shared with the organization.
4.1 Identify rollout dates and responsible individuals for each SDLC metric.
4.2 Identify your next SDLC metric review cycle.
4.3 Create a communication deck.
SDLC metrics rollout plan
SDLC metrics review plan
SDLC metrics communication deck
Understanding the differences in IaaS platform agreements, purchasing options, associated value, and risks. What are your options for:
IaaS platforms offer similar technical features, but they vary widely on their procurement model. By fully understanding the procurement differences and options, you will be able to purchase wisely, save money both long and short term, and mitigate investment risk.
Most vendors have similar processes and options to buy. Finding a transparent explanation and summary of each platform in a side-by-side review is difficult.
This project will provide several benefits for both IT and the business. It includes:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Learn the IaaS basics, terminologies, purchasing options, licensing requirements, hybrid options, support, and organization requirements through a checklist process.
Review and understand the features, downsides, and differences between the big three players.
Decide on a primary vendor that meets requirements, engage with a reseller, negotiate pricing incentives, migration costs, review, and execute the agreement.
Organizations need to understand their value-added reseller (VAR) portfolio and the greater VAR landscape to better:
VARs typically charge more for products because they are in some way adding value. If you’re not leveraging any of the provided value, you’re likely wasting money and should use a basic commodity-type reseller for procurement.
This project will provide several benefits to Vendor Management and Procurement:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Organize all your VARs and create a manageable portfolio detailing their value, specific, product, services, and certifications.
Create an in-depth evaluation of the VARs’ capabilities.
Assess each VAR for low performance and opportunity to increase value or consolidate to another VAR and reduce redundancy.
Micro-manage your primary VARs to ensure performance to commitments and maximize their value.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Understand the fundamental concepts of smart contract technology and get buy-in from stakeholders.
Select a business process, create a smart contract logic diagram, and complete a smart contract use-case deliverable.
[infographic]
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Review blockchain basics.
Understand the fundamental concepts of smart contracts.
Develop smart contract use-case executive buy-in presentation.
Understanding of blockchain basics.
Understanding the fundamentals of smart contracts.
Development of an executive buy-in presentation.
1.1 Review blockchain basics.
1.2 Understand smart contract fundamentals.
1.3 Identify business challenges and smart contract benefits.
1.4 Create executive buy-in presentation.
Executive buy-in presentation
Brainstorm and select a business process to develop a smart contract use case around.
Generate a smart contract logic diagram.
Selected a business process.
Developed a smart contract logic diagram for the selected business process.
2.1 Brainstorm candidate business processes.
2.2 Select a business process.
2.3 Identify phases, actors, events, and transactions.
2.4 Create the smart contract logic diagram.
Smart contract logic diagram
Develop smart contract use-case diagrams for each business process phase.
Complete a smart contract use-case deliverable.
Smart contract use-case diagrams.
Smart contract use-case deliverable.
3.1 Build smart contract use-case diagrams for each phase of the business process.
3.2 Create a smart contract use-case summary diagram.
3.3 Complete smart contract use-case deliverable.
Smart contract use case
Review workshop week and lessons learned.
Develop an action plan to follow through with next steps for the project.
Reviewed workshop week with common understanding of lessons learned.
Completed an action plan for the project.
4.1 Review workshop deliverables.
4.2 Create action plan.
Smart contract action plan
1. Frame the conversation.
Understand the audience and forum for the business case to best frame the conversation.
2. Time-box the process of building the case.
More time should be spent on performing the action rather than building the case.
3. The business case is a living document.
The business case creates the basis for review of the realization of the proposed business benefits once the procurement is complete.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Complete the necessary preceding tasks to building the business case. Rationalize the initiative under consideration, determine the organizational decision flow following a stakeholder assessment, and conduct market research to understand the options.
Conduct a thorough assessment of the initiative in question. Define the alternatives under consideration, identify tangible and intangible benefits for each, aggregate the costs, and highlight any risks.
Finalize the recommendation based on the analysis and create a business case presentation to frame the conversation for key stakeholders.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Complete the necessary preceding tasks to building a strong business case.
Alignment with business objectives.
Stakeholder buy-in.
1.1 Map the decision flow in your organization.
1.2 Define the proposed initiative.
1.3 Define the problem/opportunity statement.
1.4 Clarify goals and objectives expected from the initiative.
Decision traceability
Initiative summary
Problem/opportunity statement
Business objectives
Put together the key elements of the business case including alternatives, benefits, and costs.
Rationalize the business case.
2.1 Design viable alternatives.
2.2 Identify the tangible and intangible benefits.
2.3 Assess current and future costs.
2.4 Create the financial business case model.
Shortlisted alternatives
Benefits tracking model
Total cost of ownership
Impact analysis
Determine more integral factors in the business case such as ramp-up time for benefits realization as well as risk assessment.
Complete a comprehensive case.
3.1 Determine ramp-up times for costs and benefits.
3.2 Identify performance measures and tracking.
3.3 Assess initiative risk.
Benefits realization schedule
Performance tracking framework
Risk register
Finalize the recommendation and formulate the business case summary and presentation.
Prepare the business case presentation.
4.1 Choose the alternative to be recommended.
4.2 Create the detailed and summary business case presentations.
4.3 Present and incorporate feedback.
4.4 Monitor and close out.
Final recommendation
Business case presentation
Final sign-off
Most organizations go through an organizational redesign to:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
The purpose of this storyboard is to provide a four-phased approach to organizational redesign.
Use this templated Communication Deck to ensure impacted stakeholders have a clear understanding of why the new organizational structure is needed and what that structure will look like.
This template provides IT leaders with an opportunity to present their case for a change in organizational structure and roles to secure the funding and buy-in required to operate in the new structure.
This Workbook allows IT and business leadership to work through the steps required to complete the organizational redesign process and document key rationale for those decisions.
Refer to this tool when working through the redesign process to better understand the operating model sketches and the capability definitions. Each capability has been tied back to core frameworks that exist within the information and technology space.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Lay the foundation for your organizational redesign by establishing a set of organizational design principles that will guide the redesign process.
Clearly articulate why this organizational redesign is needed and the implications the strategies and context will have on your structure.
1.1 Define the org design drivers.
1.2 Document and define the implications of the business context.
1.3 Align the structure to support the strategy.
1.4 Establish guidelines to direct the organizational design process.
Clear definition of the need to redesign the organizational structure
Understanding of the business context implications on the organizational structure creation.
Strategic impact of strategies on organizational design.
Customized Design Principles to rationalize and guide the organizational design process.
Select and customize an operating model sketch that will accurately reflect the future state your organization is striving towards. Consider how capabilities will be sourced, gaps in delivery, and alignment.
A customized operating model sketch that informs what capabilities will make up your IT organization and how those capabilities will align to deliver value to your organization.
2.1 Augmented list of IT capabilities.
2.2 Capability gap analysis
2.3 Identified capabilities for outsourcing.
2.4 Select a base operating model sketch.
2.5 Customize the IT operating model sketch.
Customized list of IT processes that make up your organization.
Analysis of which capabilities require dedicated focus in order to meet goals.
Definition of why capabilities will be outsourced and the method of outsourcing used to deliver the most value.
Customized IT operating model reflecting sourcing, centralization, and intended delivery of value.
Translate the operating model sketch into a formal structure with defined functional teams, roles, reporting structure, and responsibilities.
A detailed organizational chart reflecting team structures, reporting structures, and role responsibilities.
3.1 Categorize your IT capabilities within your defined functional work units.
3.2 Create a mandate statement for each work unit.
3.3 Define roles inside the work units and assign accountability and responsibility.
3.4 Finalize your organizational structure.
Capabilities Organized Into Functional Groups
Functional Work Unit Mandates
Organizational Chart
Ensure the successful implementation of the new organizational structure by strategically communicating and involving stakeholders.
A clear plan of action on how to transition to the new structure, communicate the new organizational structure, and measure the effectiveness of the new structure.
4.1 Identify and mitigate key org design risks.
4.2 Define the transition plan.
4.3 Create the change communication message.
4.4 Create a standard set of FAQs.
4.5 Align sustainment metrics back to core drivers.
Risk Mitigation Plan
Change Communication Message
Standard FAQs
Implementation and sustainment metrics.
Allison Straker
Research Director,
Organizational Transformation
Brittany Lutes
Senior Research Analyst,
Organizational Transformation
An organizational structure is much more than a chart with titles and names. It defines the way that the organization operates on a day-to-day basis to enable the successful delivery of the organization’s information and technology objectives. Moreover, organizational design sees beyond the people that might be performing a specific role. People and role titles will and often do change frequently. Those are the dynamic elements of organizational design that allow your organization to scale and meet specific objectives at defined points of time. Capabilities, on the other hand, are focused and related to specific IT processes.
Redesigning an IT organizational structure can be a small or large change transformation for your organization. Create a structure that is equally mindful of the opportunities and the constraints that might exist and ensure it will drive the organization towards its vision with a successful implementation. If everyone understands why the IT organization needs to be structured that way, they are more likely to support and adopt the behaviors required to operate in the new structure.
Your organization needs to reorganize itself because:
Many organizations struggle when it comes redesigning their IT organizational structure because they:
Successful IT organization redesign includes:
A successful redesign requires a strong foundation and a plan to ensure successful adoption. Without these, the organizational chart has little meaning or value.
Organizational design is a challenge for many IT and digital executives
69% of digital executives surveyed indicated challenges related to structure, team silos, business-IT alignment, and required roles when executing on a digital strategy.
To overcome these barriers:
75% The percentage of change efforts that fail.
55% The percentage of practitioners who identify how information flows between work units as a challenge for their organization.
IT organizational design refers to the process of aligning the organization’s structure, processes, metrics, and talent to the organization’s strategic plan to drive efficiency and effectiveness.
Why is the right IT organizational design so critical to success? |
||
Adaptability is at the core of staying competitive today |
Structure is not just an organizational chart |
Organizational design is a never-ending process |
Digital technology and information transparency are driving organizations to reorganize around customer responsiveness. To remain relevant and competitive, your organizational design must be forward looking and ready to adapt to rapid pivots in technology or customer demand. |
The design of your organization dictates how roles function. If not aligned to the strategic direction, the structure will act as a bungee cord and pull the organization back toward its old strategic direction (ResearchGate.net, 2014). Structure supports strategy, but strategy also follows structure. |
Organization design is not a one-time project but a continuous, dynamic process of organizational self-learning and continuous improvement. Landing on the right operating model will provide a solid foundation to build upon as the organization adapts to new challenges and opportunities. |
Organizational design the process in which you intentionally align the organizational structure to the strategy. It considers the way in which the organization should operate and purposely aligns to the enterprise vision. This process often considers centralization, sourcing, span of control, specialization, authority, and how those all impact or are impacted by the strategic goals.
Operating models provide an architectural blueprint of how IT capabilities are organized to deliver value. The placement of the capabilities can alter the culture, delivery of the strategic vision, governance model, team focus, role responsibility, and more. Operating model sketches should be foundational to the organizational design process, providing consistency through org chart changes.
The organizational structure is the chosen way of aligning the core processes to deliver. This can be strategic, or it can be ad hoc. We recommend you take a strategic approach unless ad hoc aligns to your culture and delivery method. A good organizational structure will include: “someone with authority to make the decisions, a division of labor and a set of rules by which the organization operates” (Bizfluent, 2019).
The capstone of this change initiative is an easy-to-read chart that visualizes the roles and reporting structure. Most organizations use this to depict where individuals fit into the organization and if there are vacancies. While this should be informed by the structure it does not necessarily depict workflows that will take place. Moreover, this is the output of the organizational design process.
All three elements of the Technology Value Trinity work in harmony to delivery business value and achieve strategic needs. As one changes, the others need to change as well.
How do these three elements relate?
Too often strategy, organizational design, and governance are considered separate practices – strategies are defined without teams and resources to support. Structure must follow strategy.
Like a story, a strategy without a structure to deliver on it is simply words on paper.
Books begin by setting the foundation of the story.
Introduce your story by:
The plot cannot thicken without the foundation. Your organizational structure and chart should not exist without one either.
The steps to establish your organizational chart - with functional teams, reporting structure, roles, and responsibilities defined – cannot occur without a clear definition of goals, need, and context. An organizational chart alone won’t provide the insight required to obtain buy-in or realize the necessary changes.
Conclude your story through change management and communication.
Good stories don’t end without referencing what happened before. Use the literary technique of foreshadowing – your change management must be embedded throughout the organizational redesign process. This will increase the likelihood that the organizational structure can be communicated, implemented, and reinforced by stakeholders.
Once your IT strategy is defined, it is critical to identify the capabilities that are required to deliver on those strategic initiatives. Each initiative will require a combination of these capabilities that are only supported through the appropriate organization of roles, skills, and team structures.
For each phase of this blueprint, its important to consider change management. These are the points when you need to communicate the structure changes:
Do not undertake an organizational redesign initiative if you will not engage in change management practices that are required to ensure its successful adoption.
Given that the organizational redesign is intended to align with the overall vision and objectives of the business, many of the metrics that support its success will be tied to the business. Adapt the key performance indicators (KPIs) that the business is using to track its success and demonstrate how IT can enable the business and improve its ability to reach those targets.
The percentage of resources dedicated to strategic priorities and initiatives supported by IT operating model. While operational resources are necessary, ensuring people are allocating time to strategic initiatives as well will drive the business towards its goal state. Leverage Info-Tech’s IT Staffing Assessment diagnostic to benchmark your IT resource allocation.
Assess the improvement in business satisfaction overall with IT year over year to ensure the new structure continues to drive satisfaction across all business functions. Leverage Info-Tech’s CIO Business Vision diagnostic to see how your IT organization is perceived.
The degree of clarity that IT employees have around their role and its core responsibilities can lead to employee engagement and retention. Consider measuring this core job driver by leveraging Info-Tech’s Employee Engagement Program.
Measure customer satisfaction with technology-enabled business services or products and improvements in technology-enabled client acquisition or retention processes. Assess the percentage of users satisfied with the quality of IT service delivery and leverage Info-Tech’s End-User Satisfaction Survey to determine improvements.
Phase |
1. Establish the Organizational Design Foundation |
2. Create the Operating Model Sketch |
3. Formalize the Organizational Structure |
4. Plan for Implementation and Change |
---|---|---|---|---|
Phase Outcomes |
Lay the foundation for your organizational redesign by establishing a set of organizational design principles that will guide the redesign process. |
Select and customize an operating model sketch that will accurately reflect the future state your organization is striving towards. Consider how capabilities will be sourced, gaps in delivery, and alignment. |
Translate the operating model sketch into a formal structure with defined functional teams, roles, reporting structure, and responsibilities. |
Ensure the successful implementation of the new organizational structure by strategically communicating and involving stakeholders. |
Organizational redesign processes focus on defining the ways in which you want to operate and deliver on your strategy – something an organizational chart will never be able to convey.
Focus on your organization, not someone else's’. Benchmarking your organizational redesign to other organizations will not work. Other organizations have different strategies, drivers, and context.
An operating model sketch that is customized to your organization’s specific situation and objectives will significantly increase the chances of creating a purposeful organizational structure.
If you follow the steps outlined in the first three phases, creating your new organizational chart should be one of the fastest activities.
Throughout the creation of a new organizational design structure, it is critical to involve the individuals and teams that will be impacted.
You could have the best IT employees in the world, but if they aren’t structured well your organization will still fail in reaching its vision.
Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:
Communication Deck
Communicate the changes to other key stakeholders such as peers, managers, and staff.
Workbook
As you work through each of the activities, use this workbook as a place to document decisions and rationale.
Reference Deck
Definitions for every capability, base operating model sketches, and sample organizational charts aligned to those operating models.
Job Descriptions
Key deliverable:
Executive Presentation
Leverage this presentation deck to gain executive buy-in for your new organizational structure.
INDUSTRY: Government
SOURCE: Analyst Interviews and Working Sessions
IT was tasked with providing equality to the different business functions through the delivery of shared IT services. The government created a new IT organizational structure with a focus on two areas in particular: strategic and operational support capabilities.
When creating the new IT structure, an understanding of the complex and differing needs of the business functions was not reflected in the shared services model.
As a result, the new organizational structure for IT did not ensure adequate meeting of business needs. Only the operational support structure was successfully adopted by the organization as it aligned to the individual business objectives. The strategic capabilities aspect was not aligned to how the various business lines viewed themselves and their objectives, causing some partners to feel neglected.
"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."
"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."
"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."
"Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."
Diagnostics and consistent frameworks are used throughout all four options.
A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. A typical GI is 8 to 12 calls over the course of 4 to 6 months.
Phase 1
Call #1: Define the process, understand the need, and create a plan of action.
Phase 2
Call #2: Define org. design drivers and business context.
Call #3: Understand strategic influences and create customized design principles.
Call #4: Customize, analyze gaps, and define sourcing strategy for IT capabilities.
Call #5: Select and customize the IT operating model sketch.
Phase 3
Call #6: Establish functional work units and their mandates.
Call #7: Translate the functional organizational chart to an operational organizational chart with defined roles.
Phase 4
Call #8: Consider risks and mitigation tactics associated with the new structure and select a transition plan.
Call #9: Create your change message, FAQs, and metrics to support the implementation plan.
Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889
Day 1 |
Day 2 |
Day 3 |
Day 4 |
Day 5 |
|
---|---|---|---|---|---|
Establish the Organizational Redesign Foundation |
Create the Operating Model Sketch |
Formalize the Organizational Structure |
Plan for Implementation and Change |
Next Steps and |
|
Activities |
1.1 Define the org. design drivers. 1.2 Document and define the implications of the business context. 1.3 Align the structure to support the strategy. 1.4 Establish guidelines to direct the organizational design process. |
2.1 Augment list of IT capabilities. 2.2 Analyze capability gaps. 2.3 Identify capabilities for outsourcing. 2.4 Select a base operating model sketch. 2.5 Customize the IT operating model sketch. |
3.1 Categorize your IT capabilities within your defined functional work units. 3.2 Create a mandate statement for each work unit. 3.3 Define roles inside the work units and assign accountability and responsibility. 3.4 Finalize your organizational structure. |
4.1 Identify and mitigate key org. design risks. 4.2 Define the transition plan. 4.3 Create the change communication message. 4.4 Create a standard set of FAQs. 4.5 Align sustainment metrics back to core drivers. |
5.1 Complete in-progress deliverables from previous four days. 5.2 Set up review time for workshop deliverables and to discuss next steps. |
Deliverables |
|
|
|
|
|
PART 1: DESIGN |
PART 2: STRUCTURE |
PART 3: IMPLEMENT |
|||
---|---|---|---|---|---|
IT Organizational Architecture |
Organizational Sketch |
Organizational Structure |
Organizational Chart |
Transition Strategy |
Implement Structure |
1. Define the organizational design drivers, business context, and strategic alignment. 2. Create customized design principles. 3. Develop and customize a strategically aligned operating model sketch. 4. Define the future-state work units. 5. Create future-state work unit mandates. |
6. Define roles by work unit. 7. Turn roles into jobs with clear capability accountabilities and responsibilities. 8. Define reporting relationships between jobs. 9. Assess options and select go-forward organizational sketch. |
11. Validate organizational sketch. 12. Analyze workforce utilization. 13. Define competency framework. 14. Identify competencies required for jobs. |
15. Determine number of positions per job 16. Conduct competency assessment. 17. Assign staff to jobs. 18. Build a workforce and staffing plan. |
19. Form an OD implementation team. 20. Develop change vision. 21. Build communication presentation. 22. Identify and plan change projects. 23. Develop organizational transition plan. |
24. Train managers to lead through change. 25. Define and implement stakeholder engagement plan. 26. Develop individual transition plans. 27. Implement transition plans. |
Risk Management: Create, implement, and monitor risk management plan.
HR Management: Develop job descriptions, conduct job evaluation, and develop compensation packages.
Monitor and Sustain Stakeholder Engagement
This phase will walk you through the following activities:
1.1 Define the organizational redesign driver(s)
1.2 Create design principles based on the business context
1.3a (Optional Exercise) Identify the capabilities from your value stream
1.3b Identify the capabilities required to deliver on your strategies
1.4 Finalize your list of design principles
This phase involves the following participants:
Changes are most successful when leaders clearly articulate the reason for the change – the rationale for the organizational redesign of the IT function. Providing both staff and executive leaders with an understanding for this change is imperative to its success. Despite the potential benefits to a redesign, they can be disruptive. If you are unable to answer the reason why, a redesign might not be the right initiative for your organization.
Employees who understand the rationale behind decisions made by executive leaders are 3.6 times more likely to be engaged.
Successful adoption of the new organizational design requires change management from the beginning. Start considering how you will convey the need for organizational change within your IT organization.
All aspects of your IT organization’s structure should be designed with the business’ context and strategic direction in mind.
Use the following set of slides to extract the key components of your drivers, business context, and strategic direction to land on a future structure that aligns with the larger strategic direction.
Driver(s) can originate from within the IT organization or externally. Ensuring the driver(s) are easy to understand and articulate will increase the successful adoption of the new organizational structure.
Defines the interactions that occur throughout the organization and between the organization and external stakeholders. The context provides insight into the environment by both defining the purpose of the organization and the values that frame how it operates.
The IT strategy should be aligned to the overall business strategy, providing insight into the types of capabilities required to deliver on key IT initiatives.
Where are we today?
Determine the current overall maturity level of the IT organization.
Where do we want to be as an organization?
Use the inputs from Info-Tech’s diagnostic data to determine where the organization should be after its reorganization.
How can you leverage these results?
The result of these diagnostics will inform the design principles that you’ll create in this phase.
CIO Business Vision Diagnostic
Management & Governance Diagnostic
Effectiveness is a concern:
New capabilities are needed:
Lack of business understanding
Workforce challenges
Avoid change for change’s sake. Restructuring could completely miss the root cause of the problem and merely create a series of new ones.
1-2 hours
Input |
Output |
|
|
Materials |
Participants |
|
|
Record the results in the Organizational Design Communications Deck
Workforce Considerations:
Business Context Consideration |
IT Org. Design Implication |
Culture: Culture, "the way we do things here,” has huge implications for executing strategy, driving engagement, and providing a guiding force that ensures organizations can work together toward common goals.
|
Consider whether your organization’s culture can accept the operating model and organizational structure changes that make sense on paper. Certain cultures may lean toward particular operating models. For example, the demand-develop-service operating model may be supported by a cooperative culture. A traditional organization may lean towards the plan-build-run operating model. Ensure you have considered your current culture and added exercises to support it. If more capacity is required to accomplish the goals of the organization, you’ll want to prepare the leaders and explain the need in your design principles (to reflect training, upskilling, or outsourcing). Unionized environments require additional consideration. They may necessitate less structural changes, and so your principles will need to reflect other alternatives (hiring additional resources, creative options) to support organizational needs. Hybrid or fully remote workforces may impact how your organization interacts. |
Business Context Consideration | IT Org. Design Implication |
Control & Governance: It is important to consider how your organization is governed, how decisions are made, and who has authority to make decisions. Strategy tells what you do, governance validates you’re doing the right things, and structure is how you execute on what’s been approved.
| Organizations that require more controls may lean toward more centralized governance. Organizations that are looking to better enable and empower their divisions (products, groups, regions, etc.) may look to embed governance in these parts of the organization. For enterprise organizations, consider where IT has authority to make decisions (at the global, local, or system level). Appropriate governance needs to be built into the appropriate levels. |
Business Context Consideration | IT Org. Design Implication |
Financial Constraints: Follow the money: You may need to align your IT organization according to the funding model.
| Determine if you can move forward with a new model or if you can adjust your existing one to suit the financial constraints. If you have no say over your funding, pre-work may be required to build a business case to change your funding model before you look at your organizational structure – without this, you might have to rule out centralized and focus on hybrid/centralized. If you don’t control the budget (funding comes from your partners), it will be difficult to move to a more centralized model. A federated business organization may require additional IT governance to help prioritize across the different areas. Budgets for digital transformation might come from specific areas of the business, so resources may need to be aligned to support that. You’ll have to consider how you will work with those areas. This may also impact the roles that are going to exist within your IT organization – product owners or division owners might have more say. |
Business Context Consideration | IT Org. Design Implication |
Business Perspective of IT: How the business perceives IT and how IT perceives itself are sometimes not aligned. Make sure the business’ goals for IT are well understood.
Business Organization Structure and Growth:
| If IT needs to become more of a business partner, you’ll want to define what that means to your organization and focus on the capabilities to enable this. Educating your partners might also be required if you’re not aligned. For many organizations, this will include stakeholder management, innovation, and product/project management. If IT and its business partners are satisfied with an order-taker relationship, be prepared for the consequences of that. A global organization will require different IT needs than a single location. Specifically, site reliability engineering (SRE) or IT support services might be deployed in each region. Organizations growing through mergers and acquisitions can be structured differently depending on what the organization needs from the transaction. A more centralized organization may be appropriate if the driver is reuse for a more holistic approach, or the organization may need a more decentralized organization if the acquisitions need to be handled uniquely. |
Business Context Consideration | IT Org. Design Implication |
Sourcing Strategy:
Change Tolerance:
| Your sourcing strategy affects your organizational structure, including what capabilities you group together. Since managing outsourced capabilities also includes the need for vendor management, you’ll need to ensure there aren’t too many capabilities required per leader. Look closely at what can be achieved through your operating model if IT is done through other groups. Even though these groups may not be in scope of your organization changes, you need to ensure your IT team works with them effectively. If your organization is going to push back if there are big structural changes, consider whether the changes are truly necessary. It may be preferred to take baby steps – use an incremental versus big-bang approach. A need for incremental change might mean not making a major operating model change. |
Business Context Consideration | IT Org Design. Implication |
Stakeholder Engagement & Focus: Identify who your customers and stakeholders are; clarify their needs and engagement model.
Business Vision, Services, and Products: Articulate what your organization was built to do.
| For a customer or user focus, ensure capabilities related to understanding needs (stakeholder, UX, etc.) are prioritized. Hybrid, decentralized, or demand-develop-service models often have more of a focus on customer needs. Outsourcing the service desk might be a consideration if there’s a high demand for the service. A differentiation between these users might mean there’s a different demand for services. Think broadly in terms of your organizational vision, not just the tactical (widget creation). You might need to choose an operating model that supports vision. Do you need to align your organization with your value stream? Do you need to decentralize specific capabilities to enable prioritization of the key capabilities? |
1-3 hours
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Communications Deck
Designing your IT organization requires an assessment of what it needs to be built to do:
The IT organization must reflect your business needs:
1 hour
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Communications Deck
Ensure that you have a clear view of the goals and initiatives that are needed in your organization. Your IT, digital, business, and/or other strategies will surface the IT capabilities your organization needs to develop. Identify the goals of your organization and the initiatives that are required to deliver on them. What capabilities are required to enable these? These capabilities will need to be reflected in your design principles.
Sample initiatives and capabilities from an organization’s strategies
1 hour
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Communications Deck
Your organizational design principles should define a set of loose rules that can be used to design your organizational structure to the specific needs of the work that needs to be done. These rules will guide you through the selection of the appropriate operating model that will meet your business needs. There are multiple ways you can hypothetically organize yourself to meet these needs, and the design principles will point you in the direction of which solution is the most appropriate as well as explain to your stakeholders the rationale behind organizing in a specific way. This foundational step is critical: one of the key reasons for organizational design failure is a lack of requisite time spent on the front-end understanding what is the best fit.
1-3 hours
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Communications Deck
Design Principle |
Description |
Decision making |
We will centralize decision making around the prioritization of projects to ensure that the initiatives driving the most value for the organization as a whole are executed. |
Fit for purpose |
We will build and maintain fit-for-purpose solutions based on business units’ unique needs. |
Reduction of duplication |
We will reduce role and application duplication through centralized management of assets and clearly differentiated roles that allow individuals to focus within key capability areas. |
Managed security |
We will manage security enterprise-wide and implement compliance and security governance policies. |
Reuse > buy > build |
We will maximize reuse of existing assets by developing a centralized application portfolio management function and approach. |
Managed data |
We will create a specialized data office to provide data initiatives with the focus they need to enable our strategy. |
Design Principle |
Description |
Controlled technical diversity |
We will control the variety of technology platforms we use to allow for increased operability and reduction of costs. |
Innovation |
R&D and innovation are critical – we will build an innovation team into our structure to help us meet our digital agenda. |
Resourcing |
We will separate our project and maintenance activities to ensure each are given the dedicated support they need for success and to reduce the firefighting mentality. |
Customer centricity |
The new structure will be directly aligned with customer needs – we will have dedicated roles around relationship management, requirements, and strategic roadmapping for business units. |
Interoperability |
We will strengthen our enterprise architecture practices to best prepare for future mergers and acquisitions. |
Cloud services |
We will move toward hosted versus on-premises infrastructure solutions, retrain our data center team in cloud best practices, and build roles around effective vendor management, cloud provisioning, and architecture. |
This phase will walk you through the following activities:
2.1 Augment the capability list
2.2 Heatmap capabilities to determine gaps in service
2.3 Identify the target state of sourcing for your IT capabilities
2.4 Review and select a base operating model sketch
2.5 Customize the selected overlay to reflect the desired future state
This phase involves the following participants:
Obtain desire from stakeholders to move forward with organizational redesign initiative by involving them in the process to gain interest. This will provide the stakeholders with assurance that their concerns are being heard and will help them to understand the benefits that can be anticipated from the new organizational structure.
“You’re more likely to get buy-in if you have good reason for the proposed changes – and the key is to emphasize the benefits of an organizational redesign.”
Just because people are aware does not mean they agree. Help different stakeholders understand how the change in the organizational structure is a benefit by specifically stating the benefit to them.
Capabilities
Competencies
1-3 hours
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
Assess the gaps between where you currently are and where you need to be. Evaluate how critical and how effective your capabilities are:
Remember to identify what allows the highly effective capabilities to perform at the capacity they are. Leverage this when increasing effectiveness elsewhere.
High Gap
There is little to no effectiveness (high gap) and the capability is highly important to your organization.
Medium Gap
Current ability is medium in effectiveness (medium gap) and there might be some priority for that capability in your organization.
Low Gap
Current ability is highly effective (low gap) and the capability is not necessarily a priority for your organization.
1-3 hours
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
There are a few different “types” of outsourcing:
Insourcing |
Staff Augmentation |
Managed Service |
Competitive Advantage |
|
---|---|---|---|---|
Description |
The organization maintains full responsibility for the management and delivery of the IT capability or service. |
Vendor provides specialized skills and enables the IT capability or service together with the organization to meet demand. |
Vendor completely manages the delivery of value for the IT capability, product or service. |
Vendor has unique skills, insights, and best practices that can be taught to staff to enable insourced capability and competency. |
Benefits |
|
|
|
|
Drawbacks |
|
|
|
|
Capability |
Capacity |
Outsourcing Model |
---|---|---|
Low |
Low |
Your solutions may be with you for a long time, so it doesn’t matter whether it is a strategic decision to outsource development or if you are not able to attract the talent required to deliver in your market. Look for a studio, agency, or development shop that has a proven reputation for long-term partnership with its clients. |
Low |
High |
Your team has capacity but needs to develop new skills to be successful. Look for a studio, agency, or development shop that has a track record of developing its customers and delivering solutions. |
High |
Low |
Your organization knows what it is doing but is strapped for people. Look at “body shops” and recruiting agencies that will support short-term development contracts that can be converted to full-time staff or even a wholesale development shop acquisition. |
High |
High |
You have capability and capacity for delivering on your everyday demands but need to rise to the challenge of a significant, short-term rise in demand on a critical initiative. Look for a major system integrator or development shop with the specific expertise in the appropriate technology. |
Sourcing Criteria | Description | |
---|---|---|
Determine whether you’ll outsource using these criteria | 1. Critical or commodity | Determine whether the component to be sourced is critical to your organization or if it is a commodity. Commodity components, which are either not strategic in nature or related to planning functions, are likely candidates for outsourcing. Will you need to own the intellectual property created by the third party? Are you ok if they reuse that for their other clients? |
2. Readiness to outsource | Identify how easy it would be to outsource a particular IT component. Consider factors such as knowledge transfer, workforce reassignment or reduction, and level of integration with other components. Vendor management readiness – ensuring that you have sufficient capabilities to manage vendors – should also be considered here. | |
3. In-house capabilities | Determine if you have the capability to deliver the IT solutions in-house. This will help you establish how easy it would be to insource an IT component. | |
4. Ability to attract resources (internal vs. outsourced) | Determine if the capability is one that is easily sourced with full-time, internal staff or if it is a specialty skill that is best left for a third-party to source. | |
Determine your sourcing model using these criteria | 5. Cost | Consider the total cost (investment and ongoing costs) of the delivery of the IT component for each of the potential sourcing models for a component. |
6. Quality | Define the potential impact on the quality of the IT component being sourced by the possible sourcing models. | |
7. Compliance | Determine whether the sourcing model would fit with regulations in your industry. For example, a healthcare provider would only go for a cloud option if that provider is HIPAA compliant. | |
8. Security | Identify the extent to which each sourcing option would leave your organization open to security threats. | |
9. Flexibility | Determine the extent to which the sourcing model will allow your organization to scale up or down as demand changes. |
1-3 hours
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
An IT operating model sketch is a visual representation of the way your IT organization needs to be designed and the capabilities it requires to deliver on the business mission, strategic objectives, and technological ambitions. It ensures consistency of all elements in the organizational structure through a clear and coherent blueprint.
The visual should be the optimization and alignment of the IT organization’s structure to deliver the capabilities required to achieve business goals. Additionally, it should clearly show the flow of work so that key stakeholders can understand where inputs flow in and outputs flow out of the IT organization. Investing time in the front end getting the operating model right is critical. This will give you a framework to rationalize future organizational changes, allowing you to be more iterative and your model to change as the business changes.
Every structure decision you make should be based on an identified need, not on a trend.Build your IT organization to enable the priorities of the organization.
Centralized |
Hybrid |
Decentralized |
|
---|---|---|---|
Advantages |
|
|
|
Disadvantages |
|
|
|
Decentralization can take a number of different forms depending on the products the organization supports and how the organization is geographically distributed. Use the following set of explanations to understand the different types of decentralization possible and when they may make sense for supporting your organizational objectives.
Decentralization by lines of business (LoB) aligns decision making with business operating units based on related functions or value streams. Localized priorities focus the decision making from the CIO or IT leadership team. This form of decentralization is beneficial in settings where each line of business has a unique set of products or services that require specific expertise or flexible resourcing staffing between the teams.
Decentralization by product line organizes your team into operationally aligned product families to improve delivery throughput, quality, and resource flexibility within the family. By adopting this approach, you create stable product teams with the right balance between flexibility and resource sharing. This reinforces value delivery and alignment to enterprise goals within the product lines.
Geographical decentralization reflects a shift from centralized to regional influences. When teams are in different locations, they can experience a number of roadblocks to effective communication (e.g. time zones, regulatory differences in different countries) that may necessitate separating those groups in the organizational structure, so they have the autonomy needed to make critical decisions.
Functional decentralization allows the IT organization to be separated by specialty areas. Organizations structured by functional specialization can often be organized into shared service teams or centers of excellence whereby people are grouped based on their technical, domain, or functional area within IT (Applications, Data, Infrastructure, Security, etc.). This allows people to develop specialized knowledge and skills but can also reinforce silos between teams.
1 hour
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
The following bridges might be necessary to augment your divisions:
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
Document the final operating model sketch in the Communications Deck
This phase will walk you through the following activities:
3.1 Create work units
3.2 Create work unit mandates
3.3 Define roles inside the work units
3.4 Finalize the organizational chart
3.5 Identify and mitigate key risks
This phase involves the following participants:
You don’t have to make the change in one big bang. You can adopt alternative transition plans such as increments or pilots. This allows people to see the benefits of why you are undergoing the change, allows the change message to be repeated and applied to the individuals impacted, and provides people with time to understand their role in making the new organizational structure successful.
“Transformational change can be invigorating for some employees but also highly disruptive and stressful for others.”
Without considering the individual impact of the new organizational structure on each of your employees, the change will undoubtedly fail in meeting its intended goals and your organization will likely fall back into old structured habits.
The organizational sketch is the outline of the organization that encompasses the work units and depicts the relationships among them. It’s important that you create the structure that’s right for your organization, not one that simply fits with your current staff’s skills and knowledge. This is why Info-Tech encourages you to use your operating model as a mode of guidance for structuring your future-state organizational sketch.
The organizational sketch is made up of unique work units. Work units are the foundational building blocks on which you will define the work that IT needs to get done. The number of work units you require and their names will not match your operating model one to one. Certain functional areas will need to be broken down into smaller work units to ensure appropriate leadership and span of control.
A work unit is a functional group or division that has a discrete set of processes or capabilities that it is responsible for, which don’t overlap with any others. Your customized list of IT capabilities will form the building blocks of your work units. Step one in the process of building your structure is grouping IT capabilities together that are similar or that need to be done in concert in the case of more complex work products. The second step is to iterate on these work units based on the organizational design principles from Phase 1 to ensure that the future-state structure is aligned with enablement of the organization’s objectives.
Here is a list of example work units you can use to brainstorm what your organization’s could look like. Some of these overlap in functionality but should provide a strong starting point and hint at some potential alternatives to your current way of organizing.
1-3 hours
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
A group consists of two or more individuals who are working toward a common goal. Group formation is how those individuals are organized to deliver on that common goal. It should take into consideration the levels of hierarchy in your structure, the level of focus you give to processes, and where power is dispersed within your organizational design.
Importance: Balance highly important capabilities with lower priority capabilities
Specialization: The scope of each role will be influenced by specialized knowledge and a dedicated leader
Effectiveness: Group capabilities that increase their efficacy
Span of Control: Identify the right number of employees reporting to a single leader
Smaller organizations will require less specialization simply out of necessity. To function and deliver on critical processes, some people might be asked to wear several hats.
When you say you are looking for a team that is a “jack of all trades,” you are likely exceeding appropriate cognitive loads for your staff and losing productivity to task switching.
Complexity: More complex work should have fewer direct reports. This often means the leader will need to provide lots of support, even engaging in the work directly at times.
Demand: Dynamic shifts in demand require more managerial involvement and therefore should have a smaller span of control. Especially if this demand is to support a 24/7 operation.
Competency Level: Skilled employees should require less hands-on assistance and will be in a better position to support the business as a member of a larger team than those who are new to the role.
Purpose: Strategic leaders are less involved in the day-to-day operations of their teams, while operational leaders tend to provide hands-on support, specifically when short-staffed.
Pick your poison…
It’s important to understand the impacts that team design has on your services and products. The solutions that a team is capable of producing is highly dependent on how teams are structured. For example, Conway’s Law tells us that small distributed software delivery teams are more likely to produce modular service architecture, where large collocated teams are better able to create monolithic architecture. This doesn’t just apply to software delivery but also other products and services that IT creates. Note that small distributed teams are not the only way to produce quality products as they can create their own silos.
The work unit mandate should provide a quick overview of the work unit and be clear enough that any reader can understand why the work unit exists, what it does, and what it is accountable for.
Each work unit will have a unique mandate. Each mandate should be distinguishable enough from your other work units to make it clear why the work is grouped in this specific way, rather than an alternative option. The mandate will vary by organization based on the agreed upon work units, design archetype, and priorities.
Don’t just adopt an example mandate from another organization or continue use of the organization’s pre-existing mandate – take the time to ensure it accurately depicts what that group is doing so that its value-added activities are clear to the larger organization.
The Office of the CIO will be a strategic enabler of the IT organization, driving IT organizational performance through improved IT management and governance. A central priority of the Office of the CIO is to ensure that IT is able to respond to evolving environments and challenges through strategic foresight and a centralized view of what is best for the organization.
The Project Management Office will provide standardized and effective project management practices across the IT landscape, including an identified project management methodology, tools and resources, project prioritization, and all steps from project initiation through to evaluation, as well as education and development for project managers across IT.
The Solutions Development Group will be responsible for the high-quality development and delivery of new solutions and improvements and the production of customized business reports. Through this function, IT will have improved agility to respond to new initiatives and will be able to deliver high-quality services and insights in a consistent manner.
1-3 hours
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
Now that you have identified the main units of work in the target IT organization, it is time to identify the roles that will perform that work. At the end of this step, the key roles will be identified, the purpose statement will be built, and accountability and responsibility for roles will be clearly defined. Make sure that accountability for each task is assigned to one role only. If there are challenges with a role, change the role to address them (e.g. split roles or shift responsibilities).
Do not bias your role design by focusing on your existing staff’s competencies. If you begin to focus on your existing team members, you run the risk of artificially narrowing the scope of work or skewing the responsibilities of individuals based on the way it is, rather than the way it should be.
1-3 hours
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
Despite popular belief, there is no such thing as the Spotify model, and organizations that structured themselves based on the original Spotify drawing might be missing out on key opportunities to obtain productivity from employees.
The primary goal of any product delivery team is to improve the delivery of value for customers and the business based on your product definition and each product’s demand. Each organization will have different priorities and constraints, so your team structure may take on a combination of patterns or may take on one pattern and then transform into another.
Delivery Team Structure Patterns |
How Are Resources and Work Allocated? |
|
---|---|---|
Functional Roles |
Teams are divided by functional responsibilities (e.g. developers, testers, business analysts, operations, help desk) and arranged according to their placement in the software development lifecycle (SDLC). |
Completed work is handed off from team to team sequentially as outlined in the organization’s SDLC. |
Shared Service and Resource Pools |
Teams are created by pulling the necessary resources from pools (e.g. developers, testers, business analysts, operations, help desk). |
Resources are pulled whenever the work requires specific skills or pushed to areas where product demand is high. |
Product or System |
Teams are dedicated to the development, support, and management of specific products or systems. |
Work is directly sent to the teams who are directly managing the product or directly supporting the requester. |
Skills and Competencies |
Teams are grouped based on skills and competencies related to technology (e.g. Java, mobile, web) or familiarity with business capabilities (e.g. HR, Finance). |
Work is directly sent to the teams who have the IT and business skills and competencies to complete the work. |
Functional Roles | Shared Service and Resource Pools | Product or System | Skills and Competencies |
---|---|---|---|
When your people are specialists versus having cross-functional skills | Leveraged when specialists such as Security or Operations will not have full-time work on the product | When you have people with cross-functional skills who can self-organize around a product’s needs | When you have a significant investment in a specific technology stack |
![]() | ![]() | ![]() | ![]() |
For more information about delivering in a product operating model, refer to our Deliver Digital Products at Scale blueprint.
1-3 hours
Input | Output |
---|---|
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook & Executive Communications Deck
Every organizational structure will include certain risks that should have been considered and accepted when choosing the base operating model sketch. Now that the final organizational structure has been created, consider if those risks were mitigated by the final organizational structure that was created. For those risks that weren’t mitigated, have a tactic to control risks that remain present.
1-3 hours
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
This phase will walk you through the following activities:
4.1 Select a transition plan
4.2 Establish the change communication messages
4.3 Be consistent with a standard set of FAQs
4.4 Define org. redesign resistors
4.5 Create a sustainment plan
This phase involves the following participants:
Change management is: |
Managing a change that requires replanning and reorganizing and that causes people to feel like they have lost control over aspects of their jobs. – Padar et al., 2017 |
People Process Technology |
PREPARE | A | Awareness: Establish the need for organizational redesign and ensure this is communicated well. |
This blueprint is mostly focused on the prepare and transition components. |
D | Desire: Ensure the new structure is something people are seeking and will lead to individual benefits for all. |
||
TRANSITION | K | Knowledge: Provide stakeholders with the tools and resources to function in their new roles and reporting structure. |
|
A | Ability: Support employees through the implementation and into new roles or teams. |
||
FUTURE | R | Reinforcement: Emphasize and reward positive behaviors and attitudes related to the new organizational structure. |
Implementation Plan |
Transition Plan: Identify the appropriate approach to making the transition, and ensure the transition plan works within the context of the business. |
Communication Strategy: Create a method to ensure consistent, clear, and concise information can be provided to all relevant stakeholders. |
|
Plan to Address Resistance: Given that not everyone will be happy to move forward with the new organizational changes, ensure you have a method to hear feedback and demonstrate concerns have been heard. |
|
Employee Development Plan: Provide employees with tools, resources, and the ability to demonstrate these new competencies as they adjust to their new roles. |
|
Monitor and Sustain the Change: Establish metrics that inform if the implementation of the new organizational structure was successful and reinforce positive behaviors. |
As a result, your organization must adopt OCM practices to better support the acceptance and longevity of the changes being pursued.
Incremental Change |
Transformational Change |
Organizational change management is highly recommended and beneficial for projects that require people to:
|
Organizational change management is required for projects that require people to:
|
How you transition to the new organizational structure can be heavily influenced by HR. This is the time to be including them and leveraging their expertise to support the transition “how.”
Description | Pros | Cons | Example | |
Big Bang Change | Change that needs to happen immediately – “ripping the bandage off.” |
|
| A tsunami in Japan stopped all imports and exports. Auto manufacturers were unable to get parts shipped and had to immediately find an alternative supplier. |
Incremental Change | The change can be rolled out slower, in phases. |
|
| A change in technology, such as HRIS, might be rolled out one application at a time to ensure that people have time to learn and adjust to the new system. |
Pilot Change | The change is rolled out for only a select group, to test and determine if it is suitable to roll out to all impacted stakeholders. |
|
| A retail store is implementing a new incentive plan to increase product sales. They will pilot the new incentive plan at select stores, before rolling it out broadly. |
1-3 hours
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
Success of your new organizational structure hinges on adequate preparation and effective communication.
The top challenge facing organizations in completing the organizational redesign is their organizational culture and acceptance of change. Effective planning for the implementation and communication throughout the change is pivotal. Make sure you understand how the change will impact staff and create tailored plans for communication.
65% of managers believe the organizational change is effective when provided with frequent and clear communication.
Leaders of successful change spend considerable time developing a powerful change message, i.e. a compelling narrative that articulates the desired end state, and that makes the change concrete and meaningful to staff.
The organizational change message should:
2 hours
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
Be Clear |
|
Be Consistent |
|
Be Concise |
|
Be Relevant |
|
As a starting point for building an IT organizational design implementation, look at implementing an FAQ that will address the following:
Questions to consider answering:
1 hour
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
People resist changes for many reasons. When it comes to organizational redesign changes, some of the most common reasons people resist change include a lack of understanding, a lack of involvement in the process, and fear.
Assess employee to determine competency levels and interests.
Employee drafts development goals; manager reviews.
Manager helps with selection of development activities.
Manager provides ongoing check-ins, coaching, and feedback.
Sustain the change by following through with stakeholders, gathering feedback, and ensuring that the change rationale and impacts are clearly understood. Failure to so increases the potential that the change initiative will fail or be a painful experience and cost the organization in terms of loss of productivity or increase in turnover rates.
Obtaining qualitative feedback from employees, customers, and business partners can provide insight into where the new organizational structure is operating optimally versus where there are further adjustments that could be made to support the change.
1 hour
Input | Output |
|
|
Materials | Participants |
|
|
Record the results in the Organizational Design Workbook
Jardena London
Transformation Catalyst, Rosetta Technology Group
Jodie Goulden
Consultant | Founder, OrgDesign Works
Shan Pretheshan
Director, SUPA-IT Consulting
Chris Briley
CIO, Manning & Napier
Dean Meyer
President N. Dean Meyer and Associates Inc.
Jimmy Williams
CIO, Chocktaw Nation of Oklahoma
Cole Cioran, Managing Partner
Dana Daher, Research Director
Hans Eckman, Principal Research Director
Ugbad Farah, Research Director
Ari Glaizel, Practice Lead
Valence Howden, Principal Research Director
Youssef Kamar, Senior Manager, Consulting
Carlene McCubbin, Practice Lead
Baird Miller, Executive Counsellor
Josh Mori, Research Director
Rajesh Parab, Research Director
Gary Rietz, Executive Counsellor
“A Cheat Sheet for HR Professionals: The Organizational Development Process.” AIHR, 2021. Web.
Acharya, Ashwin, Roni Lieber, Lissa Seem, and Tom Welchman. “How to identify the right ‘spans of control’ for your organization.” McKinsey, 21 December 2017. Web.
Anand. N., and Jean-Louis Barsoux. “What everyone gets wrong about change management. Harvard Business Review, December 2017. Web.
Atiken, Chris. “Operating model design-first principles.” From Here On, 24 August 2018. Web.
“Avoid common digital transformation challenges: Address your IT Operating Model Now.” Sofigate, 5 May 2020. Web.
Baumann, Oliver, and Brian Wu. “The many dimensions of research on designing flat firms.” Journal of Organizational Design, no. 3, vol. 4. 09 May 2022.Web.
Bertha, Michael. “Cross the project to product chasm.” CIO, 1 May 2020. Web.
Blenko, Marcia, and James Root. “Design Principles for a Robust Operating Model.” Bain & Company, 8 April 2015. Web.
Blenko, Marcia, Leslie Mackrell, and Kevin Rosenberg. “Operating models: How non-profits get from strategy to results.” The Bridge Span Group, 15 August 2019. Web.
Boulton, Clint. “PVH finds perfect fit in hybrid IT operating model amid pandemic.” CIO, 19 July 2021. Web.
Boulton, Clint. “Why digital disruption leaves no room for bimodal IT.” CIO, 11 May 2017. Web.
Bright, David, et al. “Chapter 10: Organizational Structure & Change.” Principles of Management, OpenStax, Rice University, 20 March 2019. Book.
Campbell, Andrew. “Design Principles: How to manage them.” Ashridge Operating Models. 1 January 2022. Web.
D., Maria. “3 Types of IT Outsourcing Models and How to Choose Between Them.” Cleveroad, 29 April 2022. Web.
Devaney, Eric. “9 Types of Organizational Structure Every Company Should Consider.” HubSpot, 11 February 2022. Web.
Devaney, Erik. “The six building blocks of organizational structure.” Hubspot, 3 June 2020. Web.
Eisenman, M., S. Paruchuri, and P. Puranam. “The design of emergence in organizations.” Journal of Organization Design, vol. 9, 2020. Web.
Forbes Business Development Council. “15 Clear Signs It’s Time to Restructure the Business.” Forbes, 10 February 2020. Web.
Freed, Joseph. “Why Cognitive Load Could Be The Most Important Employee Experience Metric In The Next 10 Years.” Forbes, 30 June 2020. Web.
Galibraith, Jay. “The Star Model.” JayGalbraith.com, n.d. Web.
Girod, Stéphane, and Samina Karim. “Restructure or reconfigure?” Harvard Business Review, April 2017. Web.
Goldman, Sharon. “The need for a new IT Operating Model: Why now?” CIO, 27 August 2019. Web.
Halapeth, Milind. “New age IT Operating Model: Creating harmony between the old and the new.” Wirpo, n.d. Web.
Harvey, Michelle. “Why a common operating model is efficient for business productivity.” CMC, 10 May 2020. Web.
Helfand, Heidi. “Dynamic Reteaming.” O’Reilly Media, 7 July 2020. Book.
JHeller, Martha. “How Microsoft CIO Jim DuBois changed the IT Operating Model.” CIO, 2 February 2016. Web.
Heller, Martha. “How Stryker IT Shifted to a global operating model.” CIO, 19 May 2021. Web.
Heller, Michelle. “Inside blue Shields of California’s IT operating model overhaul.” CIO, 24 February 2021. Web.
Hessing, Ted. “Value Stream Mapping.” Six Sigma Study Guide, 11 April 2014. Web.
Huber, George, P. “What is Organization Design.” Organizational Design Community, n.d. Web.
Indeed Editorial Team. “5 Advantages and Disadvantages of the Matrix Organizational Structure.” Indeed, 23 November 2020. Web.
Indeed Editorial Team. “How to plan an effective organization restructure.” Indeed, 10 June 2021. Web.
“Insourcing vs Outsourcing vs Co-Sourcing.” YML Group, n.d. Web.
“Investing in more strategic roles.” CAPS Research, 3 February 2022. Web.
Jain, Gagan. “Product IT Operating Model: The next-gen model for a digital work.” DevOps, 22 July 2019. Web.
Kane, Gerald, D. Plamer, and Anh Phillips. “Accelerating Digital Innovation Inside and Out.” Deloitte Insights, 4 June 2019. Web.
Krush, Alesia. “IT companies with ‘flat’ structures: utopia or innovative approach?” Object Style, 18 October 2018. Web.
Law, Michael. “Adaptive Design: Increasing Customer Value in Your Organisation.” Business Agility Institute, 5 October 2020. Web.
LucidContent Team. “How to get buy-in for changes to your organizational structure.” Lucid Chart, n.d. Web.
Matthews, Paul. “Do you know the difference between competence and capability?” The People Development Magazine, 25 September 2020. Web.
Meyer, Dean N. “Analysis: Common symptoms of organizational structure problems.” NDMA, n.d. Web.
Meyer, N. Dean. “Principle-based Organizational Structure.” NDMA Publishing, 2020. Web.
Morales Pedraza, Jorge. Answer to posting, “What is the relationship between structure and strategy?” ResearchGate.net, 5 March 2014. Web.
Nanjad, Len. “Five non-negotiables for effective organization design change.” MNP, 01 October 2021. Web.
Neilson, Gary, Jaime Estupiñán, and Bhushan Sethi. “10 Principles of Organizational Design.” Strategy & Business, 23 March 2015. Web.
Nicastro, Dom. “Understanding the Foundational Concepts of Organizational Design.” Reworked, 24 September 2020. Web.
Obwegeser, Nikolaus, Tomoko Yokoi, Michael Wade, and Tom Voskes. “7 Key Principles to Govern Digital Initiatives.” MIT Sloan, 1 April 2020. Web.
“Operating Models and Tools.” Business Technology Standard, 23 February 2021. Web.
“Organizational Design Agility: Journey to a combined community.” ODF-BAI How Space, Organizational Design Forum, 2022. Web.
“Organizational Design: Understanding and getting started.” Ingentis, 20 January 2021. Web.
Padar, Katalin, et al. “Bringing project and change management roles into sync.” Journal of Change Management, 2017. Web.
Partridge, Chris. “Evolve your Operating Model- It will drive everything.” CIO, 30 July 2021. Web.
Pijnacker, Lieke. “HR Analytics: role clarity impacts performance.” Effectory, 25 September 2019. Web.
Pressgrove, Jed. “Centralized vs. Federated: Breaking down IT Structures.” Government Technology, March 2020. Web.
Sherman, Fraser. “Differences between Organizational Structure and Design.” Bizfluent, 20 September 2019. Web.
Skelton, Matthew, and Manual Pais. “Team Cognitive Load.” IT Revolution, 19 January 2021. Web.
Skelton, Matthew, and Manual Pais. Team Topologies. IT Revolution Press, 19 September 2019. Book
Spencer, Janet, and Michael Watkins. “Why organizational change fails.” TLNT, 26 November 2019. Web.
Storbakken, Mandy. “The Cloud Operating Model.” VMware, 27 January 2020. Web.
"The Qualities of Leadership: Leading Change.” Cornelius & Associates, 2010. Web.
“Understanding Organizational Structures.” SHRM, 31 August 2021. Web.
"unfix Pattern: Base.” AgilityScales, n.d. Web.
Walker, Alex. “Half-Life: Alyx helped change Valve’s Approach to Development.” Kotaku, 10 July 2020. Web.
"Why Change Management.” Prosci, n.d. Web.
Wittig, Cynthia. “Employees' Reactions to Organizational Change.” OD Practioner, vol. 44, no. 2, 2012. Web.
Woods, Dan. “How Platforms are neutralizing Conway’s Law.” Forbes, 15 August 2017. Web.
Worren, Nicolay, Jeroen van Bree, and William Zybach. “Organization Design Challenges. Results from a practitioner survey.” Journal of Organizational Design, vol. 8, 25 July 2019. Web.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Determine how to establish the foundation of your security operations.
Assess the maturity of your prevention, detection, analysis, and response processes.
Design a target state and improve your governance and policy solutions.
Make your case to the board and develop a roadmap for your prioritized security initiatives.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Identify security obligations and the security operations program’s pressure posture.
Assess current people, process, and technology capabilities.
Determine foundational controls and complete system and asset inventory.
Identified the foundational elements needed for planning before a security operations program can be built
1.1 Define your security obligations and assess your security pressure posture.
1.2 Determine current knowledge and skill gaps.
1.3 Shine a spotlight on services worth monitoring.
1.4 Assess and document your information system environment.
Customized security pressure posture
Current knowledge and skills gaps
Log register of essential services
Asset management inventory
Identify the maturity level of existing security operations program processes.
Current maturity assessment of security operations processes
2.1 Assess the current maturity level of the existing security operations program processes.
Current maturity assessment
Design your optimized target state.
Improve your security operations processes with governance and policy solutions.
Identify and prioritize gap initiatives.
A comprehensive list of initiatives to reach ideal target state
Optimized security operations with repeatable and standardized policies
3.1 Complete standardized policy templates.
3.2 Map out your ideal target state.
3.3 Identify gap initiatives.
Security operations policies
Gap analysis between current and target states
List of prioritized initiatives
Formalize project strategy with a project charter.
Determine your sourcing strategy for in-house or outsourced security operations processes.
Assign responsibilities and complete an implementation roadmap.
An overarching and documented strategy and vision for your security operations
A thorough rationale for in-house or outsourced security operations processes
Assigned and documented responsibilities for key projects
4.1 Complete a security operations project charter.
4.2 Determine in-house vs. outsourcing rationale.
4.3 Identify dependencies of your initiatives and prioritize initiatives in phases of implementation.
4.4 Complete a security operations roadmap.
Security operations project charter
In-house vs. outsourcing rationale
Initiatives organized according to phases of development
Planned and achievable security operations roadmap
Moreso than any other time, our world is changing. As a result, organizations – and their vendors – need to be able to adapt their strategic plans to accommodate risk on an unprecedented level.
A new global change will impact your organizational strategy at any given time. So, make sure your plans are flexible enough to manage the inevitable consequences.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Use this research to identify and quantify the potential strategic impacts caused by vendors. Use Info-Tech’s approach to look at the strategic impact from various perspectives to better prepare for issues that may arise.
By playing the “what if” game and asking probing questions to draw out – or eliminate – possible negative outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.
Like most people, organizations are poor at assessing the likelihood of risk. If the past few years have taught us anything, it is that the probability of a risk occurring is far more flexible in the formula Risk = Likelihood * Impact than we ever thought possible. The impacts of these risks have been catastrophic, and organizations need to be more adaptive in managing them to strengthen their strategic plans.
Frank Sewell,
Research Director, Vendor Management
Info-Tech Research Group
Moreso than any other time, our world is changing. As a result, organizations – and their vendors – need to be able to adapt their strategic plans to accommodate risk on an unprecedented level.
A new global change will impact your organizational strategy at any given time. So, make sure your plans are flexible enough to manage the inevitable consequences.
Identifying and managing a vendor’s potential strategic impact on your organization requires multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how these changes affect strategic plans.
Organizational leadership is often taken unaware during crises, and their plans lack the flexibility needed to adjust to significant market upheavals.
Vendor management practices educate organizations on the different potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
Prioritize and classify your vendors with quantifiable, standardized rankings.
Prioritize focus on your high-risk vendors.
Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your strategic plan with our Strategic Impacts Tool.
Organizations must evolve their strategic risk assessments to be more adaptive to respond to global changes in the market. Ongoing monitoring of the market and the vendors tied to company strategies is imperative to achieving success.
This series will focus on the individual components of vendor risk and how vendor management practices can facilitate organizations’ understanding of those risks.
This series will not tackle risk governance, determining overall risk tolerance and appetite, or quantifying inherent risk.
The IT market is constantly reacting to global influences. By anticipating changes, leaders can set expectations and work with their vendors to accommodate them.
When the unexpected happens, being able to adapt quickly to new priorities ensures continued long-term business success.
Below are some things no one expected to happen in the last few years:
of IT professionals are more concerned about being a victim of ransomware than they were a year ago.
of Microsoft’s non-essential employees shifted to working from home in 2020, joining the 18% already remote.
of organizations invested in web conferencing technology to facilitate collaboration.
Source: Info-Tech Tech Trends Survey 2022
Make sure you have the right people at the table to identify and plan to manage impacts.
Very few people could have predicted that a global pandemic would interrupt business on the scale experienced today. Organizations should look at their lessons learned and incorporate adaptable preparations into their strategic planning moving forward.
The IT market is an ever-shifting environment. Larger companies often gobble up smaller ones to control their sectors. Incorporating plans to manage those shifts in ownership will be key to many strategic plans that depend on niche vendor solutions for success. Be sure to monitor the potentially affected markets on an ongoing cadence.
Organizations need to accept that shortages will recur periodically and that preparing for them will significantly increase the success potential of long-term strategic plans. Understand what your business needs to stock for project needs and where those supplies are located, and plan how to rapidly access and distribute them as required if supply chain disruptions occur.
For example:
Sometimes an organization has the right mindset to take advantage of the changes in the market but can fail to plan for the particulars.
When your strategic plan changes, you need to revisit all the steps in the processes to ensure a successful outcome.
It is important to identify potential risks to strategic plans to manage the risk and be agile enough in planning to adapt to the changing environments.
Info-Tech Insight
Few organizations are good at identifying risks to their strategic plan. As a result, almost none realistically plan to monitor, manage, and adapt their strategies to those risks.
(Adapted from COSO)
Organizations build portions of their strategies around chosen vendors and should protect those plans against the risks of unforeseen acquisitions in the market.
Is your vendor solvent? Does it have enough staff to accommodate your needs? Has its long-term planning been affected by changes in the market? Is it unique in its space?
Organizations’ strategic plans need to be adaptable to avoid vendors’ negative actions causing an expedited shift in priorities.
For example, Philip's recall of ventilators impacted its products and the availability of its competitor’s products as demand overwhelmed the market.
Organizations need to become better at risk assessment and actively manage the identified risks to their strategic plans.
Few organizations are good at identifying risks to their strategic plan. As a result, almost none realistically plan to monitor, manage, and adapt their strategies to those risks.
Strategic risk impacts are often unanticipated, causing unforeseen downstream effects. Anticipating the potential changes in the global IT market and continuously monitoring vendors’ risk levels can help organizations modify their strategic alignment with the new norms.
Review your strategic plans for new risks and evolving likelihood on a regular basis.
Keep in mind Risk = Likelihood x Impact (R=L*I).
Impact (I) tends to remain the same, while Likelihood (L) is a very flexible variable.
Organizations need to be reviewing their strategic risk plans considering the likelihood of incidents in the global market.
Pandemics, extreme weather, and wars that affect global supply chains are a current reality, not unlikely scenarios.
Sometimes disasters occur despite our best plans to manage them.
When this happens, it is important to document the lessons learned and improve our plans going forward.
Vendor management professionals are in an excellent position to help senior leadership identify and pull together resources across the organization to determine potential risks. By playing the "what if" game and asking probing questions to draw out – or eliminate – possible adverse outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.
Download the Strategic Risk Impact Tool
Input | Output |
---|---|
|
|
Materials | Participants |
|
|
Industry: Airline
Impact categories: Pandemic, Lockdowns, Travel Bans, Increased Fuel Prices
The pandemic prompted systemic change to the overall strategic planning of the airline industry.
Organizations must evolve their strategic risk assessments to be more adaptive to respond to global changes in the market.
Ongoing monitoring of the market and the vendors tied to company strategies is imperative to achieving success.
Olaganathan, Rajee. “Impact of COVID-19 on airline industry and strategic plan for its recovery with special reference to data analytics technology.” Global Journal of Engineering and Technology Advances, vol 7, no 1, 2021, pp. 033-046.
Tonello, Matteo. “Strategic Risk Management: A Primer for Directors.” Harvard Law School Forum on Corporate Governance, 23 Aug. 2012.
Frigo, Mark L., and Richard J. Anderson. “Embracing Enterprise Risk Management: Practical Approaches for Getting Started.” COSO, 2011.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Understand the components of agility and what the optimal states are for service management agility.
Determine the current state of agility in the service management practice.
Create a roadmap for service management agility and present it to key stakeholders to obtain their support.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Understand agility and how it can complement service management.
Understand how the components of culture, structure, processes, and resources enable agility in service management.
Clear understanding of Agile principles.
Identifying opportunities for agility.
Understanding of how Agile principles align with service management.
1.1 Understand agility.
1.2 Understand how Agile methodologies can complement service management through culture, structure, processes, and resources.
Summary of Agile principles.
Summary of optimal components in culture, structure, processes, and resources that enable agility.
Assess your current organizational agility with respect to culture, structure, processes, and resources.
Identify your agility strengths and weaknesses with the agility score.
Understand your organization’s current enablers and constraints for agility.
Have metrics to identify strengths or weaknesses in culture, structure, processes, and resources.
2.1 Complete an agility assessment.
Assessment score of current state of agility.
Determine the gaps between the current and optimal states for agility.
Create a roadmap for service management agility.
Create a stakeholders presentation.
Have a completed custom roadmap that will help build sustainable agility into your service management practice.
Present the roadmap to key stakeholders to communicate your plans and get organizational buy-in.
3.1 Create a custom roadmap for service management agility.
3.2 Create a stakeholders presentation on service management agility.
Completed roadmap for service management agility.
Completed stakeholders presentation on service management agility.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Define the business’s M&A goals, assemble an IT Integration Program, and select an IT integration posture that aligns with business M&A strategy.
Refine the current state of each IT domain in both organizations, and then design the end-state of each domain.
Generate tactical operational imperatives and quick-wins, and then develop an interim action plan to maintain business function and capture synergies.
Generate initiatives and put together a long-term action plan to achieve the planned technology end-state.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Identification of staffing and skill set needed to manage the IT integration.
Generation of an integration communication plan to highlight communication schedule during major integration events.
Identification of business goals and objectives to select an IT Integration Posture that aligns with business strategy.
Defined IT integration roles & responsibilities.
Structured communication plan for key IT integration milestones.
Creation of the IT Integration Program.
Generation of an IT Integration Posture.
1.1 Define IT Integration Program responsibilities.
1.2 Build an integration communication plan.
1.3 Host interviews with senior management.
1.4 Select a technology end-state and IT integration posture.
Define IT Integration Program responsibilities and goals
Structured communication plan
Customized interview guide for each major stakeholder
Selected technology end-state and IT integration posture
Identification of information sources to begin conducting discovery.
Definition of scope of information that must be collected about target organization.
Definition of scope of information that must be collected about your own organization.
Refinement of the technology end-state for each IT domain of the new entity.
A collection of necessary information to design the technology end-state of each IT domain.
Adequate information to make accurate cost estimates.
A designed end-state for each IT domain.
A collection of necessary, available information to make accurate cost estimates.
2.1 Define discovery scope.
2.2 Review the data room and conduct onsite discovery.
2.3 Design the technology end-state for each IT domain.
2.4 Select the integration strategy for each IT domain.
Tone set for discovery
Key information collected for each IT domain
Refined end-state for each IT domain
Refined integration strategy for each IT domain
Generation of tactical initiatives that are operationally imperative and will help build business credibility.
Prioritization and execution of tactical initiatives.
Confirmation of integration strategy for each IT domain and generation of initiatives to achieve technology end-states.
Prioritization and execution of integration roadmap.
Tactical initiatives generated and executed.
Confirmed integration posture for each IT domain.
Initiatives generated and executed upon to achieve the technology end-state of each IT domain.
3.1 Build quick-win and operational imperatives.
3.2 Build a tactical action plan and execute.
3.3 Build initiatives to close gaps and redundancies.
3.4 Finalize your roadmap and kick-start integration.
Tactical roadmap to fulfill short-term M&A objectives and synergies
Confirmed IT integration strategies
Finalized integration roadmap
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Whether you have no Service Desk customer feedback program in place or you need to improve your existing process for gathering and responding to feedback, this deck will help you design your surveys and act on their results to improve CSAT scores.
This template provides a sample transactional (ticket) satisfaction survey. If your ITSM tool or other survey mechanism allows you to design or write your own survey, use this template as a starting point.
Use the Sample Size Calculator to calculate your ideal sample size for your relationship surveys.
This template will help you map out the step-by-step process to review collected feedback from your end-user satisfaction surveys, analyze the data, and act on it.
EXECUTIVE BRIEF
Natalie Sansone, PhD
Info-Tech Research Group |
Often when we ask service desk leaders where they need to improve and if they’re measuring customer satisfaction, they either aren’t measuring it at all, or their ticket surveys are turned on but they get very few responses (or only positive responses). They fail to see the value of collecting feedback when this is their experience with it. Feedback is important because traditional service desk metrics can only tell us so much. We often see what’s called the “watermelon effect”: metrics appear “green”, but under the surface they’re “red” because customers are in fact dissatisfied for reasons unmeasured by standard internal IT metrics. Customer satisfaction should always be the goal of service delivery, and directly measuring satisfaction in addition to traditional metrics will help you get a clearer picture of your strengths and weaknesses, and where to prioritize improvements. It’s not as simple as asking customers if they were satisfied with their ticket, however. There are two steps necessary for success. The first is collecting feedback, which should be done purposefully, with clear goals in mind in order to maximize the response rate and value of responses received. The second – and most critical – is acting on that feedback. Use it to inform improvements and communicate those improvements. Doing so will not only make your service desk better, increasing satisfaction through better service delivery, but also will make your customers feel heard and valued, which alone increases satisfaction. |
Emily Sugerman, PhD
Info-Tech Research Group |
Your Challenge |
Common Obstacles |
Info-Tech’s Approach |
---|---|---|
|
|
|
Asking your customers for feedback then doing nothing with it is worse than not asking for feedback at all. Your customers may end up more dissatisfied than they were before, if their opinion is sought out and then ignored. It’s valuable to collect feedback, but the true value for both IT and its customers comes from acting on that feedback and communicating those actions back to your users.
The watermelon effect
When a service desk appears to hit all its targets according to the metrics it tracks, but service delivery is poor and customer satisfaction is low, this is known as the “watermelon effect”. Service metrics appear green on the outside, but under the surface (unmeasured), they’re red because customers are dissatisfied.
Traditional SLAs and service desk metrics (such as time to respond, average resolution time, percentage of SLAs met) can help you understand service desk performance internally to prioritize your work and identify process improvements. However, they don’t tell you how customers perceive the service or how satisfied they are.
Providing good service to your customers should be your end goal. Failing to measure, monitor, and act on customer feedback means you don’t have the whole picture of how your service desk is performing and whether or where improvements are needed to maximize satisfaction.
The Service Desk Institute (SDI) suggests that customer satisfaction is the most important indicator of service desk success, and that traditional metrics around SLA targets – currently the most common way to measure service desk performance – may become less valuable or even obsolete in the future as customer experience-focused targets become more popular. (Service Desk Institute, 2021)
SDI conducted a Customer Experience survey of service desk professionals from a range of organizations, both public and private, from January to March 2018. The majority of respondents said that customer experience is more important than other metrics such as speed of service or adherence to SLAs, and that customer satisfaction is more valuable than traditional metrics. (SDI, 2018).
Obstacles to collecting feedback |
Obstacles to acting on collected feedback |
---|---|
|
|
Insight into customer experience |
Gather insight into both the overall customer relationship with the service desk and individual transactions to get a holistic picture of the customer experience. |
---|---|
Data to inform decisions |
Collect data to inform decisions about where to spend limited resources or time on improvement, rather than guessing or wasting effort on the wrong thing. |
Identification of areas for improvement |
Better understand your strengths and weaknesses from the customer’s point of view to help you identify gaps and priorities for improvement. |
Customers feel valued |
Make customers feel heard and valued; this will improve your relationship and their satisfaction. |
Ability to monitor trends over time |
Use the same annual relationship survey to be able to monitor trends and progress in making improvements by comparing data year over year. |
Foresight to prevent problems from occurring |
Understand where potential problems may occur so you can address and prevent them, or who is at risk of becoming a detractor so you can repair the relationship. |
IT staff coaching and engagement opportunities |
Turn negative survey feedback into coaching and improvement opportunities and use positive feedback to boost morale and engagement. |
Phase |
1. Understand how to measure customer satisfaction |
2. Design and implement transactional surveys |
3. Design and implement relationship surveys |
4. Analyze and act on feedback |
---|---|---|---|---|
Phase outcomes |
Understand the main types of customer satisfaction surveys, principles for survey design, and best practices for surveying your users. |
Learn why and how to design a simple survey to assess satisfaction with individual service desk transactions (tickets) and a methodology for survey delivery that will improve response rates. |
Understand why and how to design a survey to assess overall satisfaction with the service desk across your organization, or use Info-Tech’s diagnostic. |
Measure and analyze the results of both surveys and build a plan to act on both positive and negative feedback and communicate the results with the organization. |
Key Insight:
Asking your customers for feedback then doing nothing with it is worse than not asking for feedback at all. Your customers may end up more dissatisfied than they were before if they’re asked for their opinion then see nothing done with it. It’s valuable to collect feedback, but the true value for both IT and its customers comes from acting on that feedback and communicating those actions back to your users.
Additional insights:
Insight 1 |
Take the time to define the goals of your transactional survey program before launching it – it’s not as simple as just deploying the default survey of your ITSM tool out of the box. The objectives of the survey – including whether you want to keep a pulse on average satisfaction or immediately act on any negative experiences – will influence a range of key decisions about the survey configuration. |
---|---|
Insight 2 |
While transactional surveys provide useful indicators of customer satisfaction with specific tickets and interactions, they tend to have low response rates and can leave out many users who may rarely or never contact the service desk, but still have helpful feedback. Include a relationship survey in your customer feedback program to capture a more holistic picture of what your overall user base thinks about the service desk and where you most need to improve. |
Insight 3 |
Satisfaction scores provide valuable data about how your customers feel, but don’t tell you why they feel that way. Don’t neglect the qualitative data you can gather from open-ended comments and questions in both types of satisfaction surveys. Take the time to read through these responses and categorize them in at least a basic way to gain deeper insight and determine where to prioritize your efforts. |
Understand the main types of customer satisfaction surveys, principles for survey design, and best practices for surveying your users.
Phase 1: |
Phase 2: |
Phase 3: |
Phase 4: |
---|---|---|---|
Understand how to measure customer satisfaction |
Design and implement transactional surveys |
Design and implement relationship surveys |
Analyze and act on feedback |
Transactional |
Relationship |
One-off |
|
---|---|---|---|
Also known as |
Ticket surveys, incident follow-up surveys, on-going surveys |
Annual, semi-annual, periodic, comprehensive, relational |
One-time, single, targeted |
Definition |
|
|
|
Transactional | Relationship | One-off | |
---|---|---|---|
Pros |
|
|
|
Cons |
|
|
|
Only relying on one type of survey will leave gaps in your understanding of customer satisfaction. Include both transactional and relationship surveys to provide a holistic picture of customer satisfaction with the service desk.
If you can only start with one type, choose the type that best aligns with your goals and priorities:
If your priority is to identify larger improvement initiatives the service desk can take to improve overall customer satisfaction and trust in the service desk: |
If your priority is to provide customers with the opportunity to let you know when transactions do not go well so you can take immediate action to make improvements: |
↓ | ↓ |
Start with a relationship survey |
Start with a transactional survey |
Info-Tech Insight
One-off surveys can be useful to assess whether a specific change has impacted satisfaction, or to inform a planned change/initiative. However, as they aren’t typically part of an on-going customer feedback program, the focus of this research will be on transactional and relationship surveys.
CSAT | CES | NPS | |
---|---|---|---|
Name | Customer Satisfaction | Customer Effort Score | Net Promoter score |
What it measures | Customer happiness | Customer effort | Customer loyalty |
Description | Measures satisfaction with a company overall, or a specific offering or interaction | Measures how much effort a customer feels they need to put forth in order to accomplish what they wanted | Single question that asks consumers how likely they are to recommend your product, service, or company to other people |
Survey question | How satisfied are/were you with [company/service/interaction/product]? | How easy was it to [solve your problem/interact with company/handle my issue]? Or: The [company] made it easy for me to handle my issue | How likely are you to recommend [company/service/product] to a friend? |
Scale | 5, 7, or 10 pt scale, or using images/emojis | 5, 7, or 10 pt scale | 10-pt scale from highly unlikely to highly likely |
Scoring | Result is usually expressed as a percentage of satisfaction | Result usually expressed as an average | Responses are divided into 3 groups where 0-6 are detractors, 7-8 are passives, 9-10 are promoters |
Pros |
|
|
|
Cons |
|
|
|
While we focus mainly on traditional survey-based approaches to measuring customer satisfaction in this blueprint, there’s no need to limit yourselves to surveys as your only method. Consider multiple techniques to capture a wider audience, including:
Don’t include unnecessary questions that won’t give you actionable information; it will only waste respondents’ time.
Keep each question as short as possible and limit the total number of survey questions to avoid survey fatigue.
Most of your measures will be close-ended, but include at least one comment box to allow for qualitative feedback.
Ensure that question wording is clear and specific so that all respondents interpret it the same way.
You won’t get accurate results if your question leads respondents into thinking or answering a certain way.
Don’t ask about two different things in the same question – it will confuse respondents and make your data hard to interpret.
Response options should include all possible opinions (including “don’t know”) to avoid frustrating respondents.
Pre-populate information where possible (e.g. name, department) and ensure the survey is responsive on mobile devices.
If every question is mandatory, respondents may leave the survey altogether if they can’t or don’t want to answer one question.
Test your survey with your target audience before launching, and incorporate feedback - they may catch issues you didn’t notice.
There are two types of survey fatigue:
Occurs when users are overwhelmed by too many requests for feedback and stop responding.
Occurs when the survey is too long or irrelevant to users, so they grow tired and abandon the survey.
Fight survey fatigue:
Learn why and how to design a simple survey to assess satisfaction with individual service desk transactions (tickets) and a methodology for survey delivery that will improve response rates.
Phase 1: | Phase 2: | Phase 3: | Phase 4: |
---|---|---|---|
Understand how to measure customer satisfaction | Design and implement transactional surveys | Design and implement relationship surveys | Analyze and act on feedback |
While feedback on transactional surveys is specific to a single transaction, even one negative experience can impact the overall perception of the service desk. Pair your transactional surveys with an annual relationship survey to capture broader sentiment toward the service desk.
Transactional surveys serve several purposes:
Decision | Considerations | For more guidance, see |
What are the goals of your survey? | Are you hoping to get an accurate pulse of customer sentiment (if so, you may want to randomly send surveys) or give customers the ability to provide feedback any time they have some (if so, send a survey after every ticket)? | Slide 25 |
How many questions will you ask? | Keep the survey as short as possible – ideally only one mandatory question. | Slide 26 |
What questions will you ask? | Do you want a measure of NPS, CES, or CSAT? Do you want to measure overall satisfaction with the interaction or something more specific about the interaction? | Slide 27 |
What will be the response options/scale? | Keep it simple and think about how you will use the data after. | Slide 28 |
How often will you send the survey? | Will it be sent after every ticket, every third ticket, or randomly to a select percentage of tickets, etc.? | Slide 29 |
What conditions would apply? | For example, is there a subset of users who you never want to receive a survey or who you always want to receive a survey? | Slide 30 |
What mechanism/tool will you use to send the survey? | Will your ITSM tool allow you to make all the configurations you need, or will you need to use a separate survey tool? If so, can it integrate to your ITSM solution? | Slide 30 |
Decision | Considerations | For more guidance, see |
What will trigger the survey? | Typically, marking the ticket as either ‘resolved’ or ‘closed’ will trigger the survey. | Slide 31 |
How long after the ticket is closed will you send the survey? | You’ll want to leave enough time for the user to respond if the ticket wasn’t resolved properly before completing a survey, but not so much time that they don’t remember the ticket. | Slide 31 |
Will the survey be sent in a separate email or as part of the ticket resolution email? | A separate email might feel like too many emails for the user, but a link within the ticket closure email may be less noticeable. | Slide 32 |
Will the survey be embedded in email or accessed through a link? | If the survey can be embedded into the email, users will be more likely to respond. | Slide 32 |
How long will the survey link remain active, and will you send any reminders? | Leave enough time for the user to respond if they are busy or away, but not so much time that the data would be irrelevant. Balance the need to remind busy end users with the possibility of overwhelming them with survey fatigue. | Slide 32 |
What other text will be in the main body of the survey email and/or thank you page? | Keep messaging short and straightforward and remind users of the benefit to them. | Slide 33 |
Where will completed surveys be sent/who will have access? | Will the technician assigned to the ticket have access or only the manager? What email address/DL will surveys be sent to? | Slide 33 |
If your objective is: |
|
Keep a continual pulse on average customer satisfaction |
Gain the opportunity to act on negative feedback for any poor experience |
Then: |
|
Send survey randomly |
Send survey after every ticket |
Rationale: |
|
Sending a survey less often will help avoid survey fatigue and increase the chances of users responding whether they have good, bad, or neutral feedback |
Always having a survey available means users can provide feedback every time they want to, including for any poor experience – giving you the chance to act on it. |
Service Managers often get caught up in running a transactional survey program because they think it’s standard practice, or they need to report a satisfaction metric. If that’s your only objective, you will fail to derive value from the data and will only turn customers away from responding.
As you design your survey, keep in mind the following principles:
Q: How many questions should the survey contain?
A: Ideally, your survey will have only one mandatory question that captures overall satisfaction with the interaction.
This question can be followed up with an optional open-ended question prompting the respondent for more details. This will provide a lot more context to the overall rating.
If there are additional questions you need to ask based on your goals, clearly make these questions optional so they don’t deter respondents from completing the survey. For example, they can appear only after the respondent has submitted their overall satisfaction response (i.e. on a separate, thank you page).
Additional (optional) measures may include:
Tips for writing survey questions:
Sample question wording:
How satisfied are you with this support experience?
How would you rate your support experience?
Please rate your overall satisfaction with the way your issue was handled.
Instead of this…. |
Ask this…. |
---|---|
“We strive to provide excellent service with every interaction. Please rate how satisfied you are with this interaction.” |
“How satisfied were you with this interaction?” |
“How satisfied were you with the customer service skills, knowledge, and responsiveness of the technicians?” |
Choose only one to ask about. |
“How much do you agree that the service you received was excellent?” |
“Please rate the service you received.” |
“On a scale of 1-10, thinking about your most recent experience, how satisfied would you say that you were overall with the way that your ticket was resolved?” |
“How satisfied were you with your ticket resolution?” |
When planning your response options, remember to keep the survey as easy to respond to as possible – this means allowing a one-click response and a scale that’s intuitive and simple to interpret. |
Think about how you will use the responses and interpret the data. If you choose a 10-point scale, for example, what would you classify as a negative vs positive response? Would a 5-point scale suffice to get the same data? |
Again, use your goals to inform your response options. If you need a satisfaction metric, you may need a numerical scale. If your goal is just to capture negative responses, you may only need two response options: good vs bad. |
Common response options:
|
Investigate the capabilities of your ITSM tool. It may only allow one built-in response option style. But if you have the choice, choose the simplest option that aligns with your goals. |
There are two common choices for when to send ticket satisfaction surveys:
After random tickets |
After every ticket |
|
Pros |
|
|
Cons |
|
|
SDI’s 2018 Customer Experience in ITSM survey of service desk professionals found:
Almost two-thirds (65%) send surveys after every ticket.
One-third (33%) send surveys after randomly selected tickets are closed.
Send a survey after every ticket so that anyone who has feedback gets the opportunity to provide it – and you always get the chance to act on negative feedback. But, limit how often any one customer receives a ticket to avoid over-surveying them – restrict to anywhere between one survey a week to one per month per customer.
Decision #1 |
Decision #2 |
---|---|
What tool will you use to deliver the survey? |
What (if any) conditions apply to your survey? |
Considerations
|
Considerations Is there a subset of users who you never want to receive a survey (e.g. a specific department, location, role, or title)? Is there a subset of users who you always want to receive a survey, no matter how often they contact the service desk (e.g. VIP users, a department that scored low on the annual satisfaction survey, etc.)? Are there certain times of the year that you don’t want surveys to go out (e.g. fiscal year end, holidays)? Are there times of the day that you don’t want surveys to be sent (e.g. only during business hours; not at the end of the day)? |
Recommendations The built-in functionality of your ITSM tool’s surveys will be easiest to send and track; use it if possible. However, if your tool’s survey module is limited and won’t give you the value you need, consider a third-party solution or survey tool that integrates with your ITSM solution and won’t require significant manual effort to send or review the surveys. |
Recommendations If your survey module allows you to apply conditions, think about whether any are necessary to apply to either maximize your response rate (e.g. don’t send a survey on a holiday), avoid annoying certain users, or seek extra feedback from dissatisfied users. |
Decision #2 | Decision #1 |
---|---|
What will trigger the survey? | When will the survey be sent? |
Considerations
| Considerations
|
Recommendations Only send the survey once you’re sure the issue has actually been resolved; you could further upset the customer if you ask them how happy they are with the resolution if resolution wasn’t achieved. This means sending the survey once the user confirms resolution (which closes ticket) or the agent closes the ticket. | Recommendations If you are sending the survey upon ticket status moving to ‘resolved’, wait at least 24 hours before sending the survey in case the user responds that their issue wasn’t actually resolved. However, if you are sending the survey after the ticket has been verified resolved and closed, you can send the survey immediately while the experience is still fresh in their memory. |
Decision #1 | Decision #2 |
---|---|
How will the survey appear in email? | How long will the survey remain active? |
Considerations
| Considerations
|
Recommendations Send the survey separately from the ticket resolution email or users will never notice it. However, if possible, have the entire survey embedded within the email so users can click to respond directly from their email without having to open a separate link. Reduce effort, to make users more likely to respond. | Recommendations Leave enough time for the user to respond if they are busy or away, but not so much time that the data will be irrelevant. Balance the need to remind busy end users, with the possibility of overwhelming them with survey fatigue. About a week is typical. |
Decision #1 | Decision #2 |
---|---|
What will the body of the email/messaging say? | Where will completed surveys be sent? |
Considerations
| Considerations
|
Recommendations Most users won’t read a long message, especially if they see it multiple times, so keep the email short and simple. Tell users you value their feedback, indicate which interaction you’re asking about, and say how long the survey should take. Thank them after they submit and tell them you will act on their feedback. | Recommendations Survey results should be sent to the Service Manager, Customer Experience Lead, or whoever is the person responsible for managing the survey feedback. They can choose how to share feedback with specific agents and the service desk team. |
Most IT organizations see transactional survey response rates of less than 20%.
Source: SDI, 2018SDI’s 2018 Customer Experience in ITSM survey of service desk professionals found that 69% of respondents had survey response rates of 20% or less. However, they did not distinguish between transactional and relationship surveys. |
Reasons for low response rates:
|
“In my experience, single digits are a sign of a problem. And a downward trend in response rate is also a sign of a problem. World-class survey response rates for brands with highly engaged customers can be as high as 60%. But I’ve never seen it that high for internal support teams. In my experience, if you get a response rate of 15-20% from your internal customers then you’re doing okay. That’s not to say you should be content with the status quo, you should always be looking for ways to increase it.” – David O’Reardon, Founder & CEO of Silversix |
Don’t over-survey any one user or they will start to ignore the surveys.
Ask for feedback soon after the ticket was resolved so it’s fresh in the user’s memory.
Keep the survey short, concise, and simple to respond to.
Minimize effort involved as much as possible. Allow users to respond directly from email and from any device.
Experiment with your subject line or email messaging to draw more attention.
Respond to customers who provide feedback – especially negative – so they know you’re listening.
Demonstrate that you are acting on feedback so users see the value in responding.
Once you’ve worked through all the decisions in this step, you’re ready to configure your transactional survey in your ITSM solution or survey tool.
As a starting point, you can leverage Info-Tech’s Transactional Service Desk Survey Templatee to design your templates and wording.
Make adjustments to match your decisions or your configuration limitations as needed.
Refer to the key decisions tables on slides 24 and 25 to ensure you’ve made all the configurations necessary as you set up your survey.
Understand why and how to design a survey to assess overall satisfaction with the service desk across your organization, or use Info-Tech’s diagnostic.
Phase 1: | Phase 2: | Phase 3: | Phase 4: |
---|---|---|---|
Understand how to measure customer satisfaction | Design and implement transactional surveys | Design and implement relationship surveys | Analyze and act on feedback |
Evaluating service quality in any industry is challenging for both those seeking feedback and those consuming the service: “service quality is more difficult for the consumer to evaluate than goods quality.”
You are in the position of trying to measure something intangible: customer perception, which “result[s] from a comparison of consumer expectations with actual service performance,” which includes both the service outcome and also “the process of service delivery”
(Source: Parasuraman et al, 1985, 42).
Your mission is to design a relationship survey that is:
Annual relationship surveys provide great value in the form of year-over-year internal benchmarking data, which you can use to track improvements and validate the impact of your service improvement efforts.
The Service Quality Model (Parasuraman, Zeithaml and Berry, 1985) shows how perceived service quality is negatively impacted by the gap between expectations for quality service and the perceptions of actual service delivery: Gap 1: Consumer expectation – Management perception gap: Are there differences between your assumptions about what users want from a service and what those users expect? Gap 2: Management perception – Service quality specification gap: Do you have challenges translating user expectations for service into standardized processes and guidelines that can meet those expectations? Gap 3: Service quality specifications – Service delivery gap: Do staff members struggle to carry out the service quality processes when delivering service? Gap 4: Service delivery – External communications gap: Have users been led to expect more than you can deliver? Alternatively, are users unaware of how the organization ensures quality service, and therefore unable to appreciate the quality of service they receive? Gap 5: Expected service – Perceived service gap: Is there a discrepancy between users’ expectations and their perception of the service they received (regardless of any user misunderstanding)? |
![]() |
---|
Your survey questions about service and support should provide insight into where these gaps exist in your organization
Decision/step | Considerations |
Align the relationship survey with your goals | Align what is motivating you to launch the survey at this time and the outcomes it is intended to feed into. |
Identify what you’re measuring | Clarify the purpose of the questions. Are you measuring feedback on your service desk, specifically? On all of IT? Are you trying to capture user effort? User satisfaction? These decisions will affect how you word your questions. |
Determine a framework for your survey | Reporting on results and tracking year-over-year changes will be easier if you design a basic framework that your survey questions fall into. Consider drawing on an existing service quality framework to match best practices in other industries. |
Cover logistical details | Designing a relationship survey requires attention to many details that may initially be overlooked: the survey’s length and timing, who it should be sent to and how, what demographic info you need to collect to slice and dice the results, and if it will be possible to conduct the survey anonymously. |
Design question wording | It is important to keep questions clear and concise and to avoid overly lengthy surveys. |
Select answer scales | The answer scales you select will depend on how you have worded the questions. There is a wide range of answer scales available to you; decide which ones will produce the most meaningful data. |
Test the survey | Testing the survey before widely distributing it is key. When collecting feedback, conduct at least a few in person observations of someone taking the survey to get their unvarnished first impressions. |
Monitor and maximize your response rate | Ensure success by staying on top of the survey during the period it is open. |
What is motivating you to launch the survey at this time?
Is there a renewed focus on customer service satisfaction? If so, this survey will track the initiative’s success, so its questions must align with the sponsors’ expectations.
Are you surveying customer satisfaction in order to comply with legislation, or directives to measure customer service quality?
What objectives/outcomes will this survey feed into?
What do you need to report on to your stakeholders? Have they communicated any expectations regarding the data they expect to see?
Does the CIO want the annual survey to measure end-user satisfaction with all of IT?
In 1993 the U.S. president issued an Executive Order requiring executive agencies to “survey customers to determine the kind and quality of services they want and their level of satisfaction with existing services” and “post service standards and measure results against them.” (Clinton, 1993)
Examples of Measures |
||
Clarify the purpose of the questions Each question should measure something specific you want to track and be phrased accordingly. |
Are you measuring feedback on the service desk? | Service desk professionalism |
Are you measuring user satisfaction? |
Service desk timeliness |
|
Your customers’ happiness with aspects of IT’s service offerings and customer service |
Trust in agents’ knowledge |
|
Users’ preferred ticket intake channel (e.g. portal vs phone) |
||
Satisfaction with self-serve features |
||
Are you measuring user effort? |
Are you measuring feedback on IT overall? |
Satisfaction with IT’s ability to enable the business |
How much effort your customer needs to put forth to accomplish what they wanted/how much friction your service causes or alleviates |
Satisfaction with company-issued devices |
|
Satisfaction with network/Wi-Fi | ||
Satisfaction with applications |
As you compose survey questions, decide whether they are intended to capture user satisfaction or effort: this will influence how the question is worded. Include a mix of both.
If your relationship survey covers satisfaction with service support, ensure the questions cover the major aspects of service quality. You may wish to align your questions on support with existing frameworks: for example, the SERVQUAL service quality measurement instrument identifies 5 dimensions of service quality: Reliability, Assurance, Tangibles, Empathy, and Responsiveness (see below). As you design the survey, consider if the questions relate to these five dimensions. If you have overlooked any of the dimensions, consider if you need to revise or add questions.
Service dimension |
Definition |
Sample questions |
---|---|---|
Reliability |
“Ability to perform the promised service dependably and accurately”1 |
|
Assurance |
“Knowledge and courtesy of employees and their ability to convey trust and confidence”2 |
|
Tangibles |
“Appearance of physical facilities, equipment, personnel, and communication materials”3 |
|
Empathy |
“Caring, individualized attention the firm provides its customers”4 |
|
Responsiveness |
“Willingness to help customers and provide prompt service”5 |
|
Identify who you will send it to Will you survey your entire user base or a specific subsection? For example, a higher education institution may choose to survey students separately from staff and faculty. If you are gathering data on customer satisfaction with a specific implementation, only survey the affected stakeholders. Determine timing Avoid sending out the survey during known periods of time pressure or absence (e.g. financial year-end, summer vacation). Decide upon its length Consider what survey length your users can tolerate. Configure the survey to show the respondents’ progression or their percentage complete. Clearly introduce the survey The survey should begin with an introduction that thanks users for completing the survey, indicates its length and anonymity status, and conveys how the data will be used, along with who the participants should contact with any questions about the survey. Decide upon incentives Will you incentivize participation (e.g. by entering the participants in a draw or rewarding highest-participating department)? |
Collect demographic information Ensure your data can be “sliced and diced” to give you more granular insights into the results. Ask respondents for information such as department, location, seniority, and tenure to help with your trend analysis later. Clarify if anonymous Users may be more comfortable participating if they can do so anonymously (Quantisoft, n.d.). If you promise anonymity, ensure your survey software/ partner can support this claim. Note the difference between anonymity (identity of participant is not collected) and confidentiality (identifying data is collected but removed from the reported results). Decide how to deliver the survey Will you be distributing the survey yourself through your own licensed software (e.g. through Microsoft Forms if you are an MS shop)? Or, will you be partnering with a third-party provider? Is the survey optimized for mobile? Some find up to 1/3 of participants use mobile devices for their surveys (O’Reardon, 2018). |
Use Info-Tech’s Sample Size Calculator to calculate the number of people you need to complete your survey to have statistically representative results. In the example above, the service desk supports 1000 total users (and sent the survey to each one). To be 95% confident that the survey results fall within 5% of the true value (if every user responded), they would need 278 respondents to complete their survey. In other words, to have a sample that is representative of the whole population, they would need 278 completed surveys. |
Explanation of terms: Confidence Level: A measure of how reliable your survey is. It represents the probability that your sample accurately reflects the true population (e.g. your entire user base). The industry standard is typically 95%. This means that 95 times out of 100, the true data value that you would get if you surveyed the entire population would fall within the margin of error. Margin of Error: A measure of how accurate the data is, also known as the confidence interval. It represents the degree of error around the data point, or the range of values above and below the actual results from a survey. A typical margin of error is 5%. This means that if your survey sample had a score of 70%, the true value if you sampled the entire population would be between 65% and 75%. To narrow the margin of error, you would need a bigger sample size. Population Size: The total set of people you want to study with your survey. For example, the total number of users you support. Sample Size: The number of people who participate in your survey (i.e. complete the survey) out of the total population. |
I need to measure and report customer satisfaction with all of IT:
|
Both products measure end-user satisfaction One is more general to IT One is more specific to service desk |
I need to measure and report more granularly on Service Desk customer satisfaction:
|
Choose Info-Tech's End User Satisfaction Survey |
Choose Info-Tech’s Service Desk Satisfaction Survey |
Write accessible questions: | Instead of this…. | Ask this…. |
48% of US adults meet or exceed PIACC literacy level 3 and thus able to deal with texts that are “often dense or lengthy.” 52% of US adults meet level 2 or lower. Keep questions clear and concise. Avoid overly lengthy surveys. Source: Highlights of the 2017 U.S. PIAAC Results Web Report |
Users will have difficulty perceiving the difference between these two questions. |
|
Tips for writing survey questions: | “How satisfied are you with the customer service skills, knowledge, and responsiveness of the technicians?” This question measures too many things and the data will not be useful. | Choose only one to ask about. |
| “On a scale of 1-10, thinking about the past year, how satisfied would you say that you were overall with the way that your tickets were resolved?” This question is too wordy. | “How satisfied were you with your ticket resolution?” |
Likert scale
Respondents select from a range of statements the position with which they most agree:
E.g. How satisfied are you with how long it generally takes to resolve your issue completely?
Frequency scale
How often does the respondent have to do something, or how often do they encounter something?
E.g. How frequently do you need to re-open tickets that have been closed without being satisfactorily resolved?
Numeric scale
By asking users to rate their satisfaction on a numeric scale (e.g., 1-5, 1-10), you can facilitate reporting on averages:
E.g. How satisfied are you with IS’s ability to provide services to allow the organization to meet its goals?
Forced ranking
Learn more about your users’ priorities by asking them to rank answers from most to least important, or selecting their top choices (Sauro, 2018):
E.g. From the following list, drag and drop the 3 aspects of our service that are most important to you into the box on the right.
Always include an optional open-ended question, which allows customers to provide more feedback or suggestions.
Test the survey with different stakeholder groups:
Testing methodology:
In the survey testing phase, try to capture at least a few real-time responses to the survey. If you collect survey feedback only once the test is over, you may miss some key insights into the user experience of navigating the survey.
“Follow the golden rule: think of your audience and what they may or may not know. Think about what kinds of outside pressures they may bring to the work you’re giving them. What time constraints do they have?”
– Sally Colwell, Project Officer, Government of Canada Pension Centre
“[Send] one reminder to those who haven’t completed the survey after a few days. Don’t use the word ‘reminder’ because that’ll go straight in the bin, better to say something like, ‘Another chance to provide your feedback’”
– David O’Reardon, Founder & CEO of Silversix
Measure and analyze the results of both surveys and build a plan to act on both positive and negative feedback and communicate the results with the organization.
Phase 1: | Phase 2: | Phase 3: | Phase 4: |
---|---|---|---|
Understand how to measure customer satisfaction | Design and implement transactional surveys | Design and implement relationship surveys | Analyze and act on feedback |
A service failure or a poor experience isn’t what determines customer satisfaction – it’s how you respond to the issue and take steps to fix it that really matters.
This means one poor experience with the service desk doesn’t necessarily lead to an unhappy user; if you quickly and effectively respond to negative feedback to repair the relationship, the customer may be even happier afterwards because you demonstrated that you value them.
“Every complaint becomes an opportunity to turn a bad IT customer experience into a great one.”
– David O’Reardon, Founder & CEO of Silversix
|
![]() |
“Your IT service desk’s CSAT survey should be the means of improving your service (and the employee experience), and something that encourages people to provide even more feedback, not just the means for understanding how well it’s doing” – Joe the IT Guy, SysAid |
If collecting and analyzing customer feedback is something that happens off the side of your desk, it either won’t get done or won’t get done well.
Assign accountability for the customer feedback program to one person (i.e. Service Desk Manager, Service Manager, Infrastructure & Operations Lead, IT Director), who may take on or assign responsibilities such as:
Info-Tech Insight
While feedback can feed into internal coaching and training, the goal should never be to place blame or use metrics to punish agents with poor results. The focus should always be on improving the experience for end users.
Calculating NPS Scores
Categorize respondents into 3 groups:
Calculate overall NPS score:
Calculating CSAT Scores
Why analyze qualitative data |
How to analyze qualitative data |
||||||
---|---|---|---|---|---|---|---|
|
Methods range in sophistication; choose a technique depending on your tools available and goals of your program.
|
Successful customer satisfaction programs respond effectively to both positive and negative outcomes. Late or lack of responses to negative comments may increase customer frustration, while not responding at all to the positive comments may give the perception of indifference.
E.g. Scores of 1 to 2 out of 5 are negative, scores of 4 to 5 out of 5 are positive.
1. Who should receive communication? |
Each audience will require different messaging, so start by identifying who those audiences are. At a minimum, you should communicate to your end users who provided feedback, your service desk/IT team, and business leaders or stakeholders. |
---|---|
2. What information do they need? |
End users: Thank them for providing feedback. Demonstrate what you will do with that feedback. IT team: Share results and what you need them to do differently as a result. Business leaders: Share results, highlight successes, share action plan for improvement. |
3. Who is responsible for communication? |
Typically, this will be the person who is accountable for the customer feedback program, but you may have different people responsible for communicating to different audiences. |
4. When will you communicate? |
Frequency of communication will depend on the survey type – relationship or transactional – as well as the audience, with internal communication being much more frequent than end-user communication. |
5. How will you communicate? |
Again, cater your approach to the audience and choose a method that will resonate with them. End users may view an email, an update on the portal, a video, or update in a company meeting; your internal IT team can view results on a dashboard and have regular meetings. |
![]() Based on the Customer Communication Cycle by David O’Reardon, 2018 |
|
---|
Focus your communications to users around them, not you. Demonstrate that you need feedback to improve their experience, not just for you to collect data.
Prioritize improvements |
Prioritize improvements based on low scores and most commonly received feedback, then build into an action plan. |
---|---|
Take immediate action on negative feedback |
Investigate the issue, diagnose the root cause, and repair both the relationship and issue – just like you would an incident. |
Apply lessons learned from positive feedback |
Don’t neglect actions you can take from positive feedback – identify how you can expand upon or leverage the things you’re doing well. |
Use feedback in coaching and training |
Share positive experiences with the team as lessons learned, and use negative feedback as an input to coaching and training. |
Make the change stick |
After making a change, train and communicate it to your team to ensure the change sticks and any negative experiences don’t happen again. |
“Without converting feedback into actions, surveys can become just a pointless exercise in number watching.”
Outline exactly what you plan to do to address customer feedback in an action plan, and regularly review that action plan to select and prioritize initiatives and monitor progress.
For more guidance on tracking and prioritizing ongoing improvement initiatives, see the blueprints Optimize the Service Desk with a Shift Left Strategy and Build a Continual Improvement Plan for the Service Desk.
Improve service desk processes: |
Improve end-user self-service options: |
Assess and optimize service desk staffing: |
Improve ease of contacting the service desk: |
---|---|---|---|
Standardize the Service Desk | Optimize the Service Desk With a Shift-Left Strategy | Staff the Service Desk to Meet Demand | Improve Service Desk Ticket Intake |
Improve service desk processes: |
Improve end-user self-service options: |
Assess and optimize service desk staffing: |
Improve ease of contacting the service desk:: |
Improve Incident and Problem Management | Improve Incident and Problem Management | Deliver a Customer Service Training Program to Your IT Department | Modernize and Transform Your End-User Computing Strategy |
This project will help you build and improve essential service desk processes, including incident management, request fulfillment, and knowledge management to create a sustainable service desk.
Optimize the Service Desk With a Shift-Left Strategy
This project will help you build a strategy to shift service support left to optimize your service desk operations and increase end-user satisfaction.
Build a Continual Improvement Plan
This project will help you build a continual improvement plan for the service desk to review key processes and services and manage the progress of improvement initiatives.
Deliver a Customer Service Training Program to Your IT Department
This project will help you deliver a targeted customer service training program to your IT team to enhance their customer service skills when dealing with end users, improve overall service delivery and increase customer satisfaction.
Amaresan, Swetha. “The best time to send a survey, according to 5 studies.” Hubspot. 15 Jun 2021. Accessed October 2022.
Arlen, Chris. “The 5 Service Dimensions All Customers Care About.” Service Performance Inc. n.d. Accessed October 2022.
Clinton, William Jefferson. “Setting Customer Service Standards.” (1993). Federal Register, 58(176).
“Understanding Confidentiality and Anonymity.” The Evergreen State College. 2022. Accessed October 2022.
"Highlights of the 2017 U.S. PIAAC Results Web Report" (NCES 2020-777). U.S. Department of Education. Institute of Education Sciences, National Center for Education Statistics.
Joe the IT Guy. “Are IT Support’s Customer Satisfaction Surveys Their Own Worst Enemy?” Joe the IT Guy. 29 August 2018. Accessed October 2022.
O’Reardon, David. “10 Ways to Get the Most out of your ITSM Ticket Surveys.” LinkedIn. 2 July 2019. Accessed October 2022.
O'Reardon, David. "13 Ways to increase the response rate of your Service Desk surveys".LinkedIn. 8 June 2016. Accessed October 2022.
O’Reardon, David. “IT Customer Feedback Management – A Why & How Q&A with an Expert.” LinkedIn. 13 March 2018. Accessed October 2022.
Parasuraman, A., Zeithaml, V. A., & Berry, L. L. (1985). "A Conceptual Model of Service Quality and Its Implications for Future Research." Journal of Marketing, 49(4), 41–50.
Quantisoft. "How to Increase IT Help Desk Customer Satisfaction and IT Help Desk Performance.“ Quantisoft. n.d. Accessed November 2022.
Rumberg, Jeff. “Metric of the Month: Customer Effort.” HDI. 26 Mar 2020. Accessed September 2022.
Sauro, Jeff. “15 Common Rating Scales Explained.” MeasuringU. 15 August 2018. Accessed October 2022.
SDI. “Customer Experience in ITSM.” SDI. 2018. Accessed October 2022.
SDI. “CX: Delivering Happiness – The Series, Part 1.” SDI. 12 January 2021. Accessed October 2022.
Wronski, Laura. “Who responds to online surveys at each hour of the day?” SurveyMonkey. n.d. Accessed October 2022.
Sally Colwell
Project Officer
Government of Canada Pension Centre
IT communications are often considered ineffective. This is demonstrated by:
Communications is a responsibility of all members of IT. This is demonstrated through:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
This capstone blueprint highlights the components, best practices, and importance of good communication for all IT employees.
IT town halls must deliver value to employees, or they will withdraw and miss key messages. To engage employees, use well-crafted communications in an event that includes crowd-sourced contents, peer involvement, recognition, significant Q&A time allotment, organizational discussions, and goal alignment.
This template provides a framework to build your own IT Year In Review presentation. An IT Year In Review presentation typically covers the major accomplishments, challenges, and initiatives of an organization's information technology (IT) department over the past year.
Brittany Lutes
Research Director
Info-Tech Research Group
Diana MacPherson
Senior Research Analyst
Info-Tech Research Group
IT rarely engages in proper communications. We speak at, inform, or tell our audience what we believe to be important. But true communications seldom take place.
Communications only occur when channels are created to ensure the continuous opportunity to obtain two-way feedback. It is a skill that is developed over time, with no individual having an innate ability to be better at communications. Each person in IT needs to work toward developing their personal communications style. The problem is we rarely invest in development or training related to communications. Information and technology fields spend time and money developing hard skills within IT, not soft ones.
The benefits associated with communications are immense: higher business satisfaction, funding for IT initiatives, increased employee engagement, better IT to business alignment, and the general ability to form ongoing partnerships with stakeholders. So, for IT departments looking to obtain these benefits through true communications, develop the necessary skills.
Your Challenge | Common Obstacles | Info-Tech’s Approach |
IT communications are often considered ineffective. This is demonstrated by:
|
Frequently, these barriers have prevented IT communications from being effective:
|
Communications is a responsibility of all members of IT. This is demonstrated through:
|
Info-Tech Insight
No one is born a good communicator. Every IT employee needs to spend the time and effort to grow their communication skills as constant change and worsening IT crises mean that IT cannot afford to communicate poorly anymore.
The bottom line? For every 10% increase in communications there 8.6% increase in overall IT satisfaction. Therefore, when IT communicates with the organization, stakeholders are more likely to be satisfied with IT overall.
Info-Tech Diagnostic Programs, N=330 organizations
IT struggles to communicate effectively with the organization:
Effective IT communications are rare:
53% of CXOs believe poor communication between business and IT is a barrier to innovation.
Source: Info-Tech CEO-CIO Alignment Survey, 2022
“69% of those in management positions don’t feel comfortable even communicating with their staff.”
Source: TeamStage, 2022
The Info-Tech difference:
Communicating Up to Board or Executives
Communicating Across the Organization
Communicating Within IT
Overarching insight
IT cannot afford to communicate poorly given the overwhelming impact and frequency of change related to technology. Learn to communicate well or get out of the way of someone who can.
Insight 1: The skills needed to communicate effectively as a frontline employee or a CIO are the same. It’s important to begin the development of these skills from the beginning of one’s career. |
Insight 2: Time is a non-renewable resource. Any communication needs to be considered valuable and engaging by the audience or they will be unforgiving. |
Insight 3: Don’t make data your star. It is a supporting character. People can argue about the collection methods or interpretation of the data, but they cannot argue the story you share. |
Insight 4: Measure if the communication is being received and resulting in the desired outcome. If not, modify what and how the message is being expressed. |
Insight 5: Messages are also non-verbal. Practice using your voice and body to set the right tone and impact your audience. |
Two-Way
Incorporate feedback loops into your communication efforts. Providing stakeholders with the opportunity to voice their opinions and ideas will help gain their commitment and buy-in.
Timely
Frequent communications mitigate rumors and the spread of misinformation. Provide warning before the implementation of any changes whenever possible. Communicate as soon as possible after decisions have been made.
Consistent
Make sure the messaging is consistent across departments, mediums, and presenters. Provide managers with key phrases to support the consistency of messages.
Open & Honest
Transparency is a critical component of communication. Always tell employees that you will share information as soon as you can. This may not be as soon as you receive the information but as soon as sharing it is acceptable.
Authentic
Write messages in a way that embodies the personality of the organization. Don’t spin information; position it within the wider organizational context.
Targeted
Use your target audience profiles to determine which audiences need to consume which messages and what mediums should be employed.
IT needs to communicate well because:
“Poor communication results in employee misunderstanding and errors that cost approximately $37 billion.”
– Intranet Connections, 2019
What makes internal communications effective?
To be effective, internal communications must be strategic. They should directly support organizational objectives, reinforce key messages to make sure they drive action, and facilitate two-way dialogue, not just one-way messaging.
Methods to determine effectiveness:
“‘Effectiveness’ can mean different things, and effectiveness for your project is going to look different than it would for any other project.”
– Gale McCreary in WikiHow, 2022
Keep in mind:
1 | 2 | 3 |
---|---|---|
Priorities Differ | Words Matter | The Power of Three |
What’s important to you as CIO is very different from what is important to a board or executive leadership team or even the individual members of these groups. Share only what is important or relevant to the stakeholder(s). | Simplify the message into common language whenever possible. A good test is to ensure that someone without any technical background could understand the message. | Keep every slide to three points with no more than three words. You are the one to translate this information into a worth-while story to share. |
“Today’s CIOs have a story to tell. They must change the old narrative and describe the art of the (newly) possible. A great leader rises to the occasion and shares a vision that inspires the entire organization.”
– Dan Roberts, CIO, 2019
DEFINING INSIGHT
Stop presenting what is important to you as the CIO and present to the board what is important to them.
Why does IT need to communicate with the board?
FRAMEWORK
CHECKLIST
Do’s & Don’ts of Communicating Board Presentations:
Do: Ensure you know all the members of the board and their strengths/areas of focus.
Do: Ensure the IT objectives and initiatives align to the business objectives.
Do: Avoid using any technical jargon.
Do: Limit the amount of data you are using to present information. If it can’t stand alone, it isn’t a strong enough data point.
Do: Avoid providing IT service metrics or other operational statistics.
Do: Demonstrate how the organization’s revenue is impacted by IT activities.
Do: Tell a story that is compelling and excited.
OUTCOME
Organization Alignment
Stakeholder Buy-In
Awareness on Technology Trends
Risks
DEFINING INSIGHT
Business leaders care about themselves and their goals – present ideas and initiatives that lean into this self-interest.
Why does IT need to communicate business updates?
FRAMEWORK
CHECKLIST
Do’s & Don’ts of Communicating Business Updates:
Do: Ensure IT is given sufficient time to present with the rest of the business leaders.
Do: Ensure the goals of IT are clear and can be depicted visually.
Do: Tie every IT goal to the objectives of different business leaders.
Do: Avoid using any technical jargon.
Do: Reinforce the positive benefits business leaders can expect.
Do: Avoid providing IT service metrics or other operational statistics.
Do: Demonstrate how IT is driving the digital transformation of the organization.
OUTCOME
Better Reputation
Executive Buy-In
Digital Transformation
Relationship Building
1 | 2 | 3 |
---|---|---|
Competing to Be Heard | Measure Impact | Enhance the IT Brand |
IT messages are often competing with a variety of other communications simultaneously taking place in the organization. Avoid the information-overload paradox by communicating necessary, timely, and relevant information. | Don’t underestimate the benefit of qualitative feedback that comes from talking to people within the organization. Ensure they read/heard and absorbed the communication. | IT might be a business enabler, but if it is never communicated as such to the organization, it will only be seen as a support function. Use purposeful communications to change the IT narrative. |
Less than 50% of internal communications lean on a proper framework to support their communication activities.
– Philip Nunn, iabc, 2020
DEFINING INSIGHT
IT leaders struggle to communicate how the IT strategy is aligned to the overall business objectives using a common language understood by all.
Why does IT need to communicate its strategic objectives?
FRAMEWORK
CHECKLIST
Do’s & Don’ts of Communicating IT Strategic Objectives:
Do: Ensure all IT leaders are aware of and understand the objectives in the IT strategy.
Do: Ensure there is a visual representation of IT’s goals.
Do: Ensure the IT objectives and initiatives align to the business objectives.
Do: Avoid using any technical jargon.
Do: Provide metrics if they are relevant, timely, and immediately understandable.
Do: Avoid providing IT service metrics or other operational statistics.
Do: Demonstrate how the future of the organization will benefit from IT initiatives.
OUTCOME
Organization Alignment
Stakeholder Buy-In
Role Clarity
Demonstrate Growth
DEFINING INSIGHT
A crisis communication should fit onto a sticky note. If it’s not clear, concise, and reassuring, it won’t be effectively understood by the audience.
Why does IT need to communicate when a crisis occurs?
FRAMEWORK
CHECKLIST
Do’s & Don’ts of Communicating During a Crisis:
Do: Provide timely and regular updates about the crisis to all stakeholders.
Do: Involve the Board or ELT immediately for transparency.
Do: Avoid providing too much information in a crisis communication.
Do: Have crisis communication statements ready to be shared at any time for possible or common IT crises.
Do: Highlight that employee safety and wellbeing is top priority.
Do: Work with members of the public relations team to prepare any external communications that might be required.
OUTCOME
Ready to Act
Reduce Fears
Maintain Trust
Eliminate Negative Reactions
Keep in mind:
1 | 2 | 3 |
---|---|---|
Training for All | Listening Is Critical | Reinforce Collaboration |
From the service desk technician to CIO, every person within IT needs to have a basic ability to communicate. Invest in the training necessary to develop this skill set. | It seems simple, but as humans we do an innately poor job at listening to others. It’s important you hear employee concerns, feedback, and recommendations, enabling the two-way aspect of communication. | IT employees will reflect the types of communications they see. If IT leaders and managers cannot collaborate together, then teams will also struggle, leading to productivity and quality losses. |
“IT professionals who […] enroll in communications training have a chance to both upgrade their professional capabilities and set themselves apart in a crowded field of technology specialists.”
– Mark Schlesinger, Forbes, 2021
DEFINING INSIGHT
Depending on IT goals, the structure might need to change to support better communication among IT employees.
Why does IT need to communicate IT activities?
FRAMEWORK
CHECKLIST
Do’s & Don’ts of Communicating IT Activities:
Do: Provide metrics that define how success of the project will be measured.
Do: Demonstrate how each project aligns to the overarching objectives of the organization.
Do: Avoid having large meetings that include stakeholders from two or more projects.
Do: Consistently create a safe space for employees to communicate risks related to the project(s).
Do: Ensure the right tools are being leveraged for in-office, hybrid, and virtual environments to support project collaboration.
Do: Leverage a project management software to reduce unnecessary communications.
OUTCOME
Stakeholder Adoption
Resource Allocation
Meet Responsibly
Encourage Engagement
DEFINING INSIGHT
Employees are looking for empathy to be demonstrated by those they are interacting with, from their peers to managers. Yet, we rarely provide it.
Why does IT need to communicate on regularly with itself?
FRAMEWORK
CHECKLIST
Do’s & Don’ts of Communicating within IT:
Do: Have responses for likely questions prepared and ready to go.
Do: Ensure that all leaders are sharing the same messages with their teams.
Do: Avoid providing irrelevant or confusing information.
Do: Speak with your team on a regular basis.
Do: Reinforce the messages of the organization every chance possible.
Do: Ensure employees feel empowered to do their jobs effectively.
Do: Engage employees in dialogue. The worst employee experience is when they are only spoken at, not engaged with.
OUTCOME
Increased Collaboration
Role Clarity
Prevent Rumors
Organizational Insight
Amazon
INDUSTRY
E-Commerce
SOURCE
Harvard Business Review
Jeff Bezos has definitely taken on unorthodox approaches to business and leadership, but one that many might not know about is his approach to communication. Some of the key elements that he focused on in the early 2000s when Amazon was becoming a multi-billion-dollar empire included:
Results
While he was creating the Amazon empire, 85% of Jeff Bezos’ communication was written in a way that an eighth grader could read. Communicating in a way that was easy to understand and encouraging his leadership team to do so as well is one of the many reasons this business has grown to an estimated value of over $800B.
“If you cannot simplify a message and communicate it compellingly, believe me, you cannot get the masses to follow you.”
– Indra Nooyi, in Harvard Business Review, 2022
Demonstrated Communication Behavior | |
Level 1: Follow | Has sufficient communication skills for effective dialogue with others. |
Level 2: Assist | Has sufficient communication skills for effective dialogue with customers, suppliers, and partners. |
Level 3: Apply | Demonstrates effective communication skills. |
Level 4: Enable | Communicates fluently, orally, and in writing and can present complex information to both technical and non-technical audiences. |
Level 5: Ensure, Advise | Communicates effectively both formally and informally. |
Level 6: Initiate, Influence | Communicates effectively at all levels to both technical and non-technical audiences. |
Level 7: Set Strategy, Inspire, Mobilize | Understands, explains, and presents complex ideas to audiences at all levels in a persuasive and convincing manner. |
Source: Skills Framework for the Information Age, 2021
Goal | Key Performance Indicator (KPI) | Related Resource |
Obtain board buy-in for IT strategic initiatives | X% of IT initiatives that were approved to be funded. Number of times technical initiatives were asked to be explained further. | Using our Board Presentation Review service |
Establish stronger relationships with executive leaders | X% of business leadership satisfied with the statement “IT communicates with your group effectively.” | Using the CIO Business Vision Diagnostic |
Organizationally, people know what products and services IT provides | X% of end users who are satisfied with communications around changing services or applications. | Using the End-User Satisfaction Survey |
Organizational reach and understanding of the crisis. | Number of follow-up tickets or requests related to the crisis after the initial crisis communication was sent. | Using templates and tools for crisis communications |
Project stakeholders receive sufficient communication throughout the initiative. | X% overall satisfaction with the quality of the project communications. | Using the PPM Customer Satisfaction Diagnostic |
Employee feedback is provided, heard, and acted on | X% of satisfaction employees have with managers or IT leadership to act on employee feedback. | Using the Employee Engagement Diagnostic Program |
Introduction
Communications overview.
Plan
Plan your communications using a strategic tool.
Compose
Create your own message.
Deliver
Practice delivering your own message.
Contact your account representative for more information. workshops@infotech.com 1-888-670-8889
Anuja Agrawal
National Communications Director
PwC
Anuja is an accomplished global communications professional, with extensive experience in the insurance, banking, financial, and professional services industries in Asia, the US, and Canada. She is currently the National Communications Director at PwC Canada. Her prior work experience includes communication leadership roles at Deutsche Bank, GE, Aviva, and Veritas. Anuja works closely with senior business leaders and key stakeholders to deliver measurable results and effective change and culture building programs. Anuja has experience in both internal and external communications, including strategic leadership communication, employee engagement, PR and media management, digital and social media, and M&A/change and crisis management. Anuja believes in leveraging digital tools and technology-enabled solutions, combined with in-person engagement, to help improve the quality of dialogue and increase interactive communication within the organization to help build an inclusive culture of belonging.
Nastaran Bisheban
Chief Technology Officer
KFC Canada
A passionate technologist, and seasoned transformational leader. A software engineer and computer scientist by education, a certified Project Manager that holds an MBA in Leadership with Honors and Distinction from University of Liverpool. A public speaker on various disciplines of technology and data strategy with a Harvard Business School executive leadership program training to round it all. Challenges status quo and conventional practices; is an advocate for taking calculated risk and following the principle of continuous improvement. With multiple computer software and project management publications she is a strategic mentor and board member on various non-profit organizations. Nastaran sees the world as a better place only when everyone has a seat at the table and is an active advocate for diversity and inclusion.
Heidi Davidson
Co-Founder & CEO
Galvanize Worldwide and Galvanize On Demand
Dr. Heidi Davidson is the co-founder and CEO of Galvanize Worldwide, the largest distributed network of marketing and communications experts in the world. She also is the co-founder and CEO of Galvanize On Demand, a tech platform that matches marketing and communications freelancers with client projects. Now with 167 active experts, the Galvanize team delivers startup advisory work, outsourced marketing, training, and crisis communications to organizations of all sizes. Before Galvanize, Heidi spent four years as part of the turnaround team at BlackBerry as the Chief Communications Officer and SVP of Corporate Marketing, where she helped the company move from a device manufacturer to a security software provider.
Eli Gladstone
Co-Founder
Speaker Labs
Eli is a co-founder of Speaker Labs. He has spent over six years helping countless individuals overcome their public speaking fears and communicate with clarity and confidence. When he’s not coaching others on how to build and deliver the perfect presentation, you’ll probably find him reading some weird books, teaching his kids how to ski or play tennis, or trying to develop a good-enough jumpshot to avoid being a liability on the basketball court.
Francisco Mahfuz
Keynote Speaker & Storytelling Coach
Francisco Mahfuz has been telling stories in front of audiences for a decade and even became a National Champion of public speaking. Today, Francisco is a keynote speaker and storytelling coach and offers communication training to individuals and international organizations and has worked with organizations like Pepsi, HP, the United Nations, Santander, and Cornell University. He’s the author of Bare: A Guide to Brutally Honest Public Speaking and the host of The Storypowers Podcast, and he’s been part of the IESE MBA communications course since 2020. He’s received a BA in English Literature from Birkbeck University in London.
Sarah Shortreed
EVP & CTO
ATCO Ltd.
Sarah Shortreed is ATCO’s Executive Vice President and Chief Technology Officer. Her responsibilities include leading ATCO’s Information Technology (IT) function as it continues to drive agility and collaboration throughout ATCO’s global businesses and expanding and enhancing its enterprise IT strategy, including establishing ATCO’s technology roadmap for the future. Ms. Shortreed’s skill and expertise are drawn from her more than 30-year career that spans many industries and includes executive roles in business consulting, complex multi-stakeholder programs, operations, sales, customer relationship management, and product management. She was recently the Chief Information Officer at Bruce Power and has previously worked at BlackBerry, IBM, and Union Gas. She sits on the Board of Governors for the University of Western Ontario and is the current Chair of the Chief Information Officer (CIO) Committee at the Conference Board of Canada.
Eric Silverberg
Co-Founder
Speaker Labs
Eric is a co-founder of Speaker Labs and has helped thousands of people build their public speaking confidence and become more dynamic and engaging communicators. When he’s not running workshops to help people grow in their careers, there’s a good chance you’ll find him with his wife and dog, drinking Diet Coke, and rewatching iconic episodes of the reality TV show Survivor! He’s such a die-hard fan, that you’ll probably see him playing the game one day.
Stephanie Stewart
Communications Officer & DR Coordinator
Info Security Services Simon Fraser University
Steve Strout
President
Miovision Technologies
Mr. Strout is a recognized and experienced technology leader with extensive experience in delivering value. He has successfully led business and technology transformations by leveraging many dozens of complex global SFDC, Oracle, and SAP projects. He is especially adept at leading what some call “Project Rescues” – saving people’s careers where projects have gone awry; always driving “on-time and on-budget.” Mr. Strout is the current President of Miovision Technologies and the former CEO and board member of the Americas’ SAP Users” Group (ASUG). His wealth of practical knowledge comes from 30 years of extensive experience in many CxO and executive roles at some prestigious organizations such as Vonage, Sabre, BlackBerry, Shred-it, The Thomson Corporation (now Thomson Reuters), and Morris Communications. He has served on boards including Customer Advisory Boards of Apple, AgriSource Data, Dell, Edgewise, EMC, LogiSense, Socrates.ai, Spiro Carbon Group, and Unifi.
Plus an additional two contributors who wish to remain anonymous.
During a crisis it is important to communicate to employees through messages that convey calm and are transparent and tailored to your audience. Use the Crisis Communication Guides to:
“Communication in the Workplace Statistics: Importance and Effectiveness in 2022.” TeamStage, 2022.
Gallo, Carmine. “How Great Leaders Communicate.” Harvard Business Review, 23 November 2022
Guthrie, Georgina. “Why Good Internal Communications Matter Now More than Ever.” Nulab, 15 December 2021.
Lambden, Duncan. “The Importance of Effective Workplace Communication – Statistics for 2022.” Expert Market, 13 June 2022.
“Mapping SFIA Levels of Responsibilities to Behavioural Factors.” Skills Framework for the Information Age, 2021.
McCreary, Gale. “How to Measure the Effectiveness of Communication: 14 Steps.” WikiHow, 31 March 2023.
Nowak, Marcin. “Top 7 Communication Problems in the Workplace.” MIT Enterprise Forum CEE, 2021.
Nunn, Philip. “Messaging That Works: A Unique Framework to Maximize Communication Success.” iabc, 26 October 2020.
Picincu, Andra. “How to Measure Effective Communications.” Small Business Chron. 12 January 2021.
Price. David A. “Pixar Story Rules.” Stories From the Frontiers of Knowledge, 2011.
Roberts, Dan. “How CIOs Become Visionary Communicators.” CIO, 2019.
Schlesinger, Mark. “Why building effective communication skill in IT is incredibly important.” Forbes, 2021.
Stanten, Andrew. “Planning for the Worst: Crisis Communications 101.” CIO, 25 May 2017.
State of the American Workplace Report. Gallup, 6 February 2020.
“The CIO Revolution.” IBM, 2021.
“The State of High Performing Teams in Tech 2022.” Hypercontex, 2022.
Walters, Katlin. “Top 5 Ways to Measure Internal Communication.” Intranet Connections, 30 May 2019.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Review the business’ perception and architecture of the current data warehouse environment.
Collaborate with business users to identify the strongest motivations for data warehouse modernization.
Combine business ideas with modernization initiatives and create a roadmap.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Discuss the general project overview for data warehouse modernization.
Establish the business and IT perspectives of the current state.
Holistic understanding of the current data warehouse.
Business user engagement from the start of the project.
1.1 Review data warehouse project history.
1.2 Evaluate data warehouse maturity.
1.3 Draw architecture diagrams.
1.4 Review supporting data management practices.
Data warehouse maturity assessment
Data architecture diagrams
Conduct a user workshop session to elicit the most pressing needs of business stakeholders.
Modernization technology selection is directly informed by business drivers.
In-depth IT understanding of the business pains and opportunities.
2.1 Review general trends and drivers in your industry.
2.2 Identify primary business frustrations, opportunities, and risks.
2.3 Identify business processes to target for modernization.
2.4 Capture business ideas for the future state.
Business ideas for modernization
Defined strategic direction for data warehouse modernization
Educate IT staff on the most common technologies for data warehouse modernization.
Improved ability for IT to match technology with business ideas.
3.1 Appoint Modernization Advisors.
3.2 Hold an open education and discussion forum for modernization technologies.
Modernization Advisors identified
Modernization technology education deck
Consolidate business ideas into modernization initiatives.
Refinement of the strategic direction for data warehouse modernization.
4.1 Match business ideas to technology solutions.
4.2 Group similar ideas to create modernization initiatives.
4.3 Create future-state architecture diagrams.
Identified strategic direction for data warehouse modernization
Defined modernization initiatives
Future-state architecture for data warehouse
Validate and build out initiatives with business users.
Define benefits and costs to establish ROI.
Identify enablers and barriers to modernization.
Completion of materials for a compelling business case and roadmap.
5.1 Validate use cases with business users.
5.2 Define initiative benefits.
5.3 Identify enablers and barriers to modernization.
5.4 Define preliminary activities for initiatives.
5.5 Evaluate initiative costs.
5.6 Determine overall ROI.
Validated modernization initiatives
Data warehouse modernization roadmap
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Define and align your team on target persona, outline steps to capture and document a robust buyer persona and journey, and capture current team buyer knowledge.
Hold initial buyer interviews, test initial results, and continue with interviews.
Consolidate interview findings, present to product, marketing, and sales teams. Work with them to apply to product design, marketing launch/campaigning, and sales and customer success enablement.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Organize, drive alignment on target persona, and capture initial views.
Steering committee and project team roles and responsibilities clarified.
Product, marketing, and sales aligned on target persona.
Build initial team understanding of persona.
1.1 Outline a vision for buyer persona and journey creation and identify stakeholders.
1.2 Identify buyer persona choices and settle on an initial target.
1.3 Document team knowledge about buyer persona (and journey where possible).
Documented steering committee and working team
Executive Brief on personas and journey
Personas and initial targets
Documented team knowledge
Build list of buyer interviewees, finalize interview guide, and validate current findings with analyst input.
Interview efficiently using 75-question interview guide.
Gain analyst help in persona validation, reducing workload.
2.1 Share initial insights with covering industry analyst.
2.2 Hear from industry analyst their perspectives on the buyer persona attributes.
2.3 Reconcile differences; update “current understanding.”
2.4 Identify interviewee types by segment, region, etc.
Analyst-validated initial findings
Target interviewee types
Validate current persona hypothesis and flush out those attributes only derived from interviews.
Get to a critical mass of persona and journey understanding quickly.
3.1 Identify actual list of 15-20 interviewees.
3.2 Hold interviews and use interview guides over the course of weeks.
3.3 Hold review session after initial 3-4 interviews to make adjustments.
3.4 Complete interviews.
List of interviewees; calls scheduled
Initial review – “are you going in the right direction?”
Completed interviews
Summarize persona and journey attributes and provide activation guidance to team.
Understanding of product market fit requirements, messaging, and marketing, and sales asset content.
4.1 Summarize findings.
4.2 Create action items for supporting team, e.g. messaging, touch points, media spend, assets.
4.3 Convene steering committee/executives and working team for final review.
4.4 Schedule meetings with colleagues to action results.
Complete findings
Action items for team members
Plan for activation
Measure results, adjust, and improve.
Activation of outcomes; measured results.
5.1 Review final copy, assets, launch/campaign plans, etc.
5.2 Develop/review implementation plan.
5.3 Reconvene team to review results.
Activation review
List of suggested next steps
B2B marketers without documented personas and journeys often experience the following:
Without a deeper understanding of buyer needs and how they buy, B2B marketers will waste time and precious resources targeting the incorrect personas.
Despite being critical elements, organizations struggle to build personas due to:
In today’s Agile development environment, combined with the pressure to generate revenues quickly, high tech marketers often skip the steps necessary to go deeper to build buyer understanding.
With a common framework and target output, clients will:
Clients who activate findings from buyer personas and journeys will see a 50% results improvement.
SoftwareReviews Insight:
Buyer personas and buyer journeys are essential ingredients in go-to-market success, as they inform for product, marketing, sales, and customer success who we are targeting and how to engage with them successfully.
Jeff Golterman, Managing Director, SoftwareReviews Advisory
“44% of B2B marketers have already discovered the power of Personas.”
– Hasse Jansen, Boardview.io!, 2016
“It’s easier buying gifts for your best friend or partner than it is for a stranger, right? You know their likes and dislikes, you know the kind of gifts they’ll have use for, or the kinds of gifts they’ll get a kick out of. Customer personas work the same way, by knowing what your customer wants and needs, you can present them with content targeted specifically to their wants and needs.”
– Emma Bilardi, Product Marketing Alliance, 2020
“Marketing eutopia is striking the all-critical sweet spot that adds real value and makes customers feel recognized and appreciated, while not going so far as to appear ‘big brother’. To do this, you need a deep understanding of your audience coming from a range of different data sets and the capability to extract meaning.”
– Plexure, 2020
SoftwareReviews Advisory Insight:
Marketers developing buyer personas and journeys that lack agreement among Marketing, Sales, and Product of personas to target will squander precious time and resources throughout the customer targeting and acquisition process.
1. Document Team Knowledge of Buyer Persona and Drive Alignment | 2. Interview Target Buyer Prospects and Customers | 3. Create Outputs and Apply to Marketing, Sales, and Product | |
---|---|---|---|
Phase Steps |
|
|
|
Phase Outcomes |
|
|
|
Our methodology will enable you to align your team on why it’s important to capture the most important attributes of buyer persona including:
Functional – “to find them” | ||||||
Job Role | Title | Org. Chart Dynamics | Buying Center | Firmographics | ||
Emotive – “what they do and jobs to be done” | ||||||
Initiatives: What programs/projects the persona is tasked with and their feelings and aspirations about these initiatives. Motivations? Build credibility? Get promoted? | Challenges: Identify the business issues, problems, and pain points that impede attainment of objectives. What are their fears, uncertainties, and doubts about these challenges? | Buyer Need: They may have multiple needs; which need is most likely met with the offering? | Terminology: What are the keywords/phrases they organically use to discuss the buyer need or business issue? | |||
Decision Criteria – “how they decide” | ||||||
Buyer Role: List decision-making criteria and power level. The five common buyer roles are champion, influencer, decision maker, user, and ratifier (purchaser/negotiator). | Evaluation and Decision Criteria: Which lens – strategic, financial, or operational – does the persona evaluate the impact of purchase through? | |||||
Solution Attributes – “what does the ideal solution look like” | ||||||
Steps in “Jobs to Be Done” | Elements of the “Ideal Solution” | Business outcomes from ideal solution | Opportunity scope; other potential users | Acceptable price for value delivered | Alternatives that see consideration | Solution sourcing: channel, where to buy |
Behavioral Attributes – “how to approach them successfully” | ||||||
Content Preferences: List the persona’s content preferences – blog, infographic, demo, video – vs. long-form assets (e.g. white paper, presentation, analyst report). | Interaction Preferences: Which are preferred among in-person meetings, phone calls, emails, videoconferencing, conducting research via Web, mobile, and social? | Watering Holes: Which physical or virtual places do they go to network or exchange info with peers (e.g. LinkedIn)? |
“~2/3 of [B2B] buyers prefer remote human interactions or digital self-service.” And during Aug. ‘20 to Feb. ‘21, use of digital self-service to interact with sales reps leapt by more than 10% for both researching and evaluating new suppliers.”
– Liz Harrison, Dennis Spillecke, Jennifer Stanley, and Jenny Tsai McKinsey & Company, 2021
SoftwareReviews Advisory Insight:
Marketers are advised to update their buyer journey annually and with greater frequency when the human vs. digital mix is affected due to events such as COVID-19 and as emerging media such as AR shifts asset-type usage and engagement options.
Because marketing leaders need to reach buyers through the right channel with the right message at the right time during their decision cycle, you’ll benefit by using questionnaires that enable you to build the below easily and quickly.
Buyer personas and buyer journeys are essential ingredients in go-to-market success, as they inform for product, marketing, sales, and customer success who we are targeting and how to engage with them successfully.
Marketers developing buyer personas and journeys that lack agreement among Marketing, Sales, and Product of personas to target will squander precious time and resources throughout the customer targeting and acquisition process.
Marketing leaders leverage the buyer persona knowledge not only from in-house experts in areas such as sales and executives but from analysts that speak with their buyers each and every day.
While leaders will get a fast start by interviewing sellers, executives, and analysts, you will fail to craft the right messages, build the right marketing assets, and design the best buyer journey if you skip buyer interviews.
Leaders will update their buyer journey annually and with greater frequency when the human vs. digital mix is effected due to events such as COVID-19 and as emerging media such as AR and VR shifts the way buyers engage.
Digital marketers that ramp up lead gen engine capabilities to capture “wins” and measure engagement back through the lead gen and nurturing engines will build a more data-driven view of the buyer journey. Target to build this advanced capability in your initial design.
This blueprint is accompanied by supporting deliverables to help you gather team insights, interview customers and prospects, and summarize results for ease in communications.
To support your buyer persona and journey creation, we’ve created the enclosed tools
A PowerPoint template to aid the capture and summarizing of your team’s insights on the buyer persona.
For interviewing customers and prospects, this tool is designed to help you interview personas and summarize results for up to 15 interviewees.
A PowerPoint template into which you can drop your buyer persona and journey interviewees list and summary findings.
"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."
The "do-it-yourself" step-by-step instructions begin with Phase 1.
"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."
A Guided Implementation is a series of analysts inquiries with you and your team.
Diagnostics and consistent frameworks are used throughout each option.
A Guided Implementation (GI) is series of calls with a SoftwareReviews Advisory analyst to help implement our best practices in your organization.
For guidance on marketing applications, we can arrange a discussion with an Info-Tech analyst.
Your engagement managers will work with you to schedule analyst calls.
Drive an Aligned Initial Draft of Buyer Persona
Interview Buyers and Validate Persona and Journey
Prepare Communications and Educate Stakeholders
Contact your account representative for more information. workshops@infotech.com 1-888-670-8889
Day1 | Day 2 | Day 3 | Day 4 | Day 5 | |
---|---|---|---|---|---|
Align Team, Identify Persona, and Document Current Knowledge | Validate Initial Work and Identify Buyer Interviewees | Schedule and Hold Buyer interviews | Summarize Findings and Provide Actionable Guidance to Colleagues | Measure Impact and Results | |
Activities |
1.1 Outline a vision for buyer persona and journey creation and identify stakeholders. 1.2 Identify buyer persona choices and settle on an initial target. 1.3 Document team knowledge about buyer persona (and journey where possible). |
2.1 Share initial insights with covering industry analyst. 2.2 Hear from industry analyst their perspectives on the buyer persona attributes. 2.3 Reconcile differences; update “current understanding.” 2.4 Identify interviewee types by segment, region, etc. |
3.1 Identify actual list of 15-20 interviewees. A gap of up to a week for scheduling of interviews. 3.2 Hold interviews and use interview guides (over the course of weeks). 3.3 Hold review session after initial 3-4 interviews to make adjustments. 3.4 Complete interviews. |
4.1 Summarize findings. 4.2 Create action items for supporting team, e.g. messaging, touch points, media spend, assets. 4.3 Convene steering committee/exec. and working team for final review. 4.4 Schedule meetings with colleagues to action results. |
5.1 Review final copy, assets, launch/campaign plans, etc. 5.2 Develop/review implementation plan. A period of weeks will likely intervene to execute and gather results. 5.3 Reconvene team to review results. |
Deliverables |
|
|
|
|
|
This Phase walks you through the following activities:
This Phase involves the following stakeholders:
Review the Create a Buyer Persona Executive Brief (Slides 3-14)
Download the Buyer Persona Creation Template
Download the Buyer Persona and Journey Interview Guide and Data Capture Tool
This Phase walks you through the following activities:
This Phase involves the following stakeholders:
Download the Buyer Persona and Journey Interview Guide and Data Capture Tool
Download the Buyer Persona and Journey Interview Guide and Data Capture Tool
Test that you are on the right track:
Functional – “to find them” | ||||||
Job Role | Title | Org. Chart Dynamics | Buying Center | Firmographics | ||
Emotive – “what they do and jobs to be done” | ||||||
Initiatives: What programs/projects the persona is tasked with and their feelings and aspirations about these initiatives. Motivations? Build credibility? Get promoted? | Challenges: Identify the business issues, problems, and pain points that impede attainment of objectives. What are their fears, uncertainties, and doubts about these challenges? | Buyer Need: They may have multiple needs; which need is most likely met with the offering? | Terminology: What are the keywords/phrases they organically use to discuss the buyer need or business issue? | |||
Decision Criteria – “how they decide” | ||||||
Buyer Role: List decision-making criteria and power level. The five common buyer roles are champion, influencer, decision maker, user, and ratifier (purchaser/negotiator). | Evaluation and Decision Criteria: Which lens – strategic, financial, or operational – does the persona evaluate the impact of purchase through? | |||||
Solution Attributes – “what does the ideal solution look like” | ||||||
Steps in “Jobs to Be Done” | Elements of the “Ideal Solution” | Business outcomes from ideal solution | Opportunity scope; other potential users | Acceptable price for value delivered | Alternatives that see consideration | Solution sourcing: channel, where to buy |
Behavioral Attributes – “how to approach them successfully” | ||||||
Content Preferences: List the persona’s content preferences – blog, infographic, demo, video – vs. long-form assets (e.g. white paper, presentation, analyst report). | Interaction Preferences: Which are preferred among in-person meetings, phone calls, emails, videoconferencing, conducting research via Web, mobile, and social? | Watering Holes: Which physical or virtual places do they go to network or exchange info with peers (e.g. LinkedIn)? |
Because marketing leaders need to reach buyers through the right channel with the right message at the right time during their decision cycle, you’ll benefit by using questionnaires that enable you to build the below easily and quickly.
Download the Buyer Persona and Journey Interview Guide and Data Capture Tool
This Phase walks you through the following activities:
This Phase involves the following stakeholders:
Download the Buyer Persona and Journey Interview Guide and Data Capture Tool
Download the Buyer Persona and Journey Summary Template
Download the Buyer Persona and Journey Summary Template
Activation of key learnings to drive:
Present final persona and journey results to each stakeholder team. Key presentations include:
Download the Buyer Persona and Journey Summary Template
With the help of this blueprint, you have deepened your and your colleagues’ buyer understanding at both the persona “who they are” level and the buyer journey “how do they buy” level. You are among the minority of marketing leaders that have fully documented a buyer persona and journey – congratulations!
The benefits of having led your team through the process are significant and include the following:
And by capturing and documenting your buyer persona and journey even for a single buyer type, you have started to build the “institutional strength” to apply the process to other roles in the decision-making process or for when you go after new and different buyer types for new products. And finally, by bringing your team along with you in this process, you have also led your team in becoming a more customer-focused organization – a strategic shift that all organizations should pursue.
Contact your account representative for more information.
info@softwarereviews.com
1-888-670-8889
Optimize Lead Generation With Lead Scoring
Bilardi, Emma. “How to Create Buyer Personas.” Product Marketing Alliance, July 2020. Accessed Dec. 2021.
Harrison, Liz, Dennis Spillecke, Jennifer Stanley, and Jenny Tsai. “Omnichannel in B2B sales: The new normal in a year that has been anything but.” McKinsey & Company, 15 March 2021. Accessed Dec. 2021.
Jansen, Hasse. “Buyer Personas – 33 Mind Blowing Stats.” Boardview.io!, 19 Feb. 2016. Accessed Jan. 2022.
Raynor, Lilah. “Understanding The Changing B2B Buyer Journey.” Forbes Agency Council, 18 July 2021. Accessed Dec. 2021.
Simpson, Jon. “Finding Your Audience: The Importance of Developing a Buyer Persona.” Forbes Agency Council, 16 May 2017. Accessed Dec. 2021.
“Successfully Executing Personalized Marketing Campaigns at Scale.” Plexure, 6 Jan. 2020. Accessed Dec 2020.
Ulwick, Anthony W. JOBS TO BE DONE: Theory to Practice. E-book, Strategyn, 1 Jan. 2017. Accessed Jan. 2022.
Let’s make the case for enterprise business analysis!
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
We commonly recognize the value of effective business analysis at a project or tactical level. A good business analysis professional can support the business by identifying its needs and recommending solutions to address them.
Now, wouldn't it be great if we could do the same thing at a higher level?
Enterprise (or strategic) business analysis is all about seeing that bigger picture, an approach that makes any business analysis professional a highly valuable contributor to their organization. It focuses on the enterprise, not a specific project or line of business.
Leading the business analysis effort at an enterprise level ensures that your business is not only doing things right, but also doing the right things; aligned with the strategic vision of your organization to improve the way decisions are made, options are analyzed, and successful results are realized.
Vincent Mirabelli
Principal Research Director, Applications Delivery and Management
Info-Tech Research Group
Your Challenge
Common Obstacles
Info-Tech's Approach
Let's make the case for enterprise business analysis!
Enterprise business analysis can help you reframe the debate between IT and the business, since it sees everyone as part of the business. It can effectively break down silos, support the development of holistic strategies to address internal and external risks, and remove bias and politics from decision making.
Phase 1 |
Phase 2 |
---|---|
1.1 Define enterprise business analysis 1.2 Identify your pains and opportunities |
2.1 Set your vision 2.2 Define your roadmap and next steps 2.3 Complete your executive communications deck |
Effective business analysis helps guide an organization through improvements to processes, products, and services. Business analysts "straddle the line between IT and the business to help bridge the gap and improve efficiency" in an organization (CIO, 2019).
They are most heavily involved in:
In a survey, business analysts indicated that of their total working time, they spend 31% performing business analysis planning and 41% performing elicitation and analysis (PMI, 2017).
By including a business analyst in a project, organizations benefit by:
(IAG, 2009)
87% |
Reduced time overspending |
---|---|
75% |
Prevented budget overspending |
78% |
Reduction in missed functionality |
Input
Output
Materials
Participants
Download the Communicate the Case for Enterprise Business Analysis template
Info-Tech's CIO Business Vision Survey data highlights the importance of IT projects in supporting the business to achieve its strategic goals.
However, Info-Tech's CEO-CIO Alignment Survey (N=124) data indicates that CEOs perceive IT as poorly aligned with the business' strategic goals.
Info-Tech's CIO-CEO Alignment Diagnostics
43% |
of CEOs believe that business goals are going unsupported by IT. |
---|---|
60% |
of CEOs believe that IT must improve understanding of business goals. |
80% |
of CIOs/CEOs are misaligned on the target role of IT. |
30% |
of business stakeholders support their IT departments. |
According to famed management and quality thought leader and pioneer W. Edwards Deming, 94% of issues in the workplace are systemic cause significant organizational pain.
Yet we continue to address them on the surface, rather than acknowledge how ingrained they are in our culture, systems, and processes.
For example, we:
Band-aid solutions rarely have the desired effect, particularly in the long-term.
Our solutions should likewise focus on the systemic/macro environment. We can do this via projects, products and services, but those don't always address the larger issues.
If we take the work our business analysis currently does in defining needs and solutions, and elevate this to the strategic level, the results can be impactful.
Only 18% of organizations have mature (optimized or established) business analysis practices.
With that higher level of maturity comes increased levels of capability, efficiency, and effectiveness in delivering value to people, processes, and technology. Through such efforts, they're better equipped and able to connect the strategy of their organization to the projects, processes, and products they deliver.
They shift focus from "figuring business analysis out" to truly unleashing its potential, with business analysts contributing in strategic and tactical ways.
(Adapted from PMI, 2017)
Business analysts are best suited to connect the strategic with the tactical, the systems, and the operations. They maintain the most objective lens regarding how people, process, and technology connect and relate, and the most skilled of them can remove bias and politics from their perspective.
Input
Output
Materials
Participants
Download the Communicate the Case for Enterprise Business Analysis template
Enterprise business analysis (sometimes referred to as strategy analysis) "…focuses on defining the future and transition states needed to address the business need, and the work required is defined both by that need and the scope of the solution space. It covers strategic thinking in business analysis, as well as the discovery or imagining of possible solutions that will enable the enterprise to create greater value for stakeholders and/or capture more value for itself."
(Source: "Business Analysis Body of Knowledge," v3)
Organizations with high-performing business analysis programs experience an enhanced alignment between strategy and operations. This contributes to improved organizational performance. We see this in financial (69% vs. 45%) and strategic performance (66% vs. 21%), also organizational agility (40% vs. 14%) and management of operational projects (62% vs. 29%). (PMI, 2017)
When comparing enterprise with traditional business analysis, we see stark differences in the size and scope of their view, where they operate, and the role they play in organizational decision making.
Enterprise | Traditional | |
---|---|---|
Decision making | Guides and influences | Executes |
Time horizon | 2-10 years | 0-2 years |
Focus | Strategy, connecting the strategic to the operational | Operational, optimizing how business is done, and keeping the lights on |
Domain | Whole organization Broader marketplace |
Only stakeholder lines of business relevant to the current project, product or service |
Organizational Level | Executive/Leadership | Project |
(Adapted from Schulich School of Business)
Maturity can't be rushed. Build your enterprise business analysis program on a solid foundation of leading and consistent business analysis practices to secure buy-in and have a program that is sustainable in the long term.
(Adapted from PMI, 2017)
The biggest sources of project failure include:
Source: MindTools.com, 2023.
Enterprise business analysis addresses these sources and more.
It brings a holistic view of the organization, improving collaboration and decision making across the many lines of business, effectively breaking down silos.
In addition to ensuring we're doing the right things, not just doing things right in the form of improved requirements and more accurate business cases, or ensuring return on investment (ROI) and monitoring the broader landscape, enterprise business analysis also supports:
Pains, gains, threats, and opportunities can come at your organization from anywhere. Be it a new product launch, an international expansion, or a new competitor, it can be challenging to keep up.
This is where an enterprise business analyst can be the most helpful.
By keeping a pulse on the external and internal environments, they can support growth, manage risks, and view your organization through multiple lenses and perspectives to get a single, complete picture.
External |
Internal |
|
---|---|---|
Identifying competitive forces |
In the global environment |
Organizational strengths and weaknesses |
|
|
|
Download the Communicate the Case for Enterprise Business Analysis template
Input
Output
Materials
Participants
Phase 1 | Phase 2 |
---|---|
1.1 Define enterprise business analysis 1.2 Identify your pains and opportunities | 2.1 Set your vision 2.2 Define your roadmap and next steps 2.3 Complete your executive communications deck |
This phase will walk you through the following activities:
This phase involves the following participants:
Your vision becomes your "north star," guiding your journey and decisions.
When thinking about a vision statement for enterprise business analysis, think about:
Always remember: Your goal is not your vision!
Not knowing the difference will prevent you from both dreaming big and achieving your dream.
Your vision represents where you want to go. It's what you want to do.
Your goals represent how you want to achieve your vision.
Your vision shouldn't be so far out that it doesn't feel real, nor so short term that it gets bogged down in details. Finding balance will take some trial and error and will be different depending on your organization.
Download the Communicate the Case for Enterprise Business Analysis template
Input
Output
Materials
Participants
Training
Competencies and capabilities
Structure and alignment
Methods and processes
Tools, techniques, and templates
Governance
Download the Communicate the Case for Enterprise Business Analysis template
Input
Output
Materials
Participants
From completing the enterprise business analysis inventory, you will have a comprehensive list of all available assets.
The next question is, how can this be leveraged to start building for the future?
To operationalize enterprise business analysis, consider:
The Now, Next, Later technique is a method for prioritizing and planning improvements or tasks. This involves breaking down a list of tasks or improvements into three categories:
By using this technique, you can prioritize and plan the most important tasks, while allowing the flexibility to adjust as necessary.
This technique also helps clarify what must be done first vs. what can wait. This prioritizes the most important things while keeping track of what must be done next, maintaining a smooth development/improvement process.
Ultimately, the choice of priority and timing is yours. Recognize that items may change categories as new information arises.
Download the Communicate the Case for Enterprise Business Analysis template
Input
Output
Materials
Participants
Use the results of your completed exercises to build your executive communication slide deck, to make the case for enterprise business analysis
Slide Header | Associated Exercise | Rationale |
---|---|---|
Pains and opportunities | 1.1.2 Discuss your disconnects between strategy and tactics 1.2.1 Identify your pains and opportunities |
This helps build the case for enterprise business analysis (EBA), leveraging the existing pains felt in the organization. This will draw the connection for your stakeholders. |
Our vision and goals | 2.1.1 Define your vision and goals | Defines where you want to go and what effort will be required. |
What is enterprise business analysis | 1.1.1 How is BA being used in our organization today? |
Defines the discipline of EBA and how it can support and mature your organization. |
Expected benefits | Pre-populated supporting content | What's in it for us? This section helps answer that question. What benefits can we expect, and is this worth the investment of time and effort? |
Making this a reality | 2.1.2 Identify your EBA inventory | Identifies what the organization presently has that makes the effort easier. It doesn't feel as daunting if there are existing people, processes, and technologies in place and in use today. |
Next steps | 2.2.1 Now, Next, Later | A prioritized list of action items. This will demonstrate the work involved, but broken down over time, into smaller, more manageable pieces. |
Metric | Description | Target Improvement/Reduction |
---|---|---|
Improved stakeholder satisfaction | Lines of business and previously siloed departments/divisions will be more satisfied with time spent on solution involvement and outcomes. | 10% year 1, 20% year 2 |
Reduction in misaligned/non-priority project work | Reduction in projects, products, and services with no clear alignment to organizational goals. With that, resource costs can be allocated to other, higher-value solutions. | 10% year 1, 25% year 2 |
Improved delivery agility/lead time | With improved alignment comes reduced conflict and political infighting. As a result, the velocity of solution delivery will increase. | 10% |
Bossert, Oliver and Björn Münstermann. "Business's 'It's not my problem' IT problem." McKinsey Digital. 30 March, 2023.
Brule, Glenn R. "The Lay of the Land: Enterprise Analysis." Modern Analyst.
"Business Analysis: Leading Organizations to Better Outcomes." Project Management Institute (PMI), 2017
Corporate Finance Institute. "Strategic Analysis." Updated 14 March 2023
IAG Consulting. Business Analysis Benchmark Report, 2009.
International Institute of Business Analysis. "A Guide to the Business Analysis Body of Knowledge" (BABOK Guide) version 3.
Mirabelli, Vincent. "Business Analysis Foundations: Enterprise" LinkedIn Learning, February 2022.
- - "Essential Techniques in Enterprise Analysis" LinkedIn Learning, September 2022.
- - "The Essentials of Enterprise Analysis" Love the Process Academy. May 2020.
- - "The Value of Enterprise Analysis." VincentMirabelli.com
Praslova, Ludmila N. "Today's Most Critical Workplace Challenges Are About Systems." Harvard Business Review. 10 January 2023.
Pratt, Mary K. and Sarah K. White. "What is a business analyst? A key role for business-IT efficiency." CIO. 17 April, 2019.
Project Management Institute. "Business Analysis: Leading Organizations to Better Outcomes." October 2017.
Sali, Sema. "The Importance of Strategic Business Analysis in Successful Project Outcomes." International Institute of Business Analysis. 26 May 2022.
- - "What Does Enterprise Analysis Look Like? Objectives and Key Results." International Institute of Business Analysis. 02 June 2022.
Shaker, Kareem. "Why do projects really fail?" Project Management Institute, PM Network. July 2010.
"Strategic Analysis: Definition, Types and Benefits" Voxco. 25 February 2022.
"The Difference Between Enterprise Analysis and Business Analysis." Schulich School of Business, Executive Education Center. 24 September 2018 (Updated June 2022)
"Why Do Projects Fail: Learning How to Avoid Project Failure." MindTools.com. Accessed 24 April 2023.
Take the time to understand the various data storage formats, disk types, and associated technology, as well as the cloud-based and on-premises options. This will help you select the right tool for your needs.
Look to existing use cases based on actual Info-Tech analyst calls to help in your decision-making process.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Explore the building blocks of enterprise storage so you can select the best solution, narrow your focus with the correct product type, explore the features that should be considered when evaluating enterprise storage offerings, and examine use cases based on actual Info-Tech analyst calls to find a storage solution for your situation.
The first step in solving your enterprise storage challenge is identifying your data sources, data volumes, and growth rates. This information will give you insight into what data sources could be stored on premises or in the cloud, how much storage you will require for the coming five to ten years, and what to consider when exploring enterprise storage solutions. This tool can be a valuable asset for determining your current storage drivers and future storage needs, structuring a plan for future storage purchases, and determining timelines and total cost of ownership.
![]() |
To say that the current enterprise storage landscape looks interesting would be an understatement. The solutions offered by vendors continue to grow and evolve. Flash and NVMe are increasing the speed of storage media and reducing latency. Software-defined storage is finding the most efficient use of media to store data where it is best served while managing a variety of vendor storage and older storage area networks and network-attached storage devices. Storage as a service is taking on a new meaning with creative solutions that let you keep the storage appliance on premises or in a colocated data center while administration, management, and support are performed by the vendor for a nominal monthly fee. We cannot discuss enterprise storage without mentioning the cloud. Bring a thermometer because you must understand the difference between hot, warm, and cold storage when discussing the cloud options. Very hot and very cold may also come into play. Storage hardware can assume a higher total cost of ownership with support options that replace the controllers on a regular basis. The options with this type of service are also varied, but the concept of not having to replace all disks and chassis nor go through a data migration is very appealing to many companies. The cloud is growing in popularity when it comes to enterprise storage, but on-premises solutions are still in demand, and whether you choose cloud or on premises, you can be guaranteed an array of features and options to add stability, security, and efficiency to your enterprise storage. P.J. Ryan |
The vendor landscape is continually evolving, as are the solutions they offer. |
Storage providers are getting acquired by bigger players, “outside the box” thinking is disrupting the storage support marketplace, “as a service” storage offerings are evolving, and what is a data lake and do I need one? The traditional storage vendors are not alone in the market, and the solutions they offer are no longer traditional either. Explore the landscape and understand your options before you make any enterprise storage solution purchases. |
---|---|
Understand the building blocks of storage so you can select the best solution. |
There are multiple storage formats for data, along with multiple hardware form factors and disk types to hold those various data formats. Software plays a significant role in many of these storage solutions, and cloud offerings take advantage of all the various formats, form factors, and disks. The challenge is matching your data type with the correct storage format and solution. |
Look to existing use cases to help in your decision-making process. |
Explore previous experiences from others by reading use cases to determine what the best solution is for your challenge. You’re probably not the first to encounter the challenge you’re facing. Another organization may have previously reached out for assistance and found a viable solution that may be just what you also need. |
“By 2025, it’s estimated that 463 exabytes of data will be created each day globally – that’s the equivalent of 212,765,957 DVDs per day!” (Visual Capitalist)
“Modern criminal groups target not only endpoints and servers, but also central storage systems and their backup infrastructure.” (Continuity Software)
Cloud or on premises? Maybe a hybrid approach with both cloud and on premises is best for you. Do you want to remove the headaches of storage administration, management, and support with a fully managed storage-as-a-service solution? Would you like to upgrade your controllers every three or four years without a major service interruption? The options are increasing and appealing.
1. Understand Your Data
Understand how much data you have and where it is located. This will be crucial when evaluating enterprise storage solutions.
2. Plan for Growth
Your enterprise storage considerations should include your data needs now and in the future.
3. Understand the Mechanics
Take the time to understand the various data storage formats, disk types, and associated technology, as well as the cloud-based and on-premises options. This will help you select the right tool for your needs.
Format |
What it is |
Disk Drives and Technology |
|
---|---|---|---|
File Storage |
File storage is hierarchical storage that uses files, folders, subfolders, and directories. You enter a specific filename and path to access the file, such as P:\users\johndoe\strategy\cloud.doc. If you ever saved a file on a server, you used file storage. File storage is usually managed by some type of file manager, such as File Explorer in Windows. Network-attached storage (NAS) devices use file storage. |
Hard Disk Drives (HDD) |
HDD use a platter of spinning disks to magnetically store data. The disks are thick enough to make them rigid and are referred to as hard disks. HDD is older technology but is still in demand and offered by vendors. |
Object Storage |
Object storage is when data is broken into distinct units, called objects. These objects are stored in a flat, non-hierarchical structure in a single location or repository. Each object is identified by its associated ID and metadata. Objects are accessed by an application programming interface (API). |
Flash |
Flash storage uses flash memory chips to store data. The flash memory chips are written with electricity and contain no moving parts. Flash storage is very fast, which is how the technology got its name (“Flash vs. SSD Storage,” Enterprise Storage Forum, 2018). |
Block Storage |
Block storage is when data is divided up into fixed-size blocks and stored with a unique identifier. Blocks can be stored in different environments, such as Windows or Linux. Storage area networks (SANs) use block storage. |
Solid-State Drive (SSD) |
SSD is a storage mechanism that also does not use any moving parts. Most SSD drives use flash storage, but other options are available for SSD. |
Nonvolatile Memory Express (NVMe) |
NVMe is a communications standard developed specially for SSDs by a consortium of vendors including Intel, Samsung, SanDisk, Dell, and Seagate. It operates across the PCIe bus (hence the “Express” in the name), which allows the drives to act more like the fast memory that they are rather than the hard disks they imitate (PCWorld). |
Network-Attached Storage |
Storage Area Network |
Software-Defined Storage |
Hyperconverged Infrastructure |
---|---|---|---|
NAS refers to a storage device that is connected directly to your network. Any user or device with access to your network can access the available storage provided by the NAS. NAS storage is easily scalable and can add data redundancy through RAID technology. NAS uses the file storage format. NAS storage may or may not be the first choice in terms of enterprise storage, but it does have a solid market appeal as an on-premises primary backup storage solution. |
A SAN is a dedicated network of pooled storage devices. The dedicated network, separate from the regular network, provides high speed and scalability without concern for the regular network traffic. SANs use block storage format and can be divided into logical units that can be shared between servers or segregated from other servers. SANs can be accessed by multiple servers and systems at the same time. SANs are scalable and offer high availability and redundancy through RAID technology. SANs can use a variety of disk types and sizes and are quite common among on-premises storage solutions. |
“Software-defined storage (SDS) is a storage architecture that separates storage software from its hardware. Unlike traditional network-attached storage (NAS) or storage area network (SAN) systems, SDS is generally designed to perform on any industry-standard or x86 system, removing the software’s dependence on proprietary hardware.” (RedHat) SDS uses software-based policies and rules to grow and protect storage attached to applications. SDS allows you to use server-based storage products to add management, protection, and better usage. |
Hyperconverged storage uses virtualization and software-defined storage to combine the storage, compute, and network resources along with a hypervisor into one appliance. Hyperconverged storage can scale out by adding more nodes or appliances, but scaling up, or adding more resources to each appliance, can have limitations. There is flexibility as hyperconverged storage can work with most network and compute manufacturers. |
“Enterprise cloud storage offers nearly unlimited scalability. Enterprises can add storage quickly and easily as it is needed, eliminating the risk and cost of over-provisioning.”
– Spectrum Enterprise
“Hot data will operate on fresh data. Cold data will operate on less frequent data and [is] used mainly for reporting and planning. Warm data is a balance between the two.”
– TechBlost
|
|
“Because data lakes mostly consist of raw unprocessed data, a data scientist with specialized expertise is typically needed to manipulate and translate the data.”
– DevIQ
“A Lakehouse is also a type of centralized data repository, integrated from heterogeneous sources. As can be expected from its name, It shares features with both datawarehouses and data lakes.”
– Cesare
“Storage as a service (STaaS) eliminates Capex, simplifies management and offers extensive flexibility.”
– TechTarget
The current vendor landscape for enterprise storage solutions represents a range of industry veterans and the brands they’ve aggregated along the way, as well as some relative newcomers who have come to the forefront within the past ten years.
Vendors like Dell EMC and HPE are longstanding veterans of storage appliances with established offerings and a back catalogue of acquisitions fueling their growth. Others such as Pure Storage offer creative solutions like all-flash arrays, which are becoming more and more appealing as flash storage becomes more commoditized.
Cloud-based vendors have become popular options in recent years. Cloud storage provides many options and has attracted many other vendors to provide a cloud option in addition to their on-premises solutions. Some software and hardware vendors also partner with cloud vendors to offer a complete solution that includes storage.
Explore your current vendor’s solutions as a starting point, then use that understanding as a reference point to dive into other players in the market
Key Players
Block, object, or file storage? NAS, SAN, SDS, or HCI? Cloud or on prem? Hot, warm, or cold?
Which one do you choose?
The following use cases based on actual Info-Tech analyst calls may help you decide.
“Offsite” may make you think of geographical separation or even cloud-based storage, but what is the best option and why?
“Data retrieval from cold storage is harder and slower than it is from hot storage. … Because of the longer retrieval time, online cold storage plans are often much cheaper. … The downside is that you’d incur additional costs when retrieving the data.”
– Ben Stockton, Cloudwards
Hyperconverged infrastructure combines storage, virtual infrastructure, and associated management into one piece of equipment.
“HCI environments use a hypervisor, usually running on a server that uses direct-attached storage (DAS), to create a data center pool of systems and resources.”
– Samuel Greengard, Datamation
SAN providers offer a varied range of options for their products, and those options are constantly evolving.
“SAN-to-SAN replication is a low-cost, highly efficient way to manage mounting quantities of stored data.”
– Secure Infrastructure & Services
That old storage area network may still have some useful life left in it.
“Often enterprises have added storage on an ad hoc basis as they needed it for various applications. That can result in a mishmash of heterogenous storage hardware from a wide variety of vendors. SDS offers the ability to unify management of these different storage devices, allowing IT to be more efficient.”
– Cynthia Harvey, Enterprise Storage Forum (“What Is Software Defined Storage?”, 2018)
Many backup software solutions can provide backups to multiple locations, making two-location backups simple.
“Data protection demands that enterprises have multiple methods of keeping data safe and replicating it in case of disaster or loss.”
– Drew Robb, Enterprise Storage Forum, 2021
SAN solutions have come a long way with improvements in how data is stored and what is used to store the data.
“A rapidly growing portion of SAN deployments leverages all-flash storage to gain its high performance, consistent low latency, and lower total cost when compared to spinning disk.”
– NetApp
Cloud storage would not be sufficient if you were using a dial up connection, just as on-premises storage solutions would not suffice if they were using floppy disks.
“The captured video is stored for days, weeks, months and sometimes years and consumes a lot of space. Data storage plays a new and important role in these systems. Object storage is ideal to store the video data.”
– Object-Storage.Info
Some software products have storage options available as a result of agreements with other storage vendors. Several backup and archive software products fall into this category.
“Cold storage is perfect for archiving your data. Online backup providers offer low-cost, off-site data backups at the expense of fast speeds and easy access, even though data retrieval often comes at an added cost. If you need to keep your data long-term, but don’t need to access it often, this is the kind of storage you need.”
– Ben Stockton, Cloudwards
Activity
The first step in solving your enterprise storage challenge is identifying your data sources or drivers, data volume size, and growth rates. This information will give you insight into what data sources could be stored on premises or in the cloud, how much storage you will require for the coming five to ten years, and what to consider when exploring enterprise storage solutions.
Download the Modernize Enterprise Storage Workbook and take the first step toward understanding your data requirements.
Download the Modernize Enterprise Storage Workbook
Current and emerging storage technologies are disrupting the status quo – prepare your infrastructure for the exponential rise in data and its storage requirements.
Modernize Enterprise Storage Workbook
This workbook will complement the discussions and activities found in the Modernize Enterprise Storage blueprint. Use this workbook in conjunction with the blueprint to develop a strategy for storage modernization.
Bakkianathan, Raghunathan. “What is the difference between Hot Warm and Cold data storage?” TechBlost, n.d.. Accessed 14 July 2022.
Cesare. “Data warehouse vs Data lake vs Lakehouse… and DeltaLake?“ Medium, 14 June 2021. Accessed 26 July 2022.
Davison, Shawn and Ryan Sappenfield. “Data Lake Vs Lakehouse Vs Data Mesh: The Evolution of Data Transformation.” DevIQ, May 2022. Accessed 23 July 2022.
Desjardins, Jeff. “Infographic: How Much Data is Generated Each Day?” Visual Capitalist, 15 April 2019. Accessed 26 July 2022.
Greengard, Samuel. “Top 10 Hyperconverged Infrastructure (HCI) Solutions.” Datamation, 22 December 2020. Accessed 23 July 2022.
Harvey, Cynthia. “Flash vs. SSD Storage: Is there a Difference?” Enterprise Storage Forum, 10 July 2018. Accessed 23 July 2022.
Harvey, Cynthia. “What Is Software Defined Storage? Features & Benefits.” Enterprise Storage Forum, 22 February 2018. Accessed 23 July 2022.
Hecht, Gil. “4 Predictions for storage and backup security in 2022.” Continuity Software, 09 January 2022. Accessed 22 July 2022.
Jacobi, Jonl. “NVMe SSDs: Everything you need to know about this insanely fast storage.” PCWorld, 10 March 2019. Accessed 22 July 2022
Pritchard, Stephen. “Briefing: Cloud storage performance metrics.” Computer Weekly, 16 July 2021. Accessed 23 July 2022
Robb, Drew. “Best Enterprise Backup Software & Solutions 2022.” Enterprise Storage Forum, 09 April 2021. Accessed 23 July 2022.
Sheldon, Robert. “On-premises STaaS shifts storage buying to Opex model.” TechTarget, 10 August 2020. Accessed 22 July 2022.
“Simplify Your Storage Ownership, Forever.” PureStorage. Accessed 20 July 2022.
Stockton, Ben. “Hot Storage vs Cold Storage in 2022: Instant Access vs Long-Term Archives.” Cloudwards, 29 September 2021. Accessed 22 July 2022.
“The Cost Savings of SAN-to-SAN Replication.” Secure Infrastructure and Services, 31 March 2016. Accessed 16 July 2022.
“Video Surveillance.” Object-Storage.Info, 18 December 2019. Accessed 25 July 2022.
“What is a Data Lake?” Amazon Web Services, n.d. Accessed 17 July 2022.
“What is enterprise cloud storage?” Spectrum Enterprise, n.d. Accessed 28 July 2022.
“What is SAN (Storage Area Network).” NetApp, n.d. Accessed 25 July 2022.
“What is software-defined storage?” RedHat, 08 March 2018. Accessed 16 July 2022.
The service desk is a major function within IT. Small enterprises with constrained resources need to look at designing a service desk that enables consistency in supporting the business and finds the right balance of documentation.
Determining the right level of documentation to provide backup and getting the right level of data for good reporting may seem like a waste of time when the team is small, but this is key to knowing when to invest in more people, upgraded technology, and whether your efforts to improve service are successful.
It’s easy to lose sight of the client experience when working as a small team supporting a variety of end users. Changing from a help desk to a service desk requires a focus on what it means to be a customer centric service desk and a change to the way the technicians think about providing support.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
This blueprint provides a framework to quickly identify a plan for service desk improvements. It also provides references to build out additional skills and functionality as a continual improvement initiative.
The maturity assessment will provide a baseline and identify areas of focus based on level of current and target maturity.
The SOP provides an excellent guide to quickly inform new team members or contractors of your support approach.
The categorization scheme template provides examples of asset-based categories, resolution codes and status.
This template provides a starting point for building your communications on planned improvements.
The service desk is a major function within IT. Small enterprises with constrained resources need to look at designing a service desk that enables consistency in supporting the business and finds the right balance of documentation.
Evaluate documentation to ensure there is always redundancy built in to cover absences. Determining coverage will be an important factor, especially if vendors will be brought into the organization to assist during shortages. They will not have the same level of knowledge as teammates and may have different requirements for documentation.
It is important to be customer centric, thinking about how services are delivered and communicated with a focus on providing self-serve at the appropriate level for your users and determining what information the business needs for expectation-setting and service level agreements, as well as communications on incidents and changes.
And finally, don’t discount the value of good reporting. There are many reasons to document issues besides just knowing the volume of workload and may become more important as the organization evolves or grows. Stakeholder reporting, regulatory reporting, trend spotting, and staff increases are all good reasons to ensure minimum documentation standards are defined and in use.
![]() |
Sandi Conrad
Principal Research Director Info-Tech Research Group |
Title | Page | Title | Page |
Blueprint benefits | 6 | Incident management | 25 |
Start / Stop / Continue exercise | 10 | Prioritization scheme | 27 |
Complete a maturity assessment | 11 | Define SLAs | 29 |
Select an ITSM tool | 13 | Communications | 30 |
Define roles & responsibilities | 15 | Reporting | 32 |
Queue management | 17 | What can you do to improve? | 33 |
Ticket handling best practices | 18 | Staffing | 34 |
Customer satisfaction surveys | 19 | Knowledge base & self-serve | 35 |
Categorization | 20 | Customer service | 36 |
Separate ticket types | 22 | Ticket analysis | 37 |
Service requests | 23 | Problem management | 38 |
Roadmap | 39 |
Make the best use of the team
|
Build cross-training into your culture
|
Don’t discount the benefit of good tools
|
Standard Operating Procedures![]() |
Maturity Assessment![]() |
Categorization scheme![]() |
Improvement Initiative![]() |
Create a standard operating procedure to ensure the support team has a consistent understanding of how they need to engage with the business. |
IT benefits
|
Business benefits
|
A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.
A typical GI is six to ten calls over the course of three to four months.
The current state discussion will determine the path.
What does a typical GI on this topic look like?Current State & Vision |
Best Practices |
Service Requests & Incidents |
Communications |
Next Steps & Roadmap |
Call #1: Discuss current state & create a vision
Call #2: Document roles & responsibilities |
Call #3:Review and define best practices for ticket handling | Call #4: Review categorization
Call #5: Discuss service requests & self-serve Call #6: Assess incident management processes |
Call #7: Assess and document reporting and metrics
Call #8: Discuss communications methods |
Call #9: Review next steps
Call #10: Build roadmap for updates |
For a workshop on this topic, see the blueprint Standardize the Service Desk |
Executive Brief Case StudySouthwest CARE Center |
![]() |
INDUSTRY |
Service Desk ProjectAfter relying on a managed service provider (MSP) for a number of years, the business hired Kevin to repatriate IT. As part of that mandate, his first strategic initiative was to build a service desk. SCC engaged Info-Tech Research Group to select and build a structure; assign roles and responsibilities; implement incident management, request fulfilment, and knowledge management processes; and integrate a recently purchased ITSM tool. Over the course of a four-day onsite engagement, SCC’s IT team worked with two Info-Tech analysts to create and document workflows, establish ticket handling guidelines, and review their technological requirements. ResultsThe team developed a service desk standard operating procedure and an implementation roadmap with clear service level agreements. |
Southwest CARE Center (SCC) is a leading specialty healthcare provider in New Mexico. They offer a variety of high-quality services with a focus on compassionate, patient-centered healthcare.
“Info-Tech helped me to successfully rebrand from an MSP help desk to an IT service desk. Sandi and Michel provided me with a customized service desk framework and SOP that quickly built trust within the organization. By not having to tweak and recalibrate my service desk processes through trial and error, I was able to save a year’s worth of work, resulting in cost savings of $30,000 to $40,000.” (Kevin Vigil, Director of Information Technology, Southwest CARE Center) |
![]() N=63, small enterprise organizations from the End-User Satisfaction Diagnostic, at December 2021 Dissatisfied was classified as those organizations with an average score less than 7. Satisfied was classified as those organizations with an average score greater or equal to 8. |
|
STOP |
|
START |
|
CONTINUE |
|
The Service Desk Maturity Assessment tool helps organizations assess their service desk process maturity and focus the project on the activities that matter most.
The tool will help guide improvement efforts and measure your progress.
|
![]() |
Consider service improvements and how those changes can be perceived by the organization. For example, offering multiple platforms, such as adding Macs to end-user devices, could translate to “Providing the right IT solutions for the way our employees want to work.”
To support new platforms, you might need to look at the following steps to get there:
|
Info-Tech InsightIdentify some high-level opportunities and plan out how these changes will impact the way you provide support today. Document steps you’ll need to follow to make it happen. This may include new offerings and product sourcing, training, and research. |
You don’t need to spend a fortune. Many solutions are free or low-cost for a small number of users, and you don’t necessarily have to give up functionality to save money.
Encourage users to submit requests through email or self-serve to keep organized. Ensure that reporting will provide you with the basics without effort, but ensure report creation is easy enough if you need to add more. Consider tools that do more than just store tickets. ITSM tools for small enterprises can also assist with:
|
|
Consider engaging a partner for the installation and setup as they will have the expertise to troubleshoot and get you to value quickly.
Even with a partner, don’t rely on them to set up categories, prioritizations, and workflows. If you have unique requirements, you will need to bring your design work to the table to avoid getting a “standard install” that will need to be modified later. When we look at what makes a strong and happy product launch, it boils down to a few key elements:
|
To prepare for a quick time to value in setting up the new ITSM tool, prioritize in this order:
|
|
![]() Note roles in the Incident Management and Service Desk – Standard Operating Procedure Template |
If ticket volume is too high or too dispersed to effectively have teams self-select tickets, assign a queue manager to review tickets throughout the day to ensure they’re assigned and on the technician’s schedule. This is particularly important for technicians who don’t regularly work out of the ticketing system. Follow up on approaching or missed SLAs.
Make sure your queue manager has an accurate escalation list and has the authority to assign tickets and engage with the technical team to manage SLAs; otherwise, SLAs will never be consistently managed.
Accurate data leads to good decisions. If working toward adding staff members, reducing recurring incidents, gaining access to better tools, or demonstrating value to the business, tickets will enable reporting and dashboards to manage your day-to-day business and provide reports to stakeholders.
|
Ticket templates (or quick tickets) for common incidents can lead to fast creation, data input, and categorizations. Templates can reduce the time it takes to create tickets from two minutes to 30 seconds.
![]() |
Review tickets and talk to the team to find out the most frequent requests and the most frequent incidents that could be solved by the end user if there were clear instructions. Check with your user community to see what they would like to see in the portal.
A portal is only as attractive as it is useful. Enabling ticket creation and review is the bare minimum and may not entice users to the portal if email is just as easy to use for ticket creation. Consider opening the portal to groups other than IT. HR, finance, and others may have information they want to share or forms to fill in or download where an employee portal rather than an IT portal could be helpful. Work with other departments to see if they would find value. Make sure your solution is easy to use when adding content. Low-code options are useful for this. Portals could be built in the ITSM solution or SharePoint/Teams and should include:
Info-Tech InsightConsider using video capture software to create short how-to videos for common questions. Vendors such as TechSmith Snagit , Vimeo Screen Recorder, Screencast-O-Matic Video Recording, and Movavi Screen Recording may be quick and easy to learn. | 49%49% of employees have trouble finding information at work 35%Employees can cut time spent looking for information by 35% with quality intranet (Source: Liferay) |
Transactional surveys are tied to specific interactions and provide a means of communication to help users communicate satisfaction or dissatisfaction with single interactions.
|
Relationship surveys can be run annually to obtain feedback on the overall customer experience.
Inform yourself of how well you are doing or where you need improvement in the broad services provided. Provide a high-level perspective on the relationship between the business and IT. Help with strategic improvement decisions.
|
Too many options can cause confusion; too few options provide little value. Try to avoid using “miscellaneous” – it’s not useful information. Test your tickets against your new scheme to make sure it works for you. Effective classification schemes are concise, easy to use correctly, and easy to maintain.
Build out the categories with these questions:
Create resolution codes to further modify the data for deeper reporting. This is typically a separate field, as you could use the same code for many categories. Keep it simple, but make sure it’s descriptive enough to understand the type of work happening in IT. Create and define simple status fields to quickly review tickets and know what needs to be actioned. Don’t stop the clock for any status changes unless you’re waiting on users. The elapsed time is important to measure from a customer satisfaction perspective. Info-Tech InsightThink about how you will use the data to determine which components need to be included in reports. If components won’t be used for reporting, routing, or warranty, reporting down to the component level adds little value. | ![]() |
Input: Existing tickets
Output: Categorization scheme
Materials: Whiteboard/Flip charts, Markers, Sample categorization scheme
Participants: CIO, Service desk manager, Technicians
Discuss:
Draft:
Download the Incident Management and Service Desk – Standard Operating Procedure Template
INCIDENTS |
SERVICE REQUESTS |
||
![]() |
PRIORITIZATION |
Incidents will be prioritized based on urgency and impact to the organization. | Service requests will be scheduled and only increase in prioritization if there is an issue with the request process (e.g. new hire start). |
![]() |
SLAs |
Did incidents get resolved according to prioritization rules? REPONSE & RESOLUTION | Did service requests get completed on time? SCHEDULING & FULFILMENT |
![]() |
TRIAGE & ROOT CAUSE ANALYSIS |
Incidents will typically need triage at the service desk unless something is set up to go directly to a specialist. | Service requests don’t need triage and can be routed automatically for approvals and fulfillment. |
“For me, the first key question is, is this keeping you from doing business? Is this a service request? Is it actually something that's broken? Well, okay. Now let's have the conversation about what's broken and keeping you from doing business.” (Anonymous CIO)
Service requests are not as urgent as incidents and should be scheduled.
Set the SLA based on time to fulfill, plus a buffer to schedule around more urgent service requests.
2-3 hours
Input: Ticket data, Existing workflow diagrams
Output: Workflow diagrams
Materials: Whiteboard/Flip charts, Markers, Visio
Participants: CIO, Service desk manager, Technicians
Identify:
Download the Incident Management and Service Desk – Standard Operating Procedure Template
Critical incidents and normal incidents
Even with a small team, it’s important to define a priority for response and resolution time for SLA and uptime reporting and extracting insights for continual improvement efforts.
|
Go to incident management for SE
Super-specialization of knowledge is also a common factor in smaller teams and is caused by complex architectures. While helpful, if that knowledge isn’t documented, it can walk out the door with the resource and the rest of the team is left scrambling. Lessons learned may be gathered for critical incidents but often are not propagated, which impacts the ability to solve recurring incidents. Over time, repeated incidents can have a negative impact on the customer’s perception that the service desk is a credible and essential service to the business. |
1 hour
Input: Ticket data, Business continuity plan
Output: Service desk SOP
Materials: Whiteboard/Flip charts, Markers
Participants: CIO, Service desk manager, Technicians
Discuss and document:
Download the Incident Runbook Prioritization Tool
|
![]() |
Depending on the size of the team, escalations may be mostly to internal technical colleagues or could be primarily to vendors.
![]() |
||||
User doesn’t know who will fix the issue but expects to see it done in a reasonable time. | If issue cannot be resolved right away, set expectations for resolution time.
|
|
|
Validate user is happy with the experience |
Improving communications is the most effective way to improve customer service
|
Keep messaging simple
|
![]() |
PROACTIVE, PLANNED CHANGES |
From: Service Desk
Messaging provided by engineer or director, sent to all employees; proactive planning with business unit leaders. |
![]() |
OUTAGES & UPDATES |
From: Service Desk
Use templates to send out concise messaging and updates hourly, with input from technical team working on restoring services to all; director to liaise with business stakeholders. |
![]() |
UPDATES TO SERVICES, SELF-SERVE |
From: Director
Send announcements no more than monthly about new services and processes. |
![]() |
REGULAR STAKEHOLDER COMMUNICATIONS |
From: Director
Monthly reporting to business and IT stakeholders on strategic and project goals, manage escalations. |
2 hours
Input: Sample past communications
Output: Communications templates
Materials: Whiteboard/flip charts, Markers
Participants: CIO, Service desk manager, Technicians
Determine where templates are needed to ensure quick and consistent communications. Review sample templates and modify to suit your needs:
Download the communications templates
Create reports that are useful and actionableReporting serves two purposes:
To determine what reports are needed, ask yourself:
|
Determine which metrics will be most useful to suit your strategic and operational goals
|
Be agile in your approach to serviceIt’s easy for small teams to get overwhelmed when covering for vacations, illness, or leave. Determine where priorities may be adjusted during busy or short-staffed times.
|
Staff the service desk to meet demand
|
Create and manage a knowledge baseWith a small team, it may seem redundant to create a knowledge base, but without key system and process workflows and runbooks, an organization is still at risk of bottlenecks and knowledge failure.
Info-Tech InsightAppeal to a broad audience. Use non-technical language whenever possible to help less technical readers. Identify error messages and use screenshots where it makes sense. Take advantage of social features like voting buttons to increase use. | Optimize the service desk with a shift-left strategy
|
Customer service isn’t just about friendlinessYour team will all need to deal with end users at some point, and that may occur in times of high stress. Ensure the team has the skills they need to actively listen, stay positive, and de-escalate. Info-Tech’s customer service program is a modular approach to improve skills one area at a time. Delivering good customer service means being effective in these areas:
|
Deliver a customer service training program to your IT department
|
Improve your ticket analysisOnce you’ve got great data coming into the ticketing system, it’s important to rethink your metrics and determine if there are more insights to be found. Analyzing ticket data involves:
|
Analyze your service desk ticket dataProperly analyzing ticket data is challenging for the following reasons:
|
Start doing problem managementProactively focusing on root cause analysis will reduce the most disruptive incidents to the organization.
|
Problem managementProblem management can be challenging because it requires skills and knowledge to go deep into a problem and troubleshoot the root cause of an issue, but it also requires uninterrupted time.
|
Determine what tasks and projects need to be completed to meet your improvement goals. Create a high-level project plan and balance with existing resources.
Taylor, Sharon and Ivor Macfarlane. ITIL Small Scale Implementation. Office of Government Commerce, 2005.
“Share, Collaborate, and Communicate on One Consistent Platform.” Liferay, n.d. Accessed 19 July 2022.
Rodela, Jimmy. “A Beginner’s Guide to Customer Self-Service.” The Ascent, 18 May 2022. Web.
Addressing and managing critical negotiation elements helps:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Throughout this phase, ten essential negotiation elements are identified and reviewed.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Improve negotiation skills and outcomes.
Understand how to use the Info-Tech During Negotiations Tool.
A better understanding of the subtleties of the negotiation process and an identification of where the negotiation strategy can go awry.
The During Negotiation Tool will be reviewed and configured for the customer’s environment (as applicable).
1.1 Manage six key items during the negotiation process.
1.2 Set the right tone and environment for the negotiation.
1.3 Focus on improving three categories of intangibles.
1.4 Improve communication skills to improve negotiation skills.
1.5 Customize your negotiation approach to interact with different personality traits and styles.
1.6 Maximize the value of your discussions by focusing on seven components.
1.7 Understand the value of impasses and deadlocks and how to work through them.
1.8 Use concessions as part of your negotiation strategy.
1.9 Identify and defeat common vendor negotiation ploys.
1.10 Review progress and determine next steps.
Sample negotiation ground rules
Sample vendor negotiation ploys
Sample discussion questions and evaluation matrix
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
IT leaders often realize that there are barriers impacting their employees but don’t know how to address them. This report provides insights on the barriers and actions that can help improve the lives of Black professionals in technology.
Diversity in tech is not a new topic, and it's not a secret that technology organizations struggle to attract and retain Black employees. Ever since the early '90s, large tech organizations have been dealing with public critique of their lack of diversity. This topic is close to our hearts, but unfortunately while improvements have been made, progress is quite slow.
In recent years, current events have once again brought diversity to the forefront for many organizations. In addition, the pandemic along with talent trends such as "the great resignation" and "quiet quitting" and preparations for a recession have not only impacted diversity at large but also Black professionals in technology. Our previous research has focused on the wider topic of Recruiting and Retaining People of Color in Tech, but we've found that the experiences of persons of color are not all the same.
This study focuses on the unique experience of Black professionals in technology. Over 600 people were surveyed using an online tool; interviews provided additional insights. We're excited to share our findings with you.
![]() |
![]() |
Allison Straker |
Ugbad Farah |
In October 2021, we launched a survey to understand what the Black experience is like for people in technology. We wanted and received a variety of responses which would help us to understand how Black technology professionals experienced their working world. We received responses from 633 professionals, providing us with the data for this report.
For more information on our survey demographics please see the appendix at this end of this report.
26% of our respondents either identified as Black or felt the world sees them as Black.
Professionals from various countries responded to the survey:
Organizations do better and are more innovative when they have more diversity, a key ingredient in an organization's secret sauce.
Organizations also benefit from engaged employees, yet we've seen that organizations struggle with both. Just having a certain number of diverse individuals is not enough. When it comes to reaping the benefits of diversity, organizations can flourish when employees feel safe bringing their whole selves to work.
45% | Innovation Revenue by Companies With Above-Average Diversity Scores |
26% |
Innovation Revenue by Companies With Below-Average Diversity Scores |
Companies with higher employee engagement experience 19.2% higher earnings.
However, those with lower employee engagement experience 32.7% lower earnings.
(DecisionWise, 2020)
If your workforce doesn't reflect the community it serves, your business may be missing out on the chance to find great employees and break into new and growing markets, both locally and globally.
Diversity makes good business sense.
(Business Development Canada, 2023)
Why is this about Black professionals and not other diverse groups?
While there are a variety of diversity dimensions, it's important to understand what makes up a "multicultural workforce." There is more to diversity than gender, race, and ethnicity. Organizations need to understand that there is diversity within these groups and Black professionals have their own unique experience when it comes to entering and navigating tech that needs to be addressed.
(Brookfield Institute for Innovation and Entrepreneurship, 2019)
The solutions that apply to Black professionals are not only beneficial for Black employees but for all. While all demographics are unique, the solutions in this report can support many.
Less Black professionals responded as "satisfied" in their IT careers. The question is: How do we mend the Gap?
Percentage of IT Professionals Who Reported Being Very Satisfied in Their Current Role
Our research suggests that the differences in satisfaction among ethnic groups are related to differences in value systems. We asked respondents to rank what's important, and we explored why.
Non-Black professionals rated autonomy and their manager working relationships as most important.
For Black professionals, while those were important, #1 was promotion and growth opportunities, ranked #7 by all other professionals. This is a significant discrepancy.
Recognition of my work/accomplishments also was viewed significantly differently, with Black professionals ranking it low on the list at #7 and all other professionals considering it very important at #3.
All Other Professionals |
Black Professionals |
|
---|---|---|
![]() |
In Maslow's hierarchy, it is necessary for people to achieve items lower on the hierarchy before they can successfully pursue the higher tiers.
Too many Black professionals in tech are busy trying to achieve some of the lower parts of the hierarchy; it is stopping them from achieving elements higher up that can lead to job satisfaction.
This can stop them from gaining esteem, importance, and ultimately, self-actualization. The barriers that impact safety and social belonging happen on a day-to-day basis, and so the day-to-day lives of Black professionals in tech can look very different from their counterparts.
![]() |
![]() |
There are various barriers that increase the likelihood for Black professionals to focus on the lower end of the needs hierarchy: |
These are among some of the solutions that, when layered, can support Black professionals in tech in moving up the needs hierarchy. Focusing on these actions can support Black professionals in achieving much needed job satisfaction. |
The barriers that Black professionals encounter aren't limited to the same barriers as their colleagues, and too often this means that they aren't in a position to grow their careers in a way that leads to job satisfaction.
There is a 11% gap between the satisfaction of Black professionals and their peers.
Early Steps:
Take time to understand the Black experience.
As leaders, it's important to be aware that employee goals vary depending on the barriers they're battling with.
Intermediate:
If Black employees don't have strong relationships, networks, and mentorships it becomes increasingly difficult to navigate the path to upward mobility.
As a leader, you can look for opportunities to bridge the gap on these types of conversations.
Advanced:
Black professionals in tech are not advancing like their counterparts.
Creating clear career paths will not only benefit Black employees but also support your entire organization.
Key metrics:
Common barriers
Black professionals, like their colleagues, encounter barriers as they try to advance their careers. The barriers both groups encounter include microaggressions, racism, ageism, accessibility issues, sexual orientation, bias due to religion, lack of a career-supported network, gender bias, family status bias, and discrimination due to language/accents.
Microaggressions and racism are at the top of these barriers, but Black professionals also deal with other barriers that their colleagues may experience, such as gender-based bias, accessibility issues, religion, and more.
One of these barriers alone can be difficult to deal with but when they are compounded it can be very difficult to navigate through the working environment in tech.
A statement, action, or incident regarded as an instance of indirect, subtle, or unintentional discrimination against members of a marginalized group such as a racial or ethnic minority.
(Oxford Languages, 2023)
These things may seem innocent enough but the messaging that is received and the lasting impression is often far from it.
Our research shows that racism and discrimination contribute to poor mental health among Black professionals.
"The experience of having to question whether something happened to you because of your race or constantly being on edge because your environment is hostile can often leave people feeling invisible, silenced, angry, and resentful."
Dr. Joy Bradford,
clinical Psychologist, qtd. In Pfizer
Both groups had some success finding jobs in "no time" – however, there was a difference. Thirty-four percent of "all others" found their jobs quickly, while the numbers were less for Black professionals, at 26%. There was also a difference at the opposite end of the spectrum. For 29% of Black professionals, it took seven months or longer to find their IT job, while that number is only 19% for their peers.
.
This points to the need for improvements in recruitment and career advancement.
29% of Black respondents said that it took them 7 months or longer to find their technology job.
Compared to 19% of all other professionals that selected the same response.
Our research shows that compared to all other ethnicities; Black participants were 55% more likely to report that they had no career advancement/promotion in their career. There is a bigger percentage of Black professionals who have never received a promotion; there's also a large number of Black professionals who have been working a significant amount time in the same role without a promotion.
Black participants were 55% more likely to report that they had had no career advancement/promotion in their career.
When employees feel disillusioned with things like career advancement and microaggressions, they often become disengaged. When you continuously have to steel yourself against microaggressions, racism, and other barriers, it prevents you from bringing your whole self to the office. The barriers can lead to what's been coined as "emotional tax." An emotional tax is the experience of feeling different from colleagues because of your inherent diversity and the associated negative effects on health, wellbeing, and the ability to thrive at work.
Earnings of companies with higher employee engagement |
19.2% |
Earnings of companies with lower employee engagement |
-32.7% |
(DecisionWise, 2020)
"I've conditioned myself for the corporate world, I don't bring my authentic self to work."
Anonymous Interview Subject
Lack of engagement also costs the organization in terms of turnover, something many organizations today are struggling with how to address. Organizations want to increase the ability of the workforce to remain in the organization. For Black employees, this gets harder when they're not engaged and they're the only one. When the emotional tax gets to be too much, this can lead to turnover. Turnover not only costs companies billions in profits, it also negatively impacts leadership diversity. It's difficult to imagine career growth when you don't see anyone that looks like you at the top. It is a challenge to see your future when there aren't others that you can relate to at top levels in the organization, leading to one of our interview subjects to muse, "How long can I last?"
"Being Black in tech can be hard on your mental health. Your mind is constantly wondering, 'how long can I last?' "
Anonymous Interview Subject
For many Black professionals, "code-switching," or altering the way one speaks and acts depending on context, becomes the norm to make others more comfortable. Many feel that being authentic and succeeding in the workplace are mutually exclusive.
We asked respondents "What's in place to build an inclusive culture at your company?" Most respondents (51% and 45%) reported that there were employee resource groups at their organizations.
There are various actions that organizations can take to help address barriers.
It's important to ensure these are not put in as band-aid solutions but that they are carefully thought out and layered.
Our findings demonstrate that remote work, career development, and DEI programs along with mentorship and diverse leadership are strong enablers of professional satisfaction. An unfortunate consequence, if professionals are not nurtured, is that we risk losing much needed talent to self-employment or to other organizations.
Respondents were asked to distribute points across potential solutions that could lead to job satisfaction. The ratings showed that there were common solutions that could be leveraged across all groups.
Respondents were asked what solutions were valuable for their career development.
All groups were mostly aligned on the order of the solutions that would lead to career satisfaction; however, Black professionals rated the importance of employee resource groups as higher than their colleagues did.
Mentorship and sponsorship are seen as key for all employees, as is of course training.
However, employee resource groups (ERGs) were rated significantly higher for Black professionals and discussions around diversity were higher for their colleagues. This may be because other groups feel a need to learn more about diversity, whereas Black professionals live this experience on a day-to day basis, so it's not as critical for them.
Mentorship and sponsorship help to close the job satisfaction gap for Black IT professionals. The percentage of satisfied Black employees almost doubles when they have a mentor or sponsorship, moving the satisfaction rate to closer to all other colleagues.
As leaders, you likely benefit from a few different advisors, and your staff should be able to benefit in the same way.
They can have their own personal board of advisors, both inside and outside of your organization, helping them to navigate the working world in IT.
To support your staff, provide guidance and coaching to internal mentors so that they can best support employees, and ensure that your organizational culture supports relationship building and trust.
Performance-driven guidance geared to support the employee with on-the-job performance. This could be a short-term relationship.
A relationship where the mentor provides guidance, information, and expertise to support the long-term career development of the mentee.
The act of advocating on the behalf of another for a position, promotion, development opportunity, etc. over a longer period.
For more information on setting up a mentorship program, see Optimize the Mentoring Program to Build a High Performing Learning Organization.
"With some degree of mentorship or sponsorship, it means that your ability to thrive or to have a positive experience in organizations increases substantially. Mentorship and sponsorship are very often the lynchpin of someone being successful and sticking with an organization. Sponsorship is an endorsement to other high-level stakeholders who very often are the gatekeepers of opportunity. Sponsors help to shepherd you through the gate." |
![]() |
Carlos Thomas |
Employee resource groups enable employees to connect in their workplace based on shared characteristics or life experiences.
ERGs generally focus on providing support, enhancing career development, and contributing to personal development in the work environment. Some ERGs provide advice to the organization on how they can support their diverse employees.
As leaders, you should support and encourage the formation of ERGs in your organization.
What each ERG does will vary according to the needs of employees in your organization. Your role is to enable the ERGs as they are created and maintained.
"Employee resource groups, when leveraged in an authentically intentional way, can be the some of the most impactful stakeholders in the development and implementation of the organizational diversity, equity, and inclusion strategy. ERGs are essential to the development of policies, programs, and initiatives that address the needs of equity-seeking groups and are key to driving organizational culture and employee wellbeing, in addition to hiring and recruitment. ERGs must be set up for success by having adequate resources to do the work, which includes adequate budgets, executive sponsorship, training, support, and capacity to do the work. According to a Great Place To Work survey (2021), 50% of ERGs identified the need for adequate resources as a challenge for carrying out the work.:" |
![]() |
CINNAMON CLARK |
Representation at leadership levels is especially stagnant.
Black Americans comprise 13.6% of the US population
(2022 data from the US Census Bureau)
And yet only 5.9% of the country's CEOs are Black, with only 6 (1%) at the top of Fortune 500 companies.
(2021 data from the Bureau of Labor Statistics and Fortune.com)
I've never worked for a company that has Black executives. It's difficult to envision long-term growth with an organization when you don't see yourself represented in leadership.
– Anonymous Interview Subject
Our research shows that Black professionals are more satisfied in their role when they see leaders that look like them.
Satisfaction of other professionals is not as impacted by diversity in leadership as for Black professionals. Satisfaction doubles in organizations that have a diverse leadership team.
To reap the benefits from diversity, we need to ensure diversity is not just in entry or mid-level positions and provide employees an opportunity to see diversity in their company's leadership.
"As a Black professional leader, it's not lost on me that I have a responsibility. I have to demonstrate authenticity, professionalism, and exemplary behavior that others can mimic. And I must also showcase that there are possibilities for those coming up in their career. I feel very grateful that I can bestow onto others my knowledge, my experience, my journey, and the tips that I've used to help bring me to be where I am. |
![]() |
C. Fara Francis |
While all groups have embraced the work-from-home movement, many Black professionals find it reduces the impact of racial incidents in the workplace.
I have to guard and protect myself from experiencing and witnessing racism every day. I am currently working remotely, and I can say for certain my mood and demeanor have improved. Not having to decide if I should address a racist comment or action has made my day easier.
Source: Slate, 2022
Survey respondents were asked about the positive and negative changes they saw in their interactions and experiences with remote work. Black employees and their colleagues replied similarly, with mostly positive experiences.
While both groups enjoyed better chances for career advancement, the difference was significantly higher for Black professionals.
The biggest reasons for both groups in choosing self-employment were for better pay, career growth, and work/life balance.
While the desire for better pay was the highest reason for both groups, for engaged employees salary is a lower priority than other concerns (Adecco Group's Global Workforce of the Future report). Consider salary in conjunction with career growth, work/life balance, and the variety in the work that your employees have.
If we don't consider our Black employees, not only do we risk them leaving the organization, but they may decide to just work for themselves.
38% of all respondents believe their organizations are very committed to DEI
49% believe they are somewhat committed
9% feel they are not committed
4% are unsure
Make sure supports are in place to help your employees grow in their careers:
Leadership
IT Leadership Career Planning Research Center
Diversity and Inclusion Tactics
IT Diversity & Inclusion Tactics
Employee Development Planning
Implement an IT Employee Development Plan
While organization's efforts are acknowledged, Black professionals aren't as optimistic about the commitment as their peers. Make sure that your programs are reaching the various groups you want to impact, to increase the likelihood of satisfaction in their roles.
SATISFACTION INCREASES IN BOTH BLACK AND NON-BLACK PROFESSIONALS
When they believe in their company's commitment to diversity, equity. and inclusion.
Of those who believe in their organization's commitment, 61% of Black professionals and 67% of non-Black professionals are very satisfied in their roles.
BELIEVE THEIR ORGANIZATION IS NOT COMMITTED TO DEI |
BELIEVE THEIR ORGANIZATION IS VERY COMMITTED TO DEI |
|
---|---|---|
NON-BLACK PROFESSIONALS |
8% |
41% |
BLACK PROFESSIONALS |
13% |
30% |
It's important to understand the current landscape:
We recognize that resolving this is not easy. Although senior executives are recognizing that a diverse set of experiences, perspectives, and backgrounds is crucial to fostering innovation and competing on the global stage, organizations often don't take the extra step to actively look for racialized talent, and many people still believe that race doesn't play an important part in an individual's ability to access opportunities.
Look at a variety of solutions that you can implement within your organization; layering solutions is the key to driving business diversity. Always keep in mind that diversity is not a monolith, that the experiences of each demographic varies.
Diversity in tech survey
As part of the research process for the State of Black Tech Report, Info-Tech Research Group conducted an open online survey among its membership and wider community of professionals. The survey was fielded from October 2021 to April 2022, collecting 633 responses.
Education was fairly consistent across both groups, with a few exceptions: more Black professionals had secondary school (9% vs. 4%) and more Black professionals had Doctorate degrees (4% vs. 2%).
We had more non-Black respondents with 20+ years of experience (31% vs. 19%) and more Black respondents with less than 1 year of experience (8% vs. 5%) – the rest of the years of experience were consistent across the two groups.
It is important to recognize that people are often seen by "the world" as belonging to a different race or set of races than what they personally identify as. Both aspects impact a professional's experience in the workplace.
Barton, LeRon. “I’m Black. Remote Work Has Been Great for My Mental Health.” Slate, 15 July 2022.
“Black or African American alone, percent.” U.S. Census Bureau QuickFacts: United States. Accessed 14 February 2023.
Boyle, Matthew. “More Workers Ready to Quit Over ‘Window Dressing’ Racism Efforts.” Bloomberg.com, 9 June 2022.
Boyle, Matthew. “Remote Work Has Vastly Improved the Black Worker Experience.” Bloomberg.com, 5 October 2021.
Cooper, Frank, and Ranjay Gulati. “What Do Black Executives Really Want?” Harvard Business Review, 18 November 2021.
“Emotional Tax.” Catalyst. Accessed 1 April 2022.
“Employed Persons by Detailed Occupation, Sex, Race, and Hispanic or Latino Ethnicity” U.S. Bureau of Labor Statistics. Accessed February 14, 2023.
“Equality in Tech Report - Welcome.” Dice, 9 March 2022. Accessed 23 March 2022.
Erb, Marcus. "Leaders Are Missing the Promise and Problems of Employee Resource Groups." Great Place To Work, 30 June 2021.
Gawlak, Emily, et al. “Key Findings - Being Black In Corporate America.” Coqual, Center for Talent Innovation (CTI), 2019.
“Global Workforce of the Future Research.” Adecco, 2022. Accessed 4 February 2023.
Gruman, Galen. “The State of Ethnic Minorities in U.S. Tech: 2020.” Computerworld, 21 September 2020. Accessed 31 May 2022.
Hancock, Bryan, et al. “Black Workers in the US Private Sector.” McKinsey, 21 February 2021. Accessed 1 April 2022.
“Hierarchy Of Needs Applied To Employee Engagement.” Proactive Insights, 12 February 2020.
Hobbs, Cecyl. “Shaping the Future of Leadership for Black Tech Talent.” Russell Reynolds Associates, 27 January 2022. Accessed 3 August 2022.
Hubbard, Lucas. “Race, Not Job, Predicts Economic Outcomes for Black Households.” Duke Today, 16 September 2021. Accessed 30 May 2022.
Knight, Marcus. “How the Tech Industry Can Be More Inclusive to the Black Community.” Crunchbase, 23 February 2022.
“Maslow’s Hierarchy of Needs in Employee Engagement (Pre and Post Covid 19).” Vantage Circle HR Blog, 30 May 2022.
McDonald, Autumn. “The Racism of the ‘Hard-to-Find’ Qualified Black Candidate Trope (SSIR).” Stanford Social Innovation Review, 1 June 2021. Accessed 13 December 2021.
McGlauflin, Paige. “The Fortune 500 Features 6 Black CEOs—and the First Black Founder Ever.” Fortune, 23 May 2022. Accessed 14 February 2023.
“Microaggression." Oxford English Dictionary, Oxford Languages, 2023.
Reed, Jordan. "Understanding Racial Microaggression and Its Effect on Mental Health." Pfizer, 26 August 2020.
Shemla, Meir “Why Workplace Diversity Is So Important, And Why It’s So Hard To Achieve.” Forbes, 22 August 2018. Accessed 4 February 2023.
“The State of Black Women in Corporate America.” Lean In and McKinsey & Company, 2020. Accessed 14 January 2022.
Van Bommel, Tara. “The Power of Empathy in Times of Crisis and Beyond (Report).” Catalyst, 2021. Accessed 1 April 2022.
Vu, Viet, Creig Lamb, and Asher Zafar. “Who Are Canada’s Tech Workers?” Brookfield Institute for Innovation and Entrepreneurship, January 2019. Accessed on Canadian Electronic Library, 2021. Web.
Warner, Justin. “The ROI of Employee Engagement: Show Me the Money!” DecisionWise, 1 January 2020. Web.
White, Sarah K. “5 Revealing Statistics about Career Challenges Black IT Pros Face.” CIO (blog), 9 February 2023. Accessed 5 July 2022.
Williams, Joan C. “Stop Asking Women of Color to Do Unpaid Diversity Work.” Bloomberg.com, 14 April 2022.
Williams, Joan C., Rachel Korn, and Asma Ghani. “A New Report Outlines Some of the Barriers Facing Asian Women in Tech.” Fast Company, 13 April 2022.
Wilson, Valerie, Ethan Miller, and Melat Kassa. “Racial representation in professional occupations.” Economic Policy Institute, 8 June 2021.
“Workplace Diversity: Why It’s Good for Business.” Business Development Canada (BDC.ca), 6 Feb. 2023. Accessed 4 February 2023.
"The cyber threat landscape today is highly complex and rapidly changing. Cyber security incidents can have several impacts on organizations and society, both on a physical and non-physical level. Through the use of a computer, criminals can indeed cause IT outages, supply chain disruptions and other physical security incidents"
-- excerpt from the foreword of the BCI Cyber resilience report 2018 by David Thorp, Executive Director, BCI
There are a number of things you can do to protect yourself. And they range, as usual, from the fairly simple to the more elaborate and esoteric. Most companies can, with some common sense, if not close the door on most of these issues, at least prepare themselves to limit the consequences.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Assess the current state and define the drivers behind your release management optimizations.
Design your release processes, program framework, and release change management standards, and define your release management team.
Create an optimization roadmap that fits your context.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Reveal the motivators behind the optimization of release management.
Identify the root causes of current release issues and challenges.
Ensure business alignment of optimization efforts.
Firm grasp of why teams are facing release issues and the impacts they have on the organization.
1.1 Identify the objectives for application release.
1.2 Conduct a current state assessment of release practices.
Release management business objectives and technical drivers
Current state assessment of release processes, communication flows, and tools and technologies
Alleviate current release issues and challenges with best practices.
Standardize a core set of processes, tools, and roles & responsibilities to achieve consistency, cadence, and transparency.
Repeatable execution of the same set of processes to increase the predictability of release delivery.
Defined ownership of release management.
Adaptable and flexible release management practices to changing business and technical environments.
2.1 Strengthen your release process.
2.2 Coordinate releases with a program framework.
2.3 Manage release issues with change management practices.
2.4 Define your release management team.
Processes accommodating each release type and approach the team is required to complete
Release calendars and program framework
Release change management process
Defined responsibilities and accountabilities of release manager and release management team
Define metrics to validate release management improvements.
Identify the degree of oversight and involvement of the release management team.
Prioritize optimization roadmap against business needs and effort.
Easy-to-gather metrics to measure success that can be communicated to stakeholders.
Understanding of how involved release management teams are in enforcing release management standards.
Practical and achievable optimization roadmap.
3.1 Define your release management metrics.
3.2 Ensure adherence to standards.
3.3 Create your optimization roadmap.
List of metrics to gauge success
Oversight and reporting structure of release management team
Release management optimization roadmap
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Complete a cultural assessment and select focus values to form core culture efforts.
Enable executives to gather feedback on behavioral perceptions and support behavioral change.
Review all areas of the department to understand where the links to culture exist and create a communication plan.
Customize a process to infuse behaviors aligned with focus values in work practices and complete the first wave of meetings.
There is always more work than hours in the day. IT often feels understaffed and doesn’t know how to get it all done. Trying to satisfy all the requests results in everyone getting a small piece of the pie and in users being dissatisfied.
Focusing on one initiative will allow leaders to move the needle on what is important.
Focus on the big picture, leveraging Info-Tech’s blueprints. By increasing maturity and efficiency, IT staff can spend more time on value-added activities.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
There is always more work than hours in the day. IT often feels understaffed and doesn’t know how to get it all done. Trying to satisfy all the requests results in everyone getting a small piece of the pie and in users being dissatisfied. Use Info-Tech's Applications Priorities 2022 to learn about the five initiatives that IT should prioritize for the coming year.
Work-from-anywhere isn’t going anywhere. During the initial rush to remote work, tech debt was highlighted and the business lost faith in IT. IT now needs to:
IT went through an initial crunch to enable remote work. It’s time to be proactive and learn from our mistakes.
Follow these steps to build a work-from-anywhere strategy that resonates with the business:
Benefit employees’ remote working experience while ensuring that IT heads in a strategic direction.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Identify a vision that aligns with business goals, not for how the company worked in 2019, but for how the company is working now and will be working tomorrow.
Don’t focus on becoming an innovator until you are no longer stuck in firefighting mode.
Use these blueprints to improve your enterprise app capabilities for work-from-anywhere.
Use these blueprints to improve IT’s strategy, people & leadership capabilities for work-from-anywhere.
Use these blueprints to improve infrastructure & operations capabilities for work-from-anywhere.
Use these blueprints to improve IT security & compliance capabilities for work-from-anywhere.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Define the direction of your work-from-anywhere strategy and roadmap.
Base your decisions on senior leadership and user needs.
1.1 Identify drivers, benefits, and challenges.
1.2 Perform a goals cascade to align benefits to business needs.
1.3 Define a vision and success metrics.
1.4 Define the value IT brings to work-from-anywhere.
Desired benefits for work-from-anywhere
Vision statement
Mission statement
Success metrics
Value propositions for in-scope user groups
Focus on value. Ensure that major applications and IT capabilities will relieve employees’ pains and provide them with gains.
Learn from past mistakes and successes.
Increase adoption of resulting initiatives.
2.1 Review work-from-anywhere framework and identify capability gaps.
2.2 Review diagnostic results to identify satisfaction gaps.
2.3 Record improvement opportunities for each capability.
2.4 Identify deliverables and opportunities to provide value for each.
2.5 Identify constraints faced by each capability.
SWOT assessment of work-from-anywhere capabilities
Projects and initiatives to improve capabilities
Deliverables and opportunities to provide value for each capability
Constraints with each capability
Build a short-term plan that allows you to iterate on your existing strengths and provide early value to your users.
Provide early value to address operational pain points.
Build a plan to provide near-term innovation and business value.
3.1 Organize initiatives into phases.
3.2 Identify tasks for short-term initiatives.
3.3 Estimate effort with Scrum Poker.
3.4 Build a timeline and tie phases to desired business benefits.
Prioritized list of initiatives and phases
Profiles for short-term initiatives
Leverage Info-Tech’s process and deliverables to see dramatic improvements in your business satisfaction through an effective IT steering committee. This blueprint will provide three core customizable deliverables that you can use to launch or optimize your IT steering committee:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Build your IT steering committee charter using results from the stakeholder survey.
Define your high level steering committee processes using SIPOC, and select your steering committee metrics.
Customize Info-Tech’s stakeholder presentation template to gain buy-in from your key IT steering committee stakeholders.
Build the new project intake and prioritization process for your new IT steering committee.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Lay the foundation for your IT steering committee (ITSC) by surveying your stakeholders and identifying the opportunities and threats to implementing your ITSC.
An understanding of the business environment affecting your future ITSC and identification of strategies for engaging with stakeholders
1.1 Launch stakeholder survey for business leaders.
1.2 Analyze results with an Info-Tech advisor.
1.3 Identify opportunities and threats to successful IT steering committee implementation.
1.4 Develop the fit-for-purpose approach.
Report on business leader governance priorities and awareness
Refined workshop agenda
Define the goals and roles of your IT steering committee.
Plan the responsibilities of your future committee members.
Groundwork for completing the steering committee charter
2.1 Review the role of the IT steering committee.
2.2 Identify IT steering committee goals and objectives.
2.3 Conduct a SWOT analysis on the five governance areas
2.4 Define the key responsibilities of the ITSC.
2.5 Define ITSC participation.
IT steering committee key responsibilities and participants identified
IT steering committee priorities identified
Document the information required to create an effective ITSC Charter.
Create the procedures required for your IT steering committee.
Clearly defined roles and responsibilities for your steering committee
Completed IT Steering Committee Charter document
3.1 Build IT steering committee participant RACI.
3.2 Define your responsibility cadence and agendas.
3.3 Develop IT steering committee procedures.
3.4 Define your IT steering committee purpose statement and goals.
IT steering committee charter: procedures, agenda, and RACI
Defined purpose statement and goals
Define and test your IT steering committee processes.
Get buy-in from your key stakeholders through your stakeholder presentation.
Stakeholder understanding of the purpose and procedures of IT steering committee membership
4.1 Define your high-level IT steering committee processes.
4.2 Conduct scenario testing on key processes, establish ITSC metrics.
4.3 Build your ITSC stakeholder presentation.
4.4 Manage potential objections.
IT steering committee SIPOC maps
Refined stakeholder presentation
5.1 Create prioritization criteria
5.2 Customize the project prioritization tool
5.3 Pilot test the tool
5.4 Define action plan and next steps
IT Steering Committee Project Prioritization Tool
Action plan
Leverage Info-Tech’s process and deliverables to see dramatic improvements in your business satisfaction through an effective IT steering committee. This blueprint will provide three core customizable deliverables that you can use to launch or optimize your IT steering committee. These include:
Effective IT governance critical in driving business satisfaction with IT. Yet 88% of CIOs believe that their governance structure and processes are not effective. The IT steering committee (ITSC) is the heart of the governance body and brings together critical organizational stakeholders to enable effective decision making (Info-Tech Research Group Webinar Survey).
"Everyone needs good IT, but no one wants to talk about it. Most CFOs would rather spend time with their in-laws than in an IT steering-committee meeting. But companies with good governance consistently outperform companies with bad. Which group do you want to be in?"
– Martha Heller, President, Heller Search Associates
67% of CIOs/CEOs are misaligned on the target role for IT.
47% of CEOs believe that business goals are going unsupported by IT.
64% of CEOs believe that improvement is required around IT’s understanding of business goals.
28% of business leaders are supporters of their IT departments.
A well devised IT steering committee ensures that core business partners are involved in critical decision making and that decisions are based on business goals – not who shouts the loudest. Leading to faster decision-making time, and better-quality decisions and outcomes.
Organizations often blur the line between governance and management, resulting in the business having say over the wrong things. Understand the differences and make sure both groups understand their role.
The ITSC is the most senior body within the IT governance structure, involving key business executives and focusing on critical strategic decisions impacting the whole organization.
Within a holistic governance structure, organizations may have additional committees that evaluate, direct, and monitor key decisions at a more tactical level and report into the ITSC.
These committees require specialized knowledge and are implemented to meet specific organizational needs. Those operational committees may spark a tactical task force to act on specific needs.
IT management is responsible for executing on, running, and monitoring strategic activities as determined by IT governance.
Strategic | IT Steering Committee | |
Tactical | Project Governance Service Governance Risk Governance Information Governance |
IT Management |
Operational | Risk Task Force |
This blueprint focuses exclusively on building the IT steering committee. For more information on IT governance see Info-Tech’s blueprint Tailor an IT Governance Plan to Fit Organizational Needs.
As CIO I find that there is a lack of alignment between business and IT strategies. |
I’ve noticed that projects are thrown over the fence by stakeholders and IT is expected to comply. |
I’ve noticed that IT projects are not meeting target project metrics. |
I’ve struggled with a lack of accountability for decision making, especially by the business. |
I’ve noticed that the business does not understand the full cost of initiatives and projects. |
I don’t have the authority to say “no” when business requests come our way. |
We lack a standardized approach for prioritizing projects. |
IT has a bad reputation within the organization, and I need a way to improve relationships. |
Business partners are unaware of how decisions are made around IT risks. |
Business partners don’t understand the full scope of IT responsibilities. |
There are no SLAs in place and no way to measure stakeholder satisfaction with IT. |
Info-Tech’s IT steering committee development blueprint will provide you with the required tools, templates, and deliverables to implement a right-sized committee that’s effective the first time.
1 | 2 | 3 | 4 |
Build the Steering Committee Charter | Define ITSC Processes | Build the Stakeholder Presentation | Define the Prioritization Criteria |
|
|
|
|
COBIT METRICS | Alignment
|
Accountability
|
Value Generation
|
INFO-TECH METRICS | Survey Metrics:
|
Industry: Consumer Goods
Source: Interview
A newly hired CIO at a large consumer goods company inherited an IT department with low maturity from her predecessor. Satisfaction with IT was very low across all business units, and IT faced a lot of capacity constraints. The business saw IT as a bottleneck or red tape in terms of getting their projects approved and completed.
The previous CIO had established a steering committee for a short time, but it had a poorly established charter that did not involve all of the business units. Also the role and responsibilities of the steering committee were not clearly defined. This led the committee to be bogged down in politics.
Due to the previous issues, the business was wary of being involved in a new steering committee. In order to establish a new steering committee, the new CIO needed to navigate the bad reputation of the previous CIO.
The CIO established a new steering committee engaging senior members of each business unit. The roles of the committee members were clearly established in the new steering committee charter and business stakeholders were informed of the changes through presentations.
The importance of the committee was demonstrated through the new intake and prioritization process for projects. Business stakeholders were impressed with the new process and its transparency and IT was no longer seen as a bottleneck.
“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”
“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”
“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”
“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”
Build the Steering Committee Charter | Define ITSC Processes | Build the Stakeholder Presentation | Define the Prioritization Criteria | |
---|---|---|---|---|
Best-Practice Toolkit | 1.1 Survey Your Steering Committee Stakeholders 1.2 Build Your ITSC Charter |
2.1 Build a SIPOC 2.2 Define Your ITSC Process |
3.1 Customize the Stakeholder Presentation | 4.1 Establish your Prioritization Criteria 4.2 Customize the Project Prioritization Tool 4.3 Pilot Test Your New Prioritization Criteria |
Guided Implementations |
|
|
|
|
Onsite Workshop | Module 1: Build a New ITSC Charter |
Module 2: Design Steering Committee Processes |
Module 3: Present the New Steering Committee to Stakeholders |
Module 4: Establish Project Prioritization Criteria |
Phase 1 Results:
|
Phase 2 Results:
|
Phase 3 Results:
|
Phase 4 Results:
|
Contact your account representative or email Workshops@InfoTech.com for more information.
Workshop Day 1 | Workshop Day 2 | Workshop Day 3 | Workshop Day 4 | Workshop Day 5 | |
---|---|---|---|---|---|
Activities | Build the IT Steering Committee 1.1 Launch stakeholder survey for business leaders 1.2 Analyze results with an Info-Tech Advisor 1.3 Identify opportunities and threats to successful IT steering committee implementation. 1.4 Develop the fit-for-purpose approach |
Define the ITSC Goals 2.1 Review the role of the IT steering committee 2.2 Identify IT steering committee goals and objectives 2.3 Conduct a SWOT analysis on the five governance areas 2.4 Define the key responsibilities of the ITSC 2.5 Define ITSC participation |
Define the ITSC Charter 3.1 Build IT steering committee participant RACI 3.2 Define your responsibility cadence and agendas 3.3 Develop IT steering committee procedures 3.4 Define your IT steering committee purpose statement and goals |
Define the ITSC Process 4.1 Define your high-level IT steering committee processes 4.2 Conduct scenario testing on key processes, establish ITSC metrics 4.3 Build your ITSC stakeholder presentation 4.4 Manage potential objections |
Define Project Prioritization Criteria 5.1 Create prioritization criteria 5.2 Customize the Project Prioritization Tool 5.3 Pilot test the tool 5.4 Define action plan and next steps |
Deliverables |
|
|
|
|
|
Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.
Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.
Guided Implementation 1: Formalize the Security Policy Program Proposed Time to Completion: 1-2 weeks |
---|
Select Your ITSC Members Start with an analyst kick-off call:
Then complete these activities…
With these tools & templates:
|
Review Stakeholder Survey Results Review findings with analyst:
Then complete these activities…
With these tools & templates:
|
Finalize the ITSC Charter Finalize phase deliverable:
Then complete these activities…
With these tools & templates:
|
Be exclusive with your IT steering committee membership. Determine committee participation based on committee responsibilities. Select only those who are key decision makers for the activities the committee is responsible for and, wherever possible, keep membership to 5-8 people.
A charter is the organizational mandate that outlines the purpose, scope, and authority of the ITSC. Without a charter, the steering committee’s value, scope, and success criteria are unclear to participants, resulting in unrealistic stakeholder expectations and poor organizational acceptance.
Start by reviewing Info-Tech’s template. Throughout this section we will help you to tailor its contents.
Committee Purpose: The rationale, benefits of, and overall function of the committee.
Responsibilities: What tasks/decisions the accountable committee is making.
Participation: Who is on the committee
RACI: Who is accountable, responsible, consulted, and informed regarding each responsibility.
Committee Procedures and Agendas: Includes how the committee will be organized and how the committee will interact and communicate with business units.
Leverage Info-Tech’s IT Steering Committee Stakeholder Surveyand reports to quickly identify business priorities and level of understanding of how decisions are made around the five governance areas.
Use these insights to drive the IT steering committee responsibilities, participation, and communication strategy.
The Stakeholder Survey consists of 17 questions on:
To simplify your data collection and reporting, Info-Tech can launch a web-based survey, compile the report data and assist in the data interpretation through one of our guided implementations.
Also included is a Word document with recommended questions, if you prefer to manage the survey logistics internally.
You get:
So you can:
You get:
So you can:
INPUT
OUTPUT
Materials
Participants
Governance of risk establishes the risk framework, establishes policies and standards, and monitors risks.
Governance of risk ensures that IT is mitigating all relevant risks associated with IT investments, projects, and services.
Governance of the IT portfolio achieves optimum ROI through prioritization, funding, and resourcing.
PPM practices create value if they maximize the throughput of high-value IT projects at the lowest possible cost. They destroy value when they foster needlessly sophisticated and costly processes.
Governance of projects improves the quality and speed of decision making for project issues.
Don’t confuse project governance and management. Governance makes the decisions regarding allocation of funding and resources and reviews the overall project portfolio metrics and process methodology.
Management ensures the project deliverables are completed within the constraints of time, budget, scope, and quality.
Governance of services ensures delivery of a highly reliable set of IT services.
Effective governance of services enables the business to achieve the organization’s goals and strategies through the provision of reliable and cost-effective services.
Governance of information ensures the proper handling of data and information.
Effective governance of information ensures the appropriate classification, retention, confidentiality, integrity, and availability of data in line with the needs of the business.
Note: The bolded responsibilities are the ones that are most common to IT steering committees, and greyed out responsibilities are typical of a larger governance structure. Depending on their level of importance to your organization, you may choose to include the responsibility.
INPUT
OUTPUT
Materials
Participants
The bolded responsibilities are those that are most common to IT steering committees, and responsibilities listed in grey are typical of a larger governance structure.
MUNICIPALITY
EDUCATION
HEALTHCARE
PRIVATE ORGANIZATIONS
INPUT
OUTPUT
Materials
Participants
It is not enough to participate in committee meetings; there needs to be a clear understanding of who is accountable, responsible, consulted, and informed about matters brought to the attention of the committee.
Each committee responsibility should have one person who is accountable, and at least one person who is responsible. This is the best way to ensure that committee work gets done.
An authority matrix is often used within organizations to indicate roles and responsibilities in relation to processes and activities. Using the RACI model as an example, there is only one person accountable for an activity, although several people may be responsible for executing parts of the activity. In this model, accountable means end-to-end accountability for the process.
RESPONSIBLE: The one responsible for getting the job done.
ACCOUNTABLE: Only one person can be accountable for each task.
CONSULTED: Involvement through input of knowledge and information.
INFORMED: Receiving information about process execution and quality.
INPUT
OUTPUT
Materials
Participants
49% of people consider unfocused meetings as the biggest workplace time waster.*
63% of the time meetings do not have prepared agendas.*
80% Reduction of time spent in meetings by following a detailed agenda and starting on time.*
*(Source: http://visual.ly/fail-plan-plan-fail).
A consent agenda is a tool to free up time at meetings by combining previously discussed or simple items into a single item. Items that can be added to the consent agenda are those that are routine, noncontroversial, or provided for information’s sake only. It is expected that participants read this information and, if it is not pulled out, that they are in agreement with the details.
Members have the option to pull items out of the consent agenda for discussion if they have questions. Otherwise these are given no time on the agenda.
Agendas
Procedures:
INPUT
OUTPUT
Materials
Participants
INPUT
OUTPUT
Materials
Participants
Industry: Consumer Goods
Source: Interview
The new CIO at a large consumer goods company had difficulty generating interest in creating a new IT steering committee. The previous CIO had created a steering committee that was poorly organized and did not involve all of the pertinent members. This led to a committee focused on politics that would often devolve into gossip. Also, many members were dissatisfied with the irregular meetings that would often go over their allotted time.
In order to create a new committee, the new CIO needed to dispel the misgivings of the business leadership.
The new CIO decided to build the new steering committee from the ground up in a systematic way.
She collected information from relevant stakeholders about what they know/how they feel about IT and used this information to build a detailed charter.
Using this info she outlined the new steering committee charter and included in it the:
The new steering committee included all the key members of business units, and each member was clear on their roles in the meetings. Meetings were streamlined and effective. The adjustments in the charter and the improvement in meeting quality played a role in improving the satisfaction scores of business leaders with IT by 21%.
1.1
Survey your ITSC stakeholders
Prior to the workshop, Info-Tech’s advisors will work with you to launch the IT Steering Committee Stakeholder Survey to understand business priorities and level of understanding of how decisions are made. Using this data, we will create the IT steering committee responsibilities, participation, and communication strategy.
1.7
Define a participant RACI for each of the responsibilities
The analyst will facilitate several exercises to help you and your stakeholders create an authority matrix. The output will be defined responsibilities and authorities for members.
Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.
Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.
Guided Implementation 2: Define your ITSC Processes Proposed Time to Completion: 2 weeks |
---|
Review SIPOCs and Process Creation Start with an analyst kick-off call:
Then complete these activities…
With these tools & templates: Phase 2 of the Establish an Effective IT Steering Committee blueprint | Finalize the SIPOC Review Draft SIPOC:
Then complete these activities…
With these tools & templates: Phase 2 of the Establish an Effective IT Steering Committee blueprint | Finalize Metrics Finalize phase deliverable:
Then complete these activities…
With these tools & templates: Phase 2 of the Establish an Effective IT Steering Committee blueprint |
Building high-level IT steering committee processes brings your committee to life. Having a clear process will ensure that you have the right information from the right sources so that committees can operate and deliver the appropriate output to the customers who need it.
The IT steering committee is only valuable if members are able to successfully execute on responsibilities.
One of the most common mistakes organizations make is that they build their committee charters and launch into their first meeting. Without defined inputs and outputs, a committee does not have the needed information to be able to effectively execute on responsibilities and is unable to meet its stated goals.
The arrows in this picture represent the flow of information between the IT steering committee, other committees, and IT management.
Building high-level processes will define how that information flows within and between committees and will enable more rapid decision making. Participants will have the information they need to be confident in their decisions.
Strategic | IT Steering Committee | |
Tactical | Project Governance Service Governance Risk Governance Information Governance |
IT Management |
Operational | Risk Task Force |
Info-Tech recommends using SIPOC as a way of defining how the IT steering committee will operate.
Derived from the core methodologies of Six Sigma process management, SIPOC – a model of Suppliers, Inputs, Processes, Outputs, Customers – is one of several tools that organizations can use to build high level processes. SIPOC is especially effective when determining process scope and boundaries and to gain consensus on a process.
By doing so you’ll ensure that:
Remember: Your IT steering committee is not a working committee. Enable effective decision making by ensuring participants have the necessary information and appropriate recommendations from key stakeholders to make decisions.
Supplier | Input |
Who provides the inputs to the governance responsibility. | The documented information, data, or policy required to effectively respond to the responsibility. |
Process | |
In this case this represents the IT steering committee responsibility defined in terms of the activity the ITSC is performing. | |
Output | Customer |
The outcome of the meeting: can be approval, rejection, recommendation, request for additional information, endorsement, etc. | Receiver of the outputs from the committee responsibility. |
For atypical responsibilities:
INPUT
OUTPUT
Materials
Participants
SIPOC: Establish the target investment mix | |
Supplier | Input |
CIO |
|
Process | |
Responsibility: The IT steering committee shall review and approve the target investment mix. | |
Output | Customer |
|
|
SIPOC: Endorse the IT budget | |
Supplier | Input |
CIO |
See Info-Tech’s blueprint IT Budget Presentation |
Process | |
Responsibility: Review the proposed IT budget as defined by the CIO and CFO. |
|
Output | Customer |
|
|
SIPOC: Monitor IT value metrics | |
Supplier | Input |
CIO |
|
Process | |
Responsibility: Review recommendations and either accept or reject recommendations. Refine go-forward metrics. |
|
Output | Customer |
|
|
SIPOC: Evaluate and select programs/projects to fund | |
Supplier | Input |
PMO |
See Info-Tech’s blueprint Grow Your Own PPM Solution |
Process | |
Responsibility: The ITSC will approve the list of projects to fund based on defined prioritization criteria – in line with capacity and IT budget. It is also responsible for identifying the prioritization criteria in line with organizational priorities. |
|
Output | Customer |
|
|
SIPOC: Endorse the IT strategy | |
Supplier | Input |
CIO |
See Info-Tech’s blueprint IT Strategy and Roadmap |
Process | |
Responsibility: Review, understand, and endorse the IT strategy. | |
Output | Customer |
|
|
SIPOC: Monitor project management metrics | |
Supplier | Input |
PMO |
|
Process | |
Responsibility: Review recommendations around PM metrics and define target metrics. Endorse current effectiveness levels or determine corrective action. |
|
Output | Customer |
|
|
SIPOC: Approve launch of planned and unplanned project | |
Supplier | Input |
CIO |
See Info-Tech’s Blueprint: Grow Your Own PPM Solution |
Process | |
Responsibility: Review the list of projects and approve the launch or reprioritization of projects. | |
Output | Customer |
|
|
SIPOC: Monitor stakeholder satisfaction with services and other service metrics | |
Supplier | Input |
Service Manager |
|
Process | |
Responsibility: Review recommendations around service metrics and define target metrics. Endorse current effectiveness levels or determine corrective action. |
|
Output | Customer |
|
|
SIPOC: Approve plans for new or changed service requirements | |
Supplier | Input |
Service Manager |
|
Process | |
Responsibility: Review IT recommendations, approve changes, and communicate those to staff. |
|
Output | Customer |
|
|
SIPOC: Monitor risk management metrics | |
Supplier | Input |
CIO |
|
Process | |
Responsibility: Review recommendations around risk metrics and define target metrics. Endorse current effectiveness levels or determine corrective action. |
|
Output | Customer |
|
|
SIPOC: Review the prioritized list of risks | |
Supplier | Input |
Risk Manager |
|
Process | |
Responsibility: Accept the risk registrar and define any additional action required. | |
Output | Customer |
|
|
SIPOC: Define information lifecycle process ownership | |
Supplier | Input |
CIO |
|
Process | |
Responsibility: Define responsibility and accountability for information lifecycle ownership. |
|
Output | Customer |
|
|
SIPOC: Monitor information lifecycle metrics | |
Supplier | Input |
Information lifecycle owner |
|
Process | |
Responsibility: Review recommendations around information management metrics and define target metrics. Endorse current effectiveness levels or determine corrective action. |
|
Output | Customer |
|
|
New Metrics:
INPUT
OUTPUT
Materials
Participants
Industry: Consumer Goods
Source: Interview
"IT steering committee’s reputation greatly improved by clearly defining its process."
One of the major failings of the previous steering committee was its poorly drafted procedures. Members of the committee were unclear on the overall process and the meeting schedule was not well established.
This led to low attendance at the meetings and ineffective meetings overall. Since the meeting procedures weren’t well understood, some members of the leadership team took advantage of this to get their projects pushed through.
The first step the new CIO took was to clearly outline the meeting procedures in her new steering committee charter. The meeting agenda, meeting goals, length of time, and outcomes were outlined, and the stakeholders signed off on their participation.
She also gave the participants a SIPOC, which helped members who were unfamiliar with the process a high-level overview. It also reacquainted previous members with the process and outlined changes to the previous, out-of-date processes.
The participation rate in the committee meetings improved from the previous rate of approximately 40% to 90%. The committee members were much more satisfied with the new process and felt like their contributions were appreciated more than before.
2.1
Define a SIPOC for each of the ITSC responsibilities
Create SIPOCs for each of the governance responsibilities with the help of an Info-Tech advisor.
2.2
Establish the reporting metrics for the ITSC
The analyst will facilitate several exercises to help you and your stakeholders define the reporting metrics for the ITSC.
Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.
Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.
Guided Implementation 3: Build the Stakeholder Presentation Proposed Time to Completion: 1 week |
---|
Customize the Presentation Start with an analyst kick-off call:
Then complete these activities…
With these tools & templates: IT Steering Committee Stakeholder Presentation
| Review and Practice the Presentation Review findings with analyst:
Then complete these activities…
With these tools & templates:
| Review the First ITSC Meeting Finalize phase deliverable:
Then complete these activities…
With these tools & templates: Establish an Effective IT Steering Committee blueprint |
Stakeholder engagement will be critical to your ITSC success, don't just focus on what is changing. Ensure stakeholders know why you are engaging them and how it will help them in their role.
Don’t take on too much in your first IT steering committee meeting. Many participants may not have participated in an IT steering committee before, or some may have had poor experiences in the past.
Use this meeting to explain the role of the IT steering committee and why you are implementing one, and help participants to understand their role in the process.
Quickly customize Info-Tech’s IT Steering Committee Stakeholder Presentation template to explain the goals and benefits of the IT steering committee, and use your own data to make the case for governance.
At the end of the meeting, ask committee members to sign the committee charter to signify their agreement to participate in the IT steering committee.
Review the IT Steering Committee Stakeholder Presentation template. This document should be presented at the first IT steering committee meeting by the assigned Committee Chair.
Customization Options
Overall: Decide if you would like to change the presentation template. You can change the color scheme easily by copying the slides in the presentation deck and pasting them into your company’s standard template. Once you’ve pasted them in, scan through the slides and make any additional changes needed to formatting.
Slide 2-3: Review the text on each of the slides and see if any wording should be changed to better suite your organization.
Slide 4: Review your list of the top 10 challenges and opportunities as defined in section 2 of this blueprint. Document those in the appropriate sections. (Note: be careful that the language is business-facing; challenges and opportunities should be professionally worded.)
Slide 5: Review the language on slide 5 to make any necessary changes to suite your organization. Changes here should be minimal.
INPUT
OUTPUT
Materials
Participants
Customization Options
Slide 6: The goal of this slide is to document and share the names of the participants on the IT steering committee. Document the names in the right-hand side based on your IT Steering Committee Charter.
Slides 7-9:
Slide 10: Review and understand the rollout timeline. Make any changes needed to the timeline.
INPUT
OUTPUT
Materials
Participants
INPUT
Participants
By this point, you should have customized the meeting presentation deck and be ready to meet with your IT steering committee participants.
The meeting should be one hour in duration and completed in person.
Before holding the meeting, identify who you think is going to be most supportive and who will be least. Consider meeting with those individuals independently prior to the group meeting to elicit support or minimize negative impacts on the meeting.
Customize this calendar invite script to invite business partners to participate in the meeting.
Hello [Name],
As you may have heard, we recently went through an exercise to develop an IT steering committee. I’d like to take some time to discuss the results of this work with you, and discuss ways in which we can work together in the future to better enable corporate goals.
The goals of the meeting are:
I look forward to starting this discussion with you and working with you more closely in the future.
Warm regards,
Industry:Consumer Goods
Source: Interview
"CIO gains buy-in from the company by presenting the new committee to its stakeholders."
Communication was one of the biggest steering committee challenges that the new CIO inherited.
Members were resistant to joining/rejoining the committee because of its previous failures. When the new CIO was building the steering committee, she surveyed the members on their knowledge of IT as well as what they felt their role in the committee entailed.
She found that member understanding was lacking and that their knowledge surrounding their roles was very inconsistent.
The CIO dedicated their first steering committee meeting to presenting the results of that survey to align member knowledge.
She outlined the new charter and discussed the roles of each member, the goals of the committee, and the overarching process.
Members of the new committee were now aligned in terms of the steering committee’s goals. Taking time to thoroughly outline the procedures during the first meeting led to much higher member engagement. It also built accountability within the committee since all members were present and all members had the same level of knowledge surrounding the roles of the ITSC.
3.1
Create a presentation for ITSC stakeholders to be presented at the first ITSC meeting
Work with an Info-Tech advisor to customize our IT Steering Committee Stakeholder Presentation template. Use this presentation to gain stakeholder buy-in by making the case for an ITSC.
Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.
Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.
Guided Implementation : Define the Prioritization Criteria Proposed Time to Completion: 4 weeks |
---|
Discuss Prioritization Criteria Start with an analyst kick-off call:
Then complete these activities...
With these tools & templates: IT Steering Committee Project Prioritization Tool | Customize the IT Steering Committee Project Prioritization Tool Review findings with analyst:
Then complete these activities…
With these tools & templates: IT Steering Committee Project Prioritization Tool | Review Results of the Pilot Test Finalize phase deliverable:
Then complete these activities…
With these tools & templates: IT Steering Committee Project Prioritization Tool |
The steering committee sets and agrees to principles that guide prioritization decisions. The agreed upon principles will affect business unit expectations and justify the deferral of requests that are low priority. In some cases, we have seen the number of requests drop substantially because business units are reluctant to propose initiatives that do not fit high prioritization criteria.
One of the key roles of the IT steering committee is to review and prioritize the portfolio of IT projects.
What is the prioritization based on? Info-Tech recommends selecting four broad criteria with two dimensions under each to evaluate the value of the projects. The criteria are aligned with how the project generates value for the organization and the execution of the project.
What is the role of the steering committee in prioritizing projects? The steering committee is responsible for reviewing project criteria scores and making decisions about where projects rank on the priority list. Planning, resourcing, and project management are the responsibility of the PMO or the project owner.
Info-Tech’s Sample Criteria |
---|
Value Strategic Alignment: How much a project supports the strategic goals of the organization. Customer Satisfaction: The impact of the project on customers and how visible a project will be with customers. Operational Alignment: Whether the project will address operational issues or compliance. |
Execution Financial: Predicted ROI and cost containment strategies. Risk: Involved with not completing projects and strategies to mitigate it. Feasibility: How easy the project is to complete and whether staffing resources exist. |
INPUT
OUTPUT
Materials
Participants
INPUT
OUTPUT
Materials
Participants
Document the prioritization criteria weightings in Info-Tech’s IT Steering Committee Project Prioritization Tool.
Download Info-Tech’s Project Intake and Prioritization Tool.
Rank: Project ranking will dynamically update relative to your portfolio capacity (established in Settings tab) and the Size, Scoring Progress, Remove from Ranking, and Overall Score columns. The projects in green represent top priorities based on these inputs, while yellow projects warrant additional consideration should capacity permit.
Scoring Progress: You will be able to determine some items on the scorecard earlier in the scoring progress (such as strategic and operational alignment). As you fill in scoring columns on the Project Data tab, the Scoring Progress column will dynamically update to track progress.
The Overall Score will update automatically as you complete the scoring columns (refer to Activity 4.2).
Days in Backlog: This column will help with backlog management, automatically tracking the number of days since an item was added to the list based on day added and current date.
INPUT
OUTPUT
Materials
Participants
Projects that are scored but not prioritized will populate the portfolio backlog. Items in the backlog will need to be rescored periodically, as circumstances can change, impacting scores. Factors necessitating rescoring can include:
Score projects using the Project Data tab in Info-Tech’s IT Steering Committee Project Prioritization Tool
Consult these Info-Tech blueprints on project portfolio management to create effective portfolio project management resourcing processes.
Industry: Consumer Goods
Source: Interview
"Clear project intake and prioritization criteria allow for the new committee to make objective priority decisions."
One of the biggest problems that the previous steering committee at the company had was that their project intake and prioritization process was not consistent. Projects were being prioritized based on politics and managers taking advantage of the system.
The procedure was not formalized so there were no objective criteria on which to weigh the value of proposed projects. In addition to poor meeting attendance, this led to the overall process being very inconsistent.
The new CIO, with consultation from the newly formed committee, drafted a set of criteria that focused on the value and execution of their project portfolio. These criteria were included on their intake forms to streamline the rating process.
All of the project scores are now reviewed by the steering committee, and they are able to facilitate the prioritization process more easily.
The objective criteria process also helped to prevent managers from taking advantage of the prioritization process to push self-serving projects through.
This was seen as a contributor to the increase in satisfaction scores for IT, which improved by 12% overall.
The new streamlined process helped to reduce capacity constraints on IT, and it alerted the company to the need for more IT employees to help reduce these constraints further. The IT department was given permission to hire two new additional staff members.
4.1
IT Steering Committee Project Prioritization Tool.">
Define your prioritization criteria and customize our IT Steering Committee Project Prioritization Tool
With the help of Info-Tech advisors, create criteria for determining a project’s priority. Customize the tool to reflect the criteria and their weighting. Run pilot tests of the tool to verify the criteria and enter your current project portfolio.
Organizations often blur the line between governance and management, resulting in the business having say over the wrong things. Understand the differences and make sure both groups understand their role.
The ITSC is the most senior body within the IT governance structure, involving key business executives and focusing on critical strategic decisions impacting the whole organization.
Within a holistic governance structure, organizations may have additional committees that evaluate, direct, and monitor key decisions at a more tactical level and report into the ITSC.
These committees require specialized knowledge and are implemented to meet specific organizational needs. Those operational committees may spark a tactical task force to act on specific needs.
IT management is responsible for executing on, running, and monitoring strategic activities as determined by IT governance.
Strategic | IT Steering Committee | |
Tactical | Project Governance Service Governance Risk Governance Information Governance | IT Management |
Operational | Risk Task Force |
This blueprint focuses exclusively on building the IT Steering committee. For more information on IT governance see Info-Tech’s related blueprint: Tailor an IT Governance Plan to Fit Organizational Needs.
By bucketing responsibilities into these areas, you’ll be able to account for most key IT decisions and help the business to understand their role in governance, fostering ownership and joint accountability.
The five governance areas are:
Governance of the IT Portfolio and Investments: Ensures that funding and resources are systematically allocated to the priority projects that deliver value.
Governance of Projects: Ensures that IT projects deliver the expected value, and that the PM methodology is measured and effective.
Governance of Risks: Ensures the organization’s ability to assess and deliver IT projects and services with acceptable risk.
Governance of Services: Ensures that IT delivers the required services at the acceptable performance levels.
Governance of Information and Data: Ensures the appropriate classification and retention of data based on business need.
Overall, survey respondents indicated a lack of understanding about how decisions are made around risk, services, projects, and investments, and that business involvement in decision making was too minimal.
72% of stakeholders do not understand how decisions around IT services are made (quality, availability, etc.).
62% of stakeholders do not understand how decisions around IT services are made (quality, availability, etc.).
70% of stakeholders do not understand how decisions around projects selection, success, and changes are made.
78% of stakeholders do not understand how decisions around risk are made
67% of stakeholders believe they do understand how decisions around information (data) retention and classification are made.
IT is being challenged to change how it operates to better support evolving organizations by:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
This research piece is for any IT leaders looking to support the organization in its post-transformation state by focusing on the customer experience when operating. CIOs struggling with outdated IT operating models can demonstrate true partnership with this digital services next-generation IT operating model.
Use this tool to determine whether your organization has the fundamental components necessary to support the adoption of an Exponential IT operating model.
Use this template to create a roadmap on how to transform your career from CIO to CDSO leveraging key strengths and relationships. Focus on opportunities to demonstrate IT’s maturity and the customer experience at the forefront of your decisions.
![]() |
![]() |
Carlene McCubbin |
Brittany Lutes |
IT leaders are increasingly expected to be responsible for understanding and delivering high-value customer experiences. This evolution depends on the distribution and oversight of IT capabilities that are embedded throughout the organizational structure.
Defining digital strategic objectives, establishing governance frameworks for an autonomous culture, and enabling the organization to act on insightful data are all impossible without a new way of operating that involves the oversight and accountability of advancing IT roles. Through exponential change, functional groups can lose clarity regarding their responsibilities, creating a sense of ambiguity and disorder.
But adopting a new way of working that supports an exponential IT organization does not have to be difficult. Leveraging Info-Tech Research Group's next-generation operating model, you can clearly demonstrate how the organization will collaborate to deliver on the various digital and IT services. This is no longer just an IT operating model, but a technology-first enterprise model.
Defines how the Exponential IT model operates and delivers value to the organization.
This is done by exploring:
Defines how chief information officers (CIOs) can operate or elevate their role in this changing operating model.
Your Challenge
IT is challenged to change how it operates to better support evolving organizations. IT must:
While many organizations have projects that support a digital strategy, few have an operating model that supports this digital services strategy.
Common Obstacles
Organizations struggle to support the definition and ongoing maintenance of services because:
Info-Tech's Approach
Embrace the IT operating model that focuses on the enablement and delivery of Digital and IT services by:
Info-Tech Insight
The first IT operating model where customer engagement with IT and Digital Services is at the forefront.
An IT operating model is a visual representation of the way your IT organization will function using a clear and coherent blueprint. This visualization demonstrates how capabilities are organized and aligned to deliver on the business mission and strategic and technological objectives.
The should visualize the optimization and alignment of the IT organization to deliver the capabilities required to achieve business goals. Additionally, it should demonstrate the workflow so key stakeholders can understand where inputs flow in and outputs flow out of the IT organization. Investing time in the front-end to get the operating model right is critical. This will give you a framework to rationalize future organizational changes, allowing you to be more iterative and your model to change as the business changes.
EXPONENTIAL RISK
Autonomous processes will integrate with human-led processes, creating risks to business continuity, information security, and quality of delivery. Supplier power will exacerbate business risks.
EXPONENTIAL REWARD
The efficiency gains and new value chains created through artificial intelligence (AI), robotics, and additive manufacturing will be very significant. Most of this value will be realized through the augmentation of human labor.
EXPONENTIAL DEMAND
Autonomous solutions for productivity and back-office applications will eventually become commoditized and provided by a handful of large vendors. There will, however, be a proliferation of in-house algorithms and workflows to autonomize the middle and front office, offered by a busy landscape of industry-centric capability vendors.
Exponential IT involves IT leading the cognitive re-engineering of the organization with evolved practices for:
To learn more about IT's journey into autonomization, check out Info-Tech Research Group's Adopt an Exponential IT Mindset blueprint.
78% of IT leaders with established digital strategies and 45% of IT leaders with emerging digital strategies are driven by customer experiences.
Source: Foundry "Digital Business Study,"2023
40% -
The number of CIOs that are responsible for creating new products or services to support revenue generation.
Source: Foundry, "The State of the CIO," 2023
"I think we've done the IT industry a disservice by constantly referring to IT and the business, artificially creating this wedge."
– David Vidoni, VP of IT at Pegasystems
Source: Dan Roberts, CIO, 2023
Enhanced Customer Experiences
Digital Trust
Embedded Technology & Skills
(1) "Global Tech Survey," KPMG, 2022
(2) "Global Digital Trust Insights Report," PwC, 2023
(3) "State of IT Report," Foundry, 2023
(4) "Global surge in embedded software demand; here is why," DAC Digital, 2023
Respond to Emerging Technology | In response to changing customer demands, organizations need to actively seek, assess, and integrate emerging technology offerings easily and effectively. By governing data at an enterprise level and implementing the necessary guardrails in the form of architecture and security standards at the technology layer, it becomes easier to adopt new technologies such as artificial intelligence (AI). This should be tied to any mandated objectives. |
---|---|
Build Digital Trust Capabilities | Finding and hiring the right security professionals has long been a challenge for organizations. In the Exponential IT model, focus on security oversight increases and fewer operational resources are required. The model sees governing IT security processes and vendor delivery as priorities to enable the right technology without exposing the organization to undue risk. There should be more security-related capabilities in your Exponential IT model. |
Elevate the Customer Experience | Evolving the organization's digital offering requires understanding of and active response to the changing demands of customers. This is accomplished by leveraging information from organization-wide data sources and the modular components of the organization's current digital offerings. The components can be reconfigured (or new ones added) to create digital services for the customer. |
Formalize Embedded Business Technology & Roles | Technology is actively included in the organization's business (digital) strategy. This ensures that technology remains an embedded component of how the organization competes in the market, supplies invaluable services, and delivers on strategic objectives. The separation of IT from the organization becomes redundant. |
Culture |
IT Strategy & Objectives |
Organization Operating Model |
Organization Size & Structure |
Perception of IT |
Risk Appetite |
---|---|---|---|---|---|
A cooperative and innovative culture where the organization does not feel constrained by current processes. Establishing a growth mindset across all the organization's groups is reflected by the trust service owners receive. |
Focused on delivering the best customer experience. The roadmap would include ample opportunities to better support the customer in obtaining or exceeding the degree of value they receive from the organization. |
Empowering service owners across the organization to be accountable for the delivery and value of their services. Lots of collaboration among stakeholders who know what services are offered and how those services leverage technology. |
More appropriate for larger organizations due to the resources required to design and enable successful services. IT resources would also be pooled by skills. |
IT is not a service provider but an equal that enables the organization's success. Without IT involvement, digital services may be omitted and opportunities to enhance the customer experience would be missed. |
While innovation and new service offerings are critical to success, there are functional groups that remain focused on defining the level of risk tolerance that supports the appropriate risk appetite to consider new service offerings. |
Delivery of Business Value & Strategic Needs | ||
---|---|---|
I&T OPERATING MODEL |
DIGITAL & TECHNOLOGY STRATEGY |
I&T GOVERNANCE |
The model for how IT is organized to deliver on business needs and strategies. |
The identification of objectives and initiatives necessary to achieve business goals. |
Ensures the organization and its customers extract maximum value from the use of information and technology. |
All three elements of the Technology Value Trinity work together to deliver business value and achieve strategic needs. As one changes, the others must change as well.
How do these three elements relate?
Strategy, operating models, and governance are too often considered separate practices – strategies are defined without clarity on how to support. A significant change to your strategy necessitates a change to your operating model, which in turn necessitates a change to your governance and organizational structure.
Exponential IT |
||||||
---|---|---|---|---|---|---|
Capabilities |
Products, Services and Technology |
Performance Measures |
Stakeholder Engagement & Collaboration |
Decision Rights & Authority |
Value Streams |
Sourcing |
IT capabilities in the Exponential IT model are spread across the organization. The result removes the separation between IT and the organization. Instead, the organization takes accountability for ensuring technology capabilities are delivered. |
Digital service offerings dominate this model, focusing on providing better experiences for customers. Some technology platforms are specific to a service such as access management, while others span service offerings such as architecture or security. |
This model's success is measured by the overall ability to satisfy the customer experience through designing and delivering the right digital service offerings. Service owners are responsible for continuously monitoring and advancing the delivery of the service. |
The end-customer is the main stakeholder for this operating model, where understanding their needs and demands informs the design, maintenance, and improvement of all services. There is no longer IT vs. the business but an organizational perspective of services. |
This model's decision-making spans the organization. The service owners of digital offerings have authority and autonomy deciding which services to design, how they should be integrated with other services, and how those services will continually deliver value to customers. |
Exponential IT's five core value streams are:
|
Internal resource pools might need to be supplemented with contract resources when demand exceeds capacity, requiring a strong partnership with the Vendor Management Team. Service owners will also need to engage and manage the performance of their vendor solution partners. |
Customer-Centric
Dedicated to the customer experience and making sure that the end customer is considered first and foremost.
"Yes" Approach
The organization can say yes to emerging technology and customer desires because it has organized itself to be agile in its digital service offerings.
Digital Service Ownership
Digital service offerings are owned and managed across the organization ensuring the continuous delivery of value to customers.
Employee Development
Resources are organized into pods based on specific skills or functions increasing the likelihood of adopting new skills.
Autonomization
Centralized and accessible data provides service owners autonomy when making informed decisions that support enhanced customer experiences.
Info-Tech has identified seven common IT operating model archetypes. Each model represents a different approach to who delivers technology services and how. Each model is designed to drive different outcomes, as the way your organization is structured will dictate the way it behaves. The Exponential IT model is an emerging archetype which capitalizes on embedded delivery.
![]() |
||
---|---|---|
Centralized |
Shifted |
Embedded |
Owned and operated by leadership within IT. IT takes full responsibility of the functional areas and maintains control over the outcomes. |
Can be owned/operated by a variety of leadership roles throughout the organization. This can shift from IT ownership to other organizational leadership. Decisions about ownership are often made to enable quick response or mitigate risks. |
Owned/operated by leadership outside of traditional IT. Another area of the organization has taken authoritative power over the outcome of this functional area for a quicker response. |
Opportunities |
Risks |
---|---|
|
|
Using capabilities for the operating model
Customer Perspective |
The organization is continually anticipating their wants and needs and establishing mechanisms to vocalize those needs. |
Customer receives the right IT and digital services to respond to their needs. |
The service is easy to use and continuously responds to wants and needs. |
The service is meeting expectations or exceeding them. |
There is a dedicated service owner who can hear demands and feedback, then action desirable outcomes. |
|
---|---|---|---|---|---|---|
Value Stream Stages |
![]() |
|||||
Organizational Perspective |
Expected Outcome |
Customers' wants and needs are understood and at times anticipated before the customer requests them. |
Assess needs to determine if service is already offered or needs to be created. Design services that will enhance the customer experience. |
Look for opportunities to integrate processes and resources to increase the performance of IT and Digital Services. |
Ensure that the right employees with the right skills are working to develop or enhance service offering. |
The service owner manages the ongoing lifecycle of the service and establishes a roadmap on how value will continue to be delivered. |
Critical Processes |
|
|
|
|
|
|
Metrics |
|
|
|
|
|
Visualize the IT Operating Model blueprint (coming soon)
60% |
The number of APAC CIOs who can anticipate their job to be challenged by their peers within the organization. Source: Singh, Yashvendra, CIO, 2023. |
---|
This is not about making the CIO report to someone else but allowing the CIO to elevate their role into that of a CDSO.
Organizations hoping to fully adopt the Exponential IT operating model require a shift in leadership expectations. Notably, these leaders will have oversight and accountability for functions beyond the traditional IT group.
As the organization matures its governance, security, and data management practices, increasing how it delivers high-impact experiences to customers, it would have one leader who owns all the components to ensure clear alignment with goals and business strategy.
Chief Digital Service Officer |
Chief Information Officer |
Chief Digital Officer |
Chief Technology Officer |
Chief Experience Officer |
---|---|---|---|---|
Main Stakeholder(s):
Main Responsibilities:
*Some leaders in this role are being called Chief Digital Information Officer. |
Main Stakeholder(s):
Main Responsibilities:
|
Main Stakeholder(s):
Main Responsibilities:
|
Main Stakeholder(s):
Main Responsibilities:
|
Main Stakeholder(s):
Main Responsibilities:
|
"'For me, the IT portfolio for the next few years and the IT architecture have taken the place that IT strategy used to have,' he adds. This view doesn't position IT outside of the organization, but rather gives it central importance in the company."
– Bernd Rattey, Group CIO and CDO of Deutsche Bahn (DB), qtd. by Jens Dose, CIO, 2023
Download the Career Vision Roadmap Tool
To provide customers with an exceptional experience by ensuring all IT and Digital Services consider and anticipate their needs or wants. Enable IT and Digital Services to be successful through clear leadership, strong collaboration, and continuous improvement or innovation.
CIO
Transition
CDSO
Network Opportunities
Using capabilities for the operating model:
Strategic Direction |
|
---|---|
People & Resources |
|
Architecture & Integration |
|
Service Planning |
|
Security & Risk |
|
Application Delivery |
|
Project Portfolio Management |
|
Data & Business Intelligence (BI) |
|
Service Delivery |
|
Infrastructure & Operations |
|
Donna Bales
Principal Research Director
Info-Tech Research Group
Scott Bickley
Practice Lead – Vendor Management Practice
Info-Tech Research Group
Christine Coz
Executive Counselor – Executive Services
Info-Tech Research Group
Valence Howden
Principal Research Director
Info-Tech Research Group
Duraid Ibrahim
Executive Counselor – Executive Services
Info-Tech Research Group
Chris Goodhue
Managing Partner– Executive Services
Info-Tech Research Group
Carlene McCubbin
Practice Lead – CIO Practice
Info-Tech Research Group
Mike Tweedie
Practice Lead – CIO Practice
Info-Tech Research Group
Vicki van Alphen
Executive Counselor – Executive Services
Info-Tech Research Group
*Plus an additional 5 industry experts who anonymously contributed to this research piece.
Adopt an Exponential IT Mindset
Become a Transformational CIO
Define Your Digital Business Strategy
Bennet, Trevon. "What is a Chief Experience Officer (CXO)? And what do they do?" Indeed, 14 March 2023. https://www.indeed.com/career-advice/finding-a-job/what-is-chief-experience-officer#:~:text=A%20CXO%20plans%20strategies%20and,customer%20acquisition%20and%20retention%20strategies
Bishop, Carrie. "Five years of Digital Services in San Francisco." Medium, 20 January 2022. https://medium.com/san-francisco-digital-services/five-years-of-digital-services-in-san-francisco-805a758c2b83
DAC Digital and Chawla, Yash. "Global surge in embedded software demand; here is why." DAC Digital, 2023 <ttps://dac.digital/global-surge-in-embedded-software-demand-here-is-why/
Deloitte. "If you want your digital transformation to succeed, align your operating model to your strategy." Harvard Business Review, 31 January 2020. https://hbr.org/sponsored/2020/01/if-you-want-your-digital-transformation-to-succeed-align-your-operating-model-to-your-strategy.
Deloitte. "2023 Global Human Capital Trends Report." Deloitte, 2023. https://www2.deloitte.com/content/dam/Deloitte/sg/Documents/human-capital/sea-cons-hc-trends-report-2023.pdf
Dose, Jens. "Deutsche Bahn CIO on track to decentralize IT." CIO, 19 April 2023. https://www.cio.com/article/473071/deutsche-bahn-cio-on-track-to-decentralize-it.html
Ehrlich, Oliver., Fanderl, Harald., Maldara, David., & Mittangunta, Divya. "How the operating model can unlock the power of customer experience." McKinsey, 28 June 2022. https://www.mckinsey.com/capabilities/growth-marketing-and-sales/our-insights/how-the-operating-model-can-unlock-the-full-power-of-customer-experience
FCW. "Digital Government Summit Agenda." FCW. 2021. https://events-archive.fcw.com/events/2021/digital-government-summit/index.html
Foundry. "State of the CIO." IDG, 25 January 2023. https://foundryco.com/tools-for-marketers/research-state-of-the-cio/
Foundry. "Digital Business Study 2023: IT Leaders are future-proofing their business with digital strategies." IDG, 2023. https://foundryco.com/tools-for-marketers/research-digital-business/
Indeed Editorial Team. "Centralized vs. Decentralized Structures: 7 Key Differences." Indeed, 10 March 2023. https://www.indeed.com/career-advice/career-development/centralized-vs-decentralized
Indeed Editorial Team. "What is process integration?." Indeed, 14 November 2022. https://ca.indeed.com/career-advice/career-development/process-integration#:~:text=Process%20integration%2C%20or%20business%20process,it%20reach%20its%20primary%20objectives
KPMG International. "Global Tech Report." KPMG, 2022.
McHugh, Brian. "Service orchestration is reshaping IT—Here's what to know." Active Batch, 8 November 2022. https://www.advsyscon.com/blog/service-orchestration-what-is/
Morris, Chris. "IDC FutureScape: Worldwide CIO Agenda 2023 Predictions."" IDC, January, 2023. https://www.idc.com/getdoc.jsp?containerId=AP49998523
PwC. "Global Digital Trust Insights Report." PwC, 2023
Roberts, Dan. "5 CIOs on building a service-oriented IT culture." CIO, 13 April 2023. https://www.cio.com/article/472805/5-cios-on-building-a-service-oriented-it-culture.html
Singh, Yashvendra. "CIOs must evolve to stave off existential threat to their role." CIO, 30 March 2023. https://www.cio.com/article/465612/cios-must-evolve-to-stave-off-existential-threat-to-their-role.html
Spacey, John. "16 Examples of IT Services." Simplicable, 28 January 2018. https://simplicable.com/IT/it-services
As the sophistication of malicious attacks increases, it has become more difficult to ensure applications such as email software are properly protected and secured. The increase in usage and traffic of email exacerbates the security risks to the organization.
Email has changed. Your email security needs to evolve as well to ensure you are protecting your organization’s communication.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
This research provides guidelines to assist organizations in identifying controls to secure their emails along with recommendations on the most common and effective controls to secure and protect corporate emails.
This checklist of common email security categories and their associated controls helps ensure organizations are following best practices.
As organizations increasingly rely on email communication for day-to-day business operations, threat actors are exploiting the increased traction to develop and implement more sophisticated email-based attacks. Furthermore, the lack of investment in measures, tools, and technologies for an organization’s email security exacerbates the vulnerabilities at hand.
Effective use of security procedures and techniques can mitigate and minimize email-based threats have been shown to reduce the ability of these attacks to infiltrate the email inbox. These guidelines and best practices will help your organization conduct due diligence to protect the contents of the email, its transit, and its arrival to the authorized recipient.
Ahmad Jowhar
Research Specialist, Security & Privacy
Info-Tech Research Group
Your Challenge | Common Obstacles | Info-Tech’s Approach |
|
|
|
Info-Tech Insight
Email has changed. Your email security must evolve to ensure the safety of your organization’s communication.
75% of organizations have experienced an increase in email-based threats.
97% of security breaches are due to phishing attacks.
82% of companies reported a higher volume of email in 2022.
Source: Mimecast, 2023.
Enhance your security posture by modernizing your email security Email has changed. Your email security must evolve to ensure the safety of your organization’s communication. |
|||
Deploy an added layer of defense by preventing the contents of your email from being intercepted. Encrypting your email communication will provide an additional layer of protection which only allows authorized users to read the email. |
Leverage triple-threat authentication controls to strengthen your email security. Leveraging SPF, DKIM, and DMARC enables you to have the proper authentication controls in place, ensuring that only legitimate users are part of the email communication. |
Protect the contents of your email through data classification and data loss prevention. Having tools and technologies in place to ensure that data is classified and backed up will enable better storage, analysis, and processing of the email. |
Implement email policies for a holistic email security protection. Policies ensure acceptable standards are in place to protect the organization’s assets, including the creation, attachment, sending, and receiving of emails. |
User awareness and training Training employees on protecting their corporate emails adds an extra layer of defense by ensuring end users are aware of various email-based threats and can confidently safeguard their organizations from attacks. |
Along with the increased use of emails, organizations are seeing an increase in the number of attacks orchestrating from emails. This has resulted in 74% of organizations seeing an increase in email-based threats.
Source: Mimecast, 2023.
Info-Tech Insight
Encrypting your email communication will provide an additional layer of protection which only allows authorized users to read the email.
Although these authentication controls are available for organizations to leverage, the adoption rate remains low. 73% of survey respondents indicated they didn’t deploy email authentication controls within their organization.
Source: Mimecast, 2023.
SPF | DKIM | DMARC |
---|---|---|
Creating an SPF record identifies which IP addresses are allowed to send emails from your domain. Steps to implement SPF include the following:
|
Implementing DKIM helps prevent attackers from sending emails that pretend to come from your domain. Steps to implement DKIM include the following:
|
Setting up DMARC ensures emails are validated and defines actions to take if an email fails authentication. These include:
|
For more information:
Discover and Classify Your Data
Leverage this Info-Tech blueprint for guidelines on implementing a data classification program for your organization.
Info-Tech Insight
Having tools and technologies in place to ensure that data is classified and backed up will enable better storage, analysis, and processing of the email.
48% of employees have accidently attached the wrong file to an email.
39% of respondents have accidently sent emails that contained security information such as passwords and passcodes.
Source: Tessian, 2021.
Develop a Security Awareness and Training Program That Empowers End Users
Leverage this Info-Tech blueprint for assistance on creating various user training materials and empower your employees to become a main line of defense for your organization.
64% of organizations conduct formal training sessions (in-person or computer-based).
74% of organizations only focus on providing phishing-based training.
Source: Proofpoint, 2021.
Phishing
Email sent by threat actors designed to manipulate end user into providing sensitive information by posing as a trustworthy source
Business Email Compromise
Attackers trick a user into sending money or providing confidential information
Spam
Users receive unsolicited email, usually in bulk, some of which contains malware
Spear Phishing
A type of phishing attack where the email is sent to specific and targeted emails within the organization
Whaling
A type of phishing attack similar to spear phishing, but targeting senior executives within the organization
Password/Email Exposure
Employees use organizational email accounts and passwords to sign up for social media, leaving them susceptible to email and/or password exposure in a social media breach
Developing security policies that are reasonable, auditable, enforceable, and measurable ensures proper procedures are followed and necessary measures are implemented to protect the organization. Policies relating to email security can be categorized into two groups:
Develop and Deploy Security Policies
Leverage this Info-Tech blueprint for assistance on developing and deploying actionable policies and creating an overall policy management lifecycle to keep your policies current, effective, and compliant.
Info-Tech Insight
Policies ensure acceptable standards are in place to protect the organization’s assets, including the creation, attachment, sending, and receiving of emails.
SoftwareReviews, a division of Info-Tech Research Group, provides enterprise software reviews to help organizations make more efficient decisions during the software selection process. Reviews are provided by authenticated IT professionals who have leveraged the software and provide unbiased insights on different vendors and their products.
Learn from the collective knowledge of real IT professionals.
Evaluate market leaders through vendor rankings and awards.
Cut through misleading marketing material.
Download the Email Security Checklist tool
Discover and Classify Your Data
Leverage this Info-Tech blueprint for guidelines on implementing a data classification program for your organization.
Develop a Security Awareness and Training Program That Empowers End Users
Leverage this Info-Tech blueprint for assistance on creating various user training materials and empower your employees to become a main line of defense for your organization.
Develop and Deploy Security Policies
Leverage this Info-Tech blueprint for assistance on developing and deploying actionable policies and creating an overall policy management lifecycle to keep your policies current, effective, and compliant.
“10 Best Practices for Email Security in 2022.” TitanFile, 22 Sept. 2022. Web.
“2021 State of the Phish.” Proofpoint, 2021. Web.
Ahmad, Summra. “11 Email Security Best Practices You Shouldn't Miss (2023).” Mailmunch, 9 Mar. 2023. Web.
“Blumira's State of Detection and Response.” Blumira, 18 Jan. 2023. Web.
Clay, Jon. “Email Security Best Practices for Phishing Prevention.” Trend Micro, 17 Nov. 2022. Web.
Crane, Casey. “6 Email Security Best Practices to Keep Your Business Safe in 2019.” Hashed Out by The SSL Store™, 7 Aug. 2019. Web.
Hateb, Seif. “Basic Email Security Guide.” Twilio Blog, Twilio, 5 Dec. 2022. Web.
“How DMARC Advances Email Security.” CIS, 9 July 2021. Web.
Pal, Suryanarayan. “10 Email Security Best Practices You Should Know in 2023.” Mailmodo, 9 Feb. 2023. Web.
Pitchkites, Max. “Email Security: A Guide to Keeping Your Inbox Safe in 2023.” Cloudwards, 9 Dec. 2022. Web.
Rudra, Ahona. “Corporate Email Security Checklist.” PowerDMARC, 4 July 2022. Web.
“Sender Policy Framework.” Mimecast, n.d. Web.
Shea, Sharon, and Peter Loshin. “Top 15 Email Security Best Practices for 2023: TechTarget.” TechTarget, 14 Dec. 2022. Web.
“The Email Security Checklist: Upguard.” UpGuard, 16 Feb. 2022. Web.
“The State of Email Security 2023.” Mimecast, 2023. Web.
Wetherald, Harry. “New Product - Stop Employees Emailing the Wrong Attachments.” Tessian, 16 Sept. 2021. Web.
“What Is DMARC? - Record, Verification & More: Proofpoint Us.” Proofpoint, 9 Mar. 2023. Web.
“What Is Email Security? - Defining Security of Email: Proofpoint Us.” Proofpoint, 3 Mar.2023. Web.
Wilton, Laird. “How to Secure Email in Your Business with an Email Security Policy.” Carbide, 31 Jan. 2022. Web.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
By defining your goals, framing solutions based on end-user workloads, and understanding the pros and cons of various solutions, you can visualize what success looks like for your VDI/DaaS deployment. This includes defining your KPIs by end-user experience, knowing the decision gates for a successful deployment, and defining your hypothesis for value to make your decision more accurate and gain C-suite buy-in.
Virtual desktop infrastructure (VDI)/desktop as a service (DaaS) users expect their user experience to be at least equal to that provided by a physical PC, and they do not care about the underlying infrastructure. If the experience is less, then IT has failed in the considerations for VDI/ DaaS. In this research we analyze the data that the IT industry tracks but doesn't use or sometimes even look at regarding user experience (UX).
Understanding the strengths and weaknesses in your in-house technical skills and business requirements will assist you in making the right decision when it comes to VDI or DaaS solutions. In the case of DaaS this will include a managed service provider for small to medium-sized IT teams. Many IT teams lack a seasoned IT project manager who can identify gaps, risks, and weaknesses in the organization's preparedness. Redeploy your IT staff to new roles that impact management and monitoring of UX.
Ultimately, IT needs to reduce its complexity, increase user satisfaction, reduce management and storage costs, and maintain a secure and effective environment for both the end user and the business. They must also ensure productivity standards throughout the considerations, strategically, tactically, and in support of a move to a VDI or DaaS solution.
Your Challenge With the evolution of VDI over the last 15-plus years, there has been a proliferation of solutions, such as Citrix desktop services, VMware Horizon, and in-house hypervisor solutions (e.g. ESX hosts). There has also been a great deal of growth and competition of DaaS and SaaS solutions in the cloud space. Hybrid work environments, remote from anywhere and any device, and the security concerns that go hand-in-hand with these strategies have certainly accelerated the move to VDI and DaaS. How will you manage and navigate the right solution for your organization? | Common Obstacles IT departments can encounter many obstacles to VDI and DaaS, many of which will be determined by your business model and other factors, such as:
| Info-Tech’s Approach By defining your end goals, framing solutions based on end-user workloads, and understanding the pros and cons of what solution(s) will meet your needs, you can visualize what success looks like.
|
Every IT organization needs to be asking what success looks like. If you do not consider how your end user will be impacted, whether they are doing something as simple as holding a team meeting with voice and video or working with highly technical workloads on a virtual environment, you will run into multiple issues that affect end-user satisfaction, productivity, and adoption. Understand the tension metrics that may conflict with meeting business objectives and KPIs.
Client-Driven InsightDifferent industries have different requirements and issues, so they look at solutions differently. Info-Tech InsightIf end-user experience is at the forefront of business requirements, then any solution that fits the business KPIs can be successful. |
|
Questions you should be asking before you create your RFP
| How would you rate the user experience on your VDI/DaaS solution?
Info-Tech InsightAsking critical use-case questions should give you a clear picture of the end-user experience outcome. |
Security is always quoted as a primary justification for VDI/DaaS, while UX is far down the list of KPIs. WHY?IT engineers use network and performance metrics to manage end-user complaints of “slowness,” which in reality is not what the user is experiencing.IT needs to invest in more meaningful metrics to manage end-user pain:
| ![]() (Source: Enterprise Strategy Group, 2020) |
The dimensions of end-user experience can be broken down into four distinct categories that will impact not only the end user but also the business. Picturing your landscape in this framework will help clearly define your considerations when deciding on whether a VDI or DaaS solution is right for your business. We will investigate how these scenarios impact the end user, what that means, and how that can guide the questions that you are asking as you move to an RFP. Info-Tech InsightIn the world of VDI and DaaS, if you do not get buy-in from the end user, the rate of adoption and the overall success of the implementation will prove difficult to measure. It will be impossible to calculate ROI even as you feel the impact of your TCO. | ![]() |
What IT measuresMost business KPI objectives concentrate on business goals, whether it be cost containment, security, simplification, ease of management, or centralization of apps and data, but rarely is there a KPI for end-user experience. You can’t fix what you can’t see. Putting a cost benefit to end-user satisfaction may come in the form of productivity. This may be a central reason why VDI has not been widely adopted as an architecture since it came to the marketplace more than 15 years ago. | ![]() |
Monitoring end-user metrics will mitigate the tension between business KPIs and end-user satisfaction
Metric | Description | ||
End-User | PERFORMANCE | Logon duration | Once the user puts in their password, how long does it take to get to their desktop? What is the measurement and how do you measure? |
App load time | When an app is launched by the user there should be immediate indication that it is loading. | ||
App response time | When the user performs a task, there should be no wait time, or hourglass icon, waiting for the app to catch up to the user input. (There is no succinct way to measure this.) | ||
Session response time | How does the user’s OS respond to I/O? The user should not experience any latency issues when doing a drag and drop, clicking on a menu item, or doing a search. | ||
AVAILABILITY | SLAs | When something goes wrong in the VDI/DaaS environment, how quickly can the user expect to get back to their tasks? | |
Geographic location | When all other considerations are configured correctly, the user experience may be impacted by their location. So, for example, a user working out of Mexico and logging into a VDI may experience latency based on location compared to a user in California, for example, where the resources are stored, managed, and monitored. | ||
Application availability | Much like app load time and response time, the only factor affecting the user experience is the back-end load on the app itself, for example a CAD or heavy resource app not properly resourced. | ||
FUNCTIONALITY | Configuration of user desktop | Degradation in functionality is caused by improper allocation of CPU, RAM, and GPU for the tasks at hand, creating a bad UX and end-user satisfaction score. | |
Graphics quality and responsiveness | The user should have the same experience as if on their own physical machine. A video experience should not have any lag in it, for example. MS Teams should not have latency or sound quality issues. | ||
Predictive analysis | Continuous performance and availability monitoring. | ||
END USER | Browser real user monitoring (RUM) | A real-time view into how the web application is performing from the point of view of a real end user. | |
Customer satisfaction score | Survey-based metrics on customer satisfaction. |
“If employees are the competitive edge and key differentiator for a business, I&O has a duty of care to ensure that the employees’ digital experience enables and does not impede the value of that asset.” (John Annand, Principal Director, Info-Tech Research Group)
Is security and data sovereignty the only reason?
Technical capability | |
AVAILABILITY | VDI is a better fit than DaaS in organizations that have limited or unreliable internet connectivity. |
FUNCTIONALITY | Application flexibility: Resource-intensive applications may require specific virtual desktop configurations, for example in-house GIS apps, CAD, and gaming software requiring specific GPU configurations. |
SECURITY | Data protection is often stated as a need to maintain an on-premises VDI solution, ensuring sensitive and highly privileged data does not travel across the internet. |
AVAILABILITY | While some cloud providers will allow you to bring your OS licensing along with a cloud migration, many subscriptions already include OS licensing, and you may be paying additional licensing costs. |
SECURITY | VDI makes sense if security and control are primary business KPIs, the IT resources are experienced virtual infrastructure engineers and administrators, and funding is not a hindrance. |
PERFORMANCE | When processing power is a functional requirement, such as CPU, GPU, and storage capacity, VDI offers performance benefits over a standard PC, reducing the need to deploy high-powered PCs to end users. |
“Though the desktops are moving to the cloud, accountability is not.” (Gary Bea, Director of Consulting Services and Technical Operations, Goliath Technologies)
Any device anywhere: key benefits of DaaS
Technical capability | Challenges | |
AVAILABILITY | Delivers a consistent user experience regardless of location or device. | Info-Tech InsightThe total cost of the solution will be higher than you anticipate, and management is complex. Additionally, your ability to set your conditions and controls is limited. Info-Tech InsightDepending on your technical abilities and experience with cloud services, you will likely benefit from professional third-party services, technical services, and consulting, which can be critical when deciding if DaaS can fit into your current IT architecture, processes, and security posture. |
SECURITY | Enhances security posture by eliminating your client VPN and keeping sensitive data off the endpoint device. | |
FUNCTIONALITY | Onboard and offboard users quickly and securely. | |
FUNCTIONALITY | Provides centralize workspace management. | |
FUNCTIONALITY | Scale up or down on demand with a consumption- and subscription-based contract. | |
FUNCTIONALITY | Significantly reduce operational overhead compared to managing a traditional VDI deployment. |
From an end-user experience perspective, what makes sense in terms of usage and cost?
Thin Client
| Desktop as a Service
| Thick Client
| Device as a Service
| Web Client
|
What is the better security posture and control plane? Clarify your stakeholders’ objectives, then see if VDI is an adequate solution.
![]() | Modernize and Transform Your End-User Computing Strategy Phase 3.2 of this research set covers virtual desktop infrastructure. |
![]() | Implement Desktop Virtualization and Transition to Everything as a Service Follow Info-Tech’s process for implementing the right desktop virtualization solution to create a project plan that will help ensure that you not only choose the right solution but also implement it effectively. |
![]() | Cloud Strategy Workbook Use this tool to assess cloud services (desktop-as-a-service). |
![]() | Desktop Virtualization TCO Calculator This tool is designed to help you understand what desktop virtualization looks like from a cost perspective. |
Anderson, Joseph. “Five Ways VDI Will Grow in 2022 Thanks to Hybrid Work.” StratoDesk, 28 Feb. 2022. Web.
Bowker, Mark. “Are Desktops Doomed? Trends in Digital Workspaces, VDI, and DaaS.” ESG, May 2020. Web.
“The CISO's Dilemma: How Chief Information Security Officers Are Balancing Enterprise Endpoint Security and Worker Productivity in Response to COVID-19.” Hysolate, Oct. 2020. Web.
King, Val. “Why the End-User Experience Is Not Good for Your Remote Workforce .” Whitehat Virtual Technologies, 2 Dec. 2021. Web.
Perry, Yifat. “VDI vs DaaS: 5 Key Differences and 6 Leading Solutions.” NetApp, 26 Aug. 2020. Web.
Rigg, Christian. “Best virtual desktop services 2022.” TechRadar, 20 Jan. 2022 . Web.
Seget, Vladan. “Key metrics to consider when assessing the performance of your VDI/DaaS environment.” vladan.fr, 19 April 2021. Web.
Spruijt, Ruben. “Why Should You Care About VDI and Desktop-as-a-Service?” Nutanix, 28 Jan. 2020. Web.
Stowers, Joshua. “The Best Desktop as a Service (DaaS) Providers 2022.” business.com, 21 Dec. 2021. Web.
“Virtual Desktop Infrastructure(VDI) Market 2022.” MarketWatch, 5 Jan. 2022. Web. Press release.
Zamir, Tal. “VDI Security Best Practices: Busting the Myths.” Hysolate, 29 Nov. 2021. Web.
Zychowicz, Paul. “Why do virtual desktop deployments fail?” Turbonomic Blog, 16 Dec. 2016. Web.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
This phase helps you organize your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, a baseline VMI maturity level, and a desired future state for the VMI.
This phase helps you configure and create the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan.
This phase helps you begin operating the VMI. The main outcomes from this phase are guidance and the steps required to implement your VMI.
This phase helps the VMI identify what it should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.
Small businesses are often challenged by the growth and complexity of their vendor ecosystem, including the degree to which the vendors control them. Vendors are increasing, obtaining more and more budget dollars, while funding for staff or headcount is decreasing as a result of cloud-based applications and an increase in our reliance on Managed Service Providers. Initiating a vendor management initiative (VMI) vs. creating a fully staffed vendor management office will get you started on the path of proactively controlling your vendors instead of consistently operating in a reactionary mode. This blueprint is designed with that very thought: to assist small businesses in creating the essentials of a vendor management initiative.
Steve Jeffery
Principal Research Director, Vendor Management
Info-Tech Research Group
Each year, IT organizations "outsource" tasks, activities, functions, and other items. During 2021:
This leads to more spend, less control, and more risk for IT organizations. Managing this becomes a higher priority for IT, but many IT organizations are ill-equipped to do this proactively.
As new contracts are negotiated and existing contracts are renegotiated or renewed, there is a perception that the contracts will yield certain results, output, performance, solutions, or outcomes. The hope is that these will provide a measurable expected value to IT and the organization. Oftentimes, much of the expected value is never realized. Many organizations don't have a VMI to help:
Vendor Management is a proactive, cross-functional lifecycle. It can be broken down into four phases:
The Info-Tech process addresses all four phases and provides a step-by-step approach to configure and operate your VMI. The content in this blueprint helps you quickly establish your VMI and sets a solid foundation for its growth and maturity.
Vendor management is not a one-size-fits-all initiative. It must be configured:
Spend on managed service providers and as-a-service providers continues to increase. In addition, IT services vendors continue to be active in the mergers and acquisitions arena. This increases the need for a VMI to help with the changing IT vendor landscape.
38% 2021 |
16% 2021 |
47% 2021 |
---|---|---|
Spend on as-a-service providers |
Spend on managed services providers |
IT services merger & acquisition growth (transactions) |
Source: Information Services Group, Inc., 2022.
When organizations execute, renew, or renegotiate a contract, there is an "expected value" associated with that contract. Without a robust VMI, most of the expected value will never be realized. With a robust VMI, the realized value significantly exceeds the expected value during the contract term.
A contract's realized value with and without a vendor management initiative
Source: Based on findings from Geller & Company, 2003.
A sound, cyclical approach to vendor management will help you create a VMI that meets your needs and stays in alignment with your organization as they both change (i.e. mature and grow).
Phase 1 - Plan | Phase 2 - Build | Phase 3 - Run | Phase 4 - Review | |
---|---|---|---|---|
Phase Steps |
1.1 Mission Statement and Goals 1.2 Scope 1.3 Strengths and Obstacles 1.4 Roles and Responsibilities |
2.1 Classification Model 2.2 Risk Assessment Tool 2.3 Scorecards and Feedback 2.4 Business Alignment Meeting Agenda 2.5 Relationship Alignment Document 2.6 Vendor Orientation 2.7 3-Year Roadmap 2.8 90-Day Plan 2.9 Quick Wins2.10 Reports |
3.1 Classify Vendors 3.2 Compile Scorecards 3.3 Conduct Business Alignment Meetings 3.4 Work the 90-Day Plan 3.5 Manage the 3-Year Roadmap 3.6 Develop/Improve Vendor Relationships |
4.1 Incorporate Leading Practices 4.2 Leverage Lessons Learned 4.3 Maintain Internal Alignment |
Phase Outcomes | This phase helps you organize your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, a baseline VMI maturity level, and a desired future state for the VMI. | This phase helps you configure and create the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan. | This phase helps you begin operating the VMI. The main outcomes from this phase are guidance and the steps required to implement your VMI. | This phase helps the VMI identify what it should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment. |
Vendor management is not "plug and play" – each organization's vendor management initiative (VMI) needs to fit its culture, environment, and goals. While there are commonalities and leading practices associated with vendor management, your initiative won't look exactly like another organization's. The key is to adapt vendor management principles to fit your needs.
All vendors are not of equal importance to your organization. Internal resources are a scarce commodity and should be deployed so that they provide the best return on the organization's investment. Classifying or segmenting your vendors allows you to focus your efforts on the most important vendors first, allowing your VMI to have the greatest impact possible.
Having a solid foundation is critical to the VMI's ongoing success. Whether you will be creating a formal vendor management office or using vendor management techniques, tools, and templates "informally", starting with the basics is essential. Make sure you understand why the VMI exists and what it hopes to achieve, what is in and out of scope for the VMI, what strengths the VMI can leverage and the obstacles it will have to address, and how it will work with other areas within your organization.
Phase 1 |
Phase 2 | Phase 3 | Phase 4 |
---|---|---|---|
1.1 Mission Statement and Goals 1.2 Scope 1.3 Strengths and Obstacles 1.4 Roles and Responsibilities |
2.1 Classification Model 2.2 Risk Assessment Tool 2.3 Scorecards and Feedback 2.4 Business Alignment Meeting Agenda 2.5 Relationship Alignment Document 2.6 Vendor Orientation 2.7 3-Year Roadmap 2.8 90-Day Plan 2.9 Quick Wins 2.10 Reports |
3.1 Classify Vendors 3.2 Compile Scorecards 3.3 Conduct Business Alignment Meetings 3.4 Work the 90-Day Plan 3.5 Manage the 3-Year Roadmap 3.6 Develop/Improve Vendor Relationships |
4.1 Incorporate Leading Practices 4.2 Leverage Lessons Learned 4.3 Maintain Internal Alignment |
Phase 1 – Plan focuses on getting organized. Foundational elements (Mission Statement, Goals, Scope, Strengths and Obstacles, Roles and Responsibilities, and Process Mapping) will help you define your VMI. These and the other elements of this Phase will follow you throughout the process of starting up your VMI and running it.
Spending time up front to ensure that everyone is on the same page will help avoid headaches down the road. The tendency is to skimp (or even skip) on these steps to get to "the good stuff." To a certain extent, the process provided here is like building a house. You wouldn't start building your dream home without having a solid blueprint. The same is true with vendor management. Leveraging vendor management tools and techniques without the proper foundation may provide some benefit in the short term, but in the long term it will ultimately be a house of cards waiting to collapse.
Whether you are starting your vendor management journey or are already down the path, it is important to know why the vendor management initiative exists and what it hopes to achieve. The easiest way to document this is with a written declaration in the form of a Mission Statement and Goals. Although this is the easiest way to proceed, it is far from easy.
The Mission Statement should identify at a high level the nature of the services provided by the VMI, who it will serve, and some of the expected outcomes or achievements. The Mission Statement should be no longer than one or two sentences.
The complement to the Mission Statement is the list of goals for the VMI. Your goals should not be a reassertion of your Mission Statement in bullet format. At this stage it may not be possible to make them SMART (Specific, Measurable, Achievable/Attainable, Relevant, Time-Bound/Time-Based), but consider making them as SMART as possible. Without some of the SMART parameters attached, your goals are more like dreams and wishes. At a minimum, you should be able to determine the level of success achieved for each of the VMI goals.
Although the VMI's Mission Statement will stay static over time (other than for significant changes to the VMI or organization as a whole), the goals should be reevaluated periodically using a SMART filter, and adjusted as needed.
Download the Info-Tech Phase 1 Tools and Templates Compendium
Regardless of where your VMI resides or how it operates, it will be working with other areas within your organization. Some of the activities performed by the VMI will be new and not currently handled by other groups or individuals internally; at the same time, some of the activities performed by the VMI may be currently handled by other groups or individuals internally. In addition, executives, stakeholders, and other internal personnel may have expectations or make assumptions about the VMI. As a result, there can be a lot of confusion about what the VMI does and doesn't do, and the answers cannot always be found in the VMI's Mission Statement and Goals.
One component of helping others understand the VMI landscape is formalizing the VMI Scope. The Scope will define boundaries for the VMI. The intent is not to fence itself off and keep others out but provide guidance on where the VMI's territory begins and ends. Ultimately, this will help clarify the VMI's roles and responsibilities, improve workflow, and reduce errant assumptions.
When drafting your VMI scoping document, make sure you look at both sides of the equation (similar to what you would do when following best practices for a statement of work). Identify what is in scope and what is out of scope. Be specific when describing the individual components of the VMI Scope, and make sure executives and stakeholders are onboard with the final version.
Download the Info-Tech Phase 1 Tools and Templates Compendium
A SWOT analysis (strengths, weaknesses, opportunities, and threats) is a valuable tool, but it is overkill for your VMI at this point. However, using a modified and simplified form of this tool (strengths and obstacles) will yield significant results and benefit the VMI as it grows and matures.
Your output will be two lists: the strengths associated with the VMI and the obstacles the VMI is facing. For example, strengths could include items such as smart people working within the VMI and executive support. Obstacles could include items such as limited headcount and training required for VMI staff.
The goals are 1) to harness the strengths to help the VMI be successful and 2) to understand the impact of the obstacles and plan accordingly. The output can also be used to enlighten executives and stakeholders about the challenges associated with their directives or requests (e.g. human bandwidth may not be sufficient to accomplish some of the vendor management activities and there is a moratorium on hiring until the next budget year).
For each strength identified, determine how you will or can leverage it when things are going well or when the VMI is in a bind. For each obstacle, list the potential impact on the VMI (e.g. scope, growth rate, and number of vendors that can actively be part of the VMI).
As you do your brainstorming, be as specific as possible and validate your lists with stakeholders and executives as needed.
Meet with the participants and use a brainstorming activity to list, on a whiteboard or flip chart, the VMI's strengths and obstacles.
Be specific to avoid ambiguity and improve clarity.
Go back and forth between strengths and obstacles as needed; it is not necessary to list all the strengths first and then all the obstacles.
It is possible for an item to be a strength and an obstacle; when this happens, add details to distinguish the situations.
Review the lists to make sure there is enough specificity.
Determine how you will leverage each strength and how you will manage each obstacle.
Use the Phase 1 Tools and Templates Compendium – Tab 1.3 Strengths and Obstacles to document the results.
Obtain signoff on the strengths and obstacles from stakeholders and executives as required.
Download the Info-Tech Phase 1 Tools and Templates Compendium
One crucial success factor for VMIs is gaining and maintaining internal alignment. There are many moving parts to an organization, and a VMI must be clear on the various roles and responsibilities related to the relevant processes. Some of this information can be found in the VMI's Scope referenced in Step 1.2, but additional information is required to avoid stepping on each other's toes; many of the processes require internal departments to work together. (For example, obtaining requirements for a request for proposal takes more than one person or department). While it is not necessary to get too granular, it is imperative that you have a clear understanding of how the VMI activities will fit within the larger vendor management lifecycle (which is comprised of many sub processes) and who will be doing what.
As we have learned through our workshops and guided implementations, a traditional RACI* or RASCI* Chart does not work well for this purpose. These charts are not intuitive, and they lack the specificity required to be effective. For vendor management purposes, a higher-level view and a slightly different approach provide much better results.
This step will lead your through the creation of an OIC* Chart to determine vendor management lifecycle roles and responsibilities. Afterward, you'll be able to say, "Oh, I see clearly who is involved in each part of the process and what their role is."
*RACI – Responsible, Accountable, Consulted, Informed
*RASCI – Responsible, Accountable, Support, Consulted, Informed
*OIC – Owner, Informed, Contributor
To start, define the vendor management lifecycle steps or process applicable to your VMI. Next, determine who participates in the vendor management lifecycle. There is no need to get too granular – think along the lines of departments, subdepartments, divisions, agencies, or however you categorize internal operational units. Avoid naming individuals other than by title; this typically happens when a person oversees a large group (e.g. the CIO [chief information officer] or the CPO [chief procurement officer]). Be thorough, but don't let the chart get out of hand. For each role and step of the lifecycle, ask whether the entry is necessary; does it add value to the clarity of understanding the responsibilities associated with the vendor management lifecycle? Consider two examples, one for roles and one for lifecycle steps. 1) Is IT sufficient or do you need IT Operations and IT Development? 2) Is "negotiate contract documents" sufficient or do you need negotiate the contract and negotiate the renewal? The answer will depend on your culture and environment but be wary of creating a spreadsheet that requires an 85-inch monitor to view it.
After defining the roles (departments, divisions, agencies) and the vendor management lifecycle steps or process, assign one of three letters to each box in your chart:
This activity can be started by the VMI or done as a group with representatives from each of the named roles. If the VMI starts the activity, the resulting chart should be validated by the each of the named roles.
Download the Info-Tech Phase 1 Tools and Templates Compendium
Phase 1 | Phase 2 | Phase 3 | Phase 4 |
---|---|---|---|
1.1 Mission Statement and Goals 1.2 Scope 1.3 Strengths and Obstacles 1.4 Roles and Responsibilities | 2.1 Classification Model 2.2 Risk Assessment Tool 2.3 Scorecards and Feedback 2.4 Business Alignment Meeting Agenda 2.5 Relationship Alignment Document 2.6 Vendor Orientation 2.7 3-Year Roadmap 2.8 90-Day Plan 2.9 Quick Wins 2.10 Reports | 3.1 Classify Vendors 3.2 Compile Scorecards 3.3 Conduct Business Alignment Meetings 3.4 Work the 90-Day Plan 3.5 Manage the 3-Year Roadmap 3.6 Develop/Improve Vendor Relationships | 4.1 Incorporate Leading Practices 4.2 Leverage Lessons Learned 4.3 Maintain Internal Alignment |
Phase 2 – Build focuses on creating and configuring the tools and templates that will help you run your VMI. Vendor management is not a plug and play environment, and unless noted otherwise, the tools and templates included with this blueprint require your input and thought. The tools and templates must work in concert with your culture, values, and goals. That will require teamwork, insights, contemplation, and deliberation.
During this Phase you'll leverage the various templates and tools included with this blueprint and adapt them for your specific needs and use. In some instances, you'll be starting with mostly a blank slate; while in others, only a small modification may be required to make it fit your circumstances. However, it is possible that a document or spreadsheet may need heavy customization to fit your situation. As you create your VMI, use the included materials for inspiration and guidance purposes rather than as absolute dictates.
One of the functions of a VMI is to allocate the appropriate level of vendor management resources to each vendor since not all vendors are of equal importance to your organization. While some people may be able intuitively to sort their vendors into vendor management categories, a more objective, consistent, and reliable model works best. Info-Tech's COST model helps you assign your vendors to the appropriate vendor management category so that you can focus your vendor management resources where they will do the most good.
COST is an acronym for Commodity, Operational, Strategic, and Tactical. Your vendors will occupy one of these vendor management categories, and each category helps you determine the nature of the resources allocated to that vendor, the characteristics of the relationship desired by the VMI, and the governance level used.
The easiest way to think of the COST model is as a 2 x 2 matrix or graph. The model should be configured for your environment so that the criteria used for determining a vendor's classification align with what is important to you and your organization. However, at this point in your VMI's maturation, a simple approach works best. The Classification Model included with this blueprint requires minimal configuration to get your started, and that is discussed on the activity slide associated with this Step 2.1.
Operational |
Strategic |
---|---|
|
|
Commodity |
Tactical |
|
|
Source: Compiled in part from Guth, Stephen. "Vendor Relationship Management Getting What You Paid for (And More)." 2015.
Download the Info-Tech Phase 2 Vendor Classification Tool
One of the typical drivers of a VMI is risk management. Organizations want to get a better handle on the various risks their vendors pose. Vendor risks originate from many areas: financial, performance, security, legal, and others. However, security risk is the high-profile risk, and the one organizations often focus on almost exclusively, which leaves the organization vulnerable in other areas.
Risk management is a program, not a project; there is no completion date. A proactive approach works best and requires continual monitoring, identification, and assessment. Reacting to risks after they occur can be costly and have other detrimental effects on the organization. Any risk that adversely affects IT will adversely affect the entire organization.
While the VMI won't necessarily be quantifying or calculating the risk directly, it generally is the aggregator of risk information across the risk categories, which it then includes in its reporting function (see Steps 2.12 and 3.8).
At a minimum, your risk management strategy should involve:
Vendor risk is a fact of life, but you do have options for how to handle it. Be proactive and thoughtful in your approach, and focus your resources on what is important.
Download the Info-Tech Phase 2 Vendor Classification Tool
A vendor management scorecard is a great tool for measuring, monitoring, and improving relationship alignment. In addition, it is perfect for improving communication between you and the vendor.
Conceptually, a scorecard is similar to a school report card. At the end of a learning cycle, you receive feedback on how well you do in each of your classes. For vendor management, the scorecard is also used to provide periodic feedback, but there are some nuances and additional benefits and objectives when compared to a report card.
Although scorecards can be used in a variety of ways, the focus here will be on vendor management scorecards – contract management, project management, and other types of scorecards will not be included in the materials covered in this Step 2.3 or in Step 3.4.
The Info-Tech scorecard includes five areas:
An overall score is calculated based on the rating for each criteria and the measurement category weights.
Scorecards can be used for a variety of reasons. Some of the common ones are:
Identifying and resolving issues before they impact performance or the relationship.
Info-Tech recommends starting with simple scorecards to allow you and the vendors to acclimate to the new process and information. As you build your scorecards, keep in mind that internal personnel will be scoring the vendors and the vendors will be reviewing the scorecard. Make your scorecard easy for your personnel to fill out, and containing meaningful content to drive the vendor in the right direction. You can always make the scorecard more complex in the future.
Our recommendation of five categories is provided below. Choose three to five of the categories that help you accomplish your scorecard goals and objectives:
Some criteria may be applicable in more than one category. The categories above should cover at least 80% of the items that are important to your organization. The general criteria listed for each category is not an exhaustive list, but most things break down into time, money, quality, people, and risk issues.
*Source: The Decision Lab, n.d.
After you've built your scorecard, turn your attention to the second half of the equation – feedback from the vendor. A communication loop cannot be successful without dialogue flowing both ways. While this can happen with just a scorecard, a mechanism specifically geared toward the vendor providing you with feedback improves communication, alignment, and satisfaction.
You may be tempted to create a formal scorecard for the vendor to use; avoid that temptation until later in your maturity or development of the VMI. You'll be implementing a lot of new processes, deploying new tools and templates, and getting people to work together in new ways. Work on those things first.
For now, implement an informal process for obtaining information from the vendor. Start by identifying information that you will find useful – information that will allow you to improve overall, to reduce waste or time, to improve processes, to identify gaps in skills. Incorporate these items into your business alignment meetings (see Steps 2.4 and 3.5). Create three to five good questions to ask the vendor and include these in the business alignment meeting agenda. The goal is to get meaningful feedback, and that starts with asking good questions.
Keep it simple at first. When the time is right, you can build a more formal feedback form or scorecard. Don't be in a rush; as long as the informal method works, keep using it.
Download the Info-Tech Phase 2 Tools and Templates Compendium
Download the Info-Tech Phase 2 Tools and Templates Compendium
A business alignment meeting (BAM) is a multi-faceted tool to ensure the customer and the vendor stay focused on what is important to the customer at a high level. BAMs are not traditional operational meetings where the parties get into the details of the contracts, deal with installation problems, address project management issues, or discuss specific cost overruns. The focus of the BAM is the scorecard (see Step 2.3), but other topics are discussed, and other purposes are served. For example:
As you build your BAM Agenda, someone in your organization may say, "Oh, that's just a quarterly business review (QBR) or top-to-top meeting." In most instances, an existing QBRs or top-to-top meeting is not the same as a BAM. Using the term QBR or top-to-top meeting instead of BAM can lead to confusion internally. The VMI may say to the business unit, procurement, or another department, "We're going to start running some QBRs for our strategic vendors." The typical response is, "There's no need; we already run QBRs/top-to-top meetings with our important vendors." This may be accompanied by an invitation to join their meeting, where you may be an afterthought, have no influence, and get five minutes at the end to talk about your agenda items. Keep your BAM separate so that it meets your needs.
As previously noted, using the term BAM more accurately depicts the nature of the VMI meeting and prevents confusion internally with other meetings already occurring. In addition, hosting the BAM yourself rather than piggybacking onto another meeting ensures that the VMI's needs are met. The VMI will set and control the BAM agenda and determine the invite list for internal personnel and vendor personnel. As you may have figured out by now, having the right customer and vendor personnel attend will be essential.
BAMs are conducted at the vendor level, not the contract level. As a result, the frequency of the BAMs will depend on the vendor's classification category (see Steps 2.1 and 3.1). General frequency guidelines are provided below, but they can be modified to meet your goals:
BAMs can help you achieve some additional benefits not previously mentioned:
As with any meeting, building the proper agenda will be one of the keys to an effective and efficient meeting. A high-level BAM agenda with sample topics is set out below:
BAM Agenda
Download the Info-Tech Phase 2 Tools and Templates Compendium
Throughout this blueprint, alignment is mentioned directly (e.g. business alignment meetings [Steps 2.4 and 3.3]) or indirectly implied. Ensuring you and your vendors are on the same page, have clear and transparent communication, and understand each other's expectations is critical to fostering strong relationships. One component of gaining and maintaining alignment with your vendors is the Relationship Alignment Document (RAD). Depending upon the Scope of your VMI and what your organization already has in place, your RAD will fill in the gaps on various topics.
Early in the VMI's maturation, the easiest approach is to develop a short document (1 one page) or a pamphlet (i.e. the classic trifold) describing the rules of engagement when doing business with your organization. The RAD can convey expectations, policies, guidelines, and other items. The scope of the document will depend on:
The first step to drafting a RAD is to identify what information vendors need to know to stay on your good side. You may want vendors to know about your gift policy (e.g. employees may not accept vendor gifts above a nominal value, such as a pen or mousepad). Next, compare your list of what vendors need to know and determine if the content is covered in other vendor-facing documents such as a vendor code of conduct or your website's vendor portal. Lastly, create your RAD to bridge the gap between what you want and what is already in place. In some instances, you may want to include items from other documents to reemphasize them with the vendor community.
The RAD can be used with all vendors regardless of classification category. It can be sent directly to the vendors or given to them during vendor orientation (see Step 3.3)
Download the Info-Tech Phase 2 Tools and Templates Compendium
Your organization is unique. It may have many similarities with other organizations, but your culture, risk tolerance, mission, vision, and goals, finances, employees, and "customers" (those that depend on you) make it different. The same is true of your VMI. It may have similar principles, objectives, and processes to other organizations' VMIs, but yours is still unique. As a result, your vendors may not fully understand your organization and what vendor management means to you.
Vendor orientation is another means to helping you gain and maintain alignment with your important vendors, educate them on what is important to you, and provide closure when/if the relationship with the vendor ends. Vendor orientation is comprised of three components, each with a different function:
Vendor orientation focuses on the vendor management pieces of the puzzle (e.g. the scorecard process) rather than the operational pieces (e.g. setting up a new vendor in the system to ensure invoices are processed smoothly).
To continue the analogy from orientation, debrief is like an exit interview for an employee when their employment is terminated. In this case, debrief occurs when the vendor is no longer an active vendor with your organization - all contracts have terminated or expired, and no new business with the vendor is anticipated within the next three months.
Similar to orientation and reorientation, debrief activities will be based on the vendor's classification category within the COST model. Strategic vendors don't go away very often; usually, they transition to operational or tactical vendors first. However, if a strategic vendor is no longer providing products or services to you, dig a little deeper into their experiences and allocate extra time for the debrief meeting.
The debrief should provide you with feedback on the vendor's experience with your organization and their participation in your VMI. Additionally, it can provide closure for both parties since the relationship is ending. Be careful that the debrief does not turn into a finger-pointing meeting or therapy session for the vendor. It should be professional and productive; if it is going off the rails, terminate the meeting before more damage can occur.
End the debrief on a high note if possible. Thank the vendor, highlight its key contributions, and single out any personnel who went above and beyond. You never know when you will be doing business with this vendor again – don't burn bridges!
As you create your vendor orientation materials, focus on the message you want to convey.
The level of detail you provide strategic vendors during orientation and reorientation may be different from the information you provide tactical and operational vendors. Commodity vendors are not typically involved in the vendor orientation process. The orientation meetings can be conducted on a one-to-one basis for strategic vendors and a one-to-many basis for operational and tactical vendors; reorientation and debrief are best conducted on a one-to-one basis. Lastly, face-to-face or video meetings work best for vendor orientation; voice-only meetings, recorded videos, or distributing only written materials seldom hit their mark or achieve the desired results.
It focuses on different timelines or horizons (e.g., the past, the present, and the future). Creating a three-year roadmap facilitates the VMI's ability to function effectively across these multiple landscapes.
The VMI roadmap will be influenced by many factors. The work product from Phase 1 – Plan, input from executives, stakeholders, and internal clients, and the direction of the organization are great sources of information as you begin to build your roadmap.
To start, identify what you would like to accomplish in year 1. This is arguably the easiest year to complete: budgets are set (or you have a good idea what the budget will look like), personnel decisions have been made, resources have been allocated, and other issues impacting the VMI are known with a higher degree of certainty than any other year. This does not mean things won't change during the first year of the VMI, but expectations are usually lower, and the short event horizon makes things more predictable during the year-1 ramp-up period.
Years 2 and 3 are more tenuous, but the process is the same: identify what you would like to accomplish or roll out in each year. Typically, the VMI maintains the year-1 plan into subsequent years and adds to the scope or maturity. For example, you may start year 1 with BAMs and scorecards for three of your strategic vendors; during year 2, you may increase that to five vendors; and during year 3, you may increase that to nine vendors. Or, you may not conduct any market research during year 1, waiting to add it to your roadmap in year 2 or 3 as you mature.
Breaking things down by year helps you identify what is important and the timing associated with your priorities. A conservative approach is recommended. It is easy to overcommit, but the results can be disastrous and painful.
Download the Info-Tech Phase 2 Tools and Templates Compendium
Now that you have prepared a three-year roadmap, it's time to take the most significant elements from the first year and create action plans for each three-month period. Your first 90-day plan may be longer or shorter if you want to sync to your fiscal or calendar quarters. Aligning with your fiscal year can make it easier for tracking and reporting purposes; however, the more critical item is to make sure you have a rolling series of four 90-day plans to keep you focused on the important activities and tasks throughout the year.
The 90-day plan is a simple project plan that will help you measure, monitor, and report your progress. Use the Info-Tech tool to help you track:
Activities.
The first 90-day plan will have the greatest level of detail and should be as thorough as possible; the remaining three 90-day plans will each have less detail for now. As you approach the middle of the first 90-day plan, start adding details to the next 90-day plan; toward the end of the first quarter add a high-level 90-day plan to the end of the chain. Continue repeating this cycle each quarter and consult the three-year roadmap and the leadership team, as necessary.
Download the Info-Tech Phase 2 Tools and Templates Compendium
As the final step in the timeline trilogy, you are ready to identify some quick wins for the VMI. Using the first 90-day plan and a brainstorming activity, create a list of things you can do in 15 to 30 days that add value to your initiative and build momentum.
As you evaluate your list of potential candidates, look for things that:
As you look for quick wins, you may find that everything you identify does not meet the criteria. That's okay; don't force the issue. Return your focus to the 90-day plan and three-year roadmap and update those documents if the brainstorming activity associated with Step 2.9 identified anything new.
Download the Info-Tech Phase 2 Tools and Templates Compendium
Issuing reports is a critical piece of the VMI since the VMI is a conduit of information for the organization. It may be aggregating risk data from internal areas, conducting vendor research, compiling performance data, reviewing market intelligence, or obtaining relevant statistics, feedback, comments, facts, and figures from other sources. Holding onto this information minimizes the impact a VMI can have on the organization; however, the VMI's internal clients, stakeholders, and executives can drown in raw data and ignore it completely if it is not transformed into meaningful, easily-digested information.
Before building a report, think about your intended audience:
Use the following guidelines to create reports that will resonate with your audience:
Download the Info-Tech Phase 2 Tools and Templates Compendium
Phase 1 | Phase 2 | Phase 3 | Phase 4 |
---|---|---|---|
1.1 Mission Statement and Goals 1.2 Scope 1.3 Strengths and Obstacles 1.4 Roles and Responsibilities | 2.1 Classification Model 2.2 Risk Assessment Tool 2.3 Scorecards and Feedback 2.4 Business Alignment Meeting Agenda 2.5 Relationship Alignment Document 2.6 Vendor Orientation 2.7 3-Year Roadmap 2.8 90-Day Plan 2.9 Quick Wins 2.10 Reports | 3.1 Classify Vendors 3.2 Compile Scorecards 3.3 Conduct Business Alignment Meetings 3.4 Work the 90-Day Plan 3.5 Manage the 3-Year Roadmap 3.6 Develop/Improve Vendor Relationships | 4.1 Incorporate Leading Practices 4.2 Leverage Lessons Learned 4.3 Maintain Internal Alignment |
All the hard work invested in Phase 1 – Plan and Phase 2 – Build begins to pay off in Phase 3 – Run. It's time to stand up your VMI and ensure that the proper level of resources is devoted to your vendors and the VMI itself. There's more hard work ahead, but the foundational elements are in place. This doesn't mean there won't be adjustments and modifications along the way, but you are ready to use the tools and templates in the real world; you are ready to begin reaping the fruits of your labor.
Phase 3 – Run guides you through the process of collecting data, monitoring trends, issuing reports, and conducting effective meetings to:
Step 3.1 sets the table for many of the subsequent steps in Phase 3 – Run. The results of your classification process will determine which vendors go through the scorecarding process (Step 3.2); which vendors participate in BAMs (Step 3.3), and which vendors you will devote relationship-building resources to (Step 3.6).
As you begin classifying your vendors, Info-Tech recommends using an iterative approach initially to validate the results from the classification model you configured in Step 2.1.
Additional classification considerations:
As your VMI matures, additional vendors will be part of the VMI. Review the table below and incorporate the applicable strategies into your deployment of vendor management principles over time. Stay true to your mission, goals, and scope, and remember that not all your vendors are of equal importance.
Operational | Strategic |
---|---|
|
|
Commodity | Tactical |
|
|
For decades, vendors have used the term "partner" to refer to the relationship they have with their clients and customers. This is often an emotional ploy used by the vendors to get the upper hand. To fully understand the terms "partner" and "partnership", let's evaluate them through two more objective, less cynical lenses.
If you were to talk to your in-house or outside legal counsel, you may be told that partners share in profits and losses, and they have a fiduciary obligation to each other. Unless there is a joint venture between the parties, you are unlikely to have a partnership with a vendor from this perspective.
What about a "business" partnership — one that doesn't involve sharing profits and losses? What would that look like? Here are some indicators of a business partnership (or preferably a strategic alliance):
By now you might be thinking, "What's all the fuss? Why does it matter?" At Info-Tech, we've seen firsthand how referring to the vendor as a partner can have the following impact:
Proceed with caution when using partner or partnership with your vendors. Understand how your organization benefits from using these terms and mitigate the negatives outlined above by raising awareness internally to ensure people understand the psychology behind the terms. Finally, use the term to your advantage when warranted by referring to the vendor as a partner when you want or need something that the vendor is reluctant to provide. Bottom line: be strategic in how you refer to vendors and know the risks.
Begin scoring your top vendors
The scorecard process typically is owned and operated by the VMI, but the actual rating of the criteria within the measurement categories is conducted by those with day-to-day interactions with the vendors, those using or impacted by the services and products provided by the vendors, and those with the skills to research other information on the scorecard (e.g. risk). Chances are one person will not be able to complete an entire scorecard by themselves. As a result, the scorecard process is a team sport comprised of sub-teams where necessary.
The VMI will compile the scores, calculate the final results, and aggregate all the comments into one scorecard. There are two common ways to approach this task:
Since multiple people will be involved in the scorecarding process or have information to contribute, the VMI will have to work with the reviewers to ensure he right mix of data is provided. For example:
Where one person is contributing exclusively to limited criteria, make it easy for them to identify the criteria they are to evaluate. When multiple people from the same functional area will provide insights, they can contribute individually (and the VMI will average their responses) or they can respond collectively after reaching consensus as a group.
After the VMI has compiled, calculated, and aggregated, share the results with executives, impacted stakeholders, and others who will be attending the BAM for that vendor. Depending upon the comments provided by internal personnel, you may need to create a sanitized version of the scorecard for the vendor.
Make sure your process timeline has a buffer built in. You'll be sending the final scorecard to the vendor three to five days before the BAM, and you'll need some time to assemble the results. The scorecarding process can be perceived as a low-priority activity for people outside of the VMI, and other "priorities" will arise for them. Without a timeline buffer, the VMI may find itself behind schedule and unprepared, due to things beyond its control.
At their core, BAMs aren't that different from any other meeting. The basics of running a meeting still apply, but there are a few nuances that apply to BAMs. Set out below are leading practices for conducing your BAMs; adapt them to meet your needs and suit your environment.
Initially, BAMs are conducted with the strategic vendors in your pilot program. Over time you'll add vendors until all your strategic vendors are meeting with you quarterly. After that, roll out the BAMs to those tactical and operational vendors located close to the strategic quadrant in the classification model (Steps 2.1 and 3.1) and as VMI resources allow. It may take several years before you are holding regular BAMs with all your strategic, tactical, and operational vendors.
Keep the length of your meetings reasonable. The first few with a vendor may need to be 60 to 90 minutes long. After that, you should be able to trim them to 45 minutes to 60 minutes. The BAM does not have to fill the entire time. When you are done, you are done.
Set up a recurring meeting whenever possible. Changes will be inevitable but keeping the timeline regular works to your advantage. Also, the vendors included in your initial BAMs won't change for twelve months. For the first BAM with a vendor, provide adequate notice; four weeks is usually sufficient, but calendars will fill up quickly for the main attendees from the vendor. Treat the meeting as significant and make sure your invitation reflects this. A simple meeting request will often be rejected, treated as optional, or ignored completely by the vendor's leadership team (and maybe yours as well!).
Internal invitees should include those with a vested interest in the vendor's performance and the relationship. Other functional areas may be invited based on need or interest. Be careful the attendee list doesn't get too big. Based on this, internal BAM attendees often include representatives from IT, Sourcing/Procurement, and the applicable business units. At times, Finance and Legal are included.
From the vendor's side, strive to have decision makers and key leaders attend. The salesperson/account manager is often included for continuity, but a director or vice president of sales will have more insights and influence. The project manager is not needed at this meeting due to the nature of the meeting and its agenda; however, a director or vice president from the product or service delivery area is a good choice. Bottom line: get as high into the vendor's organization as possible whenever possible; look at the types of contracts you have with that vendor to provide guidance on the type of people to invite.
Send the scorecard and agenda to the vendor five days prior to the BAM. The vendor should provide you with any information you require for the meeting five days prior, as well.
Decide who will run the meeting. Some customers like to lead, and others let the vendor present. How you craft the agenda and your preferences will dictate who runs the show.
Make sure the vendor knows what materials they should bring to the meeting or have access to. This will relate to the agenda and any specific requests listed under the discussion points. You don't want the vendor to be caught off guard and unable to discuss a matter of importance to you.
Regardless of which party leads, make sure you manage the agenda to stay on topic. This is your meeting – not the vendor's, not IT's, not Procurement's or Sourcing's. Don't let anyone hijack it.
Make sure someone is taking notes. If you are running this virtually, consider recording the meeting. Check with your legal department first for any concerns, notices, or prohibitions that may impact your recording the session.
Remember, this is not a sales call, and it is not a social activity. Innovation discussions are allowed and encouraged, but that can quickly devolve into a sales presentation. People can be friendly toward one another, but the relationship building should not overwhelm the other purposes.
Having a 90-day plan is a good start, but assuming the tasks on the plan will be accomplished magically or without any oversight can lead to failure. While it won't take a lot of time to work the plan, following a few basic guidelines will help ensure the 90-day plan gets results and wasn't created in vain.
Keep an eye on the future since it will feed the present
The three-year roadmap is a great planning tool, but it is not 100% reliable. There are inherent flaws and challenges. Essentially, the roadmap is a set of three "crystal balls" attempting to tell you what the future holds. The vision for year 1 may be clear, but for each subsequent year, the crystal ball becomes foggier. In addition, the timeline is constantly changing; before you know it, tomorrow becomes today and year 2 becomes year 1.
To help navigate through the roadmap and maximize its potential, follow these principles:
One of the key components of a VMI is relationship management. Good relationships with your vendors provide many benefits for both parties, but they don't happen by accident. Do not assume the relationship will be good or is good merely because your organization is buying products and services from a vendor.
In many respects, the VMI should mirror a vendor's sales organization by establishing relationships at multiple levels within the vendor organizations, not just with the salesperson or account manager. Building and maintaining relationships is hard work, but the return on investment makes it worthwhile.
Business relationships are comprised of many components, not all of which must be present to have a great relationship. However, there are some essential components. Whether you are trying to develop, improve, or maintain a relationship with a vendor, make sure you are conscious of the following:
Phase 1 | Phase 2 | Phase 3 | Phase 4 |
---|---|---|---|
1.1 Mission Statement and Goals 1.2 Scope 1.3 Strengths and Obstacles 1.4 Roles and Responsibilities | 2.1 Classification Model 2.2 Risk Assessment Tool 2.3 Scorecards and Feedback 2.4 Business Alignment Meeting Agenda 2.5 Relationship Alignment Document 2.6 Vendor Orientation 2.7 3-Year Roadmap 2.8 90-Day Plan 2.9 Quick Wins 2.10 Reports | 3.1 Classify Vendors 3.2 Compile Scorecards 3.3 Conduct Business Alignment Meetings 3.4 Work the 90-Day Plan 3.5 Manage the 3-Year Roadmap 3.6 Develop/Improve Vendor Relationships | 4.1 Incorporate Leading Practices 4.2 Leverage Lessons Learned 4.3 Maintain Internal Alignment |
As the adage says, "The only thing constant in life is change." This is particularly true for your VMI. It will continue to mature, people inside and outside of the VMI will change, resources will expand or contract from year to year, your vendor base will change. As a result, your VMI needs the equivalent of a physical every year. In place of bloodwork, x-rays, and the other paces your physician may put you through, you'll assess compliance with your policies and procedures, incorporate leading practices, leverage lessons learned, maintain internal alignment, and update governances.
Be thorough in your actions during this Phase to get the most out of it. It requires more than the equivalent of gauging a person's health by taking their temperature, measuring their blood pressure, and determining their body mass index. Keeping your VMI up-to-date and running smoothly takes hard work.
Some of the items presented in this Phase require an annual review; others may require quarterly review or timely review (i.e. when things are top of mind and current). For example, collecting lessons learned should happen on a timely basis rather than annually, and classifying your vendors should occur annually rather than every time a new vendor enters the fold.
Ultimately, the goal is to improve over time and stay aligned with other areas internally. This won't happen by accident. Being proactive in the review of your VMI further reinforces the nature of the VMI itself – proactive vendor management, not reactive!
The VMI's world is constantly shifting and evolving. Some changes will take place slowly, while others will occur quickly. Think about how quickly the cloud environment has changed over the past five years versus the 15 years before that; or think about issues that have popped up and instantly altered the landscape (we're looking at you COVID and ransomware). As a result, the VMI needs to keep pace, and one of the best ways to do that is to incorporate leading practices.
At a high level, a leading practice is a way of doing something that is better at producing a particular outcome or result or performing a task or activity than other ways of proceeding. The leading practice can be based on methodologies, tools, processes, procedures, and other items. Leading practices change periodically due to innovation, new ways of thinking, research, and other factors. Consequently, a leading practice is to identify and evaluate leading practices each year.
Remember: Leading practices or best practices may not be what is best for you. In some instances, you will have to modify them to fit in your culture and environment; in other instances, you will elect not to implement them at all (in any form).
There are many ways to keep your VMI running smoothly, and creating a lessons learned library is a great complement to the other ways covered in this Phase 4 - Review. By tapping into the collective wisdom of the team and creating a safe feedback loop, the VMI gains the following benefits:
Many of the processes raised in this Phase can be performed annually, but a lessons learned library works best when the information is deposited in a timely manner. How you choose to set up your lessons learned process will depend on the tools you select and your culture. You may want to have regular input meetings to share the lessons as they are being deposited, or you may require team members to deposit lessons learned on a regular basis (within a week after they happen, monthly, or quarterly). Waiting too long can lead to vague or lost memories and specifics; timeliness of the deposits is a crucial element.
Lessons learned are not confined to identifying mistakes or dissecting bad outcomes. You want to reinforce good outcomes, as well. When an opportunity for a lessons-learned deposit arises, identify the following basic elements:
The lessons learned library needs to be maintained. Irrelevant material needs to be culled periodically, and older or duplicate material may need to be archived.
the lessons learned process should be blameless. The goal is to share insightful information, not to reward or punish people based on outcomes or results.
Review the plans of other internal areas to stay in sync
Maintaining internal alignment is essential for the ongoing success of the VMI. Over time, it is easy to lose sight of the fact that the VMI does not operate in a vacuum; it is an integral component of a larger organization whose parts must work well together to function optimally. Focusing annually on the VMI's alignment within the enterprise helps reduce any breakdowns that could derail the organization.
To ensure internal alignment:
Vendor management is a broad, often overwhelming, comprehensive spectrum that encompasses many disciplines. By now, you should have a great idea of what vendor management can or will look like in your organization. Focus on the basics first: Why does the VMI exist and what does it hope to achieve? What is it's scope? What are the strengths you can leverage, and what obstacles must you manage? How will the VMI work with others? From there, the spectrum of vendor management will begin to clarify and narrow.
Leverage the tools and templates from this blueprint and adapt them to your needs. They will help you concentrate your energies in the right areas and on the right vendors to maximize the return on your organization's investment in the VMI of time, money, personnel, and other resources. You may have to lead by example internally and with your vendors at first, but they will eventually join you on your path if you stay true to your course.
At the heart of a good VMI is the relationship component. Don't overlook its value in helping you achieve your vendor management goals. The VMI does not operate in a vacuum, and relationships (internal and external) will be critical.
Lastly, seek continual improvement from the VMI and from your vendors. Both parties should be held accountable, and both parties should work together to get better. Be proactive in your efforts, and you, the VMI, and the organization will be rewarded.
Contact your account representative for more information
workshops@infotech.com
1-888-670-8889
Prepare for Negotiations More Effectively
Don't leave negotiation preparations and outcomes to chance. Learn how to prepare for negotiations more effectively and improve your results.
Understand Common IT Contract Provisions to Negotiate More Effectively
Info-Tech's guidance and insights will help you navigate the complex process of contract review and identify the key details necessary to maximize the protections for your organization.
Capture and Market the ROI of Your VMO
Calculating the impact or value of a vendor management office (VMO) can be difficult without the right framework and tools. Let Info-Tech's tools and templates help you account for the contributions made by your VMO.
Slide 5 – ISG Index 4Q 2021, Information Services Group, Inc., 2022.
Slide 6 – ISG Index 4Q 2021, Information Services Group, Inc., 2022.
Slide 7 – Geller & Company. "World-Class Procurement — Increasing Profitability and Quality." Spend Matters. 2003. Web. Accessed 4 Mar. 2019.
Slide 26 – Guth, Stephen. The Vendor Management Office: Unleashing the Power of Strategic Sourcing. Lulu.com, 2007. Print. Protiviti. Enterprise Risk Management. Web. 16 Feb. 2017.
Slide 34 – "Why Do We Perform Better When Someone Has High Expectations of Us?" The Decision Lab. Accessed January 31, 2022.
Slide 56 - Top 10 Tips for Creating Compelling Reports," October 11, 2019, Design Eclectic. Accessed March 29, 2022.
Slide 56 – "Six Tips for Making a Quality Report Appealing and Easy To Skim," Agency for Health Research and Quality. Accessed March 29, 2022.
Slide 56 –Tucker, Davis. Marketing Reporting: Tips to Create Compelling Reports, March 28, 2020, 60 Second Marketer. Accessed March 29, 2022.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Engage in purposeful and effective PPM deployment planning by clearly defining what to prepare and when exactly it is time to move from planning to execution.
Provide clearer definition to specific project-related functional requirements and collect the appropriate PPM data needed for an effective PPM suite deployment facilitated by vendors/consultants.
Provide clearer definition to specific resource management functional requirements and data and create a communication and training plan.
Plan how to engage vendors/consultants by communicating functional requirements to them and evaluating changes to those requirements proposed by them.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Select a preparation team and establish clear assignments and accountabilities.
Establish clear deliverables, milestones, and metrics to ensure it is clear when the preparation phase is complete.
Preparation activities will be organized and purposeful, ensuring that you do not threaten deployment success by being underprepared or waste resources by overpreparing.
1.1 Overview: Determine appropriate functional requirements to define and data to record in preparation for the deployment.
1.2 Create a timeline.
1.3 Create a charter for the PPM deployment preparation project: record lessons learned, establish metrics, etc.
PPM Suite Deployment Timeline
Charter for the PPM Suite Preparation Project Team
Collect and organize relevant project-related data so that you are ready to populate the new PPM suite when the vendor/consultant begins their professional implementation engagement with you.
Clearly define project-related functional requirements to aid in the configuration/customization of the tool.
An up-to-date and complete record of all relevant PPM data.
Avoidance of scrambling to find data at the last minute, risking importing out-of-date or irrelevant information into the new software.
Clearly defined functional requirements that will ensure the suite is configured in a way that can be adoption in the long term.
2.1 Define project phases and categories.
2.2 Create a list of all projects in progress.
2.3 Record functional requirements for project requests, project charters, and business cases.
2.4 Create a list of all existing project requests.
2.5 Record the current project intake processes.
2.6 Define PPM dashboard and reporting requirements.
Project List (basic)
Project Request Form Requirements (basic)
Scoring/Requirements (basic)
Business Case Requirements (advanced)
Project Request List (basic)
Project Intake Workflows (advanced)
PPM Reporting Requirements (basic)
Collect and organize relevant resource-related data.
Clearly define resource-related functional requirements.
Create a purposeful transition, communication, and training plan for the deployment period.
An up-to-date and complete record of all relevant PPM data that allows your vendor/consultant to get right to work at the start of the implementation engagement.
Improved buy-in and adoption through transition, training, and communication activities that are tailored to the actual needs of your specific organization and users.
3.1 Create a portfolio-wide roster of project resources (and record their competencies and skills, if appropriate).
3.2 Record resource management processes and workflows.
3.3 Create a transition plan from existing PPM tools and processes to the new PPM suite.
3.4 Identify training needs and resources to be leveraged during the deployment.
3.5 Define training requirements.
3.6 Create a PPM deployment training plan.
Resource Roster and Competency Profile (basic)
User Roles and Permissions (basic)
Resource Management Workflows (advanced)
Transition Approach and Plan (basic)
Data Archiving Requirements (advanced)
List of Training Modules and Attendees (basic)
Internal Training Capabilities (advanced)
Training Milestones and Deadlines (basic)
Compile the data collected and the functional requirements defined so that they can be provided to the vendor and/or consultant before the implementation engagement.
Deliverables that record the outputs of your preparation and can be provided to vendors/consultants before the implementation engagement.
Ensures that the customer is an active and equal partner during the deployment by having the customer prepare their material and initiate communication.
Vendors and/or consultants have a clear understanding of the customer’s needs and expectations from the beginning.
4.1 Collect, review, and finalize the functional requirements.
4.2 Compile a functional requirements and data package to provide to the vendor and/or consultants.
4.3 Discuss how proposed changes to the functional requirements will be reviewed and decided.
PPM Suite Functional Requirements Documents
PPM Deployment Data Workbook
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Discover where your data resides, what governance helps you do, and what types of data you're classifying. Then build your data and security protection baselines for your retention policy, sensitivity labels, workload containers, and both forced and unforced policies.
Your Challenge
|
Common Obstacles
Data governance has several obstacles that impact a successful launch, especially if governing M365 is not a planned strategy. Below are some of the more common obstacles:
|
Info-Tech’s Approach
|
Data classification is the lynchpin to any effective governance of O/M365 and your objective is to navigate through this easily and effectively and build a robust, secure, and viable governance model. Start your journey by identifying what and where your data is and how much data do you have. You need to understand what sensitive data you have and where it is stored before you can protect or govern it. Ensure there is a high-level leader who is the champion of the governance objectives. Data classification fulfills the governance objectives of risk mitigation, governance and compliance, efficiency and optimization, and analytics.
1Know Your DataDo you know where your critical and sensitive data resides and what is being done with it?Trying to understand where your information is can be a significant project. |
2Protect Your DataDo you have control of your data as it traverses across the organization and externally to partners?You want to protect information wherever it goes through encryption, etc. |
3Prevent Data LossAre you able to detect unsafe activities that prevent sharing of sensitive information?Data loss prevention (DLP) is the practice of detecting and preventing data breaches, exfiltration, or unwanted destruction of sensitive data. |
4Govern Your DataAre you using multiple solutions (or any) to classify, label, and protect sensitive data?Many organizations use more than one solution to protect and govern their data, making it difficult to determine if there are any coverage gaps. |
Deciding on how granular you go into data classification will chiefly be governed by what industry you are in and your regulatory obligations – the more highly regulated your industry, the more classification levels you will be mandated to enforce. The more complexity you introduce into your organization, the more operational overhead both in cost and resources you will have to endure and build.
Microsoft Information Protection (MIP), which is Microsoft’s Data Classification Services, is the key to achieving your governance goals. Without an MVP, data classification will be overwhelming; simplifying is the first step in achieving governance.
(Source: Microsoft, “Microsoft Purview compliance portal”)
Using least-complex sensitivity labels in your classification are your building blocks to compliance and security in your data management schema; they are your foundational steps.
Data governance is a "takes a whole village" kind of effort.
Clarify who is expected to do what with a RACI chart.
End User | M365 Administrator | Security/ Compliance | Data Owner | |
Define classification divisions | R | A | ||
Appy classification label to data – at point of creation | A | R | ||
Apply classification label to data – legacy items | R | A | ||
Map classification divisions to relevant policies | R | A | ||
Define governance objectives | R | A | ||
Backup | R | A | ||
Retention | R | A | ||
Establish minimum baseline | A | R |
What and where your data residesData types that require classification. |
![]() |
M365 Workload Containers | |||
![]() |
![]() ![]() |
![]() |
![]() |
Email
|
Site Collections, Sites | Sites | Project Databases |
Contacts | Teams and Group Site Collections, Sites | Libraries and Lists | Sites |
Metadata | Libraries and Lists | Documents
|
Libraries and Lists |
Teams Conversations | Documents
|
Metadata | Documents
|
Teams Chats | Metadata | Permissions
|
Metadata |
Permissions
|
Files Shared via Teams Chats | Permissions
|
Knowing where your data resides will ensure you do not miss any applicable data that needs to be classified. These are examples of the workload containers; you may have others.
AIP helps you manage sensitive data prior to migrating to Office 365:
|
![]()
|
Azure Information Protection scanner helps discover, classify, label, and protect sensitive information in on-premises file servers. You can run the scanner and get immediate insight into risks with on-premises data. Discover mode helps you identify and report on files containing sensitive data (Microsoft Inside Track and CIAOPS, 2022). Enforce mode automatically classifies, labels, and protects files with sensitive data. |
Any asset deployed to the cloud must have approved data classification. Enforcing this policy is a must to control your data.
Information Governance
|
Records Management
|
Retention and Deletion
‹——— Connectors for Third-Party Data ———› |
|
Information governance manages your content lifecycle using solutions to import, store, and classify business-critical data so you can keep what you need and delete what you do not. Backup should not be used as a retention methodology since information governance is managed as a “living entity” and backup is a stored information block that is “suspended in time.” | Records management uses intelligent classification to automate and simplify the retention schedule for regulatory, legal, and business-critical records in your organization. It is for that discrete set of content that needs to be immutable. |
Info-Tech InsightRetention is not backup. Retention means something different: “the content must be available for discovery and legal document production while being able to defend its provenance, chain of custody, and its deletion or destruction” (AvePoint Blog, 2021). |
|
What are retention policies used for? Why you need them as part of your MVP?
Do not confuse retention labels and policies with backup.
Remember: “retention [policies are] auto-applied whereas retention label policies are only applied if the content is tagged with the associated retention label” (AvePoint Blog, 2021).
E-discovery tool retention policies are not turned on automatically.
Retention policies are not a backup tool – when you activate this feature you are unable to delete anyone.
“Data retention policy tools enable a business to:
“It is also important to remember that ‘Retention Label Policies’ do not move a copy of the content to the ‘Preservation Holds’ folder until the content under policy is changed next.” (Source: AvePoint Blog, 2021)
Data classification is a focused term used in the fields of cybersecurity and information governance to describe the process of identifying, categorizing, and protecting content according to its sensitivity or impact level. In its most basic form, data classification is a means of protecting your data from unauthorized disclosure, alteration, or destruction based on how sensitive or impactful it is.
Once data is classified, you can then create policies; sensitive data types, trainable classifiers, and sensitivity labels function as inputs to policies. Policies define behaviors, like if there will be a default label, if labeling is mandatory, what locations the label will be applied to, and under what conditions. A policy is created when you configure Microsoft 365 to publish or automatically apply sensitive information types, trainable classifiers, or labels.
Sensitivity label policies show one or more labels to Office apps (like Outlook and Word), SharePoint sites, and Office 365 groups. Once published, users can apply the labels to protect their content.
Data loss prevention (DLP) policies help identify and protect your organization's sensitive info (Microsoft Docs, April 2022). For example, you can set up policies to help make sure information in email and documents is not shared with the wrong people. DLP policies can use sensitive information types and retention labels to identify content containing information that might need protection.
Retention policies and retention label policies help you keep what you want and get rid of what you do not. They also play a significant role in records management.
Internal Personal, Employment, and Job Performance Data
|
Confidential Information
|
Internal Data
|
Public Data
|
Public | Private | |
Privacy |
|
|
Allowed | Not Allowed | |
External guest policy |
|
|
What users will see when they create or label a Team/Group/Site
(Source: Microsoft, “Microsoft Purview compliance portal”)
Data Protection Baseline
“Microsoft provides a default assessment in Compliance Manager for the Microsoft 365 data protection baseline" (Microsoft Docs, June 2022). This baseline assessment has a set of controls for key regulations and standards for data protection and general data governance. This baseline draws elements primarily from NIST CSF (National Institute of Standards and Technology Cybersecurity Framework) and ISO (International Organization for Standardization) as well as from FedRAMP (Federal Risk and Authorization Management Program) and GDPR (General Data Protection Regulation of the European Union). |
Security Baseline
The final stage in M365 governance is security. You need to implement a governance policy that clearly defines storage locations for certain types of data and who has permission to access it. You need to record and track who accesses content and how they share it externally. “Part of your process should involve monitoring unusual external sharing to ensure staff only share documents that they are allowed to” (Rencore, 2021). |
![]() Security MFA or SSO to access from anywhere, any device Banned password list BYOD sync with corporate network |
![]() Users Sign out inactive users automatically Enable guest users External sharing Block client forwarding rules |
![]() Resources Account lockout threshold OneDrive SharePoint |
![]() Controls Sensitivity labels, retention labels and policies, DLP Mobile application management policy |
Sensitivity Profiles: Public, Internal, Confidential; Subcategory: Highly Confidential
Sensitivity | Public | External Collaboration | Internal | Highly Confidential |
Description | Data that is specifically prepared for public consumption | Not approved for public consumption, but OK for external collaboration | External collaboration highly discouraged and must be justified | Data of the highest sensitivity: avoid oversharing, internal collaboration only |
Label details |
|
|
|
|
Teams or Site details | Public Team or Site open discovery, guests are allowed | Private Team or Site members are invited, guests are allowed | Private Team or Site members are invited, guests are not allowed | |
DLP | None | Warn | Block |
Please Note: Global/Compliance Admins go to the 365 Groups platform, the compliance center (Purview), and Teams services (Source: Microsoft Documentation, “Microsoft Purview compliance documentation”)
PRIMARY ACTIVITIES |
Define Your Governance
The objective of the MVP is reducing barriers to establishing an initial governance position, and then enabling rapid progression of the solution to address a variety of tangible risks, including DLP, data retention, legal holds, and labeling. Decide on your classification labels early. |
CATEGORIZATION
CLASSIFICATION |
MVP | ||||
Data Discovery and Management
AIP (Azure Information Protection) scanner helps discover, classify, label, and protect sensitive information in on-premises file servers. You can run the scanner and get immediate insight into risks with on-premises data. |
|||||||
Baseline Setup
Building baseline profiles will be a part of your MVP. You will understand what type of information you are addressing and label it accordingly. Microsoft provides a default assessment in Compliance Manager for the Microsoft 365 data protection baseline. |
|||||||
Default M365 settings
Microsoft provides a default assessment in Compliance Manager for the Microsoft 365 data protection baseline. This baseline assessment has a set of controls for key regulations and standards for data protection and general data governance. |
|||||||
SUPPORT ACTIVITIES |
Retention Policy
Retention policy is auto-applied. Decide whether to retain content, delete content, or retain and then delete the content. |
Sensitivity Labels
Automatically enforce policies on groups through labels; classify groups. |
Workload Containers
M365: SharePoint, Teams, OneDrive, and Exchange, where your data is stored for labels and policies. |
Unforced Policies
Written policies that are not enforceable by controls in Compliance Manager such as acceptable use policy. |
Forced Policies
Restrict sharing controls to outside organizations. Enforce prefix or suffix to group or team names. |
PRIMARY ACTIVITIES | Define Your Governance
| CATEGORIZATION
CLASSIFICATION | MVP | ||||
Data Discovery and Management
| |||||||
Baseline Setup
| |||||||
Default M365 settings
| |||||||
SUPPORT ACTIVITIES | Retention Policy
| Sensitivity Labels
| Workload Containers
| Unforced Policies
| Forced Policies
|
Office 365 is as difficult to wrangle as it is valuable. Leverage best practices to produce governance outcomes aligned with your goals.
Map your organizational goals to the administration features available in the Office 365 console. Your governance should reflect your requirements.
Jumping into an Office 365 migration project without careful thought of the risks of a cloud migration will lead to project halt and interruption. Intentionally plan in order to expose risk and to develop project foresight for a smooth migration.
Remote work calls for leveraging your Office 365 license to use Microsoft Teams – but IT is unsure about best practices for governance and permissions. Moreover, IT has few resources to help train end users with Teams best practicesIT Governance, Risk & Compliance
Several blueprints are available on a broader topic of governance, from Make Your IT Governance Adaptable to Improve IT Governance to Drive Business Results and Build an IT Risk Management Program.
“Best practices for sharing files and folders with unauthenticated users.” Microsoft Build, 28 April 2022. Accessed 2 April 2022.
“Build and manage assessments in Compliance Manager.” Microsoft Docs, 15 June 2022. Web.
“Building a modern workplace with Microsoft 365.” Microsoft Inside Track, n.d. Web.
Crane, Robert. “June 2020 Microsoft 365 Need to Know Webinar.” CIAOPS, SlideShare, 26 June 2020. Web.
“Data Classification: Overview, Types, and Examples.” Simplilearn, 27 Dec. 2021. Accessed 11 April 2022.
“Data loss prevention in Exchange Online.” Microsoft Docs, 19 April 2022. Web.
Davies, Nahla. “5 Common Data Governance Challenges (and How to Overcome Them).” Dataversity. 25 October 2021. Accessed 5 April 2022.
“Default labels and policies to protect your data.” Microsoft Build, April 2022. Accessed 3 April 2022.
M., Peter. "Guide: The difference between Microsoft Backup and Retention." AvePoint Blog, 9 Oct. 2021. Accessed 4 April 2022.
Meyer, Guillaume. “Sensitivity Labels: What They Are, Why You Need Them, and How to Apply Them.” nBold, 6 October 2021. Accessed 2 April 2022.
“Microsoft 365 guidance for security & compliance.” Microsoft, 27 April 2022. Accessed 28 April 2022.
“Microsoft Purview compliance portal.” Microsoft, 19 April 2022. Accessed 22 April 2022.
“Microsoft Purview compliance documentation.” Microsoft, n.d. Accessed 22 April 2022.
“Microsoft Trust Center: Products and services that run on trust.” Microsoft, 2022. Accessed 3 April 2022.
“Protect your sensitive data with Microsoft Purview.” Microsoft Build, April 2022. Accessed 3 April 2022.
Zimmergren, Tobias. “4 steps to successful cloud governance in Office 365.” Rencore, 9 Sept. 2021. Accessed 5 April 2022.
If everybody is managing the queue, then nobody is. Without clear ownership and accountability over each and every queue, then it becomes too easy for everyone to assume someone else is handling or monitoring a ticket when in fact nobody is. Assign a Queue Manager to each queue and ensure someone is responsible for monitoring ticket movement across all the queues.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
This storyboard reviews the top ten pieces of advice for improving ticket queue management at the service desk.
This template includes several examples of service desk queue structures, followed by space to build your own model of your optimal service desk queue structure and document who is assigned to each queue and responsible for managing each queue.
Service Desk and IT leaders who are struggling with low efficiency, high backlogs, missed SLAs, and poor service desk metrics often think they need to hire more resources or get a new ITSM tool with better automation and AI capabilities. However, more often than not, the root cause of their challenges goes back to the fundamentals.
Strong ticket queue management processes are critical to the success of all other service desk processes. You can’t resolve incidents and fulfill service requests in time to meet SLAs without first getting the ticket to the right place efficiently and then managing all tickets in the queue effectively. It sounds simple, but we see a lot of struggles around queue management, from new tickets sitting too long before being assigned, to in-progress tickets getting buried in favor of easier or higher-priority tickets, to tickets jumping from queue to queue without progress, to a seemingly insurmountable backlog.
Once you have taken the time to clearly structure your queues, assign resources, and define your processes for routing tickets to and from queues and resolving tickets in the queue, you will start to see response and resolution time decrease along with the ticket backlog. However, accountability for queue management is often overlooked and is really key to success.
Natalie Sansone, PhD
Senior Research Analyst, Infrastructure & Operations
Info-Tech Research Group
If everybody is managing the queue, then nobody is. Without clear ownership and accountability over each and every queue it becomes too easy for everyone to assume someone else is handling or monitoring a ticket when in fact nobody is. Assign a Queue Manager to each queue and ensure someone is responsible for monitoring ticket movement across all the queues.
A host of different factors influence service desk response time and resolution time, including process optimization and documentation, workflow automation, clearly defined prioritization and escalation rules, and a comprehensive and easily accessible knowledgebase.
However, the root cause of poor response and resolution time often comes down to the basics like ticket queue management. Without clearly defined processes and ownership for assigning and actioning tickets from the queue in the most effective order and manner, customer satisfaction will suffer.
*to email and web support tickets
Source: Freshdesk, 2021
A Freshworks analysis of 107 million service desk interactions found the relationship between CSAT and response time is stronger than resolution time - when customers receive prompt responses and regular updates, they place less value on actual resolution time.
Email/web
Ideally, the majority of tickets come into the ticket queue through email or a self-service portal, allowing for appropriate categorization, prioritization, and assignment.
Phone
For IT teams with a high volume of support requests coming in through the phone, reducing wait time in queue may be a priority.
Chat
Live chat is growing in popularity as an intake method and may require routing and distribution rules to prevent long or multiple queues.
Queue management is a set of processes and tools to direct and monitor tickets or manage ticket flow. It involves the following activities:
Without a clear and efficient process or accountability for moving incoming tickets to the right place, tickets will be worked on randomly, older tickets will get buried, the backlog will grow, and SLAs will be missed.
With effective queue management and ownership, tickets are quickly assigned to the right resource, worked on within the appropriate SLO/SLA, and actively monitored, leading to a more manageable backlog and good response and resolution times.
A growing backlog will quickly lead to frustrated and dissatisfied customers, causing them to avoid the service desk and seek alternate methods to get what they need, whether going directly to their favorite technician or their peers (otherwise known as shadow IT).
Build a mature ticket queue management process that allows your team to properly prioritize, assign, and work on tickets to maximize response and resolution times.
As queue management maturity increases:
Response time decreases
Resolution time decreases
Backlog decreases
End-user satisfaction increases
*Queues may be defined by skillset, role, ticket category, priority, or a hybrid.
Start small; don’t create a queue for every possible ticket type. Remember that someone needs to be accountable for each of these queues, so only build what you can monitor.
PROCESS INCLUDES: |
DEFINE THE FOLLOWING: |
|
---|---|---|
TRIAGING INCOMING TICKETS |
|
|
WORKING ON ASSIGNED TICKETS |
|
|
The triage role is critical but difficult. Consider rotating your Tier 1 resources through this role, or your service desk team if you’re a very small group.
You decide which channels to enable and prioritize, not your users. Phone and chat are very interrupt-driven and should be reserved for high-priority issues if used. Your users may not understand that but can learn over time with training and reinforcement.
Priority matrixes are necessary for consistency but there are always circumstances that require judgment calls. Think about risk and expected outcome rather than simply type of issue alone. And if the impact is bigger than the initial classification, change it.
In some organizations, the same issue can be more critical if it happens to a certain user role (e.g. client facing, c-suite). Identify and flag VIP users and clearly define how their tickets should be prioritized.
If users are in different time zones, take their current business hours into account when choosing which ticket to work on.
Think of your service desk as an emergency room. Patients come in with different symptoms, and the triage nurse must quickly assess these symptoms to decide who the patient should see and how soon. Some urgent cases will need to see the doctor immediately, while others can wait in another queue (the waiting room) for a while before being dealt with. Some cases who come in through a priority channel (e.g. ambulance) may jump the queue. Checklists and criteria can help with this decision making, but some degree of judgement is also required and that comes with experience. The triage role is sometimes seen as a junior-level role, but it actually requires expertise to be done well.
Info-Tech’s blueprint Standardize the Service Desk will help you standardize and document core service desk processes and functions, including:
Someone must be responsible for monitoring all incoming and open tickets as well as assigned tickets in every queue to ensure they are routed and fulfilled appropriately. This person must have authority to view and coordinate all queues and Queue Managers.
Someone must be responsible for managing each queue, including assigning resources, balancing workload, and ensuring SLOs are met for the tickets within their queue. For example, the Apps Manager may be the Queue Manager for all tickets assigned to the Apps team queue.
Will you have a triage team who monitors and assigns all incoming tickets? What are their specific responsibilities (e.g. prioritize, categorize, attempt troubleshooting, assign or escalate)? If not, who is responsible for assigning new tickets and how is this done? Will the triage role be a rotating role, and if so, what will the schedule be?
Everyone who is assigned tickets should understand the ticket handling process and their specific responsibilities when it comes to queue management.
You may have multiple queue manager roles: one for each queue, and one who has visibility over all the queues. Typically, these roles make up only part of an individual’s job. Clearly define the responsibilities of the Queue Manager role; sample responsibilities are on the right.
Lack of authority over queues – especially those outside Tier 1 of the service desk – is one of the biggest pitfalls we see causing aging tickets and missed SLAs. Every queue needs clear ownership and accountability with everyone committed to meeting the same SLOs.
Specific responsibilities may include:
Ticket Documentation
Ticket descriptions and documentation must be kept accurate and up to date. This ensures that if the ticket is escalated or assigned to a new person, or the Queue Manager or Service Desk Manager needs to know what progress has been made on a ticket, that person doesn’t need to waste time with back-and-forth communication with the technician or end user.
Ticket Status
The ticket status field should change as the ticket moves toward resolution, and must be updated every time the status changes. This ensures that anyone looking at the ticket queue can quickly learn and communicate the status of a ticket, tickets don’t get lost or neglected, metrics are accurate (such as time to resolve), and SLAs are not impacted if a ticket is on hold.
For more guidance on ticket handling and documentation, download Info-Tech’s blueprint: Standardize the Service Desk.
Shift left means enabling fulfilment of repeatable tasks and requests via faster, lower-cost delivery channels, self-help tools, and automation.
Automation rules can be used to ensure tickets are assigned to the right person or queue, to alert necessary parties when a ticket is about to breach or has breached SLA, or to remind technicians when a ticket has sat in a queue or at a particular status for too long.
This can improve efficiency, reduce error, and bring greater visibility to both high-priority tickets and aging tickets in the backlog.
However, your processes, queues, and responsibilities must be clearly defined before you can build in automation.
For examples of rules, triggers, and fields you can automate to improve the efficiency of your queue management processes, see the next slide.
It can be overwhelming to support agents when their view is a long and never-ending queue. Set the default dashboard view to show only those tickets assigned to the viewer to make it appear more manageable and easier to organize.
The queue should quickly give your team all the information they need to prioritize their work, including ticket status, priority, category, due date, and updated timestamps. Configuration is important - if it’s confusing, clunky, or difficult to filter or sort, it will impact response and resolution times and can lead to missed tickets. Give your team input into configuration and use visuals such as color coding to help agents prioritize their work – for example, VIP tickets may be clearly flagged, critical or high priority tickets may be highlighted, tickets about to breach may be red.
Track metrics that give visibility into how quickly tickets are being resolved and how many aging tickets you have. Metrics may include:
Regularly review reports on these metrics with the team.
Make it an agenda item to review aging tickets, on hold tickets, and tickets about to breach or past breach with the team.
Take action on aging tickets to ensure progress is being made.
Set rules to close tickets after a certain number of attempts to reach unresponsive users (and change ticket status appropriately).
Schedule times for your team to tackle aged tickets or tickets in the backlog.
It can be easy for high priority work to constantly push down low priority work, leaving the lower priority tickets to constantly be ignored and users to be frustrated. If you’re struggling with aging tickets, backlog, and tickets breaching SLA, experiment with your team and queue structure to figure out the best resource distribution to handle your workload. This could mean rotating people through the triage role to allow them time to work through the backlog, reducing the number of people doing triage during slower volume periods, or giving technicians dedicated time to work through tickets. For help with forecasting demand and optimizing resources, see Staff the Service Desk to Meet Demand.
Map out your optimal ticket queue structure using the Service Desk Queue Structure Template. Follow the instructions in the template to complete it as a team.
The template includes several examples of service desk queue structures followed by space to build your own model of an optimal service desk queue structure and to document who is assigned to each queue and responsible for managing each queue.
The template is not meant to map out your entire service desk structure (e.g. tiers, escalation paths) or ticket resolution process, but simply the ticket queues and how a ticket moves between queues. For help documenting more detailed process workflows or service desk structure, see the blueprint Standardize the Service Desk.
This project will help you build and improve essential service desk processes including incident management, request fulfillment, and knowledge management to create a sustainable service desk.
This project will help you build a strategy to shift service support left to optimize your service desk operations and increase end-user satisfaction.
This project will help you streamline your ticket intake process and identify improvements to your intake channels.
This project will help you determine your optimal service desk structure and staffing levels based on your unique environment, workload, and trends.
“What your Customers Really Want.” Freshdesk, 31 May 2021. Accessed May 2022.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Review the CSFs that are of strategic importance. Evaluating the gaps in your organization's capabilities enables you to choose a partner that can properly support you in your project.
Review the CSFs that are of tactical, commodity, and operational importance. Evaluating the gaps in your organization's capabilities enables you to choose a partner that can properly support you in your project.
Review your RFx and build an initial list of vendor/implementors to reach out to. Finally, build your evaluation checklist to rate the incoming responses.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Review the critical success factors that are of strategic importance. Evaluating the gaps in your organization's capabilities enables you to choose a partner that can properly support you in your project.
ERP strategy model defined
Strategic needs identified
1.1 Review the business context.
1.2 Build your ERP strategy model.
1.3 Assess your strategic needs.
ERP strategy model
ERP strategy model
Strategic needs analysis
Review the critical success factors that are of tactical, commodity, and operational importance. Evaluating the gaps in your organization's capabilities enables you to choose a partner that can properly support you in your project.
Tactical, commodity, and operational needs identified
2.1 Assess your tactical needs.
2.2 Assess your commodity needs.
2.3 Assess your operational needs.
Tactical needs analysis
Commodity needs analysis
Operational needs analysis
Review your RFx and build an initial list of vendor/implementors to reach out to. Finally, build your evaluation checklist to rate the incoming responses.
Draft RFI or RFP
Target vendor list
3.1 Decide on an RFI or RFP.
3.2 Complete the RFx with the needs analysis.
3.3 Build a list of targeted vendors
Draft RFI or RFP
Draft RFI or RFP
Target vendor list
Build a scoring template for use in vendor evaluation to ensure consistent comparison criteria are used.
A consistent and efficient evaluation process
4.1 Assign weightings to the evaluation criteria.
4.2 Run a vendor evaluation simulation to validate the process.
Completed partner evaluation tool
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Prioritize key action items on day one of sending your employees home to remotely work during an emergency.
Address key action items in the one-to-two weeks following an emergency that forced your employees to work remotely.
Turn your emergency remote work checklists into policy.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Kick-off the project and complete the project charter.
Determine the current state for service management practices.
Build your roadmap with identified initiatives.
Create the communication slide that demonstrates how things will change, both short and long term.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Understand service management.
Gain a common understanding of service management, the forces that impact your roadmap, and the Info-Tech Service Management Maturity Model.
1.1 Understand service management.
1.2 Build a compelling vision and mission.
Constraints and enablers chart
Service management vision, mission, and values
Assess the organization’s current service management capabilities.
Understand attitudes, behaviors, and culture.
Understand governance and process ownership needs.
Understand strengths, weaknesses, opportunities, and threats.
Defined desired state.
2.1 Assess cultural ABCs.
2.2 Assess governance needs.
2.3 Perform SWOT analysis.
2.4 Define desired state.
Cultural improvements action items
Governance action items
SWOT analysis action items
Defined desired state
Assess the organization’s current service management capabilities.
Understand the current maturity of service management processes.
Understand organizational change management capabilities.
3.1 Perform service management process maturity assessment.
3.2 Complete OCM capability assessment.
3.3 Identify roadmap themes.
Service management process maturity activities
OCM action items
Roadmap themes
Use outputs from previous steps to build your roadmap and communication one-pagers.
Easy-to-understand roadmap one-pager
Communication one-pager
4.1 Build roadmap one-pager.
4.2 Build communication one-pager.
Service management roadmap
Service management roadmap – Brought to Life communication slide
"More than 80% of the larger enterprises we’ve worked with start out wanting to develop advanced service management practices without having the cultural and organizational basics or foundational practices fully in place. Although you wouldn’t think this would be the case in large enterprises, again and again IT leaders are underestimating the importance of cultural and foundational aspects such as governance, management practices, and understanding business value. You must have these fundamentals right before moving on."
Tony Denford,
Research Director – CIO
Info-Tech Research Group
Having effective service management practices in place will allow you to pursue activities such as innovation and drive the business forward. Addressing foundational elements like business alignment and management practices will enable you to build effective core practices that deliver business value. Consistent leadership support and engagement is essential to allow practitioners to focus on delivering expected outcomes.
Immaturity in service management will not result in one pain – rather, it will create a chaotic environment for the entire organization, crippling IT’s ability to deliver and perform.
Low Service Management Maturity
These are some of the pains that can be attributed to poor service management practices.
And there are many more…
In 2004, PwC published a report titled “IT Moves from Cost Center to Business Contributor.” However, the 2014-2015 CSC Global CIO Survey showed that a high percentage of IT is still considered a cost center.
And low maturity of service management practices is inhibiting activities such as agility, DevOps, digitalization, and innovation.
39%: Resources are primarily focused on managing existing IT workloads and keeping the lights on.
31%: Too much time and too many resources are used to handle urgent incidents and problems.
Effective service management is a journey that encompasses a series of initiatives that improves the value of services delivered.
Service desk is the foundation, since it is the main end-user touch point, but service management is a set of people and processes required to deliver business-facing services.
The tool is part of the overall service management program, but the people and processes must be in place before implementing.
Service management development is a series of initiatives that takes into account an organization’s current state, maturity, capacities, and objectives.
A successful service management program takes into account the dependencies of processes.
Service management is about delivering high-value and high-quality services.
As an organization progresses on the service management journey, its ability to deliver high-value and high-quality services increases.
Preventing incidents is the name of the game.
Service management is about understanding what’s going on with user-facing services and proactively improving service quality.
Service management is about business/user-facing services and the value the services provide to the business.
Understand your customers and what they value, and design your practices to deliver this value.
Don't run before you can walk. Fundamental practices must reach the maturity threshold before developing advanced practices. Implement continuous improvement on your existing processes so they continue to support new practices.
Our best-practice research is based on extensive experience working with clients through advisory calls and workshops.
Info-Tech can help you create a customized, low-effort, and high-value service management roadmap that will shore up any gaps, prove IT’s value, and achieve business satisfaction.
With our methodology, you can expect the following:
Doing it right the first time around
You will see these benefits at the end
✓ Increase the quality of services IT provides to the business.
✓ Increase business satisfaction through higher alignment of IT services.
✓ Lower cost to design, implement, and manage services.
✓ Better resource utilization, including staff, tools, and budget.
Focus on behaviors and expected outcomes before processes.
Continued leadership support of the foundational elements will allow delivery teams to provide value to the business. Set the expectation of the desired maturity level and allow teams to innovate.
Before moving to advanced service management practices, you must ensure that the foundational and core elements are robust enough to support them. Leadership must nurture these practices to ensure they are sustainable and can support higher value, more mature practices.
Assemble a team with the right talent and vision to increase the chances of project success.
Understand where you are currently on the service management journey using the maturity assessment tool.
Based on the assessments, build a roadmap to address areas for improvement.
Based on the roadmap, define the current state, short- and long-term visions for each major improvement area.
Ideally, the CIO should be the project sponsor, even the project leader. At a minimum, the CIO needs to perform the following activities:
Improving or adopting any new practice is difficult, especially for a project of this size. Thus, the CIO needs to show visible support for this project through internal communication and dedicated resources to help complete this project.
Most likely, the implementation of this project will be lengthy and technical in some nature. Therefore, the project leader must have a good understanding of the current IT structure, senior standing within the organization, and the relationship and power in place to propel people into action.
Determine a realistic target state for the organization based on current capability and resource/budget restraints.
Reinforce or re-emphasize the importance of this project to the organization through various communication channels if needed.
Industry: Manufacturing
Source: Engagement
Original Plan
Revised Plan with Service Management Roadmap:
MORAL OF THE STORY:
Understanding the value of each service allowed the organization to focus effort on high-return activities rather than continuous fire fighting.
Industry: Manufacturing
Source: Engagement
Original Plan
Revised Plan with Service Management Roadmap:
MORAL OF THE STORY:
Make sure that you understand which processes need to be reviewed in order to determine the cause for service instability. Focusing on the proactive processes was the right answer for this company.
Industry: Healthcare
Source:Journal of American Medical Informatics Association
Original Plan
Revised Plan: with Service Management Roadmap:
MORAL OF THE STORY:
Before you build and publish a service catalog, make sure that you understand how the business is using the IT services that you provide.
To measure the value of developing your roadmap using the Info-Tech tools and methodology, you must calculate the effort saved by not having to develop the methods.
Using Info-Tech’s tools and methodology you can accurately estimate the effort to develop a roadmap using industry-leading research into best practice.
This metric represents the time your team would take to be able to effectively assess themselves and develop a roadmap that will lead to service management excellence.
Measured Value |
|
---|---|
Step 1: Assess current state |
Cost to assess current state:
|
Step 2: Build the roadmap |
Cost to create service management roadmap:
|
Step 3: Develop the communication slide |
Cost to create roadmaps for phases:
|
Potential financial savings from using Info-Tech resources: |
Estimated cost to do “B” – (Step 1 ($A) + Step 2 ($B) + Step 3 ($C)) = $Total Saving |
"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."
"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keeps us on track."
"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."
"Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."
Launch the project |
Assess the current state |
Build the roadmap |
Build communication slide |
|
---|---|---|---|---|
Best-Practice Toolkit |
1.1 Create a powerful, succinct mission statement 1.2 Assemble a project team with representatives from all major IT teams 1.3 Determine project stakeholders and create a communication plan 1.4 Establish metrics to track the success of the project |
2.1 Assess impacting forces 2.2 Build service management vision, mission, and values 2.3 Assess attitudes, behaviors, and culture 2.4 Assess governance 2.5 Perform SWOT analysis 2.6 Identify desired state 2.7 Assess SM maturity 2.8 Assess OCM capabilities |
3.1 Document overall themes 3.2 List individual initiatives |
4.1 Document current state 4.2 List future vision |
Guided Implementations |
|
|
|
|
Onsite Workshop |
Module 1: Launch the project |
Module 2: Assess current service management maturity |
Module 3: Complete the roadmap |
Module 4: Complete the communication slide |
Contact your account representative or email Workshops@InfoTech.com for more information
Workshop Day 1 |
Workshop Day 2 |
Workshop Day 3 |
Workshop Day 4 |
|
---|---|---|---|---|
Activities |
Understand Service Management 1.1 Understand the concepts and benefits of service management. 1.2 Understand the changing impacting forces that affect your ability to deliver services. 1.3 Build a compelling vision and mission for your service management program. |
Assess the Current State of Your Service Management Practice 2.1 Understand attitudes, behaviors, and culture. 2.2 Assess governance and process ownership needs. 2.3 Perform SWOT analysis. 2.4 Define the desired state. |
Complete Current-State Assessment 3.1 Conduct service management process maturity assessment. 3.2 Identify organizational change management capabilities. 3.3 Identify themes for roadmap. |
Build Roadmap and Communication Tool 4.1 Build roadmap one-pager. 4.2 Build roadmap communication one-pager. |
Deliverables |
|
|
|
|
Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.
Guided Implementation 1: Launch the Project |
|
---|---|
Step 1.1 – Kick-off the Project Start with an analyst kick-off call:
Then complete these activities…
With these tools & templates:
|
Step 1.2 – Complete the Charter Review findings with analyst:
Then complete these activities…
With these tools & templates:
|
The Service Management Roadmap Project Charter is used to govern the initiative throughout the project. It provides the foundation for project communication and monitoring.
The template has been pre-populated with sample information appropriate for this project. Please review this sample text and change, add, or delete information as required.
The charter includes the following sections:
Adapt and personalize Info-Tech’s Service Management Roadmap Mission Statement and Goals & Objectives below to suit your organization’s needs.
To help [Organization Name] develop a set of service management practices that will better address the overarching goals of the IT department.
To create a roadmap that sequences initiatives in a way that incorporates best practices and takes into consideration dependencies and prerequisites between service management practices.
To garner support from the right people and obtain executive buy-in for the roadmap.
The project leader should be a member of your IT department’s senior executive team with goals and objectives that will be impacted by service management implementation. The project leader should possess the following characteristics:
Identify
The project team members are the IT managers and directors whose day-to-day lives will be impacted by the service management roadmap and its implementation. The service management initiative will touch almost every IT staff member in the organization; therefore, it is important to have representatives from every single group, including those that are not mentioned. Some examples of individuals you should consider for your team:
Engage & Communicate
You want to engage your project participants in the planning process as much as possible. They should be involved in the current-state assessment, the establishment of goals and objectives, and the development of your target state.
To sell this project, identify and articulate how this project and/or process will improve the quality of their job. For example, a formal incident management process will benefit people working at the service desk or on the applications or infrastructure teams. Helping them understand the gains will help to secure their support throughout the long implementation process by giving them a sense of ownership.
When managing stakeholders, it is important to help them understand their stake in the project as well as their own personal gain that will come out of this project.
For many of the stakeholders, they also play a critical role in the development of this project.
The CIO should be actively involved in the planning stage to help determine current and target stage.
The CIO also needs to promote and sell the project to the IT team so they can understand that higher maturity of service management practices will allow IT to be seen as a partner to the business, giving IT a seat at the table during decision making.
Service Delivery Managers are directly responsible for the quality and value of services provided to the business owners. Thus, the Service Delivery Managers have a very high stake in the project and should be considered for the role of project leader.
Service Delivery Managers need to work closely with the process owners of each service management process to ensure clear objectives are established and there is a common understanding of what needs to be achieved.
The Committee should be informed and periodically updated about the progress of the project.
The Manager of the Service Desk should participate closely in the development of fundamental service management processes, such as service desk, incident management, and problem management.
Having a more established process in place will create structure, governance, and reduce service desk staff headaches so they can handle requests or incidents more efficiently.
The Manager of Applications and Infrastructure should be heavily relied on for their knowledge of how technology ties into the organization. They should be consulted regularly for each of the processes.
This project will also benefit them directly, such as improving the process to deploy a fix into the environment or manage the capacity of the infrastructure.
As the IT organization moves up the maturity ladder, the Business Relationship Manager will play a fundamental role in the more advanced processes, such as business relationship management, demand management, and portfolio management.
This project will be an great opportunity for the Business Relationship Manager to demonstrate their value and their knowledge of how to align IT objectives with business vision.
One of the top challenges for organizations embarking on a service management journey is to manage the magnitude of the project. To ensure the message is not lost, communicate this roadmap in two steps.
1. Communicate the roadmap initiative
The most important message to send to the IT organization is that this project will benefit them directly. Articulate the pains that IT is currently experiencing and explain that through more mature service management, these pains can be greatly reduced and IT can start to earn a place at the table with the business.
2. Communicate the implementation of each process separately
The communication of process implementation should be done separately and at the beginning of each implementation. This is to ensure that IT staff do not feel overwhelmed or overloaded. It also helps to keep the project more manageable for the project team.
Continuously monitor feedback and address concerns throughout the entire process
Key aspects of a communication plan
The methods of communication (e.g. newsletters, email broadcast, news of the day, automated messages) notify users of implementation.
In addition, it is important to know who will deliver the message (delivery strategy). You need IT executives to deliver the message – work hard on obtaining their support as they are the ones communicating to their staff and should be your project champions.
Anticipate organizational changes
The implementation of the service management roadmap will most likely lead to organizational changes in terms of structure, roles, and responsibilities. Therefore, the team should be prepared to communicate the value that these changes will bring.
Communicating Change
This project cannot be successfully completed without the support of senior IT management.
INPUT
OUTPUT
Materials
Participants
1.1
Create a powerful, succinct mission statement
Using Info-Tech’s sample mission statement as a guide, build your mission statement based on the objectives of this project and the benefits that this project will achieve. Keep the mission statement short and clear.
1.2
Assemble the project team
Create a project team with representatives from all major IT teams. Engage and communicate to the project team early and proactively.
1.3
Identify project stakeholders and create a communication plan
Info-Tech will help you identify key stakeholders who have a vested interest in the success of the project. Determine the communication message that will best gain their support.
1.4
Use metrics to track the success of the project
The onsite analyst will help the project team determine the appropriate metrics to measure the success of this project.
Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.
Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.
Guided Implementation 2: Determine Your Service Management Current State | |||||||
---|---|---|---|---|---|---|---|
Step 2.1 – Assess Impacting Forces Start with an analyst kick-off call:
Then complete these activities…
With these tools & templates: Service Management Roadmap Presentation Template | Step 2.2 – Build Vision, Mission, and Values Review findings with analyst:
Then complete these activities…
With these tools & templates: Service Management Roadmap Presentation Template | Step 2.3 – Assess Attitudes, Behaviors, and Culture Review findings with analyst:
Then complete these activities…
With these tools & templates: Service Management Roadmap Presentation Template | Step 2.4 – Assess Governance Needs Review findings with analyst:
Then complete these activities…
With these tools & templates: Service Management Roadmap Presentation Template | Step 2.5 – Perform SWOT Analysis Review findings with analyst:
Then complete these activities…
With these tools & templates: Service Management Roadmap Presentation Template | Step 2.6 – Identify Desired State Review findings with analyst:
Then complete these activities…
With these tools & templates: Service Management Roadmap Presentation Template | Step 2.7 – Perform SM Maturity Assessment Review findings with analyst:
Then complete these activities…
With these tools & templates: Service Management Roadmap Presentation Template Service Management Maturity Assessment | Step 2.8 – Review OCM Capabilities Review findings with analyst:
Then complete these activities…
With these tools & templates: Service Management Roadmap Presentation Template Organizational Change Management Assessment |
Effective service management requires a mix of different approaches and practices that best fit your organization. There’s not a one-size-fits-all solution. Consider the resources, environment, emerging technologies, and management practices facing your organization. What items can you leverage or use to mitigate to move your service management program forward?
The Service Management Roadmap Presentation Template will help you understand the business environment you need to consider as you build out your roadmap.
Discuss and document constraints and enablers related to the business environment, available resources, management practices, and emerging technologies. Any constraints will need to be addressed within your roadmap and enablers should be leveraged to maximize your results.
INPUT
OUTPUT
Materials
Participants
A vision statement describes the intended state of your service management organization, expressed in the present tense.
A mission statement describes why your service management organization exists.
Your organizational values state how you will deliver services.
The Service Management Roadmap Presentation Template will help you document your vision for service management, the purpose of the program, and the values you want to see demonstrated.
If the team cannot gain agreement on their reason for being, it will be difficult to make traction on the roadmap items. A concise and compelling statement can set the direction for desired behavior and help team members align with the vision when trying to make ground-level decisions. It can also be used to hold each other accountable when undesirable behavior emerges. It should be revised from time to time, when the environment changes, but a well-written statement should stand the test of time.
INPUT
OUTPUT
Materials
Participants
Any form of organizational change involves adjusting people’s attitudes, creating buy-in and commitment. You need to identify and address attitudes that can lead to negative behaviors and actions or that are counter-productive. It must be made visible and related to your desired behavior.
To implement change within IT, especially at a tactical level, both IT and organizational behavior needs to change. This is relevant because people don’t like to change and will resist in an active or passive way unless you can sell the need, value, and benefit of changing their behavior.
The organizational or corporate “attitude,” the impact on employee behavior and attitude is often not fully understood. Culture is an invisible element, which makes it difficult to identify, but it has a strong impact and must be addressed to successfully embed any organizational change or strategy.
43% of CIOs cited resistance to change as the top impediment to a successful digital strategy.
75% of organizations cannot identify or articulate their culture or its impact.
“Shortcomings in organizational culture are one of the main barriers to company success in the digital age.”
✓ While there is attention and better understanding of these areas, very little effort is made to actually solve these challenges.
✓ The impact is not well understood.
✓ The lack of tangible and visible factors makes it difficult to identify.
✓ There is a lack of proper guidance, leadership skills, and governance to address these in the right places.
✓ Addressing these issues has to be done proactively, with intent, rigor, and discipline, in order to be successful.
✓ We ignore it (head in the sand and hoping it will fix itself).
Avoidance has been a common strategy for addressing behavior and culture in organizations.
The Service Management Roadmap Presentation Template will help you document attitude, behavior, and culture constraints.
Discuss as a team attitudes, behaviors, and cultural aspects that can either hinder or be leveraged to support your vision for the service management program. Capture all items that need to be addressed in the roadmap.
INPUT
OUTPUT
Materials
Participants
Attitude, behavior, and culture are still underestimated as core success factors in governance and management.
Behavior is a key enabler of good governance. Leading by example and modeling behavior has a cascading impact on shifting culture, reinforcing the importance of change through adherence.
Executive leadership and governing bodies must lead and support cultural change.
Risk Mitigation
Gap
Value Production
This creates a situation where service management activities and roadmaps focus on adjusting and tweaking process areas that no longer support how the organization needs to work.
Once in place, effective governance enables success for organizations by:
Your ownership structure largely defines how processes will need to be implemented, maintained, and improved. It has a strong impact on their ability to integrate and how other teams perceive their involvement.
Most organizations are somewhere within this spectrum of four core ownership models, usually having some combination of shared traits between the two models that are closest to them on the scale.
The organizational structure that is best for you depends on your needs, and one is not necessarily better than another. The next four slides describe when each ownership level is most appropriate.
Distributed process ownership is usually evident when organizations initially establish their service management practices. The processes are assigned to a specific group, who assumes some level of ownership over its execution.
This model is often a suitable approach for initial implementations or where it may be difficult to move out of siloes within the organization’s structure or culture.
Centralized process ownership usually becomes necessary for organizations as they move into a more functional structure. It starts to drive management of processes horizontally across the organization while still retaining functional management control.
This model is often suitable for maturing organizations that are starting to look at process integration and shared service outcomes and accountability.
Federated process ownership allows for global control and regional variation, and it supports product orientation and Agile/DevOps principles
Federated process ownership is usually evident in organizations that have an international or multi-regional presence.
SMO structures tend to occur in highly mature organizations, where service management responsibility is seen as an enterprise accountability.
SMOs are suitable for organizations with a defined IT and organizational strategy. A SMO supports integration with other enterprise practices like enterprise architecture and the PMO.
The Service Management Roadmap Presentation Template will help you document process ownership and governance model
Example:
Key Goals:
☐ Own accountability for changes to core processes
☐ Understand systemic nature and dependencies related to processes and services
☐ Approve and prioritize improvement and CSI initiatives related to processes and services
☐ Evaluate success of initiative outcomes based on defined benefits and expectations
☐ Own Service Management and Governance processes and policies
☐ Report into ITSM executive or equivalent body
Membership:
☐ Process Owners, SM Owner, Tool Owner/Liaison, Audit
Discuss as a team which process ownership model works for your organization. Determine who will govern the service management practice. Determine items that should be identified in your roadmap to address governance and process ownership gaps.
The Service Management Roadmap Presentation Template will help you document items from your SWOT analysis.
Brainstorm the strengths, weaknesses, opportunities, and threats related to resources, environment, technology, and management practices. Add items that need to be addressed to your roadmap.
INPUT
OUTPUT
Materials
Participants
Discuss the various maturity levels and choose a desired level that would meet business needs.
INPUT
OUTPUT
Materials
Participants
The Service Management Process Maturity Assessment Tool will help you understand the true state of your service management.
Part 1, Part 2, and Part 3 tabs
These three worksheets contain questions that will determine the overall maturity of your service management processes. There are multiple sections of questions focused on different processes. It is very important that you start from Part 1 and continue the questions sequentially.
Results tab
The Results tab will display the current state of your service management processes as well as the percentage of completion for each individual process.
The current-state assessment will be the foundation of building your roadmap, so pay close attention to the questions and answer them truthfully.
INPUT
OUTPUT
Materials
Participants
At the end of the assessment, the Results tab will have action items you could perform to close the gaps identified by the process assessment tool.
INPUT
OUTPUT
Materials
Participants
The Organizational Change Management Capabilities Assessment tool will help you understand the true state of your organizational change management capabilities.
Complete the Capabilities tab to capture the current state for organizational change management. Review the Results tab for interpretation of the capabilities. Review the Recommendations tab for actions to address low areas of maturity.
INPUT
OUTPUT
Materials
Participants
2.1
Create a powerful, succinct mission statement
Using Info-Tech’s sample mission statement as a guide, build your mission statement based on the objectives of this project and the benefits that this project will achieve. Keep the mission statement short and clear.
2.2
Complete the assessment
With the project team in the room, go through all three parts of the assessment with consideration of the feedback received from the business.
2.3
Interpret the results of the assessment
The Info-Tech onsite analyst will facilitate a discussion on the overall maturity of your service management practices and individual process maturity. Are there any surprises? Are the results reflective of current service delivery maturity?
Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.
Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.
Guided Implementation 3: Determine Your Service Management Target State | |
---|---|
Step 3.1 – Document the Overall Themes Start with an analyst kick-off call:
Then complete these activities…
With these tools & templates: Service Management Roadmap Presentation Template | Step 3.2 – Determine Individual Initiatives Review findings with analyst:
Then complete these activities…
With these tools & templates: Service Management Roadmap Presentation Template |
Focus on behaviors and expected outcomes before processes.
Continued leadership support of the foundational elements will allow delivery teams to provide value to the business. Set the expectation of the desired maturity level and allow teams to innovate.
Before moving to advanced service management practices, you must ensure that the foundational and core elements are robust enough to support them. Leadership must nurture these practices to ensure they are sustainable and can support higher value, more mature practices.
The Service Management Roadmap Presentation Template contains a roadmap template to help communicate your vision, themes to be addressed, and initiatives
Working from the lower maturity items to the higher value practices, identify logical groupings of initiatives into themes. This will aid in communicating the reasons for the needed changes. List the individual initiatives below the themes. Adding the service management vision and mission statements can help readers understand the roadmap.
INPUT
OUTPUT
Materials
Participants
3.1
Identify themes to address items from the foundational level up to higher value service management practices
Identify easily understood themes that will help others understand the expected outcomes within your organization.
Document individual initiatives that contribute to the themes
Identify specific activities that will close gaps identified in the assessments.
Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.
Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.
Guided Implementation 4: Build the Service Management Roadmap | |
---|---|
Step 4.1: Document the Current State Start with an analyst kick-off call:
Then complete these activities…
With these tools & templates: Service Management Roadmap Presentation Template | Step 4.2: List the Future Vision Review findings with analyst:
Then complete these activities…
With these tools & templates: Service Management Roadmap Presentation Template |
The Service Management Roadmap Presentation Template contains a communication template to help communicate your vision of the future state
Use this template to demonstrate how existing pain points to delivering services will improve over time by painting a near- and long-term picture of how things will change. Also list specific initiatives that will be launched to affect the changes. Listing the values identified in the vision, mission, and values exercise will also demonstrate the team’s commitment to changing behavior to create better outcomes.
INPUT
OUTPUT
Materials
Participants
INPUT
OUTPUT
Materials
Participants
4.1
Identify the pain points and initiatives to address them
Identify items that the business can relate to and initiatives or actions to address them.
4.2
Identify short- and long-term expectations for service management
Communicate the benefits of executing the roadmap both short- and long-term gains.
Valence Howden, Principal Research Director, CIO Practice
Info-Tech Research Group
Valence helps organizations be successful through optimizing how they govern, design, and execute strategies, and how they drive service excellence in all work. With 30 years of IT experience in the public and private sectors, he has developed experience in many information management and technology domains, with focus in service management, enterprise and IT governance, development and execution of strategy, risk management, metrics design and process design, and implementation and improvement.
Graham Price, Research Director, CIO Practice
Info-Tech Research Group
Graham has an extensive background in IT service management across various industries with over 25 years of experience. He was a principal consultant for 17 years, partnering with Fortune 500 clients throughout North America, leveraging and integrating industry best practices in IT service management, service catalog, business relationship management, IT strategy, governance, and Lean IT and Agile.
Sharon Foltz, Senior Workshop Director
Info-Tech Research Group
Sharon is a Senior Workshop Director at Info-Tech Research Group. She focuses on bringing high value to members via leveraging Info-Tech’s blueprints and other resources enhanced with her breadth and depth of skills and expertise. Sharon has spent over 15 years in various IT roles in leading companies within the United States. She has strong experience in organizational change management, program and project management, service management, product management, team leadership, strategic planning, and CRM across various global organizations.
Create an effective internal SLA by following a structured process to report current service levels and set realistic expectations with the business. This includes:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Establish the SLA pilot project and clearly document the problems and challenges that it will address.
Expedite the SLA process by thoroughly, carefully, and clearly defining the current achievable service levels.
Create a living document that aligns business needs with IT targets by discovering the impact of your current service level offerings through a conversation with business peers.
The saying goes, "as time goes by," but these days, we should say "as speed picks up." We're already in month two, so high time we take a look at the priorities you hopefully already set at the end of last year.
CISOs pushing for zero trust as their security strategy face several challenges including:
Zero trust is a journey that uses multiple capabilities and requires multiple parties to contribute to an organization’s security. Use Info-Tech’s approach to:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Recognize the zero trust ideal and understand the different zero trust schools of thought.
Assess and determine the benefits of zero trust and identify and evaluate vendors in the zero trust market.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Understand the need for a DPO and what qualities to look for in a strong candidate.
Understand your data retention requirements under the GDPR. Develop the necessary documentation.
Understand your website or application’s GDPR requirements to inform users on how you process their personal data and how cookies are used. Develop the necessary documentation.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Build and manage the stakeholder team, and then document the business use case.
Redline the proposed SaaS contract.
Create a thorough negotiation plan.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Assemble documentation.
Understand current position before going forward.
1.1 Assemble existing contracts.
1.2 Document their strategic and tactical objectives.
1.3 Identify current status of the vendor relationship and any historical context.
1.4 Clarify goals for ideal future state.
Business Use Case.
Define the business use case and build a stakeholder team.
Create a business use case to document functional and non-functional requirements.
Build an internal cross-functional stakeholder team to negotiate the contract.
2.1 Establish a negotiation team and define roles.
2.2 Write a communication plan.
2.3 Complete a business use case.
RASCI Matrix
Communications Plan
SaaS TCO Calculator
Business Use Case
Examine terms and conditions and prioritize for negotiation.
Discover cost savings.
Improve agreement terms.
Prioritize terms for negotiation.
3.1 Review general terms and conditions.
3.2 Review license and application specific terms and conditions.
3.3 Match to business and technical requirements.
3.4 Redline the agreement.
SaaS Terms and Conditions Evaluation Tool
SaaS Contract Negotiation Terms Prioritization Checklist
Create a negotiation strategy.
Controlled communication established.
Negotiation tactics chosen.
Negotiation timeline plotted.
4.1 Review vendor and application specific negotiation tactics.
4.2 Build negotiation strategy.
Contract Negotiation Tactics Playbook
Controlled Vendor Communications Letter
Key Vendor Fiscal Year End Calendar
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Determine your business requirements and build your process to meet them.
Develop the specific procedures and tools required to assess vendor risk.
Implement the process and develop metrics to measure effectiveness.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Understand business and compliance requirements.
Identify roles and responsibilities.
Define the process.
Understanding of key goals for process outcomes.
Documented service that leverages existing processes.
1.1 Review current processes and pain points.
1.2 Identify key stakeholders.
1.3 Define policy.
1.4 Develop process.
RACI Matrix
Vendor Security Policy
Defined process
Determine methodology for assessing procurement risk.
Develop procedures for performing vendor security assessments.
Standardized, repeatable methodologies for supply chain security risk assessment.
2.1 Identify organizational security risk tolerance.
2.2 Develop risk treatment action plans.
2.3 Define schedule for re-assessments.
2.4 Develop methodology for assessing service risk.
Security risk tolerance statement
Risk treatment matrix
Service Risk Questionnaire
Develop procedures for performing vendor security assessments.
Establish vendor inventory.
Standardized, repeatable methodologies for supply chain security risk assessment.
3.1 Develop vendor security questionnaire.
3.2 Define procedures for vendor security assessments.
3.3 Customize the vendor security inventory.
Vendor security questionnaire
Vendor security inventory
Define risk treatment actions.
Deploy the process.
Monitor the process.
Understanding of how to treat different risks according to the risk tolerance.
Defined implementation strategy.
4.1 Define risk treatment action plans.
4.2 Develop implementation strategy.
4.3 Identify process metrics.
Vendor security requirements
Understanding of required implementation plans
Metrics inventory
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Evaluate the current state, stakeholder capacity, and target audience of engagement actions.
Review impact to engagement drivers in order to prioritize and select tactics for addressing each.
Designate owners of tactics, select measurement tools and cadence, and communicate engagement actions.
Physical security is often managed by facilities, not by IT security, resulting in segmented security systems. Integrating physical and information security introduces challenges in:
Info-Tech's approach is a modular, incremental, and repeatable process to integrate physical and information security to:
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Info-Tech provides a three-phased framework for integrating physical security and information security: Plan, Enhance, and Monitor & Optimize.
This tool serves as a repository for information about security integration elements, compliance, and other factors that will influence your integration of physical security and information security.
Populating a RACI chart (Responsible, Accountable, Consulted, and Informed) is a critical step that will assist you in organizing roles for carrying out integration steps. Complete this tool to assign tasks to suitable roles.
Complete this template to effectively communicate your integrated security plan to stakeholders.
From physical access control systems (PACS) such as electronic locks and fingerprint biometrics to video surveillance systems (VSS) such as IP cameras to perimeter intrusion detection and prevention to fire and life safety and beyond: physical security systems pose unique challenges to overall security. Additionally, digital transformation of physical security to the cloud and the convergence of operational technology (OT), internet of things (IoT), and industrial IoT (IIoT) increase both the volume and frequency of security threats.
These threats can be safety, such as the health impact when a gunfire attack downed wastewater pumps at Duke Energy Substation, North Carolina, US, in 2022. The threats can also be economic, such as theft of copper wire, or they can be reliability, such as when a sniper attack on Pacific Gas & Electric’s Metcalf Substation in California, US, damaged 17 out of 21 power transformers in 2013.
Considering the security risks organizations face, many are unifying physical, cyber, and information security systems to gain the long-term overall benefits a consolidated security strategy provides.
Research Director, Security and Privacy Practice
Info-Tech Research Group
Your ChallengePhysical security is often managed by facilities, not by IT security, resulting in segmented security systems. Meanwhile, integrating physical and information security introduces challenges in:
|
Common ObstaclesPhysical security systems integration is complex due to various components such as proprietary devices and protocols and hybrid systems of analog and digital technology. Thus, open architecture with comprehensive planning and design is important. However, territorial protection by existing IT and physical security managers may limit security visibility and hinder security integration. Additionally, integration poses challenges in staffing, training and awareness programs, and dependency on third-party technologies and their migration plans. |
Info-Tech's ApproachInfo-Tech’s approach is a modular, incremental, and repeatable process to integrate physical and information security that enables organizations to:
|
An integrated security architecture, including people, process, and technology, will improve your overall security posture. These benefits are leading many organizations to consolidate their siloed systems into a single platform across physical security, cybersecurity, HR, legal, and compliance.
Current security models do not cover all areas of security, especially if physical systems and personnel are involved and safety is also an important property required.
Sources: Parker, 1998; Pender-Bey, 2012; Cherdantseva and Hilton, 2015
Sources: Cisco, n.d.; Preparing for Technology Convergence in Manufacturing, Info-Tech Research Group, 2018
Physical security includes:
Why is integrating physical and information security gaining more and more traction? Because the supporting technologies are becoming more matured. This includes, for example, migration of physical security devices to IP-based network and open architecture.
Target: Alfred P. Murrah Federal Building, Oklahoma, US. Method: Bombing. Impact: Destroyed structure of 17 federal agencies, 168 casualties, over 800 injuries. Result: Creation of Interagency Security Committee (ISC) in Executive Order 12977 and “Vulnerability Assessment of Federal Facilities” standard.
(Source: Office of Research Services, 2017)
Target: Pacific Gas & Electric’s Metcalf Substation, California, US. Method: Sniper attack. Impact: Out of 21 power transformers, 17 were damaged. Result: Creation of Senate Bill No. 699 and NERC- CIP-014 standard.
(Source: T&D World, 2023)
Target: Nord Stream gas pipelines connecting Russia to Germany, Baltic sea. Method: Detonations. Impact: Methane leaks (~300,000 tons) at four exclusive economic zones (two in Denmark and two in Sweden). Result: Sweden’s Security Service investigation.
(Source: CNBC News, 2022)
Target: Duke Energy Substation, North Carolina, US. Method: Gunfire. Impact: Power outages of ~40,000 customers and wastewater pumps in sewer lift stations down. Result: State of emergency was declared.
(Source: CBS News, 2022)
When it comes to physical security, we have been mostly reactive. Typically the pattern starts with physical attacks. Next, the impacted organization mitigates the incidents. Finally, new government regulatory measures or private sector or professional association standards are put in place. We must strive to change our pattern to become more proactive.
A forecast by MarketsandMarkets projected growth in the physical security market, using historical data from 2015 until 2019, with a CAGR of 6.4% globally and 5.2% in North America.
Source: MarketsandMarkets, 2022
An Ontic survey (N=359) found that threat data management (40%) was the top physical security challenge in 2022, up from 33% in 2021, followed by physical security threats to the C-suite and company leadership (35%), which was a slight increase from 2021. An interesting decrease is data protection and privacy (32%), which dropped from 36% in 2021.
Source: Ontic Center for Protective Intelligence, 2022
The physical security market is growing in systems and services, especially the integration of threat data management with cybersecurity.
We know the physical security challenges and how the physical security market is growing, but what initiatives are driving this growth? These are the top physical security initiatives and top investments for physical security operations integration:
A survey by Brivo asked 700 security professionals about their top physical security initiatives. The number one initiative is integrating physical security systems. Other initiatives with similar concerns included data and cross-functional integration.
Source: Brivo, 2022
An Ontic survey (N=359) on areas of investment for physical security operations integration shows the number one investment is on access control systems with software to identify physical threat actors. Another area with similar concern is integration of digital physical security with cybersecurity.
Source: Ontic Center for Protective Intelligence, 2022
When looking for a quick win, consider learning the best internal or external practice. For example, in 1994 IBM reorganized its security operation by bringing security professionals and non-security professionals in one single structure, which reduced costs by approximately 30% in two years.
Sources: Create and Implement an IoT Strategy, Info-Tech Research Group, 2022; Baker and Benny, 2013; Erich Krueger, Omaha Public Power District (contributor); Doery Abdou, March Networks Corporate (contributor)
4Wall Entertainment is a provider of entertainment lighting and equipment to event venues, production companies, lighting designers, and others, with a presence in 18 US and UK locations.
After many acquisitions, 4Wall Entertainment needed to standardize its various acquired systems, including physical security systems such as access control. In its integrated security approach, IT owns the integrated security, but they interface with related entities such as HR, finance, and facilities management in every location. This allows them to obtain information such as holidays, office hours, and what doors need to be accessed as inputs to the security system and to get sponsorship in budgeting.
In the past, 4Wall Entertainment tried delegating specific physical security to other divisions, such as facilities management and HR. This approach was unsuccessful, so IT took back the responsibility and accountability.
Currently, 4Wall Entertainment works with local vendors, and its biggest challenge is finding third-party vendors that can provide nationwide support.
In the future, 4Wall Entertainment envisions physical security modernization such as camera systems that allow more network accessibility, with one central system to manage and IoT device integration with SIEM and MDR.
Physical security is often part of facilities management. As a result, there are interdependencies with both internal departments (such as IT, information security, and facilities) and external parties (such as third-party vendors). IT leaders, security leaders, and operational leaders should keep the big picture in mind when designing and implementing integration of physical and information security. Use this checklist as a tool to track your security integration journey.
Today’s matured technology makes security integration possible. However, the governance and management of single integrated security presents challenges. These can be overcome using a multi-phased framework that enables a modular, incremental, and repeatable integration process, starting with planning to justify the value of investment, then enhancing the integrated security based on risks and open architecture. This is followed by using metrics for monitoring and optimization.
Just as medicine often comes with side effects, our Integration of Physical and Information Security Framework may introduce risks too. However, as John F. Kennedy, thirty-fifth president of the United States, once said, "There are risks and costs to a program of action — but they are far less than the long-range cost of comfortable inaction."
Having siloed systems running security is not beneficial. Many organizations are realizing the benefits of consolidating into a single platform across physical security, cybersecurity, HR, legal, and compliance.
Assemble the right team to ensure the success of your integrated security ecosystem, decide the governance model, and clearly define the roles and responsibilities.
Strategically, we want a physical security system that is interoperable with most technologies, flexible with minimal customization, functional, and integrated, despite the challenges of proprietary configurations, complex customization, and silos.
Find the most optimized architecture that is strategic, realistic, and based on risk. Next, perform an evaluation of the security systems and program by understanding what, where, when, and how to measure and to report the relevant metrics.
Identify the security integration problems to solve with visible improvement possibilities, and don’t choose technology for technology’s sake. Design first, then conduct market research by comparing products or services from vendors or manufacturers.
Avoid a big bang approach and test technologies in multiple conditions. Run inexpensive pilots and increase flexibility to build a technology ecosystem.
Each step of this framework is accompanied by supporting deliverables to help you accomplish your goals:
Map organizational goals to IT goals, facilities goals, OT goals (if applicable), and integrated security goals. Identify your security integration elements and compliance.
Identify various security integration stakeholders across the organization and assign tasks to suitable roles.
Present your findings in a prepopulated document that summarizes the work you have completed.
Planning is foundational to engage stakeholders. Start with justifying the value of investment, then define roles and responsibilities, update governance, and finally identify integrated elements and compliance obligations.
It is important to speak the same language. Physical security concerns safety and availability, while information security concerns confidentiality and integrity. Thus, the two systems have different goals and require alignment.
Similarly, taxonomy of terminologies needs to be managed,1 e.g. facility management with an emergency management background may have a different understanding from a CISO with an information security background when discussing the same term. For example:
In emergency management prevention means “actions taken to eliminate the impact of disasters in order to protect lives, property and the environment, and to avoid economic disruption.”2
In information security prevention is “preventing the threats by understanding the threat environment and the attack surfaces, the risks, the assets, and by maintaining a secure system.”3
Sources: 1 Owen Yardley, Omaha Public Power District (contributor); 2 Translation Bureau, Government of Canada, n.d.; 3 Security Intelligence, 2020
Input
|
Output
|
Materials
|
Participants
|
Download the Integrate Physical Security and Information Security Requirements Gathering Tool.
Refer to the Integration of Physical and Information Security Framework when filling in the table.
Facilities in most cases have a team that is responsible for physical security installations such as access key controllers. Whenever there is an issue, they contact the provider to fix the error. However, with smart buildings and smart devices, the threat surface grows to include information security threats, and Facilities may not possess the knowledge and skills required to deal with them. At the same time, delegating physical security to IT may add more tasks to their already-too-long list of responsibilities. Consolidating security to a focused security team that covers both physical and information security can help.1 We need to develop the security integration business case beyond physical security "gates, guns, and guards" mentality.2
Benefits |
Metrics |
Operational Efficiency and Cost Savings |
|
Reliability Improvements |
|
Customers & Users Benefits |
|
Cost |
Metrics |
Equipment and Infrastructure |
|
Software and Commission |
|
Support and Resources |
|
Sources: 1 Andrew Amaro, KLAVAN Security Services (contributor); 2 Baker and Benny, 2013;
Industrial Control System Modernization, Info-Tech Research Group, 2023; Lawrence Berkeley National Laboratory, 2021
Input
| Output
|
Materials
| Participants
|
Many factors impact an organization’s level of effectiveness as it relates to integration of physical and information security. How the team interacts, what skill sets exist, the level of clarity around roles and responsibilities, and the degree of executive support and alignment are only a few. Thus, we need to identify stakeholders that are:
Download the Integrate Physical Security and Information Security RACI Chart Tool
Define Responsible, Accountable, Consulted, Informed (RACI) stakeholders.
Sources: ISC, 2015; ISC, 2021
The roles and responsibilities should be clearly defined. For example, IT Security should be responsible for the installation and configuration of all physical access controllers and devices, and facility managers should be responsible for the physical maintenance including malfunctioning such as access device jammed or physically broken.
HR provides information such as new hires and office hours as input to the security system. Finance assists in budgeting.
The security and privacy team will need to evaluate solutions and enforce standards on various physical and information security systems and to protect data privacy.
Business stakeholders will provide clarity for their strategy and provide input into how they envision security furthering those goals.
IT stakeholders will be a driving force, ensuring all necessary resources are available and funded.
Operational plans will include asset management, monitoring, and support to meet functional goals and manage throughout the asset lifecycle.
Each solution added to the environment will need to be chosen and architected to meet business goals and security functions.
Assemble the right team to ensure the success of your integrated security ecosystem and decide the governance model, e.g. security steering committee (SSC) or a centralized single structure.
Adapted from Create and Implement an IoT Strategy, Info-Tech Research Group, 2022
Ensuring proper governance over your security program is a complex task that requires ongoing care and feeding from executive management to succeed.
Your SSC should aim to provide the following core governance functions for your security program:
Adapted from Improve Security Governance With a Security Steering Committee , Info-Tech Research Group, 2018
To determine what elements need to be integrated, it’s important to scope the security integration program and to identify the consequences of integration for compliance obligations.
What are my concerns?
How can I address my concerns?
Refer to the “Scope” tab of the Integrate Physical Security and Information Security Requirements Gathering Tool when filling in the following elements.
Refer to the “Compliance Obligations” tab of the Integrate Physical Security and Information Security Requirements Gathering Tool.
View a sample contract provided by the US Department of Health and Human Services.
Source: Take Control of Compliance Improvement to Conquer Every Audit, Info-Tech Research Group, 2015
Sources: Real Time Networks, 2022; Andrew Amaro, KLAVAN Security Services (contributor)
Enhancing is the development of an integrated security strategy, policies, procedures, BCP, DR, and IR based on the organization’s risks.
Sources: Amy L. Meger, Platte River Power Authority (contributor); Baker and Benny, 2013; IFSEC Global, 2023; Security Priorities 2023, Info-Tech Research Group, 2023; Build an Information Security Strategy, Info-Tech Research Group, 2020; ISC, n.d.
Maturity models are very effective for determining security states. This table provides examples of general descriptions for physical and information security maturity levels.
Determine which framework is suitable and select the description that most accurately reflects the ideal state for security in your organization.
Level 1 |
Level 2 |
Level 3 |
Level 4 |
Level 5 |
|
Minimum security with simple physical barriers. | Low-level security to prevent and detect some unauthorized external activity. | Medium security to prevent, detect, and assess most unauthorized external activity and some unauthorized internal activity. | High-level security to prevent, detect, and assess most unauthorized external and internal activity. | Maximum security to prevent, detect, assess, and neutralize all unauthorized external and internal activity. |
Physical security maturity level1 |
Initial/Ad hoc security programs are reactive. | Developing security programs can be effective at what they do but are not holistic. | A defined security program is holistic, documented, and proactive. | Managed security programs have robust governance and metrics processes. | An optimized security program is based on strong risk management practices, including the production of key risk indicators (KRIs). |
Information security maturity level2 |
Sources: 1 Fennelly, 2013; 2 Build an Information Security Strategy, Info-Tech Research Group, 2020
The risk assessment conducted consists of analyzing existing inherent risks, existing pressure to the risks such as health and safety laws and codes of practice, new risks from the integration process, risk tolerance, and countermeasures.
Sources: EPA, n.d.; America's Water Infrastructure Act (AWIA), 2018; ISC, 2021
Source: Ontic Center for Protective Intelligence, 2022; N=359
The risk assessment conducted is based on a combination of physical and information security factors such as certain facilities factors. The risk level can be used to determine the baseline level of protection (LOP). Next, the baseline LOP is customized to the achievable LOP. The following is an example for federal facilities determined by Interagency Security Committee (ISC).
Source: ISC, 2021
It is important to identify the organization’s requirements, including its environments (IT, IoT, OT, facilities, etc.), and to measure and evaluate its risks and threats using an appropriate risk framework and tools with the critical step of identifying assets prior to acquiring solutions.
Certain exceptions must be identified in risk assessment. Usually physical barriers such as gates and intrusion detection sensors are considered as countermeasures,1 however, under certain assessment, e.g. America's Water Infrastructure Act (AWIA),2 physical barriers are also considered assets and as such must also be assessed.
An anecdotal example of why physical security alone is not sufficient.
Image by Rawpixel.com on Freepik
Lessons learned from using fingerprints for authentication:
In an ideal world, we want a physical security system that is interoperable with all technologies, flexible with minimal customization, functional, and integrated. In the real world, we may have physical systems with proprietary configurations that are not easily customized and siloed.
Source: Robert Dang, Info-Tech Research Group
Microchip implants can be used instead of physical devices such as key cards for digital identity and access management. Risks can be assessed using quantitative or qualitative approaches. In this use case a qualitative approach is applied to impact and likelihood, and a quantitative approach is applied to revenue and cost.
Impact |
|
Likelihood |
|
Revenue |
|
Impact |
|
Likelihood |
|
Cost |
|
Sources: Business Insider, 2018; BBC News, 2022; ISC, 2015
This model works for corporate groups with a parent company. In this model, global security policies are developed by a parent company and local policies are applied to the unique business that is not supported by the parent company.
This model works for organizations with sufficient resources. In this model, integrated security policies are derived from various policies. For example, physical security in smart buildings/devices (sensors, automated meters, HVAC, etc.) and OT systems (SCADA, PLCs, RTUs, etc.) introduce unique risk exposures, necessitating updates to security policies.
This model works for smaller organizations with limited resources. In this model, integrated security policies are derived from information security policies. The issue is when these policies are not applicable to physical security systems or other environments, e.g. OT systems.
Sources: Kris Krishan, Waymo (contributor); Isabelle Hertanto, Info-Tech Research Group (contributor); Physical and Environmental Security Policy Template, Info-Tech Research Group, 2022.
Sources: IEEE, 2021; ISC, 2021
Source: Dan Erwin, Security Officer, Dow Chemical Co., in Computerworld, 2022
Optimizing means working to make the most effective and efficient use of resources, starting with identifying skill requirements and closing skill gaps, followed by designing and deploying integrated security architecture and controls, and finally monitoring and reporting integrated security metrics.
Identify skill gaps that hinder the successful execution of the hybrid work security strategy. | Use the identified skill gaps to define the technical skill requirements for current and future work roles. | Conduct a skills assessment on your current workforce to identify employee skill gaps. | Decide whether to train (including certification), hire, contract, or outsource to close each skill gap. |
Internal security governance and management using in-house developed tools or off-the-shelf solutions, e.g. security information and event management (SIEM).
Internal security management using third-party security services, e.g. managed security service providers (MSSPs).
Outsourcing the entire security functions, e.g. using managed detection and response (MDR).
Sources: Info-Tech Research Group’s Security Priorities 2023, Close the InfoSec Skills Gap, Build an IT Employee Engagement Program, and Grid Modernization
Sources: ISA and Honeywell Integrated Security Technology Lab, n.d.; IEEE, 2021
Source: FedTech magazine, 2009
Cloud, on-premises, or hybrid? During the pandemic, many enterprises were under tight deadlines to migrate to the cloud. Many did not refactor data and applications correctly for cloud platforms during migration, with the consequence of high cloud bills. This happened because the migrated applications cannot take advantage of on-premises capabilities such as autoscaling. Thus, in 2023, it is plausible that enterprises will bring applications and data back on-premises.
Below is an example of a security design analysis of platform architecture. Design can be assessed using quantitative or qualitative approaches. In this example, a qualitative approach is applied using high-level advantages and disadvantages.
Design criteria | Cloud | Hybrid | On-premises |
Effort | Consumer effort is within a range, e.g. < 60% | Consumer effort is within a range e.g. < 80% | 100% organization |
Reliability | High reliability | High reliability | Medium reliability that depends on data centers |
Cost | High cost when data and applications are not correctly designed for cloud | Optimized cost when data and applications are correctly designed either for cloud or native | Medium cost when data and applications take advantage of on-prem capabilities |
It is important for organizations to find the most optimized architecture to support them, for example, a hybrid architecture of cloud and on-premises based on operations and cost-effectiveness. To help design a security architecture that is strategic, realistic, and based on risk, see Info-Tech’s Identify the Components of Your Cloud Security Architecture research.
Sources: InfoWorld, 2023; Identify the Components of Your Cloud Security Architecture , Info-Tech Research Group, 2021
Below is an example case of a security design analysis of electronic security systems. Design can be assessed using quantitative or qualitative approaches. In this example a qualitative approach is applied using advantages and disadvantages.
Surveillance design criteria |
Video camera |
Motion detector |
Theft of security system equipment |
Higher economic loss | Lower economic loss |
Reliability |
Positive detection of intrusion | Spurious indication and lower reliability |
Energy savings and bandwidth |
Only record when motion is detected | Detect and process all movement |
Once the design has been analyzed, the next step is to conduct market research to analyze the solutions landscape, e.g. to compare products or services from vendors or manufacturers.
Sources: IEEE, 202; IEC, n.d.; IEC, 2013
Passively monitoring data using various protocol layers, actively sending queries to devices, or parsing configuration files of physical security devices, OT, IoT, and IT environments on assets, processes, and connectivity paths.
Automation of threat analysis (signature-based, specification-based, anomaly-based, flow-based, content-based, sandboxing) not only in IT but also in relevant environments, e.g. physical, IoT, IIoT, and OT on assets, data, network, and orchestration with threat intelligence sharing and analytics.
Risk scoring approach (qualitative, quantitative) based on variables such as behavioral patterns and geolocation. Patching and vulnerability management.
The user and administrative experience, multiple deployment options, extensive integration capabilities, and affordability.
Source: Secure IT/OT Convergence, Info-Tech Research Group, 2022
Security metrics serve various functions in a security program.1 For example:
Physical security interfaces with the physical world. Thus, metrics based on risks related to safety are crucial. These metrics motivate personnel by making clear why they should care about security.
Source: EPRI, 2017
The impact of security on the business can be measured with various metrics such as operational metrics, service level agreements (SLAs), and financial metrics.
Source: BMC, 2022
Early detection leads to faster remediation and less damage. Metrics such as maximum tolerable downtime (MTD) and mean time to recovery (MTR) indicate system reliability.
Source: Dark Reading, 2022
Measure the overall quality of security culture with indicators such as compliance and audit, vulnerability management, and training and awareness.
Security failure can be avoided by evaluating the security systems and program. Security evaluation requires understanding what, where, when, and how to measure and to report the relevant metrics.
The previously entirely separate OT ecosystem is migrating into the IT ecosystem, primarily to improve access via connectivity and to leverage other standard IT capabilities for economic benefit.
Hence, IT and OT need to collaborate, starting with communication to build trust and to overcome their differences and followed by negotiation on components such as governance and management, security controls on OT environments, compliance with regulations and standards, and establishing metrics for OT security.
Information technology (IT) and operational technology (OT) teams have a long history of misalignment and poor communication.
Stakeholder expectations and technology convergence create the need to leave the past behind and build a culture of collaboration.
Info-Tech has developed a highly effective approach to building an information security strategy – an approach that has been successfully tested and refined for over seven years with hundreds of organizations.
This unique approach includes tools for ensuring alignment with business objectives, assessing organizational risk and stakeholder expectations, enabling a comprehensive current-state assessment, prioritizing initiatives, and building a security roadmap.
"1402-2021 - IEEE Guide for Physical Security of Electric Power Substations." IEEE, 2021. Accessed 25 Jan. 2023.
"2022 State of Protective Intelligence Report." Ontic Center for Protective Intelligence, 2022. Accessed 16 Jan. 2023.
"8 Staggering Statistics: Physical Security Technology Adoption." Brivo, 2022. Accessed 5 Jan. 2023.
"America's Water Infrastructure Act of 2018." The United States' Congress, 2018. Accessed 19 Jan. 2023.
Baker, Paul and Daniel Benny. The Complete Guide to Physical Security. Auerbach Publications. 2013
Bennett, Steve. "Physical Security Statistics 2022 - Everything You Need to Know." WebinarCare, 4 Dec. 2022. Accessed 30 Dec. 2022.
"Best Practices for Planning and Managing Physical Security Resources: An Interagency Security Committee Guide." Interagency Security Committee (ISC), Dec. 2015. Accessed 23 Jan. 2023.
Black, Daniel. "Improve Security Governance With a Security Steering Committee." Info-Tech Research Group, 23 Nov. 2018. Accessed 30 Jan. 2023.
Borg, Scott. "Don't Put Up Walls Between Your Security People." FedTech Magazine, 17 Feb. 2009. Accessed 15 Dec. 2022.
Burwash, John. “Preparing for Technology Convergence in Manufacturing.” Info-Tech Research Group, 12 Dec. 2018. Accessed 7 Dec. 2022.
Carney, John. "Why Integrate Physical and Logical Security?" Cisco. Accessed 19 Jan. 2023.
"Certification of Cyber Security Skills of ICS/SCADA Professionals." European Union Agency for Cybersecurity (ENISA), 2015. Accessed 27 Sep. 2022.
Cherdantseva, Yulia and Jeremy Hilton. "Information Security and Information Assurance. The Discussion about the Meaning, Scope and Goals." Organizational, Legal, and Technological Dimensions of IS Administrator, Almeida F., Portela, I. (eds.), pp. 1204-1235. IGI Global Publishing, 2013.
Cobb, Michael. "Physical security." TechTarget. Accessed 8 Dec. 2022.
“Conduct a Drinking Water or Wastewater Utility Risk Assessment.” United States Environmental Protection Agency (EPA), n.d. Web.
Conrad, Sandi. "Create and Implement an IoT Strategy." Info-Tech Research Group, 28 July 2022. Accessed 7 Dec. 2022.
Cooksley, Mark. "The IEC 62443 Series of Standards: A Product Manufacturer's Perspective." YouTube, uploaded by Plainly Explained, 27 Apr. 2021. Accessed 26 Aug. 2022.
"Cyber and physical security must validate their value in 2023." IFSEC Global, 12 Jan. 2023. Accessed 20 Jan. 2023.
"Cybersecurity Evaluation Tool (CSET®)." Cybersecurity and Infrastructure Security Agency (CISA). Accessed 23 Jan. 2023.
"Cybersecurity Maturity Model Certification (CMMC) 2.0." The United States' Department of Defense (DOD), 2021. Accessed 29 Dec. 2022.
“Cyber Security Metrics for the Electric Sector: Volume 3.” Electric Power Research Institute (EPRI), 2017.
Czachor, Emily. "Mass power outage in North Carolina caused by gunfire, repairs could take days." CBS News, 5 Dec. 2022. Accessed 20 Jan. 2023.
Dang, Robert, et al. “Secure IT/OT Convergence.” Info-Tech Research Group, 9 Dec. 2022. Web.
"Emergency Management Act (S.C. 2007, c. 15)." The Government of Canada, 2007. Accessed 19 Jan. 2023.
"Emergency management vocabulary." Translation Bureau, Government of Canada. Accessed 19 Jan. 2023.
Fennelly, Lawrence. Effective physical security. Butterworth-Heinemann, 2013.
Ghaznavi-Zadeh, Rassoul. "Enterprise Security Architecture - A Top-down Approach." The Information Systems Audit and Control Association (ISACA). Accessed 25 Jan. 2023.
"Good Practices for Security of Internet of Things." European Union Agency for Cybersecurity (ENISA), 2018. Accessed 27 Sep. 2022.
"Health and Safety at Work etc Act 1974." The United Kingdom Parliament. Accessed 23 Jan. 2023.
Hébert, Michel, et al. “Security Priorities 2023.” Info-Tech Research Group, 1 Feb. 2023. Web.
"History and Initial Formation of Physical Security and the Origin of Authority." Office of Research Services (ORS), National Institutes of Health (NIH). March 3, 2017. Accessed 19 Jan. 2023.
"IEC 62676-1-1:2013 Video surveillance systems for use in security applications - Part 1-1: System requirements - General." International Electrotechnical Commission (IEC), 2013. Accessed 9 Dec. 2022.
"Incident Command System (ICS)." ICS Canada. Accessed 17 Jan. 2023.
"Information Security Manual - Guidelines for Physical Security." The Australian Cyber Security Centre (ACSC), Dec. 2022. Accessed 13 Jan. 2023.
"Integrated Physical Security Framework." Anixter. Accessed 8 Dec. 2022.
"Integrating Risk and Security within a TOGAF® Enterprise Architecture." TOGAF 10, The Open Group. Accessed 11 Jan. 2023.
Latham, Katherine. "The microchip implants that let you pay with your hand." BBC News, 11 Apr. 2022. Accessed 12 Jan. 2023.
Linthicum, David. "2023 could be the year of public cloud repatriation." InfoWorld, 3 Jan. 2023. Accessed 10 Jan. 2023.
Ma, Alexandra. "Thousands of people in Sweden are embedding microchips under their skin to replace ID cards." Business Insider, 14 May 2018. Accessed 12 Jan. 2023.
Mendelssohn, Josh and Dana Tessler. "Take Control of Compliance Improvement to Conquer Every Audit." Info-Tech Research Group, 25 March 2015. Accessed 27 Jan. 2023.
Meredith, Sam. "All you need to know about the Nord Stream gas leaks - and why Europe suspects 'gross sabotage'." CNBC, 11 Oct. 2022. Accessed 20 Jan. 2023.
Nicaise, Vincent. "EU NIS2 Directive: what’s changing?" Stormshield, 20 Oct. 2022. Accessed 17 Nov. 2022.
"NIST SP 800-53 Rev. 5 Security and Privacy Controls for Information Systems and Organizations." The National Institute of Standards and Technology (NIST), 13 Jul. 2022. Accessed 27 Jan. 2023.
"North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) Series." NERC. Accessed 23 Jan. 2023.
"North America Physical Security Market - Global Forecast to 2026." MarketsandMarkets, June 2021. Accessed 30 Dec. 2022.
"NSTISSI No. 4011 National Training Standard For Information Systems Security (InfoSec) Professionals." The United States Committee on National Security Systems (CNSS), 20 Jun. 1994. Accessed 23 Jan. 2023.
"Occupational Safety and Health Administration (OSH) Act of 1970." The United States Department of Labor. Accessed 23 Jan. 2023.
Palter, Jay. "10 Mistakes Made in Designing a Physical Security Program." Real Time Networks, 7 Sep. 2022. Accessed 6 Jan. 2023.
Parker, Donn. Fighting Computer Crime. John Wiley & Sons, 1998.
Pathak, Parag. "What Is Threat Management? Common Challenges and Best Practices." Security Intelligence, 2020. Accessed 5 Jan. 2023.
Pender-Bey, Georgie. "The Parkerian Hexad." Lewis University, 2012. Accessed 24 Jan. 2023.
Philippou, Oliver. "2023 Trends to Watch: Physical Security Technologies." Omdia. Accessed 20 Jan. 2023.
Phinney, Tom. "IEC 62443: Industrial Network and System Security." ISA and Honeywell Integrated Security Technology Lab. Accessed 30 Jan. 2023.
"Physical Security Market, with COVID-19 Impact Analysis - Global Forecast to 2026." MarketsandMarkets, Jan. 2022. Accessed 30 Dec. 2022.
"Physical Security Professional (PSP)" ASIS International. Accessed 17 Jan. 2023.
"Physical Security Systems (PSS) Assessment Guide" The United States' Department of Energy (DOE), Dec. 2016. Accessed 23 Jan. 2023.
"Policies, Standards, Best Practices, Guidance, and White Papers." Interagency Security Committee (ISC). Accessed 23 Jan. 2023.
"Profiles, Add-ons and Specifications." ONVIF. Accessed 9 Dec. 2022.
"Protective Security Policy Framework (PSPF)." The Australian Attorney-General's Department (AGD). Accessed 13 Jan. 2023.
"Satellites detect methane plume in Nord Stream leak." The European Space Agency (ESA), 6 oct. 2022. Accessed 23 Jan. 2023.
""Satellites detect methane plume in Nord Stream leak." The European Space Agency (ESA), 6 oct. 2022. Accessed 23 Jan. 2023.
Satgunananthan, Niru. "Challenges in Security Convergence?" LinkedIn, 8 Jan. 2022. Accessed 20 Dec. 2022.
Sooknanan, Shastri and Isaac Kinsella. "Identify the Components of Your Cloud Security Architecture." Info-Tech Research Group, 12 March 2021. Accessed 26 Jan. 2023.
"TC 79 Alarm and electronic security systems." International Electrotechnical Commission (IEC), n.d. Accessed 9 Dec. 2022.
"The Risk Management Process for Federal Facilities: An Interagency Security Committee Standard." Interagency Security Committee (ISC), 2021. Accessed 26 Jan. 2023.
"The Short Guide to Why Security Programs Can Fail." CyberTalk, 23 Sep. 2021. Accessed 30 Dec. 2022.
Verton, Dan. "Companies Aim to Build Security Awareness." Computerworld, 27 Nov. 2022. Accessed 26 Jan. 2023.
"Vulnerability Assessment of Federal Facilities." The United States' Department of Justice, 28 Jun. 1995. Accessed 19 Jan. 2023.
"What is IEC 61508?" 61508 Association. Accessed 23 Jan. 2023.
Wolf, Gene. "Better Include Physical Security With Cybersecurity." T&D World 5 Jan. 2023. Accessed 19 Jan. 2023.
Wood, Kate, and Isaac Kinsella. “Build an Information Security Strategy.” Info-Tech Research Group, 9 Sept. 2020. Web.
Woolf, Tim, et al. "Benefit-Cost Analysis for Utility-Facing Grid Modernization Investments: Trends, Challenges, and Considerations." Lawrence Berkeley National Laboratory, Feb. 2021. Accessed 15 Nov. 2022.
"Work Health and Safety Act 2011." The Australian Government. Accessed 13 Jan. 2023.
Wu, Jing. “Industrial Control System Modernization: Unlock the Value of Automation in Utilities.” Info-Tech Research Group, 6 April 2023. Web.
Information and Cyber Governance Manager
Platte River Power Authority
Chief Security Officer (CSO) & Founder
KLAVAN Security
IT Security Manager
4Wall Entertainment
VP of Information Technology
4Wall Entertainment
Senior Manager
March Networks Corporate
Manager of Security Engineering
Omaha Public Power District
Head of IT
Waymo
Director, Facilities Security Preparedness
Omaha Public Power District
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Outline your plan, form your team, and plan marketing tech stack support.
Set lead flow thresholds, define your ideal customer profile and lead generation engine components, and weight, score, test, and refine them.
Apply your lead scoring model to your lead management app, test it, validate the results with sellers, apply advanced methods, and refine.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Drive an aligned vision for lead scoring.
Attain an aligned vision for lead scoring.
Identify the steering committee and project team and clarify their roles and responsibilities.
Provide your team with an understanding of how leads score through the marketing funnel.
1.1 Outline a vision for lead scoring.
1.2 Identify steering committee and project team members.
1.3 Assess your tech stack for lead scoring and seek advice from Info-Tech analysts to modernize where needed.
1.4 Align on marketing pipeline terminology.
Steering committee and project team make-up
Direction on tech stack to support lead generation
Marketing pipeline definitions alignment
Define the buyer journey and map the lead generation engine.
Align the vision for your target buyer and their buying journey.
Identify the assets and activities that need to compose your lead generation engine.
2.1 Establish a buyer persona.
2.2 Map your buyer journey.
2.3 Document the activities and assets of your lead generation engine.
Buyer persona
Buyer journey map
Lead gen engine assets and activities documented
Build and test your lead scoring model.
Gain team alignment on how leads score and, most importantly, what constitutes a sales-accepted lead.
Develop a scoring model from which future iterations can be tested.
3.1 Understand the Lead Scoring Grid and set your thresholds.
3.2 Identify your ideal customer profile, attributes, and subattribute weightings – run tests.
Lead scoring thresholds
Ideal customer profile, weightings, and tested scores
Test profile scoring
Align on engagement attributes.
Develop a scoring model from which future iterations can be tested.
4.1 Weight the attributes of your lead generation engagement model and run tests.
4.2 Apply weightings to activities and assets.
4.3 Test engagement and profile scenarios together and make any adjustments to weightings or thresholds.
Engagement attributes and weightings tested and complete
Final lead scoring model
Apply the model to your tech platform.
Deliver better qualified leads to Sales.
5.1 Apply model to your marketing management/campaign management software and test the quality of sales-accepted leads in the hands of sellers.
5.2 Measure overall lead flow and conversion rates through your marketing pipeline.
5.3 Apply lead nurturing and other advanced methods.
Model applied to software
Better qualified leads in the hands of sellers
EXECUTIVE BRIEF
As B2B organizations emerge from the lowered demands brought on by COVID-19, they are eager to convert marketing contacts to sales-qualified leads with even the slightest signal of intent, but many sales cycles are wasted when sellers receive unqualified leads. Delivering highly qualified leads to sellers is still more art than science, and it is especially challenging without a way to score a contact profile and engagement. While most marketers capture some profile data from contacts, many will pass a contact over to Sales without any engagement data or schedule a demo with a contact without any qualifying profile data. Passing unqualified leads to Sales suboptimizes Sales’ resources, raises the costs per lead, and often results in lost opportunities. Marketers need to develop a lead scoring methodology that delivers better qualified leads to Field Sales scored against both the ideal customer profile (ICP) and engagement that signals lower-funnel buyer interest. To be successful in building a compelling lead scoring solution, marketers must work closely with key stakeholders to align the ICP asset/activity with the buyer journey. Additionally, working early in the design process with IT/Marketing Operations to implement lead management and analytical tools in support will drive results to maximize lead conversion rates and sales wins.
Jeff Golterman
Managing Director
SoftwareReviews Advisory
The affordability and ease of implementation of digital marketing tools have driven global adoption to record levels. While many marketers are fine-tuning the lead generation engine components of email, social media, and web-based advertising to increase lead volumes, just 32% of companies pass well-qualified leads over to outbound marketers or sales development reps (SDRs). At best, lead gen costs stay high, and marketing-influenced win rates remain suboptimized. At worst, marketing reputation suffers when poorly qualified leads are passed along to sellers.
Most marketers lack a methodology for lead scoring, and some lack alignment among Marketing, Product, and Sales on what defines a qualified lead. In their rush to drive lead generation, marketers often fail to “define and align” on the ICP with stakeholders, creating confusion and wasted time and resources. In the rush to adopt B2B marketing and sales automation tools, many marketers have also skipped the important steps to 1) define the buyer journey and map content types to support, and 2) invest in a consistent content creation and sourcing strategy. The wrong content can leave prospects unmotivated to engage further and cause them to seek alternatives.
To employ lead scoring effectively, marketers need to align Sales, Marketing, and Product teams on the definition of the ICP and what constitutes a Sales-accepted lead. The buyer journey needs to be mapped in order to identify the engagement that will move a lead through the marketing lead generation engine. Then the project team can score prospect engagement and the prospect profile attributes against the ICP to arrive at a lead score. The marketing tech stack needs to be validated to support lead scoring, and finally Sales needs to sign off on results.
Lead scoring is a must-have capability for high-tech marketers. Without lead scoring, marketers will see increased costs of lead gen, decreased SQL to opportunity conversion rates, decreased sales productivity, and longer sales cycles.
Leading marketers who successfully implement a lead scoring methodology develop it collaboratively with stakeholders across Marketing, Sales, and Product Management. Leaders will engage Marketing Operations, Sales Operations, and IT early to gain support for the evaluation and implementation of a supporting campaign management application and for analytics to track lead progress throughout the Marketing and Sales funnels. Leverage the Marketing Lead Scoring Toolkit to build out your version of the model and to test various scenarios. Use the slides contained within this storyboard and the accompanying toolkit as a means to align key stakeholders on the ICP and to weight assets and activities across your marketing lead generation engine.
Lead scoring weighs the value of a prospect’s profile against the ICP and renders a profile score. The process then weighs the value of the prospects activities against the ideal call to action (CTA) and renders an activity score. Combining the profile and activity scores delivers an overall score for the value of the lead to drive the next step along the overall buyer journey.
EXAMPLE: SALES MANAGEMENT SOFTWARE
SoftwareReviews Advisory Insight:
A significant obstacle to quality lead production is disagreement on or lack of a documented definition of the ideal customer profile. Marketers successful in lead scoring will align key stakeholders on a documented definition of the ICP as a first step in improving lead scoring.
Up to 66% of businesses don’t practice any type of lead scoring.
“ With lead scoring, you don’t waste loads of time on unworthy prospects, and you don’t ignore people on the edge of buying.”
“The benefits of lead scoring number in the dozens. Having a deeper understanding of which leads meet the qualifications of your highest converters and then systematically communicating with them accordingly increases both ongoing engagement and saves your internal team time chasing down inopportune leads.”
Optimizing Sales Resources Using Lead Scoring
“On average, organizations that currently use lead scoring experience a 77% lift in lead generation ROI, over organizations that do not currently use lead scoring.”
Average Lead Generation ROI by Use of Lead Scoring
1. Drive Aligned Vision for Lead Scoring |
2. Build and Test Your Lead Scoring Model |
3. Apply to Your Tech Platform and Validate, Nurture, and Grow |
|
Phase |
|
|
|
Phase Outcomes |
|
|
|
The workbook walks you through a step-by-step process to:
Consider core functions and form a cross-functional lead scoring team. Document the team’s details here.
Set your initial threshold weightings for profile and engagement scores.
Establish Your Ideal Customer Profile
Identify major attributes and attribute values and the weightings of both. You’ll eventually score your leads against this ICP.
Record and Weight Lead Gen Engine Activities
Identify the major activities that compose prospect engagement with your lead gen engine. Weight them together as a team.
Test Lead Profile Scenarios
Test actual lead profiles to see how they score against where you believe they should score. Adjust threshold settings in Tab 2.
Test Activity Engagement Scores
Test scenarios of how contacts navigate your lead gen engine. See how they score against where you believe they should score. Adjust thresholds on Tab 2 as needed.
Review Combined Profile and Activity Score
Review the combined scores to see where on your lead scoring matrix the lead falls. Make any final adjustments to thresholds accordingly.
DIY Toolkit | Guided Implementation | Workshop | Consulting |
---|---|---|---|
"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." |
"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." |
"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." |
"Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project." |
|
|
|
|
Phase 1 |
Phase 2 |
Phase 3 |
---|---|---|
Call #1: Collaborate on vision for lead scoring and the overall project. Call #2: Identify the steering committee and the rest of the team. Call #3: Discuss app/tech stack support for lead scoring. Understand key marketing pipeline terminology and the buyer journey. Call #4: Discuss your ICP, apply weightings, and run test scenarios. |
Call #5: Discuss and record lead generation engine components. Call #6: Understand the Lead Scoring Grid and set thresholds for your model. Call #7: Identify your ICP, apply weightings to attributes, and run tests. |
Call #8: Weight the attributes of engagement activities and run tests. Review the application of the scoring model on lead management software. Call #9: Test quality of sales-accepted leads in the hands of sellers. Measure lead flow and conversion rates through your marketing pipeline. Call #10: Review progress and discuss nurturing and other advanced topics. |
A Guided Implementation (GI) is series of calls with a SoftwareReviews Advisory analyst to help implement our best practices in your organization. For guidance on marketing applications, we can arrange a discussion with an Info-Tech analyst. Your engagement managers will work with you to schedule analyst calls.
Day 1 |
Day 2 |
Day 3 |
Day 4 |
Day 5 |
|
---|---|---|---|---|---|
Drive Aligned Vision for Lead Scoring |
Buyer Journey and Lead Gen Engine Mapping |
Build and Test Your Lead Scoring Model |
Align on Engagement Attributes |
Apply to Your Tech Platform |
|
Activities |
1.1 Outline a vision for lead scoring. 1.2 Identify steering committee and project team members. 1.3 Assess your tech stack for lead scoring and seek advice from Info-Tech analysts to modernize where needed. 1.4 Align on marketing pipeline terminology. |
2.1 Establish a buyer persona (if not done already). 2.2 Map your buyer journey. 2.3 Document the activities and assets of your lead gen engine. |
3.1 Understand Lead Scoring Grid and set your thresholds. 3.2 Identify ICP attribute and sub-attribute weightings. Run tests. |
4.1 Weight the attributes of your lead gen engagement model and run tests. 4.2 Apply weightings to activities and assets. 4.3 Test engagement and profile scenarios together and adjust weightings and thresholds as needed. |
5.1 Apply model to your campaign management software and test quality of sales-accepted leads in the hands of sellers. 5.2. Measure overall lead flow and conversion rates through your marketing pipeline. 5.3 Apply lead nurturing and other advanced methods. |
Deliverables |
|
|
|
|
|
Phase 1 |
Phase 2 |
Phase 3 |
---|---|---|
1.1 Establish a cross-functional vision for lead scoring 1.2 Asses your tech stack for lead scoring (optional) 1.3 Catalog your buyer journey and lead gen engine assets |
2.1 Start building your lead scoring model 2.2 Identify and verify your IPC and weightings 2.3 Establish key lead generation activities and assets |
3.1 Apply model to your marketing management software 3.2 Test the quality of sales-accepted leads 3.3 Apply advanced methods |
This phase will walk you through the following activities:
This phase involves the following stakeholders:
Activities
1.1.1 Identify stakeholders critical to success
1.1.2 Outline the vision for lead scoring
1.1.3 Select your lead scoring team
This step will walk you through the following activities:
This step involves the following participants:
Outcomes of this step
1 hour
Input | Output |
|
|
Materials | Participants |
|
|
B2B marketers that lack agreement among Marketing, Sales, Inside Sales, and lead management supporting staff of what constitutes a qualified lead will squander precious time and resources throughout the customer acquisition process.
1 hour
Input | Output |
|
|
Materials | Participants |
|
|
While SMBs can implement some form of lead scoring when volume is very low and leads can be scored by hand, lead scoring and effective lead management cannot be performed without investment in digital platforms and lead management software and integration with customer relationship management (CRM) applications in the hands of inside and field sales staff. Marketers should plan and budget for the right combination of applications and tools to be in place for proper lead management.
Title |
Key Stakeholders Within a Lead Generation/Scoring Initiative |
---|---|
Lead Scoring Sponsor |
|
Lead Scoring Initiative Manager |
|
Business Leads |
|
Digital, Marketing/Sales Ops/IT Team |
|
Steering Committee |
|
Marketers managing the lead scoring initiative must include Product Marketing, Sales, Inside Sales, and Product Management. And given that world-class B2B lead generation engines cannot run without technology enablement, Marketing Operations/IT – those that are charged with enabling marketing and sales – must also be part of the decision making and implementation process of lead scoring and lead generation.
30 minutes
Input | Output |
|
|
Materials | Participants |
|
|
Download the Lead Scoring Workbook
Consider the core team functions when composing the lead scoring team. Form a cross-functional team (i.e. across IT, Marketing, Sales, Service, Operations) to create a well-aligned lead management/scoring strategy. Don’t let your core team become too large when trying to include all relevant stakeholders. Carefully limit the size of the team to enable effective decision making while still including functional business units.
Required Skills/Knowledge |
Suggested Team Members |
---|---|
Business |
|
|
|
IT |
|
|
|
Other |
|
|
|
Our model assumes you have:
1.2.1 A marketing application/campaign management application in place that accommodates lead scoring.
1.2.2 Lead management software integrated with the sales automation/CRM tool in the hands of Field Sales.
1.2.3 Reporting/analytics that spans the entire lead generation pipeline/funnel.
Refer to the following three slides if you need guidance in these areas.
This step will walk you through the following activities:
This step involves the following participants:
Outcomes of this step
SoftwareReviews Advisory Insight:
Marketers that collaborate closely with Marketing Ops/IT early in the process of lead scoring design will be best able to assess whether current marketing applications and tools can support a full lead scoring capability.
A thorough evaluation takes months – start early
A thorough evaluation takes months – start early
Access the Info-Tech blueprint Select and Implement a CRM Platform, along with analyst inquiry support during the requirements definition, vendor evaluation, and vendor selection phases. Use the SoftwareReviews CRM Data Quadrant during vendor evaluation and selection.
A thorough evaluation takes weeks – start early
Activities
1.3.1 Review marketing pipeline terminology
1.3.2 Describe your buyer journey
1.3.3 Describe your awareness and lead generation engine
This step will walk you through the following activities:
This step involves the following participants:
Outcomes of this step
30 minutes
Stage |
Characteristics |
Actions |
Contact |
|
Nurture SDR Qualify Send to Sales Close |
MQL |
|
|
SQL |
|
|
Oppt’y |
|
|
Win |
|
SoftwareReviews Advisory Insight:
Score leads in a way that makes it crystal clear whether they should be ignored, further nurtured, further qualified, or go right into a sellers’ hands as a super hot lead.
2 hours
On the following slide:
SoftwareReviews Advisory Insight:
Establishing a buyer journey is one of the most valuable tools that, typically, Product Marketing produces. Its use helps campaigners, product managers, and Inside and Field Sales. Leading marketers keep journeys updated based on live deals and characteristics of wins.
[Persona name] ([levels it includes from arrows above]) Buyer’s Journey for [solution type] Vendor Selection
* For guidance on best practices in engaging industry analysts, contact your engagement manager to schedule an inquiry with our expert in this area. during that inquiry, we will share best practices and recommended analyst engagement models.
2 hours
On the following slide:
SoftwareReviews Advisory Insight:
Marketing’s primary mission is to deliver marketing-influenced wins (MIWs) to the company. Building a compelling awareness and lead gen engine must be done with that goal in mind. Leaders are ruthless in testing – copy, email subjects, website navigation, etc. – to fine-tune the engine and staying highly collaborative with sellers to ensure high value lead delivery.
Phase 1 | Phase 2 | Phase 3 |
---|---|---|
1.1 Establish a cross-functional vision for lead scoring 1.2 Asses your tech stack for lead scoring (optional) 1.3 Catalog your buyer journey and lead gen engine assets | 2.1 Start building your lead scoring model 2.2 Identify and verify your IPC and weightings 2.3 Establish key lead generation activities and assets | 3.1 Apply model to your marketing management software 3.2 Test the quality of sales-accepted leads 3.3 Apply advanced methods |
This phase will walk you through the following activities:
This phase involves the following participants:
Activities
2.1.1 Understand the Lead Scoring Grid
2.1.2 Identify thresholds
This step will walk you through the following activities:
This step involves the following participants:
Outcomes of this step
30 minutes
30 minutes
We have set up a model Lead Scoring Grid – see Lead Scoring Workbook, tab 2, “Identify Thresholds.”
Set your thresholds within the Lead Scoring Workbook:
SoftwareReviews Advisory Insight:
Clarify that all-important threshold for when a lead passes to your expensive and time-starved outbound sellers.
Activities
2.2.1 Identify your ideal customer profile
2.2.2 Run tests to validate profile weightings
This step will walk you through the following activities:
This step involves the following participants:
Outcomes of this step
2 hours
SoftwareReviews Advisory Insight:
Marketers who align with colleagues in areas such as Product Marketing, Sales, Inside Sales, Sales Training/Enablement, and Product Managers and document the ICP give their organizations a greater probability of lead generation success.
SoftwareReviews Advisory Insight:
Keep your model simple in the interest of fast implementation and to drive early learnings. The goal is not to be perfect but to start iterating toward success. You will update your scoring model even after going into production.
2 hours
Activities
2.3.1 Establish activities, attribute values, and weights
2.3.2 Run tests to evaluate activity ratings
This step will walk you through the following activities:
This step involves the following participants:
Outcomes of this step
2 hours
SoftwareReviews Advisory Insight:
Use data from actual closed deals and the underlying activities to build your model – nothing like using facts to inform your key decisions. Use common sense and keep things simple. Then update further when data from new wins appears.
2 hours
Phase 1 | Phase 2 | Phase 3 |
---|---|---|
1.1 Establish a cross-functional vision for lead scoring 1.2 Asses your tech stack for lead scoring (optional) 1.3 Catalog your buyer journey and lead gen engine assets | 2.1 Start building your lead scoring model 2.2 Identify and verify your IPC and weightings 2.3 Establish key lead generation activities and assets | 3.1 Apply model to your marketing management software 3.2 Test the quality of sales-accepted leads 3.3 Apply advanced methods |
This phase will walk you through the following activities:
This phase involves the following participants:
Activities
3.1.1 Apply final model to your lead management software
This step will walk you through the following activities:
This step involves the following participants:
Outcomes of this step
3 hours
Activities
3.2.1 Achieve sales lead acceptance
3.2.2 Measure and optimize
This step will walk you through the following activities:
This step involves the following participants:
Outcomes of this step
1 hour
Stage | Characteristics | Actions |
Contact |
| Nurture SDR Qualify Send to Sales Close |
MQL |
| |
SQL |
| |
Oppt’y |
| |
Win |
|
SoftwareReviews Advisory Insight:
Marketers that collaborate with Sales – and in this case, a group of sellers as a sales advisory team – well in advance of sales acceptance to design lead scoring will save time during this stage, build trust with sellers, and make faster decisions related to lead management/scoring.
Ongoing
Analytics will also drive additional key insights across your lead gen engine:
Activities
3.3.1 Employ lead nurturing strategies
3.3.2 Adjust your model over time to accommodate more advanced methods
This step will walk you through the following activities:
This step involves the following participants:
Outcomes of this step
SoftwareReviews Advisory Insight:
Nurturing success combines the art of crafting engaging copy/experiences and the science of knowing just where a prospect is within your lead gen engine. Great B2B marketers demonstrate the discipline of knowing when to drive engagement and/or additional profile attribute capture using intent while not losing the prospect to over-profiling.
Ongoing
SoftwareReviews Advisory Insight:
When nurturing, choose/design content as to what “intent” it satisfies. For example, a head-to-head comparison with a key competitor signals “Selection” phase of the buyer journey. Content that helps determine what app-type to buy signals “Solution”. A company video, or a webinar replay, may mean your buyer is “educating themselves.
Ongoing
Advanced Methods
ABM |
Account-Based Marketing |
---|---|
B2B |
Business to Business |
CMO |
Chief Marketing Officer |
CRM |
Customer Relationship Management |
ICP |
Ideal Customer Profile |
MIW |
Marketing-Influenced Win |
MQL |
Marketing-Qualified Lead |
SDR |
Sales Development Representative |
SQL |
Sales-Qualified Lead |
Arora, Rajat. “Mining the Real Gems from you Data – Lead Scoring and Engagement Scoring.” LeadSquared, 27 Sept. 2014. Web.
Doyle, Jen. “2012 B2B Marketing Benchmark Report: Research and insights on attracting and converting the modern B2B buyer.” MarketingSherpa, 2012. Web.
Doyle, Jen, and Sergio Balegno. “2011 MarketingSherpa B2B Marketing Benchmark Survey: Research and Insights on Elevating Marketing Effectiveness from Lead Generation to Sales Conversion.” MarketingSherpa, 2011.
Kirkpatrick, David. “Lead Scoring: CMOs realize a 138% lead gen ROI … and so can you.” marketingsherpa blog, 26 Jan 2012. Web.
Moser, Jeremy. “Lead Scoring Is Important for Your Business: Here’s How to Create Scoring Model and Hand-Off Strategy.” BigCommerce, 25 Feb. 2019. Web.
Strawn, Joey. “Why Lead Scoring Is Important for B2Bs (and How You Can Implement It for Your Company.” IndustrialMarketer.com, 17 Aug. 2016. Web.
Besides the small introduction, subscribers and consulting clients within this management domain have access to:
Identify and categorize current collaboration toolset usage to recognize unnecessary overlaps and legitimate gaps.
Evaluate overlaps to determine which redundant tools should be phased out and explore best practices for how to do so.
Fill your collaboration toolset gaps with best-fit tools, build business requirements for those tools, and create an adoption plan for onboarding.
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Create a collaboration vision.
Acknowledge the current state of the collaboration toolset.
A clear framework to structure the collaboration strategy
1.1 Set the vision for the Collaboration Strategy.
1.2 Identify your collaboration tools with use cases.
1.3 Learn what collaboration tools are used and why, including shadow IT.
1.4 Begin categorizing the toolset.
Beginnings of the Collaboration Strategy
At least five archetypical use cases, detailing the collaboration capabilities required for these cases
Use cases updated with shadow IT currently used within the organization
Overlaps and Gaps in Current Capabilities Toolset Template
Identify redundant overlapping tools and develop a phase-out plan.
Communication and phase-out plans for redundant tools, streamlining the collaboration toolset.
2.1 Identify legitimate overlaps and gaps.
2.2 Explore business and user strategies for identifying redundant tools.
2.3 Create a Gantt chart and communication plan and outline post-phase-out strategies.
Overlaps and Gaps in Current Capabilities Toolset Template
A shortlist of redundant overlapping tools to be phased out
Phase-out plan
Gather business requirements for finding best-fit tools to fill toolset gaps.
A business requirements document
3.1 Use SoftwareReviews and the Collaboration Platform Evaluation Tool to shortlist best-fit collaboration tool.
3.2 Build SMART objectives and goals cascade.
3.3 Walk through the Collaboration Tools Business Requirements Document Template.
A shortlist of collaboration tools
A list of SMART goals and a goals cascade
Completed Business Requirements Document
Create an adoption plan for successfully onboarding new collaboration tools.
An adoption plan
4.1 Fill out the Adoption Plan Gantt Chart Template.
4.2 Create the communication plan.
4.3 Explore best practices to socialize the new tools.
Completed Gantt chart
Adoption plan marketing materials
Long-term strategy for engaging employees with onboarded tools