Develop a Business Continuity Plan

Streamline the traditional approach to make BCP development manageable and repeatable.

Analyst Perspective

A BCP touches every aspect of your organization, making it potentially the most complex project you’ll take on. Streamline this effort or you won’t get far.

None of us needs to look very far to find a reason to have an effective business continuity plan.

From pandemics to natural disasters to supply chain disruptions to IT outages, there’s no shortage of events that can disrupt your complex and interconnected business processes. How in the world can anyone build a plan to address all these threats?

Don’t try to boil the ocean. Use these tactics to streamline your BCP project and stay on track:

• Focus on one business unit at a time. Keep the effort manageable, establish a repeatable process, and produce deliverables that provide a starting point for the rest of the organization.
• Don’t start with an extensive risk analysis. It takes too long and at the end you’ll still need a plan to resume business operations following a disruption. Rather than trying to predict what could cause a disruption, focus on how to recover.
• Keep your BCP documentation concise. Use flowcharts, checklists, and diagrams instead of traditional manuals.

No one can predict every possible disruption, but by following the guidance in this blueprint, you can build a flexible continuity plan that allows you to withstand the threats your organization may face.

Frank Trovato

Research Director,
IT Infrastructure & Operations Practice
Info-Tech Research Group

Andrew Sharp

Senior Research Analyst,
IT Infrastructure & Operations Practice
Info-Tech Research Group

Executive Summary

Your Challenge

• Recent crises have increased executive awareness and internal pressure to create a BCP.
• Industry- and government-driven regulations require evidence of sound business continuity practices.
• Customers demand their vendors provide evidence of a workable BCP prior to signing a contract.

IT leaders, because of their cross-functional view and experience with incident management and DR, are often asked to lead BCP efforts.

Common Obstacles

• IT managers asked to lead BCP efforts are dealing with processes and requirements beyond IT and outside of their control.
• BCP requires input from multiple departments with different and sometimes conflicting objectives.
• Typically there are few, if any, dedicated resources for BCP, so it can't be a full-time, resource-intensive project.

Info-Tech’s Approach

• Focus on implementing a structured and repeatable process that can be applied to one business unit at a time to avoid BCP from becoming an overwhelming project.
• Enable business leaders to own the BCP going forward by establishing a template that the rest of the organization can follow.
• Leverage BCP outcomes to refine IT DRP recovery objectives and achieve DRP-BCP alignment.

Info-Tech Insight

As an IT leader you have the skill set and organizational knowledge to lead a BCP project, but you must enable business leaders to own their department’s BCP practices and outputs. They know their processes and, therefore, their requirements to resume business operations better than anyone else.

Use this research to create business unit BCPs and structure your overall BCP

A business continuity plan (BCP) consists of separate but related sub-plans, as illustrated below. This blueprint enables you to:

• Develop a BCP for a selected business unit (as a pilot project), and thereby establish a methodology that can be repeated for remaining business units.
• Through the BCP process, clarify requirements for an IT disaster recovery plan (DRP). Refer to Info-Tech’s Disaster Recovery Planning workshop for instructions on how to create an IT DRP.
• Implement ongoing business continuity management to govern BCP, DRP, and crisis management.

Overall Business Continuity Plan

IT Disaster Recovery Plan

A plan to restore IT application and infrastructure services following a disruption.

Info-Tech’s disaster recovery planning blueprint provides a methodology for creating the IT DRP. Leverage this blueprint to validate and provide inputs for your IT DRP.

BCP for Each Business Unit

A set of plans to resume business processes for each business unit. This includes:

• Identifying business processes and dependencies.
• Defining an acceptable recovery timeline based on a business impact analysis.
• Creating a step-by-step recovery workflow.

Crisis Management Plan

A plan to manage a wide range of crises, from health and safety incidents to business disruptions to reputational damage.

Info-Tech’s Implement Crisis Management Best Practices blueprint provides a framework for planning a response to any crisis, from health and safety incidents to reputational damage.

IT leaders asked to develop a BCP should start with an IT Disaster Recovery Plan

It’s a business continuity plan. Why should you start continuity planning with IT?

1. IT services are a critical dependency for most business processes. Creating an IT DRP helps you mitigate a key risk to continuity quicker than it takes to complete your overall BCP, and you can then focus on other dependencies such as people, facilities, and suppliers.
2. A BCP requires workarounds for IT failures. But it’s difficult to plan workarounds without a clear understanding of the potential IT downtime and data loss. Your DRP will answer those questions, and without a DRP, BCP discussions can get bogged down in IT discussions. Think of payroll as an example: if downtime might be 24 hours, the business might simply wait for recovery; if downtime might be a week, waiting it out is not an option.
3. As an IT manager, you can develop an IT DRP primarily with resources within your control. That makes it an easier starting point and puts IT in a better position to shift responsibility for BCP to business leaders (where it should reside) since essentially the IT portion is done.

Create a Right-Sized Disaster Recovery Plan today.

Modernize the BCP

If your BCP relies heavily on paper-based processes as workarounds, it’s time to update your plan.

Back when transactions were recorded on paper and then keyed into the mainframe system later, it was easier to revert to deskside processes. There is very little in the way of paper-based processes anymore, and as a result, it is increasingly difficult to resume business processes without IT.

Think about your own organization. What IT system(s) are absolutely critical to business operations? While you might be able to continue doing business without IT, this requires regular preparation and training. It’s likely a completely offline process and won’t be a viable workaround for long even if staff know how to do the work. If your data center and core systems are down, technology-enabled workarounds (such as collaboration via mobile technologies or cloud-based solutions) could help you weather the outage, and may be more flexible and adaptable for day-to-day work.

The bottom line:

Technology is a critical dependency for business processes. Consider the role IT systems play as process dependencies and as workarounds as part of continuity planning.

Info-Tech’s approach

The traditional approach to BCP takes too long and produces a plan that is difficult to use and maintain.

The Problem: You need to create a BCP, but don’t know where to start.

• BCP is being demanded more and more to comply with regulations, mitigate business risk, meet customer demands, and obtain insurance.
• IT leaders are often asked to lead BCP.

The Complication: A traditional BCP process takes longer to show value.

• Traditional consultants don’t usually have an incentive to accelerate the process.
• At the same time, self-directed projects with no defined process go months without producing useful deliverables.
• The result is a dense manual that checks boxes but isn’t maintainable or usable in a crisis.

The Info-Tech difference:

Use Info-Tech’s methodology to right-size and streamline the process.

• Reduce required effort. Keep the work manageable and maintain momentum by focusing on one business unit at a time; allow that unit to own their BCP.
• Prioritize your effort. Evaluate the current state of your BCP to identify the steps that are most in need of attention.
• Get valuable results faster. Functional deliverables and insights from the first business unit’s BCP can be leveraged by the entire organization (e.g. communication, assessment, and BC site strategies).

Expedite BCP development

Info-Tech’s Approach to BCP:

• Start with one critical business unit to manage scope, establish a repeatable process, and generate deliverables that become a template for remaining business units.
• Resolve critical gaps as you identify them, generating early value and risk mitigation.
• Create concise, practical documentation to support recovery.

Embed training and awareness throughout the planning process.

BCP for Business Unit A:

Scope → Pilot BIA → Response Plan → Gap Analysis

→ Lessons Learned:

• Leverage early results to establish a BCM framework.
• Take action to resolve critical gaps as they are identified.
• BCP for Business Units B through N.
• Scope→BIA→Response Plan→Gap Analysis

= Ongoing governance, testing, maintenance, improvement, awareness, and training.

By comparison, a traditional BCP approach takes much longer to mitigate risk:

• An extensive, upfront commitment of time and resources before defining incident response plans and mitigating risk.
• A “big bang” approach that makes it difficult to predict the required resourcing and timelines for the project.

Organizational Risk Assessment and Business Impact Analysis → Solution Design to Achieve Recovery Objectives → Create and Validate Response Plans

Case Study

Continuity Planning Supports COVID-19 Response

Industry: Non-Profit
Source: Info-Tech Advisory Services

A charitable foundation for a major state university engaged Info-Tech to support the creation of their business continuity plan.

With support from Info-Tech analysts and the tools in this blueprint, they worked with their business unit stakeholders to identify recovery objectives, confirm recovery capabilities and business process workarounds, and address gaps in their continuity plans.

Results

The outcome wasn’t a pandemic plan – it was a continuity plan that was applicable to pandemics. And it worked. Business processes were prioritized, gaps in work-from-home and business process workarounds had been identified and addressed, business leaders owned their plan and understood their role in it, and IT had clear requirements that they were able and ready to support.

“The work you did here with us was beyond valuable! I wish I could actually explain how ready we really were for this…while not necessarily for a pandemic, we were ready to spring into action, set things up, the priorities were established, and most importantly some of the changes we’ve made over the past few years helped beyond words! The fact that the groups had talked about this previously almost made what we had to do easy.“ -- VP IT Infrastructure

Download the BCP Case Study

Project Overview: BCP

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

BCP Business Impact Analysis Tool: Conduct and document a business impact analysis using this document.

BCP Recovery Workflows Example: Model your own recovery workflows on this example.

BCP Project Roadmap: Use this tool to prioritize projects that can improve BCP capabilities and mitigate gaps and risks.

BCP Relocation Checklists: Plan for and manage a site relocation – whether to an alternate site or work from home.

Key deliverable:

BCP Summary Document

Summarize your organization's continuity capabilities and objectives in a 15-page, easy-to-consume template.

This document consolidates data from the supporting documentation and tools to the right.

Download Info-Tech’s BCP Summary Document

Insight summary

Focus less on risk, and more on recovery

Avoid focusing on risk and probability analysis to drive your continuity strategy. You never know what might disrupt your business, so develop a flexible plan to enable business resumption regardless of the event.

Small teams = good pilots

Choose a small team for your BCP pilot. Small teams are better at trialing new techniques and finding new ways to think about problems.

Calculate downtime impact

Develop and apply a scoring scale to develop a more-objective assessment of downtime impact for the organization. This will help you prioritize recovery.

It’s not no, but rather not now…

You can’t address all the organization’s continuity challenges at once. Prioritize high value, low effort initiatives and create a long-term roadmap for the rest.

Show Value Now

Get to value quickly. Start with one business unit with continuity challenges, and a small, focused project team who can rapidly learn the methodology, identify continuity gaps, and define solutions that can also be leveraged by other departments right away.

Lightweight Testing Exercises

Outline recovery capabilities using lightweight, low risk tabletop planning exercises. Our research shows tabletop exercises increase confidence in recovery capabilities almost as much as live exercises, which carry much higher costs and risks.

Blueprint benefits

Demonstrate compliance with demands from regulators and customers

• Develop a plan that satisfies auditors, customers, and insurance providers who demand proof of a continuity plan.
• Demonstrate commitment to resilience by identifying gaps in current capabilities and projects to overcome those gaps.
• Empower business users to develop their plans and perform regular maintenance to ensure plans don’t go stale.
• Establish a culture of business readiness and resilience.

Leverage your BCP to drive value (Business Benefits)

• Enable flexible, mobile, and adaptable business operations that can overcome disruptions large and small. This includes making it easier to work remotely in response to pandemics or facility disruptions.
• Clarify the risk of the status quo to business leaders so they can make informed decisions on where to invest in business continuity.
• Demonstrate to customers your ability to overcome disruptions and continue to deliver your services.

Info-Tech Advisory Services lead to Measurable Value

Info-Tech members told us they save an average of $44,522 and 23 days by working with an Info-Tech analyst on BCP (source: client response data from Info-Tech's Measured Value Survey).

Why do members report value from analyst engagement?

1. Expert advice on your specific situation to overcome obstacles and speed bumps.
2. Structure the project and stay on track.
3. Review project deliverables and ensure the process is applied properly.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostic and consistent frameworks are used throughout all four options.

Guided Implementation

Your Trusted Advisor is a call away.

A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between eight to twelve calls over the course of four to six months.

Scoping

Call 1: Scope requirements, objectives, and stakeholders. Identify a pilot BCP project.

Business Processes and Dependencies

Calls 2 - 4: Assess current BCP maturity. Create business process workflows, dependencies, alternates, and workarounds.

Conduct a BIA

Calls 5 – 7: Create an impact scoring scale and conduct a BIA. Identify acceptable RTO and RPO.

Recovery Workflow

Calls 8 – 9: Create a recovery workflow based on tabletop planning.

Documentation & BCP Framework

Call 10: Summarize the pilot results and plan next steps. Define roles and responsibilities. Make the case for a wider BCP program.

Workshop Overview

Contact your account representative for more information.

workshops@infotech.com | 1-888-670-8889

Phase 1

Identify BCP Maturity and Document Process Dependencies

Phase 1

1.1 Assess Current BCP Maturity

1.2 Establish the pilot BCP team

1.3 Identify business processes, dependencies, and alternatives

Insights & Outcomes

Define the scope for the BCP project: assess the current state of the plan, create a pilot project team and pilot project charter, and map the business processes that will be the focus of the pilot.

Participants

• BCP Coordinator
• BCP Executive Sponsor
• Pilot Business Unit Manager & Process SMEs

Step 1.1

Assess current BCP Maturity

This step will walk you through the following activities:

• Complete Info-Tech’s BCP Maturity Scorecard

This step involves the following participants:

• Executive Sponsor
• BCP Coordinator

You'll use the following tools & templates:

• BCP Maturity Scorecard

Outcomes & Insights

Establish current BCP maturity using Info-Tech’s ISO 22301-aligned BCP Maturity Scorecard.

Evaluate the current state of your continuity plan

Use Info-Tech’s Maturity Scorecard to structure and accelerate a BCP maturity assessment.

Conduct a maturity assessment to:

• Create a baseline metric so you can measure progress over time. This metric can also drive buy-in from senior management to invest time and effort into your BCP.
• Understand the scope of work to create a complete business continuity plan.
• Measure your progress and remaining gaps by updating your assessment once you’ve completed the activities in this blueprint.

This blueprint primarily addresses the first four sections in the scorecard, which align with the creation of the core components of your business continuity plan.

Info-Tech’s BCP Maturity Scorecard

Info-Tech’s maturity scorecard is aligned with ISO 22301, the international standard that describes the key elements of a functioning business continuity management system or program – the overarching set of documents, practices, and controls that support the ongoing creation and maintenance of your BCP. A fully functional BCMS goes beyond business continuity planning to include crisis management, BCP testing, and documentation management.

Audit tools tend to treat every bullet point in ISO 22301 as a separate requirement – which means there’s almost 400 lines to assess. Info-Tech’s BCP Maturity Scorecard has synthesized key requirements, minimizing repetition to create a high-level self-assessment aligned with the standard.

A high score is a good indicator of likely success with an audit.

Download Info-Tech's BCP Maturity Scorecard

Tool: BCP Maturity Scorecard

Assess your organization’s BCP capabilities.

Use Info-Tech’s BCP Maturity Scorecard to:

• Assess the overall completeness of your existing BCP.
• Track and demonstrate progress towards completion as you work through successive planning iterations with additional business units.

1. Download a copy of the BCP Maturity Scorecard. On tab 1, indicate the percent completeness for each item using a 0-10 scale (0 = 0% complete, 10 = 100% complete).
2. If you anticipate improvements in a certain area, make note of it in the “Comments” column.
3. Review a visual representation of your overall scores on tab 2.

Download Info-Tech's BCP Maturity Scorecard

"The fact that this aligns with ISO is huge." - Dr. Bernard Jones MBCI, CBCP

Step 1.2

Establish the pilot BCP team

This step will walk you through the following activities:

• Assign accountability, responsibility, and roles.
• Develop a project charter.
• Identify dependencies and alternates for those dependencies.

This step involves the following participants:

• Executive Sponsor
• BCP Coordinator

In this step, you’ll use these tools and templates:

• BCP Pilot Project Charter Template

Outcomes & Insights

Assign roles and responsibilities for the BCP pilot project. Set milestones and timelines for the pilot.

Take a pilot approach for BCP

Limit the scope of an initial BCP project to get to value faster.

Pilot Project Goals

• Establish a repeatable methodology that fits your organization and will accelerate BCP development, with tangible deliverables that provide a template for the rest of the business.
• Identify high-priority business continuity gaps for the pilot business unit, many of which will also apply to the overall organization.
• Identify initiatives to start addressing gaps now.
• Enable business users to learn the BCP methodology and toolset so they can own and maintain their business unit BCPs.

Accomplishments expected:

• Define key business processes and process dependencies, and alternatives if dependencies are not available.
• Classify key business processes by criticality for one business unit, using an objective impact scoring scale.
• Set recovery objectives for these key processes.
• Document workarounds and recovery plans.
• Identify gaps in recovery plans and list action items to mitigate risks.
• Develop a project plan to structure a larger continuity project.

What not to expect from a pilot project:

• A complete organizational BCP (the pilot is a strong starting point).
• Implemented solutions to all BCP gaps (proposed solutions will need to be evaluated first).

Structure IT’s role in continuity planning

Clearly define IT’s role in the pilot BCP project to deliver a successful result that enables business units to own BCP in the future.

Though IT is a critical dependency for most processes, IT shouldn’t own the business continuity plan. IT should be an internal BCP process consultant, and each business unit must own their plan.

IT should be an internal BCP consultant.

• IT departments interact with all business units, which gives IT leaders at least a high-level understanding of business operations across the organization.
• IT leaders typically also have at least some knowledge of disaster recovery, which provides a foundation for tackling BCP.
• By contrast, business leaders often have little or no experience with disaster recovery, and don’t have the same level of experience as IT when it comes to working with other business units.

Why shouldn’t IT own the plan?

• Business unit managers have the authority to direct resources in their department to participate in the BCP process.
• Business users are the experts in their processes, and are in the best position to identify dependencies, downtime impacts, recovery objectives, and viable solutions (e.g., acceptable alternate sites or process workarounds).
• Ultimately, business unit managers and executives must decide whether to mitigate, accept, or transfer risks.

Info-Tech Insight

A goal of the pilot is to seed success for further planning exercises. This is as much about demonstrating the value of continuity planning to the business unit, and enabling them to own it, as it is about implementing the methodology successfully.

Create a RACI matrix for the pilot

Assemble a small, focused team for the pilot project empowered to discover, report, and present possible solutions to continuity planning challenges in your organization.

Outline roles and responsibilities on the pilot team using a “RACI” exercise. Remember, only one party can be ultimately accountable for the work being completed.

Example Pilot BCP Project RACI

R: Responsible for doing the work.

A: Accountable to ensure the activity/work happens.

C: Consulted prior to decision or action.

I: Informed of the decision/action once it’s made.

"Large teams excel at solving problems, but it is small teams that are more likely to come up with new problems for their more sizable counterparts to solve." – Wang & Evans, 2019

Info-Tech Insight

Small teams tend to be better at trialing new techniques and finding new ways to think about problems, both of which are needed for a BCP pilot project.

Choose one business unit for the pilot

Many organizations begin their BCP project with a target business unit in mind. It’s still worth establishing whether this business unit meets the criteria below.

Good candidates for a pilot project:

• Business processes are standardized and documented.
• Management and staff are motivated to improve business continuity.
• The business unit is sufficiently well resourced to spare time (e.g. a few hours a week) to dedicate to the BCP process.

• If the business unit doesn’t meet these criteria, consider addressing shortfalls before the pilot (e.g. via stakeholder management or business process analysis) or selecting another unit.
• Many of the decisions will ultimately require input and support from the business unit’s manager(s). It is critical that they are bought into and engaged with the project.
• The leader of the first business unit will be a champion for BCP within the executive team.
• Sometimes, there’s no clear place to start. If this is the case for you, consider using Info-Tech’s Business Unit BCP Prioritization Tool to determine the order in which business units should undergo BCP development.

Create role descriptions for the pilot project

Use these role descriptions and your RACI chart to define roles for the pilot.

These short descriptions establish the functions, expectations, and responsibilities of each role at a more granular level.

The Board and executives have an outsized influence on the speed at which the project can be completed. Ensure that communication with these stakeholders is clear and concise. Avoid involving them directly in activities and deliverable creation, unless it’s required by their role (e.g. as a business unit manager).

Identify a suitable BCP Coordinator

A skilled and committed coordinator is critical to building an effective and durable BCP.

• Coordinating the BC planning effort requires a perspective that’s informed by IT, but goes beyond IT.
• For example, many IT professionals only see business processes where they intersect with IT. The BCP Coordinator needs to be able to ask the right questions to help the business units think through dependencies for critical processes.
• Business analysts can thrive in this role, which requires someone effective at dissecting business processes, working with business users, identifying requirements, and managing large projects.

Structure the role of the BCP Coordinator

The BCP Coordinator works with the pilot business unit as well as remaining business units to provide continuity and resolve discrepancies as they come up between business units.

Specifically, this role includes:

• Project management tasks (e.g. scheduling, assigning tasks, coordinating resources, and reporting progress).
• Learning the BCP methodology (through the pilot) so that this person can lead remaining business units through their BCP process. This enables the IT leader who had been assigned to guide BCP development to step back into a more appropriate consulting role.
• Managing the BCP workflow.

"We found it necessary to have the same person work with each business unit to pass along lessons learned and resolve contingency planning conflicts for common dependencies." – Michelle Swessel, PM and IT Bus. Analyst, Wisconsin Compensation Rating Bureau (WCRB)

Template: Pilot Project Charter

Formalize participants, roles, milestones, risks for the pilot project.

Your charter should:

1. Define project parameters, including drivers, objectives, deliverables, and scope.
2. Identify the pilot business unit.
3. Assign a BCP pilot team, including a BCP Coordinator, to execute the methodology.
4. Define before-and-after metrics to enable the team to measure pilot success.
5. Set achievable, realistic target dates for specific project milestones.
6. Document risks, assumptions, and constraints.

Download Info-Tech’s BCP Pilot Project Charter Template

Step 1.3

Identify business processes, dependencies, and alternatives

This step will walk you through the following activities:

• Identify key business processes.
• Document the process workflow.
• Identify dependencies and alternates for those dependencies.

This step involves the following participants:

• BCP Coordinator
• Pilot Business Unit Manager
• Expert Business Unit Staff

You'll use the following tools & templates:

• BCP Business Impact Analysis Tool

Outcomes & Insights

Documented workflows, process dependencies, and workarounds when dependencies are unavailable.

Flowchart business processes

Workflows help you visually identify process dependencies and optimization opportunities.

• Business continuity planning is business process focused. You need to document business processes, dependencies, and downtime workarounds.
• Process documentation is a basic BCP audit requirement, but it will also:
  • Keep discussions about business processes well-scoped and focused – by documenting the process, you also clarify for everyone what you’re actually talking about.
  • Remind participants of process dependencies and workarounds.
  • Make it easier to spot possible process breakdowns or improvements.
  • Capture your work, which can be used to create or update SOP documentation.
• Use flowcharts to capture process workflows. Flowcharts are often quicker to create, take less time to update, and are ultimately more usable than a dense manual.

Info-Tech Insight

Process review often results in discovering informal processes, previously unknown workarounds or breakdowns, shadow IT, or process improvement opportunities.

1.3.1 Prioritize pilot business unit processes

Input

• List of key business unit processes.

Output

• List of key business unit processes, now prioritized (at a high-level)

Materials

• Whiteboard/flip charts
• BCP Business Impact Analysis Tool

Participants

• BCP Coordinator (leads the discussion)
• Pilot Business Unit Manager

30 minutes

1. Create a list of all formal and informal business processes executed by the pilot business unit.
2. Discuss the impact of process downtime, and do a quick assessment whether impact of downtime for each process would be high, medium, or low across each of these criteria:
   • Revenue or costs (e.g. supports sales, billing, or productivity)
   • Goodwill (e.g. affects internal or external reputation)
   • Compliance (e.g. affects legal or industry requirements)
   • Health or safety (e.g. affects employee/public health & safety)

Note: A more in-depth analysis will be conducted later to refine priorities. The goal here is a high-level order of priority for the next steps in the planning methodology (identify business processes and dependencies).

3. In the BCP Business Impact Analysis Tool, Processes and Dependencies tab, record the following:
   • The business processes in rough order of criticality.
   • For each process, provide a brief description that focuses on purpose and impact.
   • For each process, name a process owner (i.e. accountable for process completion – could be a manager or senior staff, not necessarily those executing the process).

1.3.2 Review process flows & identify dependencies

Input

• List of key business unit processes (prioritized at a high level in Activity 1.3.1).
• Business process flowcharts.

Output

• Business process flowcharts

Materials

• Whiteboard/flip charts
• Microsoft Visio, or other flowcharting software
• BCP Business Impact Analysis Tool

Download Info-Tech’s Business Process Workflows Example

1.5 hours

1. Use a whiteboard to flowchart process steps. Collaborate to clarify process steps and dependencies. If processes are not documented, use this as an opportunity to create standard operating procedures (SOPs) to drive consistency and process optimization, as described in the Info-Tech blueprint, Create Visual SOP Documents that Drive Process Optimization, Not Just Peace of Mind.
2. Record the dependencies in tab 1 of the BCP Business Impact Analysis Tool in the appropriate columns:
   • People – Anyone involved in the process, from providing guidance to executing the steps.
   • IT Applications – Core IT services (e.g. ERP, CRM) required for this process.
   • End-user devices & equipment – End-user devices, locally-installed apps, IoT, etc.
   • Facility – Any special requirements beyond general office space.
   • Suppliers & Service Providers – Third-parties who support this process.

Info-Tech Insight

Policies and procedures manuals, if they exist, are often out of date or incomplete. Use these as a starting point, but don’t stop there. Identify the go-to staff members who are well versed in how a process works.

1.3.3 Document workarounds

Input

• Business process flowcharts.
• List of process dependencies.

Output

• Workarounds and alternatives in the event dependencies aren’t available.

Materials

• BCP Business Impact Analysis Tool

Participants

• BCP Coordinator (facilitates the activity)
• Pilot Business Unit Manager
• Business Process Subject Matter Experts (SMEs)

1.5 hours

Identify alternatives to critical dependencies to help you create contingency plans.

1. For each business process, identify known alternatives for each primary dependency. Ignore for the moment how long the workaround or alternate would be feasible.
2. Record alternatives in the Business Continuity Business Impact Analysis Tool, Processes and Dependencies tab, Alternatives columns (a separate column for each category of dependency):
   • People – Can other staff execute the process steps? (Example: managers can step in if needed.)
   • IT Applications – Is there a manual workaround or other alternative while enterprise technology services are unavailable? (Example: database is down, but data is stored on physical forms.)
   • End-User Devices and Equipment – What alternatives exist to the usual end-user technologies, such as workstations and desk phones? (Example: some staff have cell phones.)
   • Facility Location and Requirements – Is there an alternate location where this work can be conducted? (Example: work from home, or from another building on the campus.)
   • Suppliers and External Services – Is there an alternative source for key suppliers or other external inputs? (Example: find alternate suppliers for key inputs.)
   • Additional Inputs or Requirements – What workarounds exist for additional artifacts that enable process steps (e.g. physical inventory records, control lists)? (Example: if hourly pay information is missing, run the same payroll as the previous run and reconcile once that information is available.)

Phase 2

Conduct a BIA to Determine Acceptable RTOs and RPOs

Phase 2

2.1 Define an objective impact scoring scale

2.2 Estimate the impact of downtime

2.3 Determine acceptable RTO/RPO targets

Insights & Outcomes

Assess the impact of business process downtime using objective, customized impact scoring scales. Sort business processes by criticality and by assigning criticality tiers, recovery time, and recovery point objectives.

Participants

• BCP Coordinator
• Pilot Business Unit Manager
• Business Process SMEs

Step 2.1

Define an objective scoring scale

This step will walk you through the following activities:

• Identify impact criteria that are relevant to your business.
• Create a scale that defines a range of impact for relevant criteria.

This step involves the following participants:

• BCP Coordinator
• Pilot Business Unit Manager
• Expert Business Unit Staff

In this step, you’ll use these tools and templates:

• BCP Business Impact Analysis Tool

Outcomes & Insights

Define an impact scoring scale relevant to your business, which allows you to more-objectively assess the impact of business process downtime.

Set appropriate recovery objectives

Recovery time and recovery point objectives should align with business impact.

The activities in Phase 2 will help you set appropriate, acceptable recovery objectives based on the business impact of process downtime.

• The recovery time objective (RTO) and recovery point objective (RPO) are the recovery goals set for individual processes and dependencies to ensure your business unit meets its overall acceptable recovery timeline.

For example:

• An RTO of four hours means staff and other required resources must be available to support the business processes within four hours of an incident (e.g. relocate to an alternate worksite if necessary, access needed equipment, log-in to needed systems, get support for completing the process from alternate staff, etc.)
• An RPO of four hours for a customer database means the most recent secondary copy of the data must never be more than four hours old – e.g. running a backup every four hours or less.

Conduct a Business Impact Analysis (BIA)

Create Impact Scoring Scales→Assess the impact of process downtime→Review overall impact of process downtime→Set Criticality Tiers→Set Recovery Time and Recovery Point Objectives

Create financial impact scales

Identify maximum cost and revenue impacts to build financial impact scales to measure the financial impact of process downtime.

Work with the Business Unit Manager and Executive Sponsor to identify the maximum impact in each category to the entire business. Use a worst-case scenario to estimate the maximum for each scale. In the future, you can use this scoring scale to estimate the impact of downtime for other business units.

• Loss of Revenue: Estimate the upper bound for this figure from the previous year, and divide that by the number of business days in the year. Note: Some organizations may choose to exclude revenue as a category where it won’t be lost (e.g. public-sector organizations).
• Loss of Productivity: Proxy for lost workforce productivity using payroll numbers. Use the fully loaded payroll for the company, divided by the number of working days in the year as the maximum.
• Increased Operating Costs: Isolate this to known additional costs resulting from a disruption. Does the interruption itself increase operating costs (e.g. if using timesheets for hourly/contract employees and that information is lost or unavailable, do you assume a full work week)?
• Financial Penalties: If there are known financial penalties (e.g. due to failure to meet SLAs or other contractual obligations), include those values in your cost estimates.

Info-Tech Insight

Cost estimates are like hand grenades and horseshoes: you don’t need to be exact. It’s much easier to get input and validation from other stakeholders when you have estimates. Even weak estimates are far better than a blank sheet.

Create goodwill, compliance, and safety impact scales

Create a quantitative, more-objective scoring scale for goodwill, compliance and safety by following the guidance below.

• Impact on Customers: By default, the customer impact scale is based on the percent of your total customer base impacted. You can also modify this scale to include severity of impact or alter it to identify the maximum number of customers that would be impacted.
• Impact on Staff: Consider staff that are directly employed by the organization or its subsidiaries.
• Impact on Business Partners: Which business partners would be affected by a business disruption?
• Impact on Health & Safety: Consider the extent to which process downtime could increase the risk of the health & safety of staff, customers, and the general public. In addition, degradation of health & safety services should be noted.
• Impact on Compliance: Set up the scale so that you can capture the impact of any critical regulatory requirements that might not be met if a particular process was down for 24 hours. Consider whether you expect to receive leeway or a grace period from the governance body that requires evidence of compliance.

Info-Tech Best Practice

Use just the impact scales that are relevant to your organization.

Tool: Impact Scoring Scales

• Define 4-point scoring scales in the BCP business impact analysis tool for a more objective assessment than gut-feel rankings.
• You don’t need to include every category, if they aren’t relevant to your organization.
• Refine the scoring scale as needed through the pilot project.
• Use the same scoring scale for impact analyses with additional business units in the future.

Step 2.2

Estimate the impact of downtime

This step will walk you through the following activities:

• Apply the scoring scale developed in step 2.1 to assess the impact of downtime for specific business processes.

This step involves the following participants:

• BCP Coordinator
• Pilot Business Unit Manager
• Expert Business Unit Staff

In this step, you’ll use these tools and templates:

• BCP Business Impact Analysis Tool

Outcomes & Insights

Develop an objective view of the impact of downtime for key business processes.

2.2.1 Estimate the impact of downtime

1.5 hours

Input

• List of business processes, dependencies, and workarounds, all documented in the BIA tool.

Output

• Impact of downtime scores for key business unit processes.

Materials

• BCP Business Impact Analysis Tool

Participants

• BCP Coordinator (facilitates the discussion)
• Business Process Subject Matter Experts (SMEs)
• Pilot Business Unit Manager

1. Print a copy of the Scoring Criteria tab to use as a reference, or have it open on another screen. In tab 3 of the BCP Business Impact Analysis Tool use the drop-down menu to assign a score of 0 to 4 based on levels of impact defined in the Scoring Criteria tab.
2. Work horizontally across all categories for a single process. This will set a benchmark, familiarize you with the scoring system, and allow you to modify any scoring scales if needed. In general, begin with the process that you know to be most critical.
   • For example, if call center sales operations are down:
     • Loss of Revenue would be the portion of sales revenue generated through the call center. This might score a 2 or 3 depending on the proportion of sales generated through the call center.
     • The Impact on Customers might be a 1 or 2 depending on the extent that existing customers might be using the call center to purchase new products or services.
     • The Legal/Regulatory Compliance and Health or Safety Risk might be a 0.
3. Next, work vertically across all processes within a single category. This will allow you to compare scores within the category as you create them.

Tool: Impact Analysis

• The goal of the exercise is to arrive at a defensible ranking of process criticality, based on the impact of downtime.
• Make sure participants can see the scores you’re assigning during the exercise (e.g. by writing out the scores on a whiteboard, or displaying the tool on a projector or screen) and can reference the scoring scales tab to understand what the scores mean.
• Take notes to record the rationale behind the impact scores. Consider assigning note-taking duties to one of the participants.

2.2.2 Sort processes into Criticality Tiers

30 minutes

Input

• Processes, with assigned impact scores (financial impact, goodwill impact, compliance and safety impact).

Output

• Business processes sorted into criticality tiers, based on the impact of downtime.

Materials

• BCP Business Impact Analysis Tool

Participants

• BCP Coordinator (facilitates the discussion)
• Business Process Subject Matter Experts (SMEs)
• Pilot Business Unit Manager

1. In general, consider the Total Impact on Goodwill, Compliance, and Safety first.
   • An effective tactic to start the process is to assign a tier 1 rating to all processes with a Goodwill, Compliance, and Safety score that’s 50% or more of the highest total score, tier 2 where scores are between 25% and 50%, and tier 3 where scores are below 25% (see table below for an example).
   • In step 2.3, you’ll align recovery time objectives with the criticality tiers. So, Tier 1 processes will target recovery before Tier 2 processes, and Tier 2 processes will target recovery before Tier 3 processes.
2. Next, consider the Total Cost of Downtime.

• The Total Cost is calculated by the tool based on the Scoring Criteria in tab 2 and the estimates in the BIA.
• Consider whether the total cost impact justifies changing the criticality rating. “Smoke test” categorization with participants. Are there any surprises (processes more or less critical than expected)?

Example: Highest total Goodwill, Compliance, and Safety impact score is 18.

Step 2.3

Determine acceptable RTO and RPO targets

This step will walk you through the following activities:

• Identify acceptable Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) for business processes.

This step involves the following participants:

• BCP Coordinator
• Pilot Business Unit Manager
• Expert Business Unit Staff

In this step, you’ll use these tools and templates:

• BCP Business Impact Analysis Tool

Outcomes and Insights

Right-size recovery objectives based on business impact.

Right-size recovery objectives

Acceptable RTOs and RPOs must be right-sized to the impact of downtime.

Rapid recovery typically requires more investment.

The impact of downtime for most business processes tends to look something like the increasing impact curve in the image to the right.

In the moments after a disruption, impact tends to be minimal. Imagine, for example, that your organization was suddenly unable to pay its suppliers (don’t worry about the reason for the disruption, for the moment). Chances are, this disruption wouldn’t affect many payees if it lasted just a few minutes, or even a few hours. But if the disruption were to continue for days, or weeks, the impact of downtime would start to spiral out of control.

In general, we want to target recovery somewhere between the point where impact begins, and the point where impact is intolerable. We want to balance the impact of downtime with the investment required to make processes more resilient.

Info-Tech Insight

Account for hard copy files as well as electronic data. If that information is lost, is there a backup? BCP can be the driver to remove the last resistance to paperless processes, allowing IT to apply appropriate data protection.

Set recovery time objectives and recovery point objectives in the “Debate Space”

2.3.1 Define process-level recovery objectives

1 hour

Input

• Processes, ranked by criticality.

Output

• Initial business-defined recovery objectives for each process.

Materials

• BCP Business Impact Analysis Tool

Participants

• BCP Coordinator (facilitates the discussion)
• Business Process Subject Matter Experts (SMEs)
• Pilot Business Unit Manager

1. Review the “Debate Space” diagram (shown in previous section) with all participants.
2. Ask business participants for each process: how much downtime is tolerable, acceptable, or appropriate? How much data loss is tolerable?
   • If participants aren’t yet comfortable setting recovery objectives, identify the point at which downtime and data loss first becomes noticeable and the point at which downtime and data loss becomes intolerable.
   • Choose an RTO and RPO for each process that falls within the range set by these two extremes.

RTOs and RPOs are business-defined, impact-aligned objectives that you may not be able to achieve today. It may require significant investments of time and capital to enable the organization to meet RTO and RPO.

2.3.2 Align RTOs within and across criticality tiers

1 hour

Input

• Results from pilot BCP impact analysis.

Output

• Initial business-defined recovery objectives for each process.

Materials

• BCP Business Impact Analysis Tool
• Whiteboard/ flipchart

Participants

• BCP Coordinator
• BCP Project Sponsor
• Business Process Subject Matter Experts (SMEs)
• Pilot Business Unit Manager (optional)

Set a range for RTO for each Tier.

1. Start with your least critical/Tier 3 processes. Use the filter in the “Criticality Rating” column in the Impact Analysis tab of the BIA tool to show only Tier 3 processes.
   • What range of RTOs did the group assign for processes in this Tier? Does the group agree that these targets are appropriate for these processes?
   • Record the range of RTOs on the whiteboard or flipchart.
2. Next, look at Tier 2 processes. Use the same filter to show just Tier 2 processes.
   • Record the range of RTOs, confirm the range with the group, and ensure there’s no overlap with the Tier 3 range.
   • If the RTOs in one Tier overlap with RTOs in another, you’ll need to adjust RTOs or move processes between Tiers (if the impact analysis justifies it).

Phase 3

Document the Recovery Workflow and Projects to Close Gaps

3.1 Determine current recovery procedures

3.2 Identify and prioritize projects to close gaps

3.3 Evaluate business continuity site and command center options

Insights & Outcomes

Outline business recovery processes. Highlight gaps and risks that could hinder business recovery. Brainstorm ideas to address gaps and risks. Review alternate site and business relocation options.

Participants

• BCP Coordinator
• Pilot Business Unit Manager
• Business Process SMEs

Step 3.1

Determine current recovery procedures

This step will walk you through the following activities:

• Create a step-by-step, high-level recovery workflow.
• Highlight gaps and risks in the recovery workflow.
• Test the workflow against multiple scenarios.

This step involves the following participants:

• BCP Coordinator
• Crisis Management Team
• Pilot Business Unit Manager
• Expert Business Unit Staff

In this step, you’ll use these tools and templates:

• BCP Tabletop Planning Template

Outcomes & Insights

Establish steps required for business recovery and current recovery timelines.

Identify risks & gaps that could delay or obstruct an effective recovery.

Conduct a tabletop planning exercise to draft business recovery plans

Tabletop exercises are the most effective way to test and increase business confidence in business recovery capabilities.

Why is tabletop planning so effective?

• It enables you play out a wider range of scenarios than technology-based testing (e.g. full-scale, parallel) due to cost and complexity factors.
• It is non-intrusive, so it can be executed more frequently than other testing methodologies.
• It provides a thorough test of your recovery workflow since the exercise is, essentially, paper-based.
• After you have a BCP in place, this exercise can continue to be a valuable testing exercise for BCP to capture changes in your recovery process.

Step 2 - 2 hours
Establish command center.

Step 2: Risks

• Command center is just 15 miles away from primary site.

Step 2: Gaps

• Confirm what’s required to set up the command center.
• Who has access to the EOC?
• Does the center have sufficient bandwidth, workstations, phones, telephone lines?

3.1.1 Choose a scenario for your first tabletop exercise

30 minutes

Input

• List of past incidents.
• Risks to business continuity that are of high concern.

Output

• Scenario for the tabletop exercise.

Materials

• N/A

Participant

• BCP Coordinator (facilitates the exercise)
• Business Process Subject Matter Experts (SMEs)
• Pilot business unit manager

At the business unit level, the goal is to define a plan to resume business processes after an incident.

A good scenario is one that helps the group focus on the goal of tabletop planning – to discuss and document the steps required to recover business processes. We suggest choosing a scenario for your first exercise that:

• Disrupts many process dependencies (i.e. facilities, staff, IT services, suppliers).
• Does not result in major property damage, harm, or loss of life. Business resumption is the focus of this exercise, not emergency response.
• Has happened in the past, or is of concern to the business.

An example: a gas leak at company HQ that requires the area to be cordoned off and power to be shut down. The business must resume processes from another location without access to materials, equipment, or IT services at the primary location.

A plan that satisfies the gas leak scenario should meet the needs of other scenarios that affect your normal workspace. Then use BCP testing to validate that the plan meets a wider range of incidents.

3.1.2 Define the BCP activation process

1 hour

Input

• Any existing crisis management, incident response or emergency response plans.
• BC Scenario.

Output

• High level incident notification, assessment, and declaration workflow.

Materials

• Cue cards, sticky notes, whiteboard and markers, or Visio template.

Participants

• BCP Coordinator
• Crisis Management Team (if one exists)
• Business Process SMEs
• Pilot Business Unit Manager

Answer the questions below to structure your notification, assessment, and BCP activation procedures.

Notification

How will you be notified of a disaster event? How will this be escalated to leadership? How will the team responsible for making decisions coordinate (if they can’t meet on-site)? What emergency response plans are in place to protect health and safety? What additional steps are involved if there’s a risk to health and safety?

Assessment

Who’s in charge of the initial assessment? Who may need to be involved in the assessment? Who will coordinate if multiple teams are required to investigate and assess the situation? Who needs to review the results of the assessment, and how will the results of the assessment be communicated (e.g. phone bridge, written memo)? What happens if your primary mode of communication is unavailable (e.g. phone service is down)?

Declaration

Who is responsible today for declaring a disaster and activating business continuity plans? What are the organization’s criteria for activating continuity plans, and how will BCP activation be communicated? Establish a crisis management team to guide the organization through a wide range of crises by Implementing Crisis Management Best Practices.

3.1.3 Document the business recovery workflow

1 hour

Input

• Pilot BIA.
• Any existing crisis management, incident response, or emergency response plans.
• BC Scenario

Output

• Outline of your BCP declaration and business recovery plan.

Materials

• Cue cards, sticky notes, whiteboard and markers, or Visio template.

Participants

• BCP Coordinator (facilitates the exercise)
• Business Process Subject Matter Experts (SMEs)
• Pilot Business Unit Manager

Do the following:

1. Create separate flows for facility, IT, and staff disruptions. Include additional workflows as needed.
   • We suggest you outline the recovery process at least to the point where business processes are restored to a minimum viable functional level.
2. On white cue cards:
   1. Record the step.
   2. Indicate the task owner.
   3. Estimate how long the step will take.
3. On yellow cue cards, document gaps in people, process, and technology requirements to complete the step.
4. On red cue cards, indicate risks (e.g. no backup person for a key staff member).

Info-Tech Best Practice

Tabletop planning is most effective when you keep it simple.

• Be focused; stay on task and on time.
• Revisit each step and record risks and mitigation strategies.
• Discuss each step from start to finish.
• Revise the plan with key task owners.
• Don’t get weighed down by tools.
• Simple tools, like cue cards or whiteboards, can be very effective.

Tool: BCP Recovery Workflow

Document the steps you identified in the tabletop to create your draft recovery workflow.

Why use a flowchart?

• Flowcharts provide an at-a-glance view, are ideal for crisis scenarios where pressure is high and effective, and where timely communication is necessary.
• For experienced managers and staff, a high-level reminder of process flows or key steps is sufficient.
• Where more detail is required, include links to supporting documentation (which could include checklists, vendor documentation/contracts, other flowcharts, etc.)

Create one recovery workflow for all scenarios.

Traditional planning calls for separate plans for different “what-if” scenarios. This is challenging not just because it’s a lot more documentation – and maintenance – but because it’s impossible to predict every possible incident. Use the template, aligned to recovery of process dependencies, to create one recovery workflow for each business unit that can be used in and tested against different scenarios.

Download Info-Tech’s BCP Recovery Workflow Example

"We use flowcharts for our declaration procedures. Flowcharts are more effective when you have to explain status and next steps to upper management." – Assistant Director-IT Operations, Healthcare Industry

"Very few business interruptions are actually major disasters. It’s usually a power outage or hardware failure, so I ensure my plans address ‘minor’ incidents as well as major disasters."- BCP Consultant

3.1.4 Document achievable recovery metrics (RTA/RPA)

30 minutes

Input

• Pilot BCP BIA.
• Draft recovery workflow.

Output

• RTA and RPA for each business process.

Materials

• Pilot BCP BIA.

Participants

• BCP Coordinator (facilitates the exercise)
• Business Process Subject Matter Experts (SMEs)
• Pilot Business Unit Manager

Add the following data to your copy of the BCP Business Impact Analysis Tool.

1. Estimate the recovery time achievable (RTA) for each process based on the required time for the process to be restored to a minimum acceptable functional level. Review your recovery workflow to identify this timeline. For example, if the full process from notification, assessment, and declaration to recovery and relocation would take a full day, set the RTA to 24 hours.
2. Estimate the recovery point achievable (RPA) for each process based on the maximum amount of data that could be lost. For example, if data on a particular system is backed up offsite once per day, and the onsite system was destroyed just before that backup began, the entire day’s data could be lost and the achievable RPO is 24 hours. Note: Enter a value of 9999 to indicate that data is unrecoverable.

Info-Tech Insight

Operating at a minimum acceptable functional level may not be feasible for more than a few days or weeks. Develop plans for immediate continuity first, then develop further plans for long-term continuity processes as required. Recognize that for longer term outages, you will evolve your plans in the crisis to meet the needs of the situation.

3.1.5 Test the workflow of other scenarios

1 hour

Input

• Draft recovery workflow.

Output

• Updated draft recovery workflow.

Materials

• Draft recovery workflow.
• Projector or screen.

Participants

• BCP Coordinator (facilitates the exercise)
• Business Process Subject Matter Experts (SMEs)
• Pilot Business Unit Manager

Work from and update the soft copy of your recovery workflow.

1. Would any steps change if the scenario changes? If yes, capture the different flow with a decision diamond. See the example Recovery Workflow for a workflow that uses decision diamonds. Identify any new gaps or risks you encounter with red and yellow cards.
2. Make sure the decision diamonds are as generalized as possible. For example, instead of creating a separate response plan for each scenario that would require you to relocate from your existing building, create one response plan for relocation and one response plan for remaining in place.
3. See the next section for some examples of different types of scenarios that you may include in your recovery workflow.

Info-Tech Insight

Remember that health and safety risks must be dealt with first in a crisis. The business unit recovery workflow will focus on restoring business operations after employees are no longer at risk (e.g. the risk has been resolved or employees have been safely relocated). See Implement Crisis Management Best Practices for ideas on how to respond to and assess a wide range of crises.

Not all scenarios will have full continuity plans

Risk management is a business decision. Business continuity planning can help decision makers understand and decide on whether to accept or mitigate high impact, low probability risks.

For some organizations, it’s not practical or possible to invest in the redundancy that would be necessary to recover in a timely manner from certain major events.

Leverage existing risk management practices to identify key high impact events that could present major business continuity challenges that could cause catastrophic disruptions to facility, IT, staffing, suppliers, or equipment. If you don’t have a risk register, review the scenarios on the next slide and brainstorm risks with the working group.

Work through tabletop planning to identify how you might work through an event like this, at a high level. In step 3.2, you can estimate the effort, cost, and benefit for different ideas that can help mitigate the damage to the business to help decision makers choose between investment in mitigation or accepting the risk.

Document any scenarios that you identify as outside the scope of your continuity plans in the “Scope” section of your BCP Summary document.

For example:

A single location manufacturing company is creating a BCP.

The factory is large and contains expensive equipment; it’s not possible to build a second factory for redundancy. If the factory is destroyed, operations can’t be resumed until the factory is rebuilt. In this case, the BCP outlines how to conduct an orderly business shutdown while the factory is rebuilt.

Contingency planning to resume factory operations after less destructive events, as well as a BCP for corporate services, is still practical and necessary.

Considerations for other BCP scenarios

Step 3.2

Identify and prioritize projects to close gaps

This step will walk you through the following activities:

• Brainstorm solutions to identified gaps and risks.
• Prioritize projects and action items to close gaps and risks.
• Assess the impact of proposed projects on the recovery workflow.

This step involves the following participants:

• BCP Coordinator
• Pilot Business Unit Manager
• Expert Business Unit Staff

In this step, you’ll use these tools and templates:

• BCP Project Roadmap

Outcomes & Insights

Identify and prioritize projects and action items that can improve business continuity capabilities.

3.2.1 Brainstorm solutions to address risks and gaps

1 hour

Input

• Draft recovery workflow.
• Known continuity risks and gaps.

Output

• Ideas for action items and projects to improve business continuity.

Materials

• Flipchart

Participants

• BCP Coordinator (facilitates the exercise)
• Business Process Subject Matter Experts (SMEs)
• Pilot Business Unit Manager

1. Review each of the risk and gap cards from the tabletop exercise.
2. As a group, brainstorm ideas to address gaps, mitigate risks, and improve resiliency. Write the list of ideas on a whiteboard or flip chart paper. The solutions can range from quick-wins and action items to major capital investments. The following slides can help you seed ideas to support brainstorming and idea generation.

Info-Tech Best Practice

Try to avoid debates about feasibility at this point. The goal is to get ideas on the board.

When you’re brainstorming solutions to problems, don’t stop with the first idea, even if the solution seems obvious. The first idea isn’t always the best or only solution – other ideas can expand on it and improve it.

Step 4: No formal process to declare a disaster and invoke business continuity.

Step 7: Alternate site could be affected by the same regional event as the main office.

Step 12: Need to confirm supplier service-level agreements (SLAs).

1. Continue to create BCP documentation.
2. Identify a third location for regional disasters.
3. Contact suppliers to confirm SLAs and validate alignment with RTOs/RPOs.
4. Add BCP requirements collection to service procurement process?

Discuss your remote work capabilities

With COVID-19, most organizations have experience with mass work-from-home.

Review the following case studies. Do they reflect your experience during the COVID-19 pandemic?

Unacceptable risk

• A small insurance company provided laptops to staff so they could work remotely.
• Complication: Cheque and print stock is a dependency and no plan was made to store check stock offsite in a secure fashion.

Key dependencies missing

• A local government provided laptops to key staff so they could work remotely.
• Complication: The organization didn’t currently own enough Citrix licenses for every user to be online concurrently.

Unable to serve customers

• The attestation and land services department of a local government agency provided staff with remote access to key apps.
• Complication: Their most critical business processes were designed to be in-person – they had no plan to execute these processes from home.

Consider where your own work-from-home plans fell short.

• Were your collaboration and communication solutions too difficult for users to use effectively?
• Did legacy infrastructure affect performance or limit capabilities? Were security concerns appropriately addressed?
• What challenges did IT face supporting business users on break-fix and new requests?
• Were there logistical needs (shipping/receiving, etc.) that weren’t met?
• Develop an updated plan to support work-from-home using Info-Tech’s BCP Relocation Checklists and Home Office Survey template, and integrate these into your overall BCP documentation. Stakeholders can easily appreciate the value of this plan since it’s relevant to recent experience.

Identify opportunities to improve continuity plans

What gaps in your continuity response could be addressed with better planning?

People

• Alternates are not identified
• Roles in a disaster are not formalized
• No internal/external crisis comm. strategy

→

• Identify people dependencies and alternates.
• Create response and management teams.
• Implement Crisis Management Best Practices.

Site & Facilities

• No alternate place of business or command center identified
• No formal planning or exercises to test alternate site viability

→

• Identify a viable secondary site and/or work-from-home plan, and develop a schedule for testing activities. Review in Step 3.3 of the Develop a Business Continuity Plan blueprint.

External Services & Suppliers

• Contingency plans for a disruption not planned or formalized
• No formal review of service-level agreements (SLAs)

→

• Contact key suppliers and vendors to establish SLAs, and ensure they meet requirements.
• Review supplier continuity plans.

Technology & Physical Assets

• No secondary site or redundancy for critical IT systems
• No documented end-to-end IT DR plan

→

• Create a Right-Sized DR Plan.
• Verify SLAs with key IT infrastructure and service providers and review their DRP.

Tool: BCP Project Roadmap

Prioritize and visualize BCP projects to present options to decision makers.

Not all BCP projects can be tackled at once. Enable decision makers to defer, rather than outright reject, projects that aren’t feasible at this time.

1. Configure the tool in Tab 1. Setup. Adjust criteria and definitions for criteria. Note that shaded columns are required for reporting purposes and can’t be modified.
2. Add projects and action items in Tab 2. Data Entry. Fields highlighted in red are all required for the dashboard to populate. All other fields are optional but will provide opportunities to track more detailed data on project ideas.
3. To generate the dashboard in Tab 3. Roadmap, open the Data ribbon and under Queries and Connections click Refresh All. You can now use the slicers on the right of the sheet.

Download Info-Tech’s BCP Project Roadmap Tool

Demonstrate BCP project impacts

Illustrate the benefits of proposed projects.

1. Review your recovery workflow.
2. Make updates to a second copy of the high-level outline to illustrate how the business response to a disaster scenario will change once proposed projects are complete.

• Remove steps that have been made unnecessary.
• Remove any risks or gaps that have been mitigated or addressed.
• Verify that proposed projects close gaps between acceptable and achievable recovery capabilities in the BIA tool.

Step 3.3

Evaluate business continuity site and command center options

This step will walk you through the following activities:

• Take a deep dive on the requirements for working from an alternate location.
• Assess different options for an alternate location.

This step involves the following participants:

• BCP Coordinator
• Pilot Business Unit Manager
• Expert Business Unit Staff

In this step, you’ll use these tools and templates:

• BCP Relocation Checklists

Outcomes & Insights

Identify requirements for an alternate business site.

Tool: Relocation Checklists

An alternate site could be another company building, a dedicated emergency operations center, or work-from-home. Use this tool to guide and prepare for any relocation exercise.

• Coordinate your response with the pre-populated checklists in Tabs 1 & 2, identify who’s responsible for items on the checklists, and update your recovery workflows to reflect new steps. When reviewing the checklist, consider what can be done to prepare ahead of a crisis.
  • For example, you may wish to create crisis communication templates to streamline crisis communications during a disaster.
• Calculate the effort required to provision equipment for relocated users in Tabs 3 & 4.
• Evaluate your options for alternate sites with the requirements matrix in Tab 5. Use your evaluation to identify how the organization could address shortcomings of viable options either ahead of time or at the time of an incident.

Download Info-Tech’s BCP Relocation Checklists

Create a checklist of requirements for an alternate site

Leverage the roll-up view, in tab 3, of dependencies required to create a list of requirements for an alternate site in tab 4.

1. The table on Tab 5 of the relocation checklists is pre-populated with some common requirements. Modify or replace requirements to suit your needs for an alternate business/office site. Be sure to consider distance, transportation, needed services, accessibility, IT infrastructure, security, and seating capacity at a minimum.
2. Don’t assume. Verify. Confirm anything that requires permissions from the site owner. What network providers have a presence in the building? Can you access the site 24/7 and conduct training exercises? What facilities and services are available? Are you guaranteed the space if needed?

"There are horror stories about organizations that assumed things about their alternate site that they later found out they weren’t true in practice." – Dr. Bernard Jones, MBCI CBCP

Info-Tech Insight

If you choose a shared location as a BCP site, a regional disaster may put you in competition with other tenants for space.

Identify a command center

For command center and alternate worksite selection, remember that most incidents are local and short term. Identify an onsite and an offsite command center.

1. For events where the building is not compromised, identify an onsite location, ideally with remote conferencing capabilities and planning and collaboration tools (projectors, whiteboards, flipcharts). The onsite location can also be used for BCM and crisis management meetings. Remember, most business continuity events are not regional or massively destructive.
2. For the offsite command center, select a location that is sufficiently far away from your normal business location to maintain separation from local incidents while minimizing commute time. However, consider a geographically distant option (e.g. more than 50 miles away) identified for those scenarios where it is a regional disaster, or plan to leverage online tools to create a virtual command center (see the Insight box below).
3. The first members of the Emergency Response Team to be notified of the incident will determine which location to use or whether a third alternative is required.

Info-Tech Insight

For many organizations, a dedicated command center (TVs on the wall, maps and charts in filing cabinets) isn’t necessary. A conference bridge and collaboration tools allowing everyone to work remotely can be an acceptable offsite command center as long as digital options can meet your command center requirements.

Create a plan for a return to normal

Operating in continuity mode for an extended period of time tends to result in higher costs and reduced business capabilities. It’s important to restore normal operations as soon as possible.

Advance planning can minimize risks and delays in returning to normal operations.

Leverage the methodology and tools in this blueprint to define your return to normal (repatriation) procedures:

1. Repeat the tabletop planning exercise to determine the repatriation steps and potential gaps. How will you return to the primary site from your alternate site? Does data need to be re-entered into core systems if IT services are down? Do you need to transfer job duties back to primary staff?
2. What needs to be done to address the gaps in the return to normal workflow? Are there projects or action items that could make return to normal easier?

For more on supporting a business move back to the office from the IT perspective, see Responsibly Resume IT Operations in the Office

Potential business impacts of ongoing operations at a failover site

• The cost of leasing alternate business worksites.
• Inability to deliver on strategic initiatives while in emergency/interim operations mode, resulting in lost business opportunities.
• A growing backlog of work that falls outside of emergency operations mode.
• Travel and accommodation costs if the alternate site is geographically remote.
• Additional vendor licensing and contract costs.

Phase 4

Extend the Results of the Pilot BCP and Implement Governance

Phase 4

4.1 Consolidate BCP pilot insights to support an overall BCP project plan

4.2 Outline a business continuity management (BCM) program

4.3 Test and maintain your BCP

Insights & Outcomes

Summarize and consolidate your initial insights and documentation. Create a project plan for overall BCP. Identify teams, responsibilities, and accountabilities, and assign documentation ownership. Integrate BCP findings in DR and crisis management practices. Set guidelines for testing, plan maintenance, training, and awareness.

Participants

• BCP Coordinator
• Pilot Business Unit Manager
• BCP Executive Sponsor

Step 4.1

Consolidate BCP pilot insights to support an overall BCP project plan

This step will walk you through the following activities:

• Summarize and consolidate outputs and key insights from the BCP pilot.
• Identify outputs from the pilot that can be re-used for the overall BCP.
• Create a project charter for an overall BCP.

This step involves the following participants:

• BCP Coordinator
• Pilot Business Unit Manager
• BCP Executive Sponsor

In this step, you’ll use these tools and templates:

• BCP Pilot Results Presentation
• BCP Summary

Outcomes & Insights

Present results from the pilot BCP, and outline how you’ll use the pilot process with other business units to create an overall continuity program.

Structure the overall BCP program.

Template: BCP Pilot Results Presentation

Highlight key findings from the BCP pilot to make the case for next steps.

• Highlight critical gaps or risks identified, any potential process improvements, and progress made toward improving overall BCP maturity through the pilot project. Summarize the benefits of the pilot project for an executive audience.
• Review process recovery objectives (RTO/RPO). Provide an overview of recovery capabilities (RTA/RPA). Highlight any significant gaps between objectives and capabilities.
• Propose next steps, including an overall BCP project and program, and projects and action items to remediate gaps and risks.
• Develop a project plan to estimate resource requirements for an overall BCP project prior to delivering this presentation. Quantifying required time and resources is a key outcome as it enables the remaining business units to properly scope and resource their BCP development activities and can help managers overcome the fear of the unknown.

Download Info-Tech’s BCP Pilot Results Presentation

Tool: BCP Summary

Sum up information from completed BCP documents to create a high-level BCP overview for auditors and executives.

The BCP Summary document is the capstone to business unit continuity planning exercises. It consolidates your findings in a short overview of your business continuity requirements, capabilities, and maintenance procedures.

Info-Tech recommends embedding hyperlinks within the Summary to the rest of your BCP documentation to allow the reader to drill down further as needed. Leverage the following documents:

• Business Impact Analysis
• BCP Recovery Workflows
• Business Process Workflows
• BCP Project Roadmap
• BCP Relocation Checklists
• Business Continuity Policy

Download Info-Tech’s BCP Summary Document

Reuse templates for additional exercises

The same methodology described in this blueprint can be repeated for each business unit. Also, many of the artifacts from the BCP pilot can be reused or built upon to give the remaining business units a head start. For example:

• BCP Pilot Project Charter Template. Make a copy to use as a base for the next business unit’s BCP project charter, and update the stakeholders/roles and milestone dates. The rest of the content can remain the same in most cases.
• BCP Reference Workbook. This tool contains information common to all business units and can be updated as needed.
• BCP Business Impact Analysis Tool. You may need to start a separate copy for each business unit to allow enough space to capture all business processes. However, use the same scoring scale to drive consistent assessments. In addition, the scoring completed by the pilot business unit provides an example and benchmark for assessing other business processes.
• BCP Recovery Workflow. The notification, assessment, and declaration steps can be standardized so remaining business units can focus primarily on recovery after a disaster is declared. Similarly, many of the steps related to alternate sites and IT workarounds will also apply to other business units.
• BCP Project Roadmap Tool. Many of the projects identified by the pilot business unit will also apply to other business units – update the list as needed.
• The Business Unit BCP Prioritization Tool, BCP Executive Presentation, and Business Continuity Policy Template do not need to be updated for each business unit.

Info-Tech Best Practice

You may need to create some artifacts that are site specific. For example, relocation plans or emergency plans may not be reusable from one site to another. Use your judgement to reuse as much of the templates as you can – similar templates simplify audit, oversight, and plan management.

Create an Overall BCP Project Charter

Modify the pilot project charter to encompass the larger BCP project.

Adjust the pilot charter to answer the following questions:

• How much time and effort should the rest of the project take, based on findings from the pilot? When do you expect to meet certain milestones? What outputs and outcomes are expected?
• In what order should additional business units complete their BCP? Who needs to be involved?
• What projects to address continuity gaps were identified during the pilot? What investments will likely be required?
• What additional documentation is required? This section and the appendix include templates to document your BCM Policy, Teams & Contacts, your notification procedures, and more.
• How does this integrate with the other areas of business resilience and continuity (IT disaster recovery planning and crisis management planning)?
• What additional activities, such as testing, are required?

Prioritize business units for further BCP activities.

As with the pilot, choose a business unit, or business units, where BCP will have the greatest impact and where further BCP activities will have the greatest likelihood of success. Prioritize business units that are critical to many areas of the business to get key results sooner.

Work with one business unit at a time if:

• Required resources from the business unit are available to focus on BCP full-time over a short period (one to two weeks).
• More hands-on guidance (less delegation) is needed.
• The business unit is large or has complex processes.

Work with several business units at the same time if:

• Required resources are only available sporadically over a longer period of time.
• Less guidance (more delegation) is possible.
• All business units are small and have well-documented processes.

Download Info-Tech’s Business Unit BCP Prioritization Tool

Step 4.2

Outline a Business Continuity Management (BCM) Program

This step will walk you through the following activities:

• Identify teams and roles for BCP and business continuity management.
• Identify individuals to fill key roles.

This step involves the following participants:

• BCP Coordinator
• Executive Sponsor

In this step, you’ll use these tools and templates:

• Business Continuity Teams and Roles Tool

Outcomes & Insights

Document BCP teams, roles, and responsibilities.

Document contact information, alternates, and succession rules.

Outline a Business Continuity Management Program

A BCM program, also known as a BCM system, helps structure business continuity activities and practices to deliver long-term benefits to your business.

A BCM program should:

• Establish who is responsible and accountable for BCP practices, activities, and documentation, and set documentation management practices.
• Define a process to improve plans. Review and update continuity requirements, suggest enhancements to recovery capabilities, and measure progress and improvements to the plan over time.
• Coordinate disaster recovery, business continuity, and crisis management planning outputs and practices.
• Communicate the value of the continuity program to the organization.

Develop a Business Continuity Management Program

Phase 4 of this blueprint will focus on the following elements of a business continuity management program:

• BCM Roles, Responsibilities, and Accountabilities
• BCM Document Management Practices
• Integrate BC, IT DR, Crisis Management, and Emergency Management
• Business Continuity Plan maintenance and testing
• Training and awareness

Schedule a call with an Info-Tech Analyst for help building out these core elements, and for advice on developing the rest of your BCM program.

Create BCM teams

Include a mix of strong leaders and strong planners on your BC management teams.

BC management teams (including the secondary teams such as the emergency response team) have two primary roles:

1. Preparation, Planning, and Governance: Conduct and consolidate business impact analyses. Review, and support the development of recovery workflows, including emergency response plans and business unit recovery workflows. Organize testing and training. Report on the state of the continuity plan.
2. Leadership During a Crisis: Coordinate and support the execution of business recovery processes. To meet these goals, each team needs a mix of skill sets.

Crisis leaders require strong crisis management skills:

• Ability to make quick decisions under pressure with incomplete information.
• Excellent verbal communication skills.
• Strong leadership skills. Calm in stressful situations.
• Team leaders are ideally, but not necessarily, those with the most senior title on each team. It’s more important that the team leader has the appropriate skill set.

Collectively, the team must include a broad range of expertise as well as strong planning skills:

• Diverse expertise to be able to plan for and respond to a wide range of potential incidents, from health and safety to reputational damage.
• Excellent organizational skills and attention to detail.
• Excellent written communication skills.

Note: For specific BC team roles and responsibilities, including key resources such as Legal, HR, and IT SMEs required to prepare for and execute crisis management plans, see Implement Crisis Management Best Practices.

Structure the BCM Team

Create a hierarchy of teams to govern and coordinate business continuity planning and crisis management.

BCM Team: Govern business continuity, DR, and crisis management planning. Support the organization’s response to a crisis, including the decision to declare a disaster or emergency.

Emergency Response Teams: Assist staff and BC teams during a crisis, with a focus first on health and safety. There’s usually one team per location. Develop and maintain emergency response plans.

Emergency Response Teams: Assist staff and BC teams during a crisis, with a focus first on health and safety. There’s usually one team per location. Develop and maintain emergency response plans.

IT Disaster Recovery Team: Manage the recovery of IT services and data following an incident. Develop and maintain the IT DRP.

Business Unit BCP Teams: Coordinate business process recovery at the business unit level. Develop and maintain business unit BCPs.

“Planning Mode”

Executive Team → BC Management Team ↓

• Emergency Response Teams (ERT)
• Crisis Management Team
• IT DR Management Team
• Business Unit BCP Teams

“Crisis Mode”

Executive Team ↔Crisis Management Team↓ ↔ Emergency Response Teams (ERT)

• BC Management Team
• IT DR Management Team
• Business Unit BCP Teams

For more details on specific roles to include on these teams, as well as more information on crisis management, review Info-Tech’s blueprint, Implement Crisis Management Best Practices.

Tool: BCM Teams, Roles, Contacts, and Vendors

Track teams, roles, and contacts in this template. It is pre-populated with roles and responsibilities for business continuity, crisis management, IT disaster recovery, emergency response, and vendors and suppliers critical to business operations.

• Expect overlap across teams. For example, the BC Management Team will include representation from each secondary team to ensure plans are in sync. Similarly, both the Crisis Communication Team and BC Management Team should include a representative from your legal team to ensure legal issues are considered in communications as well as overall crisis management.
• Clarify spending and decision authority for key members of each team during a crisis.

Track contact information in this template only if you don’t have a more streamlined way of tracking it elsewhere.

Download Info-Tech’s Business Continuity Teams and Roles Tool

Manage key vendors

Review supplier capabilities and contracts to ensure they meet your requirements.

Suppliers and vendors might include:

• Material shipments
• IT/telecoms service providers
• Integrators and business process outsourcing providers
• Independent contractors
• Utilities (power, water, etc.)

Supplier RTOs and RPOs should align with the acceptable RTOs and RPOs defined in the BIA. Where they do not, explore options for improvement.

Confirm the following:

1. The supplier’s own BC/DR capabilities – how they would recover their own operations in a disaster scenario.
2. Any continuity services the supplier provides – how they can help you recover your operations in a disaster scenario.
3. Their existing contractual obligations for service availability (e.g. SLAs).

Download Info-Tech’s BCP Supplier Evaluation Questionnaire

Organize your BCMS documentation

Your BCP isn’t any one document. It’s multiple documents that work together.

Continue to work through any additional required documentation. Build a repository where master copies of each document will reside and can be updated as required. Assign ownership of document management to someone with an understanding of the process (e.g. the BCP Coordinator).

Info-Tech Best Practice

Recovery documentation has a different audience, purpose, and lifecycle than governance documentation, and keeping the documents separate can help with content management. Disciplined document management keeps the plan current and accessible.

Align your IT DRP with your BCP

Use the following BCP outputs to inform your DRP:

• Business process technology dependencies. This includes technology not controlled by IT (e.g. cloud-based services).
• RTOs and RPOs for business processes.
• Technology projects identified by the business to improve resilience (e.g. improved mobility support).

Info-Tech Insight

Don’t think of inconsistencies between your DRP and BCP as a problem. Discrepancies between the plans are part of the discovery process, and they’re an opportunity to have a conversation that can improve alignment between IT service capabilities and business needs. You should expect that there will be discrepancies – managing discrepancies is part of the ongoing process to refine and improve both plans.

Schedule activities to keep BC and DR in sync

BC/DR Planning Workflow

1. Collect BCP outputs that impact IT DRP (e.g. technology RTOs/RPOs).

2. As BCPs are done, BCP Coordinator reviews outputs with IT DRP Management Team.

3. Use the RTOs/RPOs from the BCPs as a starting point to determine IT recovery plans.

4. Identify investments required to meet business-defined RTOs/RPOs, and validate with the business.

5. Create a DR technology roadmap to meet validated RTOs/RPOs.

6. Review and update business unit BCPs to reflect updated RTOs/RPOs.

Find and address shadow IT

Reviewing business processes and dependencies can identify workarounds or shadow IT solutions that weren’t visible to IT and haven’t been included in IT’s DR plan.

• If you identify technology process dependencies that IT didn’t know about, it can be an opportunity to start a conversation about service support. This can be a “teachable moment” to highlight the risks of adopting and implementing technology solutions without consulting IT.
• Highlight the possible impact of using technology services that aren’t supported by IT. For example:
  • RTOs and RPOs may not be in line with business requirements.
  • Costs could be higher than supported solutions.
  • Security controls may not be in line with compliance requirements.
  • IT may not be able to offer support when the service breaks or build new features or functionality that might be required in the future.
• Make sure that if IT is expected to support shadow IT solutions, these systems are included in the IT DRP and that the risks and costs of supporting the non-core solution are clear to all parties and are compared to an alternative, IT-recommended solutions.

Shadow IT can be a symptom of larger service support issues. There should be a process for requesting and tracking non-standard services from IT with appropriate technical, security, and management oversight.

Review and reprioritize BC projects to create an overall BC project roadmap

Assign the BCP Coordinator the task of creating a master list of BC projects, and then work with the BC management team to review and reprioritize this list, as described below:

1. Build a list of BC projects as you work with each business unit.
   1. Add proposed projects to a master copy of the BCP Project Roadmap Tool
   2. For each subsequent business unit, copy project names, scoring, and timelines into the master roadmap tool.
2. Work with the Executive Sponsor, the IT BCM representative, and the BCM team to review and reprioritize projects.
   1. In the master BCP Project Roadmap Tool, review and update project scoring, taking into account the relative importance of each project within the overall list. Rationalize the list (e.g. eliminate duplicate projects).
3. The project roadmap is a suggested list of projects at this stage. Assign a project sponsor and project manager (from the BC management team or appropriate delegates) to each project to take it through your organization’s normal project scoping and approval process.

Improving business continuity capabilities is a marathon, not a sprint. Change for the better is still change and introduces risk – massive changes introduce massive risk. Incremental changes help minimize disruption. Use Info-Tech research to deliver organizational change.

"Developing a BCP can be like solving a Rubik’s Cube. It’s a complex, interdepartmental concern with multiple and sometimes conflicting objectives. When you have one side in place, another gets pushed out of alignment." – Ray Mach, BCP Expert

Step 4.3

Test and maintain your BCP

This step will walk you through the following activities:

• Create additional documentation to support your business continuity plan.
• Create a repository for documentation, and assign ownership for BCP documentation.

This step involves the following participants:

• BCP Coordinator

In this step, you’ll use these tools and templates:

• BCP-DRP Maintenance Checklist

Outcomes & Insights

Create a plan to maintain the BCP.

Iterate on your plan

Tend your garden, and pull the weeds.

Mastery comes through practice and iteration. Iterating on and testing your plan will help you keep up to date with business changes, identify plan improvements, and help your organization’s employees develop a mindset of continuity readiness. Maintenance drives continued success; don’t let your plan become stagnant, messy, and unusable.

Your BCM program should structure BCP reviews and updates by answering the following:

1. When do we review the plan?
2. What are the goals of a review?
3. Who must lead reviews and update BCP documents?
4. How do we track reviews, tests, and updates?

Structure plan reviews

There are more opportunities for improvements than just planned reviews.

At a minimum, review goals should include:

1. Identify and document changes to BCP requirements.
2. Identify and document changes to BCP capabilities.
3. Identify gaps and risks and ways to remediate risks and close gaps.

Who leads reviews and updates documents?

The BCP Coordinator is likely heavily involved in facilitating reviews and updating documentation, at least at first. Look for opportunities to hand off document ownership to the business units over time.

How do we track reviews, tests, and updates?

Keep track of your good work by keeping a log of document changes. If you don’t have one, you can use the last tab on the BCP-DRP Maintenance Checklist.

When do we review the plan?

1. Scheduled reviews: At a minimum, plan reviews once a year. Plan owners should review the documents, identify needed updates, and notify the coordinator of any changes to their plan.
2. As-needed reviews: Project launches, major IT upgrades, office openings or moves, organizational restructuring – all of these should trigger a BCP review.
3. Testing exercises: Schedule controlled exercises to test and improve different aspects of your continuity plan, and ensure that lessons learned become part of plan documentation.
4. Retrospectives: Take the opportunity to learn from actual continuity events and crises by conducting retrospectives to evaluate your response and brainstorm improvements.

Conduct a retrospective after major incidents

Use a retrospective on your COVID-19 response as a starting point. Build on the questions below to guide the conversation.

• If needed, how did we set up remote work for our users? What worked, and what didn’t?
• Did we discover any long-term opportunities to improve business processes?
• Did we use any continuity plans we have documented?
• Did we effectively prioritize business processes for recovery?
• Were expectations from our business users in line with our plans?
• What parts of our plan worked, and where can we improve the plan?

1. Gather stakeholders and team members
2. Ask:
   1. What happened?
   2. What did we learn?
   3. What did we do well?
   4. What should we have done differently?
   5. What gaps should we take action to address?
3. Prepare a plan to take action

Outcomes and benefits

• Confirm business priorities.
• Validate that business recovery solutions and procedures are effective in meeting business requirements (i.e. RTOs and RPOs).
• Identify gaps in continuity resources, procedures, or documentation, and options to close gaps.
• Build confidence in the response team and recovery capabilities.

Tool: Testing and Maintenance Schedule

Build a light-weight maintenance schedule for your BCP and DRP plans.

This tool helps you set a schedule for plan update activities, identify document and exercise owners, and log updates for audit and governance purposes.

• Add the names of your documents and brainstorm update activities.
• Activities (document updates, testing, etc.) might be scheduled regularly, as-needed, or both. If they happen “as needed,” identify the trigger for the activity.
• Start tracking past activities and resulting changes in Tab 3. You can also track crises that tested your continuity capabilities on this tab.

Info-Tech Insight

Everyone gets busy. If there’s a meeting you can schedule months in advance, schedule it months in advance! Then send reminders closer to the date. As soon as you’re done the pilot BCP, set aside time in everyone’s calendar for your first review session, whether that’s three months, six months, or a year from now.

Appendix

Additional BCP Tools and Templates

Template Library: Business Continuity Policy

Create a high-level policy to govern BCP and clarify BCP requirements.

Use this template to:

• Outline the organizational commitment to BCM.
• Clarify the mandate to prepare, validate, and maintain continuity plans that align with business requirements.
• Define specific policy statements that signatories to the policy are expected to uphold.
• Require key stakeholders to review and sign off on the template.

Download Info-Tech’s Business Continuity Policy template

Template Library: Workarounds & Recovery Checklists

Capture the step-by-step details to execute workarounds and steps in the business recovery process.

If you require more detail to support your recovery procedures, you can use this template to:

• Record specific steps or checklists to support specific workarounds or recovery procedures.
• Identify prerequisites for workarounds or recovery procedures.

Download Info-Tech’s BCP Process Workarounds & Recovery Checklists Template

Template Library: Notification, Assessment, Declaration

Create a procedure that outlines the conditions for assessing a disaster situation and invoking the business continuity plan.

Use this template to:

• Guide the process whereby the business is notified of an incident, assesses the situation, and declares a disaster.
• Set criteria for activating business continuity plans.
• Review examples of possible events, and suggest options on how the business might proceed or react.

Download Info-Tech’s BCP Notification, Assessment, and Disaster Declaration Plan template

Template Library: BCP Recovery Workflow Example

Review an example of BCP recovery workflows.

Use this template to:

• Generate ideas for your own recovery processes.
• See real examples of recovery processes for warehousing, supply, and distribution operations.
• Review an example of working BCP documentation.

Download Info-Tech’s BCP Recovery Workflows Example

Create a Pandemic Response Plan

If you’ve been asked to build a pandemic-specific response plan, use your core BCP findings to complete these pandemic planning documents.

• At the onset of the COVID-19 crisis, IT departments were asked to rapidly ramp up work-from-home capabilities and support other process workarounds.
• IT managers already knew that obstacles to working from home would go beyond internet speed and needing a laptop. Business input is critical to uncover unexpected obstacles.
• IT needed to address a range of issues from security risk to increased service desk demand from users who don’t normally work from home.
• Workarounds to speed the process up had to be balanced with good IT practices and governance (Asset Management, Security, etc.)
• If you’ve been asked to update your Pandemic Response Plan, use this template and your core BCP deliverables to deliver a set of streamlined documentation that draws on lessons learned from the COVID-19 pandemic.

Structure HR’s role in the pandemic plan

Leverage the following materials from Info-Tech’s HR-focused sister company, McLean & Company.

These HR research resources live on the website of Info-Tech’s sister company, McLean & Company. Contact your Account Manager to gain access to these resources.

• Crisis Communication Guides for HR: Communicate calmly and transparently, and reinforce the business continuity plan.
• Launch Emergency Work-from-Home: A short guide to supporting a remote workforce during the COVID-19 pandemic – or any rapid relocation to the home office.
• Bring Employees Back to the Workplace Amid the COVID-19 Pandemic Storyboard: Balance the need for physical distancing with the business need for customer interaction, travel, in-person collaboration, and other activities that are higher-risk during a pandemic.
• The Essential COVID-19 Child Care Policy for Every Organization, Yesterday: A holistic strategy for HR practitioners to use in support of managers and employees who are integrating expanded dependent caregiving responsibilities with working from home during a pandemic.

Summary of Accomplishment

Knowledge Gained

This blueprint outlined:

• The streamlined approach to BCP development.
• A BIA process to identify acceptable, appropriate recovery objectives.
• Tabletop planning exercises to document and validate business recovery procedures.

Processes Optimized

• Business continuity development processes were optimized, from business impact analysis to incident response planning.
• In addition, pilot business unit processes were identified and clarified to support BCP development, which also provided the opportunity to review and optimize those processes.

Key Deliverables Completed

• Core BCP deliverables for the pilot business unit, including a business impact analysis, recovery workflows, and a project roadmap.
• BCP Executive Presentation to communicate pilot results as well as a summary of the methodology to the executive team.
• BCP Summary to provide a high-level view of BCP scope, objectives, capabilities, and requirements.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Contact your account representative for more information.

workshops@infotech.com

1-888-670-8889

Research Contributors and Experts

Dr. Bernard A. Jones, MBCI, CBCP

Professor and Continuity Consultant Berkeley College

Dr. Jones is a professor at Berkeley College within the School of Professional Studies teaching courses in Homeland Security and Emergency Management. He is a member of the National Board of Directors for the Association of Continuity Professionals (ACP) as well as the Information & Publications Committee Chair for the Garden State Chapter of the ACP. Dr. Jones earned a doctorate degree in Civil Security Leadership, Management & Policy from New Jersey City University where his research focus was on organizational resilience.

Kris L. Roberson

Disaster Recovery Analyst Veterans United Home Loans

Kris Roberson is the Disaster Recovery Analyst for Veterans United Home Loans, the #1 VA mortgage lender in the US. Kris oversees the development and maintenance of the Veterans United Home Loans DR program and leads the business continuity program. She is responsible for determining the broader strategies for DR testing and continuity planning, as well as the implementation of disaster recovery and business continuity technologies, vendors, and services. Kris holds a Masters of Strategic Leadership with a focus on organizational change management and a Bachelors in Music. She is a member of Infragard, the National Association of Professional Women, and Sigma Alpha Iota, and holds a Project+ certification.

Trevor Butler

General Manager of Information Technology City of Lethbridge

As the General Manager of Information Technology with the City of Lethbridge, Trevor is accountable for providing strategic management and advancement of the city’s information technology and communications systems consistent with the goals and priorities of the corporation while ensuring that corporate risks are appropriately managed. He has 15+ years of progressive IT leadership experience, including 10+ years with public sector organizations. He holds a B.Mgt. and PMP certification along with masters certificates in both Project Management and Business Analysis.

Robert Miller

Information Services Director Witt/Kieffer

Bob Miller is the Information Services Director at Witt/Kieffer. His department provides end-user support for all company-owned devices and software for Oak Brook, the regional offices, home offices, and traveling employees. The department purchases, implements, manages, and monitors the infrastructure, which includes web hosting, networks, wireless solutions, cell phones, servers, and file storage. Bob is also responsible for the firm’s security planning, capacity planning, and business continuity and disaster preparedness planning to ensure that the firm has functional technology to conduct business and continue business growth.

Related Info-Tech Research

Create a Right-Sized Disaster Recovery Plan

Close the gap between your DR capabilities and service continuity requirements.

Create Visual SOP Documents that Drive Process Optimization, Not Just Peace of Mind

Go beyond satisfying auditors to drive process improvement, consistent IT operations, and effective knowledge transfer.

Select the Optimal Disaster Recovery Deployment Model

Determine which deployment models, including hybrid solutions, best meet your DR requirements.

Bibliography

“Business Continuity Planning.” IT Examination HandBook. The Federal Financial Institution Examination Council (FFIEC), February 2015. Web.

“Business Continuity Plans and Emergency Contact Information.” FINRA, 12 February 2015. Web.

“COBIT 5: A Business Framework for the Governance and Management of Enterprise IT.” ISACA, n.d. Web.

Disaster Resource GUIDE. Emergency Lifeline Corporation, n.d. Web.

“DR Rules & Regulations.” Disaster Recovery Journal, March 2017. Web.

“Federal Information Security Management Act (FISMA).” Homeland Security, 2014. Web.

FEMA. “Planning & Templates.” FEMA, n.d. Web.

“FINRA-SEC-CFTC Joint Advisory (Regulatory Notice 13-25).” FINRA, August 2013. Web.

Gosling, Mel and Andrew Hiles. “Business Continuity Statistics: Where Myth Meets Fact.” Continuity Central, 24 April 2009. Web.

Hanwacker, Linda. “COOP Templates for Success Workbook.” The LSH Group, 2016. Web.

Potter, Patrick. “BCM Regulatory Alphabet Soup – Part Two.” RSA Link, 28 August 2012. Web.

The Good Practice Guidelines. Business Continuity Institute, 2013. Web.

Wang, Dashun and James A. Evans. “When Small Teams are Better than Big Ones.” Harvard Business Review, 21 February 2019. Web.

Customer Service Management Software Selection

Market trends and buyer’s guide

Analyst Perspective

The pandemic and growing younger demographic have shifted the terrain of customer service delivery. Customer service management (CSM) tools ensure organizations enhance customer acquisition, customer retention, and overall revenues into the future.

It is one thing to research customer service best practices; it is another to experience such service. Whether being put on hold for an hour with a telecommunications company, encountering voice biometric security with a bank, or receiving automated FAQs from a chatbot, we all perform our own primary research in customer service by going about our daily lives. Yet while the pandemic required a shift to this multichannel and digital assistant environment (to account for ongoing agent attrition), this trend was actually just accelerated. A growing younger demographic now prefers online communication channels to voice. Social media (whichever the platform) is a fundamental part of this demographic’s online presence and has instigated the need for customer service delivery to meet customers where they are – for both damage control and enhancing customer relationships.

Organizations delivering customer service across multiple product lines need to examine what delivery channels they need to satisfy customers, alongside assessing how customer loyalty and cross-selling can increase revenues and company reputation. Customer service management tools can assist and enable the future state.

Thomas Randall, Ph.D.
Research Director, Info-Tech Research Group

Executive Summary

The objective at the end of the day is to have a single interface that the front-line staff interacts with. I think that is the holy grail when we look at CSM technology. The objective that everyone has in mind is we'd all like to get to one screen and one window. Ultimately, the end game really hasn't changed: How can we make it easy for the agents and how can we minimize their errors? How can we streamline the process so they can work?
Colin Taylor, CEO, The Taylor Reach Group

Customer service management tools form an integral part of your CXM technology portfolio

Info-Tech’s methodology for selecting the right CSM platform

Info-Tech Insight
Need help constructing your RFP? Use Info-Tech’s CSM Platform RFP Template!

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

The CSM selection process should be broken into segments:

1. CSM vendor shortlisting with this buyer’s guide
2. Structured approach to selection
3. Contract review

Info-Tech offers various levels of support to best suit your needs

Diagnostics and consistent frameworks are used throughout all four options

Software Selection Engagement

Five Advisory Calls Over a Five-Week Period to Accelerate Your Selection Process

Expert analyst guidance over five weeks on average to select and negotiate software

Save money, align stakeholders, speed up the process, and make better decisions

Use a repeatable, formal methodology to improve your application selection process

Better, faster results, guaranteed, included in membership

Book Your Selection Engagement

Software Selection Workshops

40 Hours of Advisory Assistance Delivered Online

Select Better Software, Faster

40 hours of expert analyst guidance

Project & stakeholder management assistance

Save money, align stakeholders, speed up the process, and make better decisions

Better, faster results, guaranteed, $25,000 standard engagement fee

Book Your Workshop Engagement

Customer Service Management (CSM) Software

Phase 1: Contextualize the CSM Landscape

Receive and resolve after-sales requests within a unified CSM platform

Info-Tech Insight
After-sales customer service is critical for creating, maintaining, and growing customer relationships. Organizations that fail to provide adequate service will be poorly positioned for future customer service and sales efforts.

Identify your differentiating CSM requirements that align to your use cases

INTEGRATIONS
Note what integrations are available for your contact center, CRM, or industry-specific solutions (e.g. inventory management) to get the most out of CSM.

SENTIMENT ANALYSIS
Reads, contextualizes, and categorizes tickets by sentiment (e.g. “positive”) before escalating to an appropriate agent.

AUTO-RESPONSE EDITOR
Built-in AI provides prewritten responses or auto-pulls the relevant knowledge article, assisting agents with speed to resolution.

ATTRIBUTES-BASED ROUTING
Learns over time how best to route tickets to appropriate agents based on skills, availability, or proximity of an agent (e.g. multilingual, local, or specialist agents).

AUTOMATED WORKFLOWS
CSM tool providers have varying usability for workflow building and enablement. Ensure your use cases align.

TICKET PRIORITIZATION
Adapts and prioritizes customer issues by service-level agreement (SLA), priority, and severity according to inputted KPIs.

Good technology will not fix a bad process. I don't care how good the technology is. If the use case is wrong and the process is wrong, it's not going to work.
Colin Taylor, CEO
The Taylor Reach Group

Leverage CSM tools to shift left toward predictive customer service

Selecting a CSM tool should form part of your broader CXM strategy

Organizations should ask whether they need a standalone CSM solution or a CSM as part of a broader suite of CXM tools. The latter is especially relevant if your organization already invests in a CXM platform.

CSM tools are best-suited for organizations with high product and service complexity

Customer Service Complexity

Low complexity refers to primarily transactional inquiries. High complexity refers to service workflows for symptom analysis, problem identification, and solution delivery.

Product Complexity

High complexity refers to having a large number of brands and individual SKUs, technologically complex products, and products with many add-ons.

Info-Tech Insight
Use Info-Tech’s CSM Platform Opportunity Assessment Tool to discover your organization’s customer service maturity.

Activity: Discover your customer service maturity

30 minutes

1. Complete the CSM Platform Opportunity Assessment Tool.
2. Evaluate your result and document whether a CSM business case is warranted (or if a separate technology selection process is needed).

Download the CSM Platform Opportunity Assessment Tool

Finalize whether your organization is well positioned to leverage CSM tools

Case Study

AkzoNobel

INDUSTRY
Retail

SOURCE
Sprinklr (2021)

Use CSM tools to unify the multichannel experience and reduce response time.

How it got here: The birth of CSM tools

CSM developed alongside the telephone and call center, rather than customer relationship management platforms.

Where it’s going: The future of CSM tools lies in predictive analytics

The capabilities below are available today but will mature over the next few years. Use the roadmap as a guide for your year of implementation.

2023
Go mobile first
85% of customers believe a company’s mobile website should be just as good as its desktop website. Enabling user-friendly mobile websites provides an effective channel to keep inbound calls down.

2024
Shift from multichannel to omnichannel
Integrating CSM tools with your broader CXM suite enables customer data to seamlessly travel between channels for an omnichannel experience.

2025
Enable predictive service
CSM tools integrate with Internet of Things (IoT) systems to provide automated notifications that alert staff of issues and mitigate issues with customers before the issue even occurs.

2026
Leverage predictive analytics for ML use cases
Use customers’ historic data and preferences to perform better automated customer service over time (e.g. providing personalized resolutions based on previous customer engagements).

Context and scenario play a huge role in measuring good customer service. Ensure your KPIs accurately reflect the incentives you want to give your customer support staff for delivering appropriate customer service.
David Thomas, Customer Service Specialist
Freedom Mobile
(Reve Chat, 2022)

Key trends in CSM technology

As predictive analytics matures, organizations are making use of CSM tools’ ability to enhance personalization, improve their social media response times, and enable self-service.

BIOMETRICS
65% of customers say they would accept voice recognition to authorize their identity when calling a customer support line (GetApp, 2021).

PERSONALIZATION
51% of marketers, advocating for personalization across multiple touchpoints saw 300% ROI (KoMarketing, 2020).

SOCIAL MEDIA
29% of customers aged 18 to 39 prefer online chat communication before and after purchase (RingCentral, 2020).

SELF-SERVICE
92% of customers say they would use a knowledge base for self-service support if it was available (Vanilla, 2020).

Customer Service Management (CSM) Software

Phase 2: Select the Right CSM Vendor

Conduct a business impact assessment to document the case for CSM tool selection

Business Opportunity
Determine high-level understanding of the need that must be addressed, along with the project goals and affiliated key metrics. Establish KPIs to measure project success.

System Diagram
Determine the impact on the application portfolio and where integration is necessary.

Risks
Identify potential blockers and risk factors that will impede selection.

High-Level Requirements
Consider the business functions and processes affected.

People Impact
Confirm who will be affected by the output of the technology selection.

Overall Business Case
Calculate the ROI and the financial implications of the application selection. Highlight the overarching value.

Activity: Build the business case

2 hours

1. Access the Business Impact Assessment within the Software Selection Workbook (linked below). Store the assessment in a shared folder (such as in SharePoint, OneDrive, or Google Drive).
2. Set aside two hours (does not need to be all at once) to ensure the selection team aligns with the unifying rationale for selection.
3. Complete the six steps to arrive at a high-level business case. This case can then be shared and communicated with interested parties (e.g. impacted stakeholders).

Download the Software Selection Workbook

Elicit and prioritize granular requirements for your CSM platform

Understanding business needs through requirements gathering is key to defining everything about what is being purchased, yet it is an area where people often make critical mistakes.

Info-Tech Insight
Review Info-Tech’s requirements gathering methodology to improve your requirements gathering process.

Choose your route: RFP or otherwise?

As you gather requirements, decide which procurement route best suits your context.

Info-Tech Insight
If you are in a hurry, consider instead issuing Info-Tech’s Vendor Evaluation Workbook. This workbook speeds up the typical procurement process by adding RFP-like requirements (such as operational and technical requirements) while driving the procurement process via emphasis on high-value use cases.

Download the Vendor Evaluation Workbook

Activity: Document requirements

2 hours

1. Review each tab of Info-Tech’s CSM Platform RFP Scoring Tool to generate use cases and ideas for your requirements building.
2. Modify and include additional features you may need, using Info-Tech’s CSM Platform RFP Template to assist with structure (if pursuing an RFP process) or Vendor Evaluation Workbook (if an RFP process is not needed). Pay attention to any nonfunctional requirements (such as security or integrations), alongside future trends of CSM. Vendors must be able to scale with your organization’s growth.
3. You can use the CSM Platform RFP Scoring Tool again when assessing vendor responses.

Download the CSM Platform RFP Scoring Tool

Download the CSM Platform RFP Template

Once vendor responses are in, turn product demos into investigative interviews

Avoid vendor glitz and glamour shows by ensuring vendors are concretely applying their solution to your high-value use cases.

Conduct a day of rapid-fire vendor demos

Zoom in on high-value use cases and answers to targeted questions

Rapid-fire vendor investigative interview

Invite vendors to come onsite (or join you via videoconference) to demonstrate the product and answer questions. Use a highly targeted demo script to help identify how a vendor’s solution will fit your organization’s particular business capability needs.

Give each vendor 90 to 120 minutes to give a rapid-fire presentation. We suggest the following structure:

• 30 minutes: Company introduction and vision
• 60 minutes: Walkthrough of two or three high-value demo scenarios
• 30 minutes: Targeted Q&A from the business stakeholders and procurement team

To ensure a consistent evaluation, vendors should be asked analogous questions and answers should be tabulated.

How to challenge the vendors in the investigative interview

• Change the visualization/presentation.
• Change the underlying data.
• Add additional data sets to the artifacts.
• Test voice quality (if the vendor offers a native telephony channel).
• Test collaboration capabilities.

To kick-start scripting your demo scenarios, leverage our CSM Platform Vendor Demo Script Template.

A vendor scoring model provides a clear anchor point for your evaluation of CRM vendors based on a variety of inputs

A vendor scoring model is a systematic method for effectively assessing competing vendors. A weighted-average scoring model is an approach that strikes a strong balance between rigor and evaluation speed.

Info-Tech Insight
Even the best scoring model will still involve some “art” rather than science. Scoring categories such as vendor viability always entail a degree of subjective interpretation.

Define how you will score vendor responses and demos

Your key CSM criteria should be informed by the following goals, use cases, and requirements.

Leverage Info-Tech’s Contract Review Services to level the playing field with shortlisted vendors

You may be faced with multiple products, services, master service agreements, licensing models, service agreements, and more.

Use Info-Tech’s Contract Review Services to gain insights on your agreements.

Consider the aspects of a contract review:

1. Are all key terms included?
2. Are they applicable to your business?
3. Can you trust that results will be delivered?
4. What questions should you be asking from an IT perspective?

Validate that a contract meets IT’s and the business’ needs by looking beyond the legal terminology. Use a practical set of questions, rules, and guidance to improve your value for dollar spent.

Book Contract Review Service

Download Master Contract Review and Negotiation for Software Agreements

Customer Service Management (CSM) Software

Vendor Analysis

Evaluate software category leaders through vendor rankings and awards

SoftwareReviews

The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

Speak with category experts to dive deeper into the vendor landscape

SoftwareReviews

Fact-based reviews of business software from IT professionals.

Product and category reports with state-of-the-art data visualization.

Top-tier data quality backed by a rigorous quality assurance process.

User-experience insight that reveals the intangibles of working with a vendor.

SoftwareReviews is powered by Info-Tech

Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive, unbiased data on today’s technology. Combined with the insight of our expert analysts, our members receive unparalleled support in their buying journey.

Click here to access SoftwareReviews

Comprehensive software reviews to make better IT decisions

We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

Microsoft Dynamics 365

Est. 2003 | WA, USA | MSFT:NASDAQ

Bio

To accelerate your digital transformation, you need a new type of business application. One that breaks down the silos between CRM and ERP, that’s powered by data and intelligence, and helps capture new business opportunities. That’s Microsoft Dynamics 365.

Offices

Microsoft is located all over the world. For a full list, see Microsoft Worldwide Sites.

Stated Industry Specializations

• Covers an extremely wide range of industries, such as finance, education, government, healthcare, manufacturing, and retail.

SoftwareReviews’ CSM Enterprise Vendor Ranking
(out of 7)

Likeliness to Recommend

• 7^th (81%)

Plan to Renew

• 6^th (93%)

Satisfaction That Cost Is Fair Relative to Value

• 2^nd (81%)

Strengths

• Product Strategy and Rate of Improvement (1^st)
• Ease of Customization (1^st)
• Breadth of Features (2^nd)

Areas to Improve

• Availability and Quality of Training (5^th)
• Ease of Implementation (7^th)
• Usability and Intuitiveness (7^th

Microsoft Dynamics 365

History

Founded 2003 (as Microsoft Dynamics CRM)
2005 Second version branded Dynamics 3.0.
2009 Dynamics CRM 4.0 (Titan) passes 1 million user mark.
2015 Announces availability of CRM Cloud design for FedRAMP compliance.
2016 Dynamics 365 released as successor to Dynamics CRM.
2016 Microsoft’s acquisition of LinkedIn provides line of data to 500 million users.
2021 First-party voice channel added to Dynamics 365.
2022 Announces Digital Contact Center Platform powered with Nuance AI, MS Teams, and Dynamics 365.

Microsoft is rapidly innovating in the customer experience technology marketspace. Alongside Dynamics 365’s omnichannel offering, Microsoft is building out its own native contact center platform. This will provide new opportunities for centralization without multivendor management between Dynamics 365, Microsoft Teams, and an additional third-party telephony or contact-center-as-a-service (CCaaS) vendor. SoftwareReviews reports suggest that Microsoft is a market leader in the area of product innovation for CSM, and this area of voice channel capability is where I see most industry interest.

Of course, Dynamics 365 is not a platform to get only for CSM functionality. Users will typically be a strong Microsoft shop already (using Dynamics 365 for customer relationship management) and are looking for native CSM features to enhance customer service workflow management and self-service.
Thomas Randall
Research Director, Info-Tech Research Group

Info-Tech Insight
Pricing for Microsoft Dynamics 365 is often contextualized to an organization’s needs. However, this can create complicated licensing structures. Two Info-Tech resources to assist are:

• Modernize Your Microsoft Licensing for the Cloud Era (research blueprint)
• Vendor Contract and Cost Optimization (benchmarking and review service*)

*This service may be used for other enterprise CSM providers too, including Salesforce, ServiceNow, SAP, and Oracle.
Contact your account manager to review your access to this service.

Freshworks

Est. 2010 | CA, USA | FRSH:NASDAQ

Bio

Freshworks' cloud-based customer support software, Freshdesk, makes customer happiness refreshingly easy. With powerful features, an easy-to-use interface, and a freemium pricing model, Freshdesk enables companies of all sizes to provide a seamless multichannel support experience across email, phone, web, chat, forums, social media, and mobile apps. Freshdesk’s capabilities include robust ticketing, SLA management, smart automations, intelligent reporting, and game mechanics to motivate agents.

Offices

• Americas: US
• Asia-Pacific (APAC): Australia, India, Singapore
• Europe, Middle East, and Africa (EMEA): France, Germany, Netherlands, UK

Stated Industry Specializations

• Automotive
• Education
• Energy
• Finance
• Healthcare
• Nonprofit
• Professional Services
• Publishing
• Real Estate
• Retail
• Travel

SoftwareReviews’ CSM Enterprise Vendor Ranking
(out of 7)

Likeliness to Recommend

• 3^rd (83%)

Plan to Renew

• 4^th (94%)

Satisfaction That Cost Is Fair Relative to Value

• 3^rd (80%)

Strengths

• Breadth of Features (1^st)
• Usability and Intuitiveness (1^st)
• Ease of Implementation (2^nd)

Areas to Improve

• Ease of IT Administration (3^rd)
• Vendor Support (4^th)
• Product Strategy and Rate of Improvement (4^th)

Freshworks

History

Founded 2010
2011 Freshdesk forms a core component of product line.
2014 Raises significant capital in Series D round: $31M.
2016 Acquires Airwoot, enabling real-time customer support on social media.
2019 Raises $150M in Series H funding round.
2019 Acquires Natero, which predicts, analyzes, and drives customer behavior.
2021 Surpasses $300M in annual recurring revenues.
2021 Freshworks posts its IPO listing.

Freshworks stepped into the SaaS customer support marketspace in 2010 to attract dissatisfied Zendesk eSupport customers, following Zendesk’s large price increases that year (of 300%). After performing well during the pandemic, Freshworks has reinforced its global positioning in the CSM tool marketspace; SoftwareReviews data suggests Freshworks performs very well against its competitors for breadth and intuitiveness of its features.

Freshworks receives strong recommendations from Info-Tech’s members, boasting a broad product selection that enables opportunities for scaling and receiving a high rate of value return. Of note are Freshworks’ internal customer management solution and its native contact center offering, limiting multivendor management typically required for integrating separate IT service management (ITSM) and CCaaS solutions.
Thomas Randall
Research Director, Info-Tech Research Group

*Pricing correct as of November 2022. Listed in USD and absent discounts.
See pricing on vendor’s website for latest information.

Help Scout

Est. 2006 | MA, USA | HUBS:NYSE

Bio
Help Scout is designed with your customers in mind. Provide email and live chat with a personal touch and deliver help content right where your customers need it, all in one place, all for one low price. The customer experience is simple and training staff is painless, but Help Scout still has all the powerful features you need to provide great support at scale. With best-in-class reporting, an integrated knowledge base, 50+ integrations, and a robust API, Help Scout lets your team focus on what really matters: your customers.

Offices

• Americas: Canada, Colombia, US
• APAC: Australia, Japan, Singapore
• EMEA: Belgium, France, Ireland, Germany, UK

Stated Industry Specializations

• eCommerce
• Education
• Finance
• Healthcare
• Logistics
• Manufacturing
• Media
• Professional Services
• Property Management
• Software

SoftwareReviews’ CSM Enterprise Vendor Ranking
(out of 7)

Likeliness to Recommend

• 4^th (82%)

Plan to Renew

• 7^th (87%)

Satisfaction That Cost Is Fair Relative to Value

• 7^th (71%)

Strengths

• Business Value Created (1^st)
• Ease of Data Integration (1^st)
• Breadth of Features (3^rd)

Areas to Improve

• Ease of IT Administration (5^th)
• Product Strategy and Rate of Improvement (5^th)
• Quality of Features (6^th)

Help Scout

History

Founded 2011
2015 Raised $6M in Series A funding.
2015 Rebrands from Brightwurks to Help Scout.
2015 Named by Appstorm as one of six CSM tools to delight Mac users.
2016 iOS app released.
2017 Android app released.
2020 All employees instructed to work remotely.
2021 Raises $15M in Series B funding.

Help Scout provides a simplified, standalone CSM tool that operates like a shared email inbox. Best suited for mid-sized organizations, customers can expect live chat, in-app messaging, and knowledge-base functionality. A particular strength is Help Scout’s integration capabilities, with a wide range of CRM, eCommerce, marketing, and communication APIs available. This strength is also reflected in the data: SoftwareReviews lists Help Scout as first in its CSM category for ease of data integrations.

Customers who are expecting a broader range of channels (including voice, video cobrowsing, and so on) will not find good return on investment with Help Scout. However, for mid-sized organizations looking to begin maturing their customer service management, Help Scout provides a strong foundation – especially for enhancing in-house collaboration between support staff.
Thomas Randall
Research Director, Info-Tech Research Group

*Pricing correct as of November 2022. Listed in USD and absent discounts.
See pricing on vendor’s website for latest information.

HubSpot

Est. 2006 | MA, USA | HUBS:NYSE

Bio
HubSpot’s Service Hub brings all your customer service data and channels together in one place and helps scale your support through automation and self-service. The result? More time for proactive service that delights, retains, and grows your customer base. HubSpot provides software and support to help businesses grow better. The overall platform includes marketing, sales, service, and website management products that start free and scale to meet our customers’ needs at any stage of growth.

Offices

• Americas: Canada, Colombia, US
• APAC: Australia, Japan, Singapore
• EMEA: Belgium, France, Ireland, Germany, UK

Stated Industry Specializations

• Covers an extremely wide range of industries, such as finance, education, healthcare, manufacturing, and retail.

SoftwareReviews’ CSM Enterprise Vendor Ranking
(out of 7)

Likeliness to Recommend

• 1^st (88%)

Plan to Renew

• 1^st (98%)

Satisfaction That Cost Is Fair Relative to Value

• 5^th (78%)

Strengths:

• Vendor Support (1^st)
• Availability and Quality of Training (1^st)
• Ease of IT Administration (1^st)

Areas to Improve:

• Ease of Data Integration (5^th)
• Ease of Customization (5^th)
• Breadth of Features (7^th)

HubSpot

History

Founded 2006
2013 Opens first international office in Ireland.
2014 First IPO listing on NYSE, raising $140M.
2015 Milestone for acquiring 15,000 customers
2017 Acquires Kemvi for AI and ML support for sales teams.
2019 Acquires PieSync for customer data synchronization.
2021 Yamini Rangan is announced as new CEO.
2021 Records $1B in revenues.

HubSpot is a competitive player in the enterprise sales and marketing technology market. Offering an all-in-one platform, HubSpot allows users to leverage its CRM, marketing solutions, content management tool, and CSM tool. Across knowledge management, contact center integration, and customer self-service, SoftwareReviews data pits HubSpot as performing better than its enterprise competitors.

While customers can leverage HubSpot’s CSM tool independently, watch out for scope creep. HubSpot’s other offerings are tightly integrated and module extensions could quickly add up in price. HubSpot may not be affordable for most regional, mid-sized organizations, and a poor ROI may be expected. For instance, the Pro plan is required to get a knowledge base, which is typically a standard CSM feature – yet the same plan also comes with multicurrency support, which could remain unleveraged.
Thomas Randall
Research Director, Info-Tech Research Group

*Pricing correct as of November 2022. Listed in USD and absent discounts.
See pricing on vendor’s website for latest information.

Salesforce

Est. 1999 | CA, USA | CRM:NYSE

Bio

Service Cloud customer service software gives you faster, smarter customer support. Salesforce provides customer relationship management software and applications focused on sales, customer service, marketing automation, analytics, and application development.

Offices

• Americas: US
• APAC: Australia, India, Singapore
• EMEA: France, Germany, Netherlands, UK

Stated Industry Specializations

• Covers an extremely wide range of industries, such as finance, education, government, healthcare, manufacturing, and retail.

SoftwareReviews’ CSM Enterprise Vendor Ranking
(out of 7)

Likeliness to Recommend

• 6^th (81%)

Plan to Renew

• 2^nd (96%)

Satisfaction That Cost Is Fair Relative to Value

• 4^th (79%)

Strengths:

• Usability and Intuitiveness (5^th)
• Breadth of Features (5^th)
• Ease of Implementation (6^th)

Areas to Improve:

• Ease of IT Administration (7^th)
• Availability and Quality of Training (7^th)
• Ease of Customization (7^th)

Salesforce

History

Founded 1999
2000 Salesforce launches its cloud-based products.
2003 The first Dreamforce (a leading CX conference) happens.
2005 Salesforce unveils AppExchange.
2013 Salesforce acquires ExactTarget and expands Marketing Cloud offering.
2016 Salesforce acquires Demandware, launches Commerce Cloud.
2019 Salesforce acquires Tableau to expand business intelligence capabilities.
2021 Salesforce buys major collaboration vendor Slack.

Salesforce was an early disruptor in CRM marketspace, placing a strong emphasis on a SaaS delivery model and end-user experience. This allowed Salesforce to rapidly gain market share at the expense of complacent enterprise application vendors. A series of savvy acquisitions over the years has allowed Salesforce to augment its core Sales and Service Clouds with a wide variety of other solutions, from ecommerce to marketing automation – and recently Slack for internal collaboration.

Salesforce Service Cloud Voice is now available to take advantage of integrating telephony and voice channels into your CRM. This service is still maturing, though, with Salesforce selecting Amazon Connect as its preferred integrator. However, Connect is not necessarily plug-and-play – it is a communications platform as a service, requiring you to build your own contact center solution. This is either a fantastic opportunity for creativity or a time suck of already tied-up resources.
Thomas Randall
Research Director, Info-Tech Research Group

*Pricing correct as of November 2022. Listed in USD and absent discounts.
See pricing on vendor’s website for latest information.

Zendesk

Est. 2007 | CA, USA | ZEN:NYSE

Bio

Zendesk streamlines your support with time-saving tools like ticket views, triggers, and automations. This helps you get straight to what matters most – better customer service and more meaningful conversations. Today, Zendesk is the champion of great service everywhere for everyone and powers billions of conversations, connecting more than 100,000 brands with hundreds of millions of customers over telephony, chat, email, messaging, social channels, communities, review sites, and help centers.

Offices

• Americas: Brazil, Canada, US
• APAC: Australia, China, India, Indonesia, Japan, Korea, Malaysia, Philippines, Singapore, Thailand, Vietnam
• EMEA: Denmark, France, Germany, Ireland, Italy, Netherlands, Poland, Spain, Sweden, UK

Stated Industry Specializations

• Education
• Finance
• Government
• Healthcare
• Manufacturing
• Media
• Retail
• Software
• Telecommunications

SoftwareReviews’ CSM Enterprise Vendor Ranking
(out of 7)

Likeliness to Recommend

• 5^th (81%)

Plan to Renew

• 5^th (94%)

Satisfaction That Cost Is Fair Relative to Value

• 6^th (77%)

Strengths

• Ease of IT Administration (2^nd)
• Ease of Implementation (5^th)
• Quality of Features (5^th)

Areas to Improve

• Business Value Created (7^th)
• Vendor Support (7^th)
• Product Strategy and Rate of Improvement (7^th)

Zendesk

History

Founded 2007
2008 Initial seed funding of $500,000.
2009 Receives $6M through Series B Funding.
2009 Relocates from Copenhagen to San Francisco.
2014 Acquires Zopin Technologies.
2014 Listed on NYSE.
2015 Acquires We Are Cloud SAS.
2018 Launches Zendesk Sell.

Zendesk is a global player in the CSM tool marketspace and works with enterprises across a wide variety of industries. Unlike some other CSM players, Zendesk provides more service channels at its lowest licensing offer, affording organizations a quicker expansion in customer service delivery without making enterprise-grade investments. However, the price of the lowest licensing offer starts much higher than Zendesk’s competitors; organizations will need to consider if the cost to try Zendesk over an annual contract is within budget.

Unfortunately, SoftwareReviews data suggests that Zendesk may not always provide that immediate value, especially to mid-sized organizations. Zendesk is rated lower for vendor support and business value created. However, Zendesk provides strong functionality that competes with other enterprise players, and mid-sized organizations are continually impressed with Zendesk’s automation workflows.
Thomas Randall
Research Director, Info-Tech Research Group

*Pricing correct as of November 2022. Listed in USD and absent discounts.
See pricing on vendor’s website for latest information.

LiveChat

Est. 2002 | Poland | WSE:LVC

Bio

Manage all emails from customers in one app and save time on customer support. LiveChat is a real-time live-chat software tool for ecommerce sales and support that is helping ecommerce companies create a new sales channel. It serves more than 30,000 businesses in over 150 countries, including large brands like Adobe, Asus, LG, Acer, Better Business Bureau, and Air Asia and startups like SproutSocial, Animoto, and HasOffers.

Offices

• Americas: US
• EMEA: Poland

Stated Industry Specializations

• eCommerce
• Education
• Finance
• Software and IT

SoftwareReviews’ CSM Midmarket Vendor Ranking
(out of 8)

Likeliness to Recommend

• 1^st (93%)

Plan to Renew

• 4^th (92%)

Satisfaction That Cost Is Fair Relative to Value

• 5^th (83%)

Strengths

• Product Strategy and Rate of Improvement (1^st)
• Usability and Intuitiveness (1^st)
• Breadth of Features (1^st)

Areas to Improve

• Ease of Implementation (5^th)
• Ease of IT Administration (5^th)
• Ease of Customization (7^th)

LiveChat

History

Founded 2002
2006 50% of company stock bought by Capital Partners.
2008 Capital Partners sells entire stake to Naspers.
2011 LiveChat buys back majority of stakeholder shares.
2013 Listed by Red Herring in group of most innovative companies across Europe.
2014 Listed on Warsaw Stock Exchange.
2019 HelpDesk is launched.
2020 Offered services for free to organizations helping mitigate the pandemic.

LiveChat’s HelpDesk solution for CSM is a relatively recent solution (2019) that is proving very popular for small to mid-sized businesses (SMBs) – especially across Western Europe. SoftwareReviews’ data shows that HelpDesk is well-rated for breadth of features, usability and intuitiveness, and rate of improvement. Indeed, LiveChat has won and been shortlisted for several awards over the past decade for customer feedback, innovation, and fast growth to IPO.

When shortlisting LiveChat’s HelpDesk, SMBs should be careful of scope creep. LiveChat offers a range of other solutions that are intended to work together. The LiveChat self-titled product is designed to integrate with HelpDesk to provide ticketing, email management, and chat management. Moreover, LiveChat’s AI-based ChatBot (for automated webchat) comes with additional cost (starting at $52 team/month).
Thomas Randall
Research Director, Info-Tech Research Group

*Pricing correct as of November 2022. Listed in USD and absent discounts.
See pricing on vendor’s website for latest information.

ManageEngine

Est. 1996 | India | Privately Owned

Bio

SupportCenter Plus is a web-based customer support software that lets organizations effectively manage customer tickets, their account and contact information, and their service contracts, and in the process provide a superior customer experience. ManageEngine is a division of Zoho.

Offices

• Americas: Brazil, Colombia, Mexico, US
• APAC: Australia, China, India, Japan, Singapore
• EMEA: Netherlands, Saudi Arabia, South Africa, UAE, UK

Stated Industry Specializations

• None stated but representative customers cover manufacturing, R&D, real estate, and transportation.

SoftwareReviews’ CSM Midmarket Vendor Ranking
(out of 8)

Likeliness to Recommend

• 6^th (85%)

Plan to Renew

• 5^th (91%)

Satisfaction That Cost Is Fair Relative to Value

• 6^th (83%)

Strengths

• Ease of Customization (1^st)
• Ease of Implementation (2^nd)
• Ease of IT Administration (2^nd)

Areas to Improve

• Quality of Features (4^th)
• Usability and Intuitiveness (6^th)
• Availability and Quality of Training (8^th)

ManageEngine

History

Founded 1996
2002 Branches from Zoho to become division focused on IT management.
2004 Becomes an authorized MySQL Partner.
2009 Begins shift of offerings into the cloud.
2010 Tops 35,000 customers.
2011 Integration with Zoho Assist.
2015 Integration with Zoho Reports.

ManageEngine, as a division of Zoho, has its strengths in IT operations management (ITOM). SupportCenter thus scores well in our SoftwareReviews data for ease of customization, implementation, and administration. As ManageEngine is a frequently discussed low-cost vendor in the ITOM market, customers often get good scalability across IT, sales, and marketing teams. Although SupportCenter is aimed at the midmarket and is low cost, organizations have the benefit of ManageEngine’s global presence and backing by Zoho for viability.

However, because ManageEngine’s focus is ITOM, the breadth and quality of features for SupportCenter are not rated as well compared to its competitors. These features may be “good enough,” but usability and intuitiveness is not scored high. Organizations thinking about SupportCenter are recommended to identify their high-value use cases and perform user acceptance testing before adopting.
Thomas Randall
Research Director, Info-Tech Research Group

*Pricing unavailable. Request quote.
See pricing on vendor’s website for latest information.

Zoho Desk

Est. 1996 | India | Privately Owned

Bio

Use the power of customer context to improve agent productivity, promote self-service, manage cross-functional service processes, and increase customer happiness. Zoho offers beautifully smart software to help you grow your business. With over 80 million users worldwide, Zoho's 55+ products (including Zoho Desk) aid your sales and marketing, support and collaboration, finance, and recruitment needs – letting you focus only on your business.

Offices

• Americas: Brazil, Colombia, Mexico, US
• APAC: Australia, China, India, Japan, Singapore
• EMEA: Netherlands, Saudi Arabia, South Africa, UAE, UK

Stated Industry Specializations

• Covers an extremely wide range of industries, such as finance, education, government, healthcare, manufacturing, and retail.

SoftwareReviews’ CSM Midmarket Vendor Ranking
(out of 8)

Likeliness to Recommend

• 2^nd (90%)

Plan to Renew

• 2^nd (98%)

Satisfaction That Cost Is Fair Relative to Value

• 3^rd (83%)

Strengths

• Breadth of Features (2^nd)
• Quality of Features (3^rd)
• Ease of Implementation (3^rd)

Areas to Improve

• Business Value Created (5^th)
• Ease of Data Integration (5^th)
• Product Strategy and Rate of Improvements (5^th)

Zoho Desk

History

Founded 1996
2001 Expands into Japan and shifts focus to SMBs.
2006 Zoho CRM is launched, alongside first Office suite.
2008 Reaches 1M users.
2009 Rebrands from AdventNet to Zoho Corp.
2011 Zoho Desk is built and launched.
2017 Zoho One, a suite of applications, is launched.
2020 Reaches 50M users.

Zoho Desk is one of the highest scoring CSM tool providers for likelihood to renew and recommend (98% and 90%, respectively). A major reason is that users receive a broad range of functionality for a lower-cost price model. There is also the capacity to scale with Zoho Desk as midmarket customers expand; companies can grow with Zoho and can receive high return on investment in the process.

However, while Zoho Desk can be used as a standalone CSM tool, there is danger of scope creep with other Zoho products. Zoho now has 50+ applications, all tied into one another. For Zoho Desk, customers may also lean into Zoho Assist (for troubleshooting customer problems via remote access) and Zoho Lens (for reality-based remote assistance, typically for plant machinery or servers). Consequently, customers should keep an eye on business value created if the scope of CSM grows wider.
Thomas Randall
Research Director, Info-Tech Research Group

*Pricing correct as of November 2022. Listed in USD and absent discounts.
See pricing on vendor’s website for latest information.

Summary of AccomplishmentSuccessful selection of a CSM tool

In this trends and buyer’s guide for CSM tool selection, we engaged in several activities to:

1. Contextualize the CSM technology marketspace.
2. Engage in a selection process for CSM tools.

The result:

• Understanding of key trends and differentiating features in the CSM marketspace.
• Determination of your organization’s customer service maturity (and thus if a standalone CSM tool is relevant).
• Identification of high-value use cases that CSM tools should successfully enable.
• Evaluation of major vendors in the CSM marketspace to discover the best-fitting provider.
• Procurement items to finalize selection process.

If you would like additional support, have our analysts guide you through an Info-Tech workshop or Guided Implementation

Contact your account representative for more information.
workshops@infotech.com
1-888-670-8889

Related Info-Tech Research

Governance and Management of Enterprise Software Implementation

• Being Agile will increase the likelihood of success.

The Rapid Application Selection Framework

• Application selection is a critical activity for IT departments. Implement a repeatable, data-driven approach that accelerates application selection efforts.

Build a Strong Technology Foundation for Customer Experience Management

• Design an end-to-end technology strategy to drive sales revenue, enhance marketing effectiveness, and create compelling experiences for your customers.

Bibliography

Capers, Zach. “How the Pandemic Changed Customer Attitudes Toward Biometric Technology.” GetApp, 21 Feb. 2022. Accessed Nov. 2022.

Gomez, Jenny. “The Good, the Bad, and the Ugly: A History of Customer Service.” Lucidworks, 15 Jul. 2021. Accessed Nov. 2022.

Hoory. “History of Customer Service: How Did It All Begin?” Hoory, 24 Mar. 2022. Accessed Nov. 2022.

Patel, Snigdha. “Top 10 Customer Service Technology Trends to Follow in 2022.” Reve Chat, 21 Feb. 2021. Accessed Nov. 2022.

RingCentral. “The 2020 Customer Communications Review: A Survey of How Consumers Prefer to Communicate with Businesses.” RingCentral, 2020. Accessed Nov. 2022.

Robinson-Yu, Sarah. “What is a Knowledgebase? How Can It Help my Business?” Vanilla, 25 Feb. 2022. Accessed Nov. 2022.

Salesforce. “The Complete History of CRM.” Salesforce, n.d. Accessed Nov. 2022.

Salesforce. “State of the Connected Customer.” 5th ed. Salesforce, 2022. Accessed Nov. 2022.

Sprinklr. “How AzkoNobel UK Reduced Response Times and Increased Engagement.” Sprinklr, 2021. Accessed Nov. 2022.

Vermes, Krystle. “Study: 70% of Marketers Using Advanced Personalization Seeing 200% ROI.” KoMarketing, 2 Jun. 2020. Accessed Nov. 2022.

Research Contributors and Experts

Colin Taylor
CEO
The Taylor Reach Group

Recognized as one of the leading contact/call center pioneers and experts, Colin has received 30 awards on two continents for excellence in contact center management and has been acknowledged as a leader and influencer on the topics of call/contact centers, customer service, and customer experience, in published rankings on Huffington Post, Call Center Helper, and MindShift. Colin was recognized as number 6 in the global 100 for customer service.

The Taylor Reach Group is a contact center, call center and customer experience (CX) consultancy specializing in CX consulting and call and contact center consulting, management, performance, technologies, site selection, tools, training development and center leadership training, center audits, benchmarking, and assessments.

David Thomas
Customer Service Specialist
Freedom Mobile

David Thomas has both managerial and hands-on experience with delivering quality service to Freedom Mobile customers. With several years being involved in training customer support and being at the forefront of retail during the pandemic, David has witnessed first-hand how to incentivize staff with the right metrics that create positive experiences for both staff and customers.

Freedom Mobile Inc. is a Canadian wireless telecommunications provider owned by Shaw Communications. It has 6% market share of Canada, mostly in urban areas of Ontario, British Columbia, and Alberta. Freedom Mobile is the fourth-largest wireless carrier in Canada.

A special thanks to three other anonymous contributors, all based in customer support and contact center roles for Canada’s National Park Booking Systems’ software provider.

Prepare for the Upgrade to Windows 11

The upgrade is inevitable, but you have time, and you have options.

Analyst Perspective

Upgrading to Windows 11 is easy, and while it should be properly investigated and planned, it should absolutely be an activity you undertake.

“You hear that Mr. Anderson? That is the sound of inevitability.” ("The Matrix Quotes" )

The fictitious Agent Smith uttered those words to Keanu Reeves’ character, Neo, in The Matrix in 1999, and while Agent Smith was using them in a very sinister and figurative context, the words could just as easily be applied to the concept of upgrading to the Windows 11 operating system from Microsoft in 2022.

There have been two common, recurring themes in the media since late 2019. One is the global pandemic and the other is cyber-related crime. Microsoft is not in a position to make an impact on a novel coronavirus, but it does have the global market reach to influence end-user technology and it appears that it has done just that. Windows 11 is a step forward in endpoint security and functionality. It also solidifies the foundation for future innovations in end-user operating systems and how they are delivered. Windows-as-a-Service (WAAS) is the way forward for Microsoft. Windows 10 is living on borrowed time, with a defined end of support date of October 14, 2025. Upgrading to Windows 11 is easy, and while it should be properly investigated and planned, it should absolutely be an activity you undertake.

It is inevitable!

P.J. Ryan

Research Director, Infrastructure & Operations

Info-Tech Research Group

Executive Summary

Your Challenge

• Windows 10 is going EOL in 2025. That is closer than you think.
• Many of your endpoints are not eligible for the Windows 11 upgrade. You can’t afford to replace all your endpoints this year. How do you manage this Microsoft-initiated catastrophe?
• You want to stay close to the leading edge of technology and services, but how do you do that while keeping your spending in check and within budget?

Common Obstacles

• The difference between Windows 10 and Windows 11 is not clear. Windows 11 looks like Windows 10 with some minor changes, mostly cosmetic. Many online users don’t see the need. Why upgrade? What are the benefits?
• The cost of upgrading devices just to be eligible for Windows 11 is high.
• Your end users don’t like change. This is not going to go over well!

Info-Tech's Approach

• Spend wisely. Space out your endpoint replacements and upgrades over several years. You do not have to upgrade everything right away.
• Be patient. Windows 11 contained some bugs when it was initially released. Microsoft fixed most of the issues through monthly quality updates, but you should ensure that you are comfortable with the current level of functionality before you upgrade.
• Use the upgrade ring approach. Test your applications with a small group first, and then stage the rollout to increasingly larger groups over time.

Info-Tech Insight

There is a lot of talk about Windows 11, but this is only an operating system upgrade, and it is not a major one. Understand what is new, what is added, and what is missing. Check your devices to determine how many are eligible and ineligible. Many organizations will have to spend capital on endpoint upgrades. Solid asset management practices will help.

Insight summary

Windows 11 is a step forward in security, which is one of the primary reasons for the release of the new operating system.

Windows 11 comes with a list of hardware requirements that enable the use of tools and features that, when combined, will reduce malware infections.

The hardware requirements for Windows 11 enable security features such as password-less logon, disk encryption, increased startup protection with secure boot, and virtualization-based security.

Many organizations will have to spend capital on endpoint upgrades.

Microsoft now insists that modern hardware is required for Windows 11 for not only security but also for improved stability. That same hardware requirement will mean that many devices that are only three or four years old (as well as older ones) may not be eligible for Windows 11.

Windows 11 is a virtualization challenge for some providers.

The hardware requirements for physical devices are also required for virtual devices. The TPM module appears to be the biggest challenge. Oracle VirtualBox and Citrix Hypervisor as well as AWS and Google are unable to support Windows 11 virtual devices as of the time of writing.

Windows 10 will be supported by Microsoft until October 2025.

That will remove some of the pressure felt due to the ineligibility of many devices and the need to refresh them. Take your time and plan it out, keeping within budget constraints. Use the upgrade ring approach for systems that are eligible for the Windows 11 upgrade.

New look and feel, and a center screen taskbar.

Corners are rounded, some controls look a little different, but overall Windows 11 is not a dramatic shift from Windows 10. It is easier to navigate and find features. Oh, and yes, the taskbar (and start button) is shifted to the center of the screen, but you can move them back to the left if desired.

The education industry gets extra attention with the release of Windows 11.

Windows 11 comes with multiple subscription-based education offerings, but it also now includes a new lightweight SE edition that is intended for the K-8 age group. Microsoft also released a Windows 11 Education SE specific laptop, at a very attractive price point. Other manufacturers also offer Windows 11 SE focused devices.

Why Windows 11?

Windows 10 was supposed to be the final desktop OS from Microsoft, wasn’t it?

Maybe. It depends who you ask.

Jerry Nixon, a Microsoft developer evangelist, gained notoriety when he uttered these words while at a Microsoft presentation as part of Microsoft Ignite in 2015: “Right now we’re releasing Windows 10, and because Windows 10 is the last version of Windows, we’re all still working on Windows 10,” (Hachman). Microsoft never officially made that statement. Interestingly enough, it never denied the comments made by Jerry Nixon either.

Perhaps Microsoft released a new operating system as a financial grab, a way to make significant revenue?

Nope.

Windows 11 is a free upgrade or is included with any new computer purchase.

Market share challenges?

Doubtful.

It’s true that Microsoft's market share of desktop operating systems is dropping while Apple OS X and Google Chrome OS are rising.

In fact, Microsoft has relinquished over 13% of the market share since 2012 and Apple has almost doubled its market share. BUT:

Microsoft is still holding 75.12% of the market while Apple is in the number 2 spot with 14.93% (gs.statcounter.com).

The market share is worth noting for Microsoft but it hardly warrants a new operating system.

New look and feel?

Unlikely

New start button and taskbar orientation, new search window, rounded corners, new visual look on some controls like the volume bar, new startup sound, new Windows logo, – all minor changes. Updates could achieve the same result.

Security?

Likely the main reason.

Windows 11 comes with a list of hardware requirements that enable the use of tools and features that, when combined, will reduce malware infections.

The hardware requirements for Windows 11 enable security features such as password-less logon, disk encryption, increased startup protection with secure boot, and virtualization-based security.

The features are available on all Windows 11 physical devices, due to the common hardware requirements.

Windows 11 hardware-based security

These hardware options and features were available in Windows 10 but not enforced. With Windows 11, they are no longer optional. Below is a description and explanation of the main features.

How do all the hardware-based security features work?

This scenario explains how a standard boot up and login should happen.

You turn on your computer. Secure Boot authorizes the processes and UEFI hands over control to the operating system. Windows Hello works with TPM and uses a pin to authenticate the user and the operating systems gives you access to the Windows environment.

Now imagine the same process with various compromised scenarios.

You turn on your computer. Secure Boot does not recognize the signature presented to it by the second process in the boot sequence. You will be presented with a “Secure Boot Violation” message and an option to reboot. Your computer remains protected.

You boot up and get past the secure boot process and UEFI passes control over to the Windows 11 operating system. Windows Hello asks for your pin, but you cannot remember the pin and incorrectly enter it three times before admitting temporary defeat. Windows Hello did not find a matching pin on the TPM and will not let you proceed. You cannot log in but in the eyes of the operating system, it has prevented an unauthorized login attempt.

You power up your computer, log in without issue, and go about your morning routine of checking email, etc. You are not aware that malware has infiltrated your system and modified a page in system memory to run code and access the operating system kernel. VBS and HVCI check the integrity of that code and detect that it is malicious. The code remains isolated and prevented from running, protecting your system.

TPM, Hello, UEFI with Secure Boot, VBS and HVCI all work together like a well-oiled machine.

“Microsoft's rationale for Windows 11's strict official support requirements – including Secure Boot, a TPM 2.0 module, and virtualization support – has always been centered on security rather than raw performance.” – Andrew Cunningham, arstechnica.com

“Windows 11 raises the bar for security by requiring hardware that can enable protections like Windows Hello, Device Encryption, virtualization-based security (VBS), hypervisor-protected code integrity (HVCI), and Secure Boot. These features in combination have been shown to reduce malware by 60% on tested devices.” – Steven J. Vaughan-Nichols, Computerworld

Can any device upgrade to Windows 11?

In addition to the security-related hardware requirements listed previously, which may exclude some devices from Windows 11 eligibility, Windows 11 also has a minimum requirement for other hardware components.

Windows 7 and Windows 10 were publicized as being backward compatible and almost any hardware would be able to run those operating systems. That changed with Windows 11. Microsoft now insists that modern hardware is required for Windows 11 for not only security but also improved stability.

Software Requirement

You must be running Windows 10 version 2004 or greater to be eligible for a Windows 11 upgrade (“Windows 11 Requirements”).

Complete hardware requirements for Windows 11

• 1 GHz (or faster) compatible 64-bit processor with two or more cores
  • Not all processors are compatible; compatible processors are listed in this link: “Windows Processor Requirements”
• 4 GB RAM
• 64 GB or more of storage space
• Compatible with DirectX 12 or later with WDDM 2.0 driver
  • DirectX connects the hardware in your computer with Windows. It allows software to display graphics using the video card or play audio, as long as that software is DirectX compatible. Windows 11 requires version 12 (“What are DirectX 12 compatible graphics”).
  • WDDM is an acronym for Windows Display Driver Model. WDDM is the architecture for the graphics driver for Windows (“Windows Display Driver Model”).
  • Version 2.0 of WDDM is required for Windows 11.
• 720p display greater than 9" diagonally with 8 bits per color channel
• UEFI Secure Boot capable
• TPM 2.0 chip

(“Windows 11 Requirements”)

Windows 11 may challenge your virtual environment

When Windows 11 was initially released, some IT administrators experienced issues when trying to install or upgrade to Windows 11 in the virtual world.

The Challenge

The issues appeared to be centered around the Windows 11 hardware requirements, which must be detected by the Windows 11 pre-install check before the operating system will install.

The TPM 2.0 chip requirement was indeed a challenge and not offered as a configuration option with Citrix Hypervisor, the free VMware Workstation Player or Oracle VM VirtualBox when Windows 11 was released in October 2021, although it is on the roadmap for Oracle and Citrix Hypervisor. VMware provides alternative products to the free Workstation Player that do support a virtual TPM. Oracle and Citrix reported that the feature would be available in the future and Windows 11 would work on their platforms.

Short-Term Solutions

VMware and Microsoft users can add a vTPM hardware type when configuring a virtual Windows 11 machine. Microsoft Azure does offer Windows 11 as an option as a virtual desktop. Citrix Desktop-As-A-Service (DAAS) will connect to Azure, AWS, or Google Cloud and is only limited by the features of the hosting cloud service provider.

Additional Insight

According to Microsoft, any VM running Windows 11 must meet the following requirements (“Virtual Machine Support”):

• It must be a generation 2 VM, and upgrading a generation 1 VM to Windows 11 (in-place) is not possible
• 64 GB of storage or greater
• Secure Boot capable with the virtual TPM enabled
• 4 GB of memory or greater
• 2 or more virtual processors
• The CPU of the physical computer that is hosting the VM must meet the Windows 11 (“Windows Processor Requirements”)

What’s new or updated in Windows 11?

The following two slides highlight some of the new and updated features in Windows 11.

Security

The most important change with Windows 11 is what you cannot see – the security. Windows 11 adds requirements and controls to make the user and device more secure, as described in previous slides.

Taskbar

The most prominent change in relation to the look and feel of Windows 11 is the shifting of the taskbar (and Start button) to the center of the screen. Some users may find this more convenient but if you do not and prefer the taskbar and start button back on the left of your screen, you can change it in taskbar settings.

Updated Apps

Paint, Photos, Notepad, Media Player, Mail, and other standard Windows apps have been updated with a new look and in some cases minor enhancements.

User Interface

The first change users will notice after logging in to Windows 11 is the new user interface – the look and feel. You may not notice the additional colors added to the Windows palette, but you may have thought that the startup sound was different, and the logo also looks different. You would be correct. Other look-and-feel items that changed include the rounded corners on windows, slightly different icons, new wallpapers, and controls for volume and brightness are now a slide bar. File explorer and the settings app also have a new look.

Microsoft Teams

Microsoft Teams is now installed on the taskbar by default. Note that this is for a personal Microsoft account only. Teams for Work or School will have to be installed separately if you are using a work or school account.

What’s new or updated in Windows 11?

Snap Layouts

Snap layouts have been enhanced and snap group functionality has been added. This will allow you to quickly snap one window to the side of the screen and open other Windows in the other side. This feature can be accessed by dragging the window you wish to snap to the left or right edge of the screen. The window should then automatically resize to occupy that half of the screen and allow you to select other Windows that are already open to occupy the remaining space on the screen. You can also hover your mouse over the maximize button in the upper right-hand corner of the window. A small screen with multiple snap layouts will appear for your selection. Multiple snapped Windows can be saved as a “Snap Group” that will open together if one of the group windows are snapped in the future.

Widgets

Widgets are expanding. Microsoft started the re-introduction of widgets in Windows 10, specifically focusing on the weather. Widgets now include other services such as news, sports, stock prices, and others.

Android Apps

Android apps can now run in Windows 11. You will have to use the Amazon store to access and install Android apps, but if it is available in the Amazon store, you can install it on Windows 11.

Docking

Docking has improved with Windows 11. Windows knows when you are docked and will minimize apps when you undock so they are not lost. They will appear automatically when you dock again.

This is not intended to be an inclusive list but does cover some of the more prominent features.

What’s missing from Windows 11?

The following features are no longer found in Windows 11:

• Backward compatibility
  • The introduction of the hardware requirements for Windows 11 removed the backward compatibility (from a hardware perspective) that made the transition from previous versions of Windows to their successor less of a hardware concern. If a computer could run Windows 7, then it could also run Windows 10. That does not automatically mean it can also run Windows 11.
• Internet Explorer
  • Internet Explorer is no longer installed by default in Windows 11. Microsoft Edge is now the default browser for Windows. Other browsers can also be installed if preferred.
• Tablet mode
  • Windows 11 does not have a "tablet" mode, but the operating system will maximize the active window and add more space between icons to make selecting them easier if the 2-in-1 hardware detects that you wish to use the device as a tablet (keyboard detached or device opened up beyond 180 degrees, etc.).
• Semi-annual updates
  • It may take six months or more to realize that semi-annual feature updates are missing. Microsoft moved to an annual feature update schema but continued with monthly quality updates with Windows 11.
• Specific apps
  • Several applications have been removed (but can be manually added from the Microsoft Store by the user). They include:
    • OneNote for Windows 10
    • 3D Viewer
    • Paint 3D
    • Skype
• Cortana (by default)
  • Cortana is missing from Windows 11. It is installed but not enabled by default. Users can turn it on if desired.

Microsoft included a complete list of features that have been removed or deprecated with Windows 11, which can be found here Windows 11 Specs and System Requirements.

Windows 11 editions

• Windows 11 is offered in several editions:
  • Windows 11 Home
  • Windows 11 Pro
  • Windows 11 Pro for Workstations
  • Windows 11 Enterprise Windows 11 for Education
  • Windows 11 SE for Education
• Windows 11 hardware requirements and security features are common throughout all editions.
• The new look and feel along with all the features mentioned previously are common to all editions as well.
• Windows Home
  • Standard offering for home users
• Pro versus Pro for Workstations
  • Windows 11 Pro and Pro for Workstations are both well suited for the business environment with available features such as support for Active Directory or Azure Active Directory, Windows Autopilot, OneDrive for Business, etc.
  • Windows Pro for Workstations is designed for increased demands on the hardware with the higher memory limits (2 TB vs. 6 TB) and processor count (2 CPU vs. 4 CPU).
  • Windows Pro for Workstations also features Resilient File System, Persistent Memory, and SMB Direct. Neither of these features are available in the Windows 11 Pro edition.
  • Windows 11 Pro and Pro for Workstations are both very business focused, although Pro may also be a common choice for non-business users (Home and Education).
• Enterprise Offerings
  • Enterprise licenses are subscription based and are part of the Microsoft 365 suite of offerings.
  • Windows 11 Enterprise is Windows 11 Pro with some additional addons and functionality in areas such as device management, collaboration, and security services.
  • The level of the Microsoft 365 Enterprise subscription (E3 or E5) would dictate the additional features and functionality, such as the complete Microsoft Defender for Endpoint suite or the Microsoft phone system and Audio Conferencing, which are only available with the E5 subscription.

Windows 11 Education Editions

With the release of a laptop targeted specifically at the education market, Microsoft must be taking notice of the Google Chrome educational market penetration, especially with headlines like these.

“40 Million Chromebooks in Use in Education” (Thurrott)

“The Unprecedented Growth of the Chromebook Education Market Share” (Carklin)

“Chromebooks Gain Market Share as Education Goes Online” (Hruska)

“Chromebooks Gain Share of Education Market Despite Shortages” (Mandaro)

“Chromebook sales skyrocketed in Q3 2020 with online education fueling demand” (Duke)

• Education licenses are subscription based and are part of the Microsoft 365 suite of offerings. Educational pricing is one benefit of the Microsoft 365 Education model.
• Windows 11 Education is Windows 11 Pro with some additional addons and functionality similar to the Enterprise offerings for Windows 11 in areas such as device management, collaboration, and security services. Windows 11 Education also adds some education specific settings such as Classroom Tools, which allow institutions to add new students and their devices to their own environment with fewer issues, and includes OneNote Class Notebook, Set Up School PCs app, and Take a Test app.
• The level of the Microsoft 365 Education subscription (A3 or A5) would dictate the additional features and functionality, such as the complete Microsoft Defender for Endpoint suite or the Microsoft phone system and Audio Conferencing, which are only available with the A5 subscription.
• Windows 11 SE for Education:
  • A cloud-first edition of Windows 11 specifically designed for the K-8 education market.
  • Windows 11 SE is a light version of Windows 11 that is designed to run on entry-level devices with better performance and security on that hardware.
  • Windows 11 SE requires Intune for Education and only IT admins can install applications.
• Microsoft and others have come out with Windows SE specific devices at a low price point.
  • The Microsoft Surface Laptop SE comes pre-loaded with Windows 11 SE and can be purchased for US$249.00.
  • Dell, Asus, Acer, Lenovo, and others also offer Windows 11 SE specific devices (“Devices for Education”).

Initial Reactions

Below you can find some actual initial reactions to Windows 11.

Initial reactions are mixed, as is to be expected with any new release of an operating system. The look and feel is new, but it is not a huge departure from the Windows 10 look and feel. Some new features are well received such as the snap feature.

The shift of the taskbar (and start button) is the most popular topic of discussion online when it comes to Windows 11 reactions. Some love it and some do not. The best part about the shift of the taskbar is that you can adjust it in settings and move it back to its original location.

The best thing about reactions is that they garner attention, and thanks in part to all the online reactions and comments, Microsoft is continually improving Windows 11 through quality updates and annual feature releases.

“My 91-year-old Mum has found it easy!” Binns, Paul ITRG

“It mostly looks quite nice and runs well.” Jmbpiano, Reddit user

“It makes me feel more like a Mac user.” Chang, Ben Info-Tech

“At its core, Windows 11 appears to be just Windows 10 with a fresh coat of paint splashed all over it.” Rouse, Rick RicksDailyTips.com

“Love that I can snap between different page orientations.” Roberts, Jeremy Info-Tech

“I finally feel like Microsoft is back on track again.” Jawed, Usama Neowin

“A few of the things that seemed like issues at first have either turned out not to be or have been fixed with patches.” Jmbpiano, Reddit user

“The new interface is genuinely intuitive, well-designed, and colorful.” House, Brett AnandTech

“No issues. Have it out on about 50 stations.” Sandrews1313, Reddit User

“The most striking change is to the Start menu.” Grabham, Dan pocket-lint.com

How do I upgrade to Windows 11?

The process is very similar to applying updates in Windows 10.

• Windows 11 is offered as an upgrade through the standard Windows 10 update procedure. Windows Update will notify you when the Windows 11 upgrade is ready (assuming your device is eligible for Windows 11).
  • Allow the update (upgrade in this case) to proceed, reboot, and your endpoint will come back to life with Windows 11 installed and ready for you.
• A fresh install can be delivered by downloading the required Windows 11 installation media from the Microsoft Software Download site for Windows 11.
• Business users can control the timing and schedule of the Windows 11 rollout to corporate endpoints using Microsoft solutions such as WSUS, Configuration Manager, Intune and Endpoint Manager, or by using other endpoint management solutions.
• WSUS and Configuration Manager will have to sync the product category for Windows 11 to manage the deployment.
• Windows Update for Business policies will have to use the target version capability rather than using the feature update referrals alone.
• Organizations using Intune and a Microsoft 365 E3 license will be able to use the Feature Update Deployments page to select Windows 11.
• Other modern endpoint management solutions may also allow for a controlled deployment.

Info-Tech Insight

The upgrade itself may be a simple process but be prepared for the end-user reactions that will follow. Some will love it but others will despise it. It is not an optional upgrade in the long run, so everyone will have to learn to accept it.

When can I upgrade to Windows 11?

You can upgrade right now BUT there is no need to rush. Windows 11 was released in October 2021 but that doesn’t mean you have to upgrade everyone right away. Plan this out.

• Build deployment rings into your Windows 11 upgrade approach: This approach, also referred to as Canary Releases or deployment rings, allows you to ensure that IT can support users if there's a major problem with the upgrade. Instead of disrupting all end users, you are only disrupting a portion of end users.
  • Deploy the initial update to your test environment.
  • After testing is successful or changes have been made, deploy Windows 11 to your pilot group of users.
  • After the pilot group gives you the thumbs up, deploy to the rest of production in phases. Phases are sometimes by office/location, sometimes by department, sometimes by persona (i.e. defer people that don't handle updates well), and usually by a combination of these factors.
  • Increase the size of each ring as you progress.
• Always back up your data before any upgrade.

Deployment Ring Example

Pilot Ring - Individuals from all departments - 10 users

Ring #1 - Dev, Finance - 20 Users

Ring #2 - Research - 100 Users

Ring #3 - Sales, IT, Marketing - 500 Users

Upgrade your eligible devices and users to Windows 11

Build Windows 11 Deployment Rings

Instructions:

1. Identify who will be in the pilot group. Use individuals instead of user groups.
2. Identify how many standard rings you need. This number will be based on the total number of employees per office.
3. Map groups to rings. Define which user groups will be in each ring.
4. Allow some time to elapse between upgrades. Allow the first group to work with Windows 11 and identify any potential issues that may arise before upgrading the next group.
5. Track and communicate. Record all information into a spreadsheet like the one on the right. This will aid in communication and tracking.

What are my options if my devices cannot upgrade to Windows 11?

Don’t rush out to replace all the ineligible endpoint devices. You have some time to plan this out. Windows 10 will be available and supported by Microsoft until October 2025.

Use asset management strategies and budget techniques in your Windows 11 upgrade approach:

• Start with current inventory and determine which devices will not be eligible for upgrade to Windows 11.
• Prioritize the devices for replacement, taking device age, the role of the user the device supports, and delivery times for remote users into consideration.
• Take this opportunity to review overall device offerings and end-user compute strategy. This will help decide which devices to offer going forward while improving end-user satisfaction.
• Determine the cost for replacement devices:
  • Compare vendor offerings using an RFP process.
• Use the hardware asset management planning spreadsheet on the next slide to budget for the replacements over the coming months leading up to October 2025.

Leverage Info-Tech research to improve your end-user computing strategy and hardware asset management processes:

New to End User Computing Strategies? Start with Modernize and Transform Your End-User Computing Strategy.

New to IT asset management? Use Info-Tech’s Implement Hardware Asset Management blueprint.

Use Info-Tech’s HAM Budgeting Tool to plan your hardware asset budget

Build a Windows 11 Device Replacement Budget

The link below will open up a hardware asset management (HAM) budgeting tool. This tool can easily be modified to assist in developing and justifying the budget for hardware assets for the Windows 11 project. The tool will allow you to budget for hardware asset refresh and to adjust the budget as needed to accommodate any changes. Follow the instructions on each tab to complete the tool.

A sample of a possible Windows 11 budgeting spreadsheet is shown on the right, but feel free to play with the HAM budgeting tool to fit your needs.

HAM Budgeting Tool

Related Info-Tech Research

Modernize and Transform Your End-User Computing Strategy

This project helps support the workforce of the future by answering the following questions: What types of computing devices, provisioning models, and operating systems should be offered to end users? How will IT support devices? What are the policies and governance surrounding how devices are used? What actions are we taking and when? How do end-user devices support larger corporate priorities and strategies?

Implement Hardware Asset Management

This project will help you analyze the current state of your HAM program, define assets that will need to be managed, and build and involve the ITAM team from the beginning to help embed the change. It will also help you define standard policies, processes, and procedures for each stage of the hardware asset lifecycle, from procurement through to disposal.

Bibliography

aczechowski, et al. “Windows 11 Requirements.” Microsoft, 3 June 2022. Accessed 13 June 2022.

Binns, Paul. Personal interview. 07 June 2022.

Butler, Sydney. “What Is Trusted Platform Module (TPM) and How Does It Work?” Help Desk Geek, 5 August 2021. Accessed 18 May 2022.

Carklin, Nicolette. “The Unprecedented Growth of the Chromebook Education Market Share.” Parallels International GmbH, 26 October 2021. Accessed 19 May 2022.

Chang, Ben. Personal interview. 26 May 2022.

Cunningham, Andrew. “Why Windows 11 has such strict hardware requirements, according to Microsoft.” Ars Technica, 27 August 2021. Accessed 19 May 2022.

Dealnd-Han, et al. “Windows Processor Requirements.” Microsoft, 9 May 2022. Accessed 18 May 2022.

“Desktop Operating Systems Market Share Worldwide.” Statcounter Globalstats, June 2021–June 2022. Accessed 17 May 2022.

“Devices for education.” Microsoft, 2022. Accessed 13 June 2022.

Duke, Kent. “Chromebook sales skyrocketed in Q3 2020 with online education fueling demand.” Android Police, 16 November 2020. Accessed 18 May 2022.

Grabham, Dan. “Windows 11 first impressions: Our initial thoughts on using Microsoft's new OS.” Pocket-Lint, 24 June 2021. Accessed 3 June 2022.

Hachman, Mark. “Why is there a Windows 11 if Windows 10 is the last Windows?” PCWorld, 18 June 2021. Accessed 17 May 2022.

Howse, Brett. “What to Expect with Windows 11: A Day One Hands-On.” Anandtech, 16 November 2020. Accessed 3 June 2022.

Hruska, Joel. “Chromebooks Gain Market Share as Education Goes Online.” Extremetech, 26 October 2020. Accessed 19 May 2022.

Jawed, Usama. “I am finally excited about Windows 11 again.” Neowin, 26 February 2022. Accessed 3 June 2022.

Jmbpiano. “Windows 11 - What are our initial thoughts and feelings?” Reddit, 22 November 2021. Accessed 3 June 2022.

Lumunge, Erick. “UEFI and Legacy boot.” OpenGenus, n.d. Accessed 18 May 2022.

Bibliography

Mandaro, Laura. “Chromebooks Gain Share of Education Market Despite Shortages.” The Information, 9 September 2020. Accessed 19 May 2022.

Murtaza, Fawad. “What Is Virtualization Based Security in Windows?” Valnet Inc, 24 October 2021. Accessed 17 May 2022.

Roberts, Jeremy. Personal interview. 27 May 2022.

Rouse, Rick. “My initial thoughts about Windows 11 (likes and dislikes).” RicksDailyTips.com, 5 September 2021. Accessed 3 June 2022.

Sandrews1313. “Windows 11 - What are our initial thoughts and feelings?” Reddit, 22 November 2021. Accessed 3 June 2022.

“The Matrix Quotes." Quotes.net, n.d. Accessed 18 May 2022.

Thurrott, Paul.” Google: 40 Million Chromebooks in Use in Education.” Thurrott, 21 January 2020. Accessed 18 May 2022.

Vaughan-Nichols, Steven J. “The real reason for Windows 11.” Computerworld, 6 July 2021, Accessed 19 May 2022.

“Virtual Machine Support.” Microsoft,3 June 2022. Accessed 13 June 2022.

“What are DirectX 12 compatible graphics and WDDM 2.x.” Wisecleaner, 20 August 2021. Accessed 19 May 2022.

“Windows 11 Specs and System Requirements.” Microsoft, 2022. Accessed 13 June 2022.

“Windows Display Driver Model.” MiniTool, n.d. Accessed 13 June 2022.

Get Started With FinOps

FinOps goes beyond identifying cloud savings. It empowers every cloud user to maximize the value of their spend.

Executive Brief

Analyst Perspective

The first step of FinOps is collectively realizing that maximizing value is every cloud user's responsibility.

Natalie Sansone, PhD Research Director, Infrastructure & Operations Info-Tech Research Group

As cloud adoption increases, and with it the complexity of cloud environments, managing and optimizing cloud spend has become both a top challenge and priority for IT organizations. In response, the practice of FinOps has emerged to help organizations maximize the value they get from the cloud. As its popularity surges, organizations are told they must do FinOps, but many feel their practice is not yet mature. One of their biggest obstacles is empowering engineers and other cloud users to work toward this shared goal with other teams. To grow and mature your FinOps practice, your first challenge is breaking down silos, encouraging collaboration across varying business units, and getting all cloud users to be accountable for their cloud usage and spend and to understand the shared goals of FinOps. Beyond finding ways to reduce cloud costs, FinOps is a cultural shift that enables better collaboration between distributed teams. It allows them to leverage data to identify opportunities to maximize business value from cloud investments. Whether you’re starting the FinOps journey or looking to mature your practice, this blueprint will help you organize by defining the required role and tasks. Then you can work through a collective exercise to ensure everyone understands who is involved and responsible for each activity. You’ll gain the information you need and be better positioned to continuously improve and mature your processes, but success begins with everyone understanding that FinOps is a shared responsibility.

Executive Summary

Info-Tech Insight

FinOps is not just about driving cloud savings. It’s a cultural shift empowering every cloud user to maximize the value of their spend. The first step of FinOps is therefore to help everyone understand their share of responsibility.

What is FinOps?

Definition

“FinOps is an evolving cloud financial management discipline and cultural practice that enables organizations to get maximum business value by helping engineering, finance, technology, and business teams to collaborate on data-driven spending decisions.”

Definition Updated: November 2021 by the FinOps Foundation Technical Advisory Council

The ultimate purpose of FinOps is to bring business value to your organization by reducing cloud waste.

• FinOps is the people, processes, and tools you use to eliminate waste and ensure you get the most value from your cloud spend.
• FinOps is the framework within which teams can operate to ensure they are optimizing their use of cloud resources.
• FinOps brings financial accountability to cloud spend.
• FinOps is a culture practice where everyone collaborates and takes ownership for their cloud usage while being supported and governed by a central group. It breaks down silos so teams that haven’t worked closely together in the past collaborate toward shared goals.
• It brings financial accountability and cultural change to cloud spend by enabling distributed teams to better collaborate and leverage data to decide where/when to invest in cloud for maximum business value.
• FinOps is not done by an individual or just one team. It’s a change in the way that many disparate teams work together, from engineering to finance to business teams.

Common misconceptions about FinOps

1 “What is FinOps?” FinOps Foundation, 2023

FinOps’ popularity has exploded in recent years

2012 - The practice of FinOps begins to emerge through early scalers in public cloud like Adobe and Intuit

2017 - Many IT departments begin to use the cloud for limited use cases, but very few enterprises are all in the cloud

2019 - Many companies begin moving to a cloud-first strategy, shifting IT spend from capital to operational expenditure (CapEx to OpEx), complicating cloud bills

February 2019 - The FinOps Foundation is born out of Cloudability’s Customer Advisory Board meeting where many cloud practitioners discuss the need for a community of practitioners

June 2020 - The FinOps Foundation merges with Linux Foundation and sets the standard for cloud financial management

Sources: Carr, 2022; Linux Foundation, 2023, Storment & Fuller, 2023.

Where did the term come from?

The term FinOps has risen in popularity over the last few years. Originally, organizations used the term cloud cost management, then cloud cost optimization, then more broadly, cloud financial management. The latter has now been largely replaced by FinOps.

Why is FinOps so essential? (1/2)

The shift from fixed to variable spend has changed the way organizations must manage and report on costs.

In the traditional data center era:

• The enterprise procured infrastructure through large capital refreshes of data center hardware.
• Infrastructure teams tried their best to avoid running out of storage before the next hardware refresh. Equipment was intentionally oversized to accommodate unexpected growth.
• IT teams would not worry about how much infrastructure resources they consumed, provided they stayed within planned capacity limits. If capacity ran low, resource usage would be adjusted.
• The business might not like laying out large capital expenditures, but it had full visibility into the cost and got to approve spending in advance using financial controls.
• Monthly costs were well-understood and monthly or infrequent reporting was acceptable because day-to-day costs did not vary.
• Mature organizations might chargeback or showback costs to application teams based on number of virtual machines or other measures, but traditional on-premises chargeback wouldn't save money overall.

Why is FinOps so essential? (2/2)

The shift from fixed to variable spend has changed the way organizations must manage and report on costs.

In the cloud era:

• Infrastructure resources must no longer be provisioned in advance through spending capital budgets.
• Capacity management isn’t a major concern. Spare capacity is always available, and savings can result from not paying for unnecessary capacity.
• Cloud services often offer pay-as-you-go pricing models, allowing more control and flexibility to pay only for the resources you consume.
• When services use more resources than they need, running costs increase. Cost reductions are realized through reducing the size of allocated resources.
• The variable consumption model can reduce operating costs but can make budgeting and forecasting difficult. IT and the business can no longer predict what they will pay for infrastructure resources.
• Billing is no longer straightforward and monthly. Resources are individually charged in micro amounts. Costs must be regularly reviewed as unexpected or forgotten resource usage can add up significantly.

Managing cloud spend remains a challenge for many organizations

Given the variable nature of cloud costs and complex pricing structures, it can be easy to overspend without mature FinOps processes in place. Indeed, 82% of organizations cite managing cloud spend as one of their top challenges.

Respondents reported that public cloud spend was over budget by an average of 18%, up from 13% the previous year.

Source: Flexera 2023 State of the Cloud Report, n=750

While FinOps adoption has rapidly increased, maturity has not

Most organizations understand the value of FinOps but are not mature in their practice.

NetApp’s 2023 State of CloudOps Report found that:

96% say FinOps is important to their cloud strategy

9% have a mature FinOps practice

92% report that they struggle with FinOps

Source: NetApp, 2023 State of CloudOps Report, n=310 IT decision makers in the United States responsible for public cloud infrastructure investments.

Flexera’s 2023 State of the Cloud report found that 72% of organizations have a dedicated FinOps team.

Flexera’s annual report also found that year over year, cloud cost responsibilities are increasingly shifting away from Finance/Accounting and Vendor Management teams and over to FinOps teams as they emerge and mature.

Source: Flexera, 2023 State of the Cloud Report, n=750 decision-makers and users around the world

Make Sense of Strategic Portfolio Management

Separate what's new and valuable from bloated claims on the hype cycle.

Analyst Perspective

Do you need strategic portfolio management, or do you need to do portfolio management more strategically?

Travis Duncan
Research Director, PPM and CIO Strategy
Info-Tech Research Group

While the market is eager to get users into what they're calling "strategic portfolio management," there's a lot of uncertainty out there about what this market is and how it's different from other, more established portfolio disciplines – most significantly, project portfolio management.

Indeed, if you look at how the space is covered within the industry, you'll encounter a dog's breakfast of players, a comparison of apples and oranges: Jira in the same quadrants as Planisware, Smartsheets in the same profiles as Planview and ServiceNow. While each of the individual players is impressive, their areas of focus are unique and the extent to which they should be compared together under the category of strategic portfolio management is questionable.

It speaks to some of the grey area within the SPM space more generally, which is at a bit of a crossroads: Will it formally shed the guardrails of its antecedents to become its own space, or will it devolve into a bait and switch through which capabilities that struggled to gain much traction beyond IT settings seek to infiltrate the business and grow their market share under a different name?

Part of it is up to the rest of us as users and potential customers. Clarifying what we need before we jump into something simply because our prior attempts failed will help determine whether we need a unique space for strategic portfolio management or whether we simply need to do portfolio management more strategically.

Executive Summary

Info-Tech Insight
In the same way that it took many years for PPM to stabilize as a concept distinct from traditional enterprise project management, strategic portfolio management is experiencing a similar period of formational uncertainty. In a space that can be all things to all users, clarify your actual needs before jumping onto a bandwagon and ending up with something that you don't need, and that the organization can't adopt.

Strategic portfolio management is enterprise portfolio management

Evolved from various other capabilities and vendor solutions, strategic portfolio management (SPM) seeks to connect strategy to execution.

While the concept of 'strategic portfolio management' has been written about within project portfolio management circles for nearly 20 years, SPM, as a distinct organizational competence and software category, is a relatively new and largely vendor-driven capability.

First emerging in the discourse during the mid-to-late 2010s, SPM has evolved from its roots in traditional enterprise project portfolio management. Though, as we will discuss, it has other antecedents not limited to PPM.

In this publication, we'll unpack what SPM is, how it is distinct (and, in turn, how it is not distinct) from PPM and other capabilities, and we will consider the extent to which your organization can and should leverage an SPM application to help drive strategic outcomes.

–The increasing need to deliver value from digital initiatives is giving rise to strategic portfolio management, a digital investment management discipline that enables strategy realization in complex dynamic environments."
– OnePlan, "Is Strategic Portfolio Management the Future of PPM?"

Only 2% of business leaders are confident that they will achieve 80% to 100% of their strategic objectives.
Source: Smith, 2022

Put strategic portfolio management in context

SPM is a new stage in the history of project portfolio management more generally. While it's emerging as a distinct capability, and it borrows from capabilities beyond PPM, unpacking its distinctiveness is best done by first understanding its source.

Understand the recent triggers for strategic portfolio management

Triggers for the emergence of strategic portfolio management in the discourse include the pace of technology-introduced change, the waning of enterprise project management, and challenges around enterprise PPM tool adoption.

Spot the difference?

Scope, focus, and audience are just a few of the factors distinguishing what the market calls "SPM" from traditional PPM.

Info-Tech Insight
The distinction between the two capabilities is not necessarily as black and white as the table above would have it (some "PPM" tools offer what we're identifying above as "SPM" capabilities), but it can be helpful to think in these binaries when trying to distinguish the two capabilities. At the very least, SPM broadens its scope to target more executive and business users, and functions best when it's speaking at a higher level, to a business audience.

Strategic portfolio management offers a more holistic view of the enterprise

At its best, strategic portfolio management can accommodate various paradigms of work management and incorporate different types of portfolio management.

Perhaps the biggest evolution from traditional PPM that strategic portfolio management promises is that it casts a wider net in terms of the types of work it tracks (and how it tracks that work) and the types of portfolios it accommodates.

Not bound to the concepts of "projects" and a "project portfolio" specifically, SPM broadens its scope to encompass capabilities like product and product portfolio management, enterprise architecture management, security and risk management, and more.

• Where a PPM solution only shows one piece of the puzzle, SPM looks at the entire investment ecosystem, tracking strategic goals, the ideas generated to help achieve those goals, and all the various kinds of investments made in the service of those goals.
• what's more, where traditional PPM tools required users to adhere to a certain way of working and managing tasks, SPM is more flexible, relying on integrations across various ways of working to provide higher-level insight on the progress of work and the achievement of goals.

Deliver business strategy and change effectively

"An SPM tool will capture business strategy, business capabilities, operating models, the enterprise architecture and the project portfolio with unmatched visibility into how they all relate. This will give...a robust understanding of the impact of a proposed IT change " and enable IT and business to act like cocreators driving innovation."
– Paula Ziehr

You might need a strategic portfolio management tool if–

If you find yourself facing any of these situations, it might be time to step away from your PPM tool and into an SPM approach:

• Your organization is facing a large implementation that will cross multiple departmental units and requires alignment across senior leadership (e.g. a digital transformation initiative).
• You currently have disparate systems tracking different portfolios (project, product, applications, etc.) and types of investments, but lack insight into the whole in terms of how work efforts and investments tie back to strategy realization.
• You are an ePMO or a strategy realization office that doesn't manage work necessarily, but that rather ensures that the work, assets, and capabilities that are funded connect to strategy and drive the realization of strategy.

Sixty one percent of leaders acknowledge their companies struggle to bridge the gap between creating a strategy and executing on that strategy.
Source: StrategyBlocks, 2020

Get to know your strategic portfolio management stakeholders

In terms of users, SPM's focus is further up the org chart than most applications, relying on high-level but usable outputs to help drive decision making.

What should you look for in a strategic portfolio management tool? (1 of 2)

Standard features for SPM include:

What should you look for in a strategic portfolio management tool? (2 of 2)

Advanced features for SPM can include:

What's promising within the space?

As this space continues to stabilize, the following are some promising associations for business and IT enablement.

What's of concern within the space?

As a progeny from other capabilities, SPM has some risks and connotations potential users should be wary of.

Does your organization need a strategic portfolio management tool?

Use Info-Tech's Strategic Portfolio Management Needs Assessment to gauge your readiness for SPM.

• As noted in previous places in this deck, there is often a grey area in the market between project portfolio management tools and strategic portfolio management tools.
• Some PPM tools offer SPM functionality, while some SPM tools avoid traditional PPM outcomes and stay at a higher, strategic level.
• Depending on the scope of your PMO or portfolio optimization needs, you may need a tool that has just one, or both, of these capabilities.
• Use Info-Tech's Strategic Portfolio Management Needs Assessment to help you assess whether you require a high-level strategy management tool, a more low-level project portfolio management tool, or a mix of both.

Download Info-Tech's Strategic Portfolio Management Needs Assessment

1.1 Assess your needs

10 to 20 minutes

1. The Strategic Portfolio Management Needs Assessment is a 41-question survey broken up into three parts: (1) PMO Type, (2) Features and Functionality, (3) Roles.
2. Go through each section using the provided dropdowns to help identify the orientation of your PMO, the feature and functionality needs of your office, as well as the roles whose needs will need to be serviced through the potential tool implementation.

This screenshot shows a sample output from the assessment. Based upon your inputs, you'll be grouped within three ranges:

1. Green: Based upon your inputs, you will benefit from an SPM tool.
2. Yellow: You may benefit from an SPM tool, but you may also require something more traditional. Clarify your requirements before proceeding.
3. Red: you're unlikely to leverage many of the benefits of an SPM tool at this time. Look for a more tactical solution.

Explore the SPM vendor landscape

Use Info-Tech's application selection resources to help find the right solution for your organization.

If the analysis in the previous slides suggested you can benefit from an SPM tool, you can quick-start your vendor evaluation process with SoftwareReviews.

SoftwareReviews has extensive coverage of not just the SPM space, but of the project portfolio management (pictured to the top right) and project management spaces as well. So, from the tactical to the strategic, SoftwareReviews can help you find the right tools.

Further, as you settle in on a shortlist, you can begin your vendor analysis using our rapid application selection methodology (see framework on bottom right). For more information see our The Rapid Application Selection Framework blueprint.

Info-Tech's Rapid Application Selection Framework (RASF)

Related Info-Tech Research

Develop a Project Portfolio Management Strategy
Drive IT project throughput by throttling resource capacity.

Prepare an Actionable Roadmap for your PMO
Turn planning into action with a realistic PMO timeline.

Maintain an Organized Portfolio
Align portfolio management practices with COBIT (APO05: Manage Portfolio)

Bibliography

Angliss, Katy, and Pete Harpum. Strategic Portfolio Management: In the Multi-Project and Program Organization. Book. Routledge. 30 Dec. 2022.

Anthony, James. "95 Essential Project Management Statistics: 2022 Market Share & Data Analysis." Finance Online. 2022. Web. Accessed 21 March 2022

Banham, Craig. "Integrating strategic planning with portfolio management." Sopheon. Webinar. Accessed 6 Feb. 2023.

Garfein, Stephen J. "Executive Guide to Strategic Portfolio Management: roadmap for closing the gap between strategy and results." PMI. Conference Paper. Oct. 2007. Accessed 6 Feb. 2023.

Garfein, Stephen J. "Strategic Portfolio Management: A smart, realistic and relatively fast way to gain sustainable competitive advantage." PMI. Conference Paper. 2 March 2005. Accessed 6 Feb. 2023.

Hontar, Yulia. "Strategic Portfolio Management." PPM Express. Blog 16 June 2022. Accessed 6 Feb. 2023.

Milsom, James. "6 Strategic Portfolio Management Trends for 2023." i-nexus. Blog. 25 Jan. 2022. Accessed 6 Feb. 2023.

Milsom, James. "Strategic Portfolio Management 101." i-nexus. 8 Dec. 2021. Blog . Accessed 6 Feb. 2023.

OnePlan, "Is Strategic Portfolio Management the Future of PPM?" YouTube. 17 Nov. 2022. Accessed 6 Feb. 2023.

OnePlan. "Strategic Portfolio Management for Enterprise Agile." YouTube. 27 May 2022. Accessed 6 Feb. 2023.

Piechota, Frank. "Strategic Portfolio Management: Enabling Successful Business Outcomes." Shibumi. Blog . 31 May 2022. Accessed 6 Feb. 2023.

ServiceNow. "Strategic Portfolio Management—The Thing You've Been Missing." ServiceNow. Whitepaper. 2021. Accessed 6 Feb. 2023.

Smith, Shepherd, "50+ Eye-Opening Strategic Planning Statistics" ClearPoint Strategy. Blog. 13 Sept. 2022. Accessed 6 Feb. 2023.

SoftwareAG. "What is Strategic Portfolio Management (SPM)?" SoftwareAG. Blog. Accessed 6 Feb. 2023.

Stickel, Robert. "What It Means to be Adaptive." OnePlan. Blog. 24 May 2021. Accessed 6 Feb. 2023.

UMT360. "What is Strategic Portfolio Management?" YouTube. Webinar. 22 Oct. 2020. Accessed 6 Feb. 2023.

Wall, Caroline. "Elevating Strategy Planning through Strategic Portfolio Management." StrategyBlocks. Blog. 26 Feb. 2020. Accessed 6 Feb. 2023.

Westmoreland, Heather. "What is Strategic Portfolio Management." Planview. Blog. 19 Oct 2002. Accessed 6 Feb. 2023.

Wiltshire, Andrew. "Shibumi Included in Gartner Magic Quadrant for Strategic Portfolio Management for the 2nd Straight Year." Shibumi. Blog. 20 Apr. 2022. Accessed 6 Feb. 2023.

Ziehr, Paula. "Keep your eye on the prize: Align your IT investments with business strategy." SoftwareAG. Blog. 5 Jul. 2022. Accessed 6 Feb. 2023.

Identify and Build the Data & Analytics Skills Your Organization Needs

Blending soft skills with deep technical expertise is essential for building successful data & analytics teams.

Analyst Perspective

Blending soft skills with deep technical expertise is essential for building successful data & analytics teams.

In today's changing environment, data & analytics (D&A) teams have become an essential component, and it is critical for organizations to understand the skill and talent makeup of their D&A workforce. Chief data & analytics officers (CDAOs) or other equivalent data leaders can train current data employees or hire proven talent and quickly address skills gaps.

While developing technical skills is critical, soft skills are often left underdeveloped, yet lack of such skills is most likely why the data team would face difficulty moving beyond managing technology and into delivering business value.

Follow Info-Tech's methodology to identify and address skills gaps in today's data workplace. Align D&A skills with your organization's data strategy to ensure that you always have the right skills at the right time.

Ruyi Sun
Research Specialist,
Data & Analytics, and Enterprise Architecture
Info-Tech Research Group

Executive Summary

Your Challenge

The rapid technological evolution in platforms, processes, and applications is leading to gaps in the skills needed to manage and use data. Some critical challenges organizations with skills deficiencies might face include:

• Time loss due to delayed progress and reworking of initiatives
• Poor implementation quality and low productivity
• Reduced credibility of data leader and data initiatives

Common Obstacles

Some common obstacles that could prevent you from identifying and building the data and analytics (D&A) skills your organization needs are:

• Lack of resources and knowledge to secure professionals with the right mixed D&A skills and the right experience/skill level
• Lack of well-formulated and robust data strategy
• Neglecting the value of soft skills and placing all your attention on technical skills

Info-Tech's Approach

Follow Info-Tech's guidance on the roles and skills required to support your D&A strategic growth objectives and how to execute an actionable plan:

• Define skills required for each essential data and analytics role
• Identify roles and skills gap in alignment with your current data strategy
• Establish action plan to close the gaps and reduce risks

Info-Tech Insight

Skills gaps are a frequently named obstacle to realizing corporate goals for D&A. Soft skills and technical skills are complementary, and a D&A team needs both to perform effectively. Identify the essential skills and the gap with current skills required by your organization's data strategy to ensure the right skill is available at the right time and to minimize applicable risks.

The rapidly changing environment is impacting the nature of work

Scarcity of data & analytics (D&A) skills

• Data is one of the most valuable organizational assets, and regardless of your industry, data remains the key to informed decision making. More than 75% of businesses are looking to adopt technologies like big data, cloud computing, and artificial intelligence (AI) in the next five years (World Economic Forum, 2023). As organizations pivot in response to industry disruptions and technological advancements, the nature of work is changing, and the demand for data expertise has grown.
• Despite an increasing need for data expertise, organizations still have trouble securing D&A roles due to inadequate upskilling programs, limited understanding of the skills required, and more (EY, 2022). Notably, scarce D&A skills have been critical. More workers will need at least a base level of D&A skills to adequately perform their jobs.

Organizations struggle to remain competitive when skills gaps aren't addressed

Organizations identify skills gaps as the key barriers preventing industry transformation:

60% of organizations identify skills gaps as the key barriers preventing business transformation (World Economic Forum, 2023)

43% of respondents agree the business area with the greatest need to address potential skills gaps is data analytics (McKinsey & Company, 2020)

Most organizations are not ready to address potential role disruptions and close skills gaps:

87% of surveyed companies say they currently experience skills gaps or expect them within a few years (McKinsey & Company, 2020)

28% say their organizations make effective decisions on how to close skills gaps (McKinsey & Company, 2020)

Neglecting soft skills development impedes CDOs/CDAOs from delivering value

According to BearingPoint's CDO survey, cultural challenges and limited data literacy are the main roadblocks to a CDO's success. To drill further into the problem and understand the root causes of the two main challenges, conduct a root cause analysis (RCA) using the Five Whys technique.

(Source: BearingPoint, 2020)

Five Whys RCA

Problem: Poor data literacy is the top challenge CDOs face when increasing the value of D&A. Why?

• People that lack data literacy find it difficult to embrace and trust the organization's data insights. Why?
• Data workers and the business team don't speak the same language. Why?
• No shared data definition or knowledge is established. Over-extensive data facts do not drive business outcomes. Why?
• Leaders fail to understand that data literacy is more than technical training, it is about encompassing all aspects of business, IT, and data. Why?
• A lack of leadership skills prevents leaders from recognizing these connections and the data team needing to develop soft skills.

Problem: Cultural challenge is one of the biggest obstacles to a CDO's success. Why?

• Decisions are made from gut instinct instead of data-driven insights, thus affecting business performance. Why?
• People within the organization do not believe that data drives operational excellence, so they resist change. Why?
• Companies overestimate the organization's level of data literacy and data maturity. Why?
• A lack of strategies in change management, continuous improvement & data literacy for data initiatives. Why?
• A lack of expertise/leaders possessing these relevant soft skills (e.g. change management, etc.).

As organizations strive to become more data-driven, most conversations around D&A emphasize hard skills. Soft skills like leadership and change management are equally crucial, and deficits there could be the root cause of the data team's inability to demonstrate improved business performance.

Data cannot be fully leveraged without a cohesive data strategy

Business strategy and data strategy are no longer separate entities.

• For any chief data & analytics officer (CDAO) or equivalent data leader, a robust and comprehensive data strategy is the number one tool for generating measurable business value from data. Data leaders should understand what skills are required to achieve these goals, consider the current skills gap, and build development programs to help employees improve those skills.
• Begin your skills development programs by ensuring you have a data strategy plan prepared. A data strategy should never be formulated independently from the business. Organizations with high data maturity will align such efforts to the needs of the business, making data a major part of the business strategy to achieve data centricity.
• Refer to Info-Tech's Build a Robust and Comprehensive Data Strategy blueprint to ensure data can be leveraged as a strategic asset of the organization.

Info-Tech Insight

The process of achieving data centricity requires alignment between the data and business teams, and that requires soft skills.

Follow Info-Tech's methodology to identify the roles and skills needed to execute a data strategy

1. Define Key Roles and Skills

   Digital Leadership Skills, Soft Skills, Technical Skills

   Key Output

   • Defined essential competencies, responsibilities for some common data roles

2. Uncover the Skills Gap

   Data Strategy Alignment, High-Level Data Maturity Assessment, Skills Gap Analysis

   Key Output

   • Data roles and skills aligned with your current data strategy
   • Identified current and target state of data skill sets

3. Build an Actionable Plan

   Initiative Priority, Skills Growth Feasibility, Hiring Feasibility

   Key Output

   • Identified action plan to address the risk of data skills deficiency

Info-Tech Insight

Skills gaps are a frequently named obstacle to realizing corporate goals for D&A. Soft skills and technical skills are complementary, and a D&A team needs both to perform effectively. Identify the essential skills and the gap with current skills that fit your organization's data strategy to ensure the right skill is available at the right time and to minimize applicable risks.

Research benefits

Member benefits

• Reduce time spent defining the target state of skill sets.
• Gain ability to reassess the feasibility of execution on your data strategy, including resources and timeline.
• Increase confidence in the data leader's ability to implement a successful skills development program that is aligned with the organization's data strategy, which correlates directly to successful business outcomes.

Business benefits

• Reduce time and cost spent hiring key data roles.
• Increase chance of retaining high-quality data professionals.
• Reduce time loss for delayed progress and rework of initiatives.
• Optimize quality of data initiative implementation.
• Improve data team productivity.

Insight summary

Overarching insight

Skills gaps are a frequently named obstacle to realizing corporate goals for D&A. Soft skills and technical skills are complementary, and a D&A team needs both to perform effectively. Identify the essential skills and the gap with current skills that fit your organization's data strategy to ensure the right skill is available at the right time and to minimize applicable risks.

Phase 1 insight

Technological advancements will inevitably require new technical skills, but the most in-demand skills go beyond mastering the newest technologies. Soft skills are essential to data roles as the global workforce navigates the changes of the last few years.

Phase 2 insight

Understanding and knowing your organization's data maturity level is a prerequisite to assessing your current skill and determining where you must align in the future.

Phase 3 insight

One of the misconceptions that organizations have includes viewing skills development as a one-time effort. This leads to underinvestment in data team skills, risk of falling behind on technological changes, and failure to connect with business partners. Employees must learn to continuously adapt to the changing circumstances of D&A.

While the program must be agile and dynamic to reflect technological improvements in the development of technical skills, the program should always be anchored in soft skills because data management is fundamentally about interaction, collaboration, and people.

Tactical insight

Seeking input and support across your business units can align stakeholders to focus on the right data analytics skills and build a data learning culture.

Info-Tech offers various levels of support to best suit your needs

Guided Implementation

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is four to six calls over the course of two to three months.

What does a typical GI on this topic look like?

Identify and Build the Data & Analytics Skills Your Organization Needs

Phase 1

Define Key Roles and Skills

This phase will walk you through the following activities:

• 1.1 Review D&A Skill & Role List in Data & Analytics Assessment and Planning Tool

This phase involves the following participants:

• Data leads

Key resources for your data strategy: People

Having the right role is a key component for executing effective data strategy.

D&A Common Roles

• Data Steward
• Data Custodian
• Data Owner
• Data Architect
• Data Modeler
• Artificial Intelligence (AI) and Machine Learning (ML) Specialist
• Database Administrator
• Data Quality Analyst
• Security Architect
• Information Architect
• System Architect
• MDM Administrator
• Data Scientist
• Data Engineer
• Data Pipeline Developer
• Data Integration Architect
• Business Intelligence Architect
• Business Intelligence Analyst
• ML Validator

AI and ML Specialist is projected to be the fastest-growing occupation in the next five years (World Economic Forum, 2023).

While tech roles take an average of 62 days to fill, hiring a senior data scientist takes 70.5 days (Workable, 2019). Start your recruitment cycle early for this demand.

D&A Leader Roles

• Chief Data Officer (CDO)/Chief Data & Analytics Officer (CDAO)
• Data Governance Lead
• Data Management Lead
• Information Security Lead
• Data Quality Lead
• Data Product Manager
• Master Data Manager
• Content and Record Manager
• Data Literacy Manager

CDOs act as impactful change agents ensuring that the organization's data management disciplines are running effectively and meeting the business' data needs. Only 12.0% of the surveyed organizations reported having a CDO as of 2012. By 2022, this percentage had increased to 73.7% (NewVantage Partners, 2022).

Sixty-five percent of respondents said lack of data literacy is the top challenge CDOs face today (BearingPoint, 2020). It has become imperative for companies to consider building a data literacy program which will require a dedicated data literacy team.

Key resources for your data strategy: Skill sets

Distinguish between the three skills categories.

• Soft Skills

  Soft skills are described as power skills regarding how you work, such as teamwork, communication, and critical thinking.

• Digital Leadership Skills

  Not everyone working in the D&A field is expected to perform advanced analytical tasks. To thrive in increasingly data-rich environments, however, every data worker, including leaders, requires a basic technological understanding and skill sets such as AI, data literacy, and data ethics. These are digital leadership skills.

• Technical Skills

  Technical skills are the practical skills required to complete a specific task. For example, data scientists and data engineers require programming skills to handle and manage vast amounts of data.

Info-Tech Insight

Technological advancements will inevitably require new technical skills, but the most in-demand skills go beyond mastering the newest technologies. Soft skills are essential to data roles as the global workforce navigates the changes of the last few years.

Soft skills aren't just nice to have

They're a top asset in today's data workplace.

Leadership

• Data leaders with strong leadership abilities can influence the organization's strategic execution and direction, support data initiatives, and foster data cultures. Organizations that build and develop leadership potential are 4.2 times more likely to financially outperform those that do not (Udemy, 2022).

Business Acumen

• The process of deriving conclusions and insights from data is ultimately utilized to improve business decisions and solve business problems. Possessing business acumen helps provide the business context and perspectives for work within data analytics fields.

Critical Thinking

• Critical thinking allows data leaders at every level to objectively assess a problem before making judgment, consider all perspectives and opinions, and be able to make decisions knowing the ultimate impact on results.

Analytical Thinking

• Analytical thinking remains the most important skill for workers in 2023 (World Economic Forum, 2023). Data analytics expertise relies heavily on analytical thinking, which is the process of breaking information into basic principles to analyze and understand the logic and concepts.

Design Thinking & Empathy

• Design thinking skills help D&A professionals understand and prioritize the end-user experience to better inform results and assist the decision-making process. Organizations with high proficiency in design thinking are twice as likely to be high performing (McLean & Company, 2022).

Learning Focused

• The business and data analytics fields continue to evolve rapidly, and the skills, especially technical skills, must keep pace. Learning-focused D&A professionals continuously learn, expanding their knowledge and enhancing their techniques.

Change Management

• Change management is essential, especially for data leaders who act as change agents developing and enabling processes and who assist others with adjusting to changes with cultural and procedural factors. Organizations with high change management proficiency are 2.2 times more likely to be high performing (McLean & Company, 2022).

Resilience

• Being motivated and adaptable is essential when facing challenges and high-pressure situations. Organizations highly proficient in resilience are 1.8 times more likely to be high performing (McLean & Company, 2022).

Managing Risk & Governance Mindset

• Risk management ability is not limited to highly regulated institutions. All data workers must understand risks from the larger organizational perspective and have a holistic governance mindset while achieving their individual goals and making decisions.

Continuous Improvement

• Continuously collecting feedback and reflecting on it is the foundation of continuous improvement. To uncover and track the lessons learned and treat them as opportunities, data workers must be able to discover patterns and connections.

Teamwork & Collaboration

• Value delivery in a data-centric environment is a team effort, requiring collaboration across the business, IT, and data teams. D&A experts with strong collaborative abilities can successfully work with other teams to achieve shared objectives.

Communication & Active Listening

• This includes communicating with relevant stakeholders about timelines and expectations of data projects and associated technology and challenges, paying attention to data consumers, understanding their requirements and needs, and other areas of interest to the organization.

Technical skills for everyday excellence

Digital Leadership Skills

• Technological Literacy
• Data and AI Literacy
• Cloud Computing Literacy
• Data Ethics
• Data Translation

Data & Analytics Technical Competencies

• Data Mining
• Programming Languages (Python, SQL, R, etc.)
• Data Analysis and Statistics
• Computational and Algorithmic Thinking
• AI/ML Skills (Deep Learning, Computer Vision, Natural Language Processing, etc.)
• Data Visualization and Storytelling
• Data Profiling
• Data Modeling & Design
• Data Pipeline (ETL/ELT) Design & Management
• Database Design & Management
• Data Warehouse/Data Lake Design & Management

1.1 Review D&A Skill & Role List in the Data & Analytics Assessment and Planning Tool

Tab 2. Skill & Role List

Objective: Review the library of skills and roles and customize them as needed to align with your organization's language and specific needs.

Download the Data & Analytics Assessment and Planning Tool

Identify and Build the Data & Analytics Skills Your Organization Needs

Phase 2

Uncover the Skills Gap

This phase will walk you through the following activities:

• 2.1 High-level assessment of your present data management maturity
• 2.2 Interview business and data leaders to clarify current skills availability
• 2.3 Use the Data & Analytics Assessment and Planning Tool to Identify your skills gaps

This phase involves the following participants:

• Data leads
• Business leads and subject matter experts (SMEs)
• Key business stakeholders

Identify skills gaps across the organization

Gaps are not just about assigning people to a role, but whether people have the right skill sets to carry out tasks.

• Now that you have identified the essential skills and roles in the data workplace, move to Phase 2. This phase will help you understand the required level of competency, assess where the organization stands today, and identify gaps to close.
• Using the Data & Analytics Assessment and Planning Tool, start with areas that are given the highest priority through a high-level maturity assessment. From there, three levels of gaps will be found: whether people are assigned to a particular position, the right combination of D&A skill sets, and the right competency level for each skill.

• Lack of talent assigned to a position

• Lack of the right combination of D&A skill sets

• Lack of appropriate competency level

Info-Tech Insight

Understanding your organization's data maturity level is a prerequisite to assessing the skill sets you have today and determining where you need to align in the future.

2.1 High-level assessment of your present data management maturity

Identifying and fixing skills gaps takes time, money, and effort. Focus on bridging the gap in high-priority areas.

Input: Current state capabilities, Use cases (if applicable), Data culture diagnostic survey results (if applicable)
Output: High-level maturity assessment, Prioritized list of data management focused area
Materials: Data Management Assessment and Planning Tool (optional), Data & Analytics Assessment and Planning Tool
Participants: Data leads, Business leads and subject matter experts (SMEs), Key business stakeholders

Objectives:

Prioritize these skills and roles based on your current maturity levels and what you intend to accomplish with your data strategy.

Steps:

1. (Optional Step) Refer to the Build a Robust and Comprehensive Data Strategy blueprint. You can assess your data maturity level using the following frameworks and methods:
   • Review current data strategy and craft use cases that represent high-value areas that must be addressed for their teams or functions.
   • Use the data culture assessment survey to determine your organization's data maturity level.
2. (Optional Step) Refer to the Create a Data Management Roadmap blueprint and Data Management Assessment and Planning Tool to dive deep into understanding and assessing capabilities and maturity levels of your organization's data management enablers and understanding your priority areas and specific gaps.
3. If you have completed Data Management Assessment and Planning Tool, fill out your maturity level scores for each of the data management practices within it - Tab 3 (Current-State Assessment). Skip Tab 4 (High-Level Maturity Assessment).
4. If you have not yet completed Data Management Assessment and Planning Tool, skip Tab 3 and continue with Tab 4. Assign values 1 to 3 for each capability and enabler.
5. You can examine your current-state data maturity from a high level in terms of low/mid/high maturity using either Tabs 3 or 4.
6. Suggested focus areas along the data journey:
   • Low Maturity = Data Strategy, Data Governance, Data Architecture
   • Mid Maturity = Data Literacy, Information Management, BI and Reporting, Data Operations Management, Data Quality Management, Data Security/Risk Management
   • High Maturity = MDM, Data Integration, Data Product and Services, Advanced Analytics (ML & AI Management).

Download the Data & Analytics Assessment and Planning Tool

2.2 Interview business and data leaders to clarify current skills availability

1-2 hours per interview

Input: Sample questions targeting the activities, challenges, and opportunities of each unit
Output: Identified skills availability
Materials: Whiteboard/Flip charts, Data & Analytics Assessment and Planning Tool
Participants: Data leads, Business leads and subject matter experts (SMEs), Key business stakeholders

Instruction:

1. Conduct a deep-dive interview with each key data initiative stakeholder (data owners, SMEs, and relevant IT/Business department leads) who can provide insights on the skill sets of their team members, soliciting feedback from business and data leaders about skills and observations of employees as they perform their daily tasks.
2. Populate a current level of competency for each skill in the Data & Analytics Assessment and Planning Tool in Tabs 5 and 6. Having determined your data maturity level, start with the prioritized data management components (e.g. if your organization sits at low data maturity level, start with identifying relevant positions and skills under data governance, data architecture, and data architecture elements).
3. More detailed instructions on how to utilize the workbook are at the next activity.

Key interview questions that will help you :

1. Do you have personnel assigned to the role? What are their primary activities? Do the personnel possess the soft and technical skills noted in the workbook? Are you satisfied with their performance? How would you evaluate their degree of competency on a scale of "vital, important, nice to have, or none"? The following aspects should be considered when making the evaluation:
   • Key Performance Indicators (KPIs): Business unit data will show where the organization is challenged and will help identify potential areas for development.
   • Project Management Office: Look at successful and failed projects for trends in team traits and competencies.
   • Performance Reviews: Look for common themes where employees excel or need to improve.
   • Focus Groups: Speak with a cross section of employees to understand their challenges.
2. What technology is currently used? Are there requirements for new technology to be bought and/or optimized in the future? Will the workforce need to increase their skill level to carry out these activities with the new technology in place?

Download the Data & Analytics Assessment and Planning Tool

2.3 Use the Data & Analytics Assessment and Planning Tool to identify skills gaps

1-3 hours — Not everyone needs the same skill levels.

Input: Current skills competency, Stakeholder interview results and findings
Output: Gap identification and analysis
Materials: Data & Analytics Assessment and Planning Tool
Participants: Data leads

Instruction:

1. Select your organization's data maturity level in terms of Low/Mid/High in cell A6 for both Tab 5 (Soft Skills Assessment) and Tab 6 (Technical Skills Assessment) to reduce irrelevant rows.
2. Bring together key business stakeholders (data owners, SMEs, and relevant IT custodians) to determine whether the data role exists in the organization. If yes, assign a current-state value from “vital, important, nice to have, or none” for each skill in the assessment tool. Info-Tech has specified the desired/required target state of each skill set.
3. Once you've assigned the current-state values, the tool will automatically determine whether there is a gap in skill set.

Download the Data & Analytics Assessment and Planning Tool

Identify and Build the Data & Analytics Skills Your Organization Needs

Phase 3

Build an Actionable Plan

This phase will walk you through the following activities:

• 3.1 Use the Data & Analytics Assessment and Planning Tool to build your actionable roadmap

This phase involves the following participants:

• Data leads
• Business leads and subject matter experts (SMEs)
• Key business stakeholders

Determine next steps and decision points

There are three types of internal skills development strategies

• There are three types of internal skills development strategies organizations can use to ensure the right people with the right abilities are placed in the right roles: reskill, upskill, and new hire.

1. Reskill

   Reskilling involves learning new skills for a different or newly defined position.

2. Upskill

   Upskilling involves building a higher level of competency in skills to improve the worker's performance in their current role.

3. New hire

   New hire involves hiring workers who have the essential skills to fill the open position.

Info-Tech Insight

One of the misconceptions that organizations have includes viewing skills development as a one-time effort. This leads to underinvestment in data team skills, risk of falling behind on technological changes, and failure to connect with business partners. Employees must learn to continuously adapt to the changing circumstances of D&A. While the program must be agile and dynamic to reflect technological improvements in the development of technical skills, the program should always be anchored in soft skills because data management is fundamentally about interaction, collaboration, and people.

How to determine when to upskill, reskill, or hire to meet your skills needs

Reskill

Reskilling often indicates a change in someone's career path, so this decision requires a goal aligned with both individuals and the organization to establish a mutually beneficial situation.

When making reskilling decisions, organizations should also consider the relevance of the skill for different positions. For example, data administrators and data architects have similar skill sets, so reskilling is appropriate for these employees.

Upskill

Upskilling tends to focus more on the soft skills necessary for more advanced positions. A data strategy lead, for example, might require design thinking training, which enables leaders to think from different perspectives.

Skill growth feasibility must also be considered. Some technical skills, particularly those involving cutting-edge technologies, require continual learning to maintain operational excellence. For example, a data scientist may require AI/ML skills training to incorporate use of modern automation technology.

New Hire

For open positions and skills that are too resource-intensive to reskill or upskill, it makes sense to recruit new employees. Consider, however, time and cost feasibility of hiring. Some positions (e.g. senior data scientist) take longer to fill. To minimize risks, coordinate with your HR department and begin recruiting early.

Data & Analytics skills training

There are various learning methods that help employees develop priority competencies to achieve reskilling or upskilling.

Specific training

The data team can collaborate with the human resources department to plan and develop internal training sessions aimed at specific skill sets.

This can also be accomplished through external training providers such as DCAM, which provides training courses on data management and analytics topics.

Formal education program

Colleges and universities can equip students with data analytics skills through formal education programs such as MBAs and undergraduate or graduate degrees in Data Science, Machine Learning, and other fields.

Certification

Investing time and effort to obtain certifications in the data & analytics field allows data workers to develop skills and gain recognition for continuous learning and self-improvement.

AWS Data Analytics and Tableau Data Scientist Certification are two popular data analytics certifications.

Online learning from general providers

Some companies offer online courses in various subjects. Coursera and DataCamp are two examples of popular providers.

Partner with a vendor

The organization can partner with a vendor who brings skills and talents that are not yet available within the organization. Employees can benefit from the collaboration process by familiarizing themselves with the project and enhancing their own skills.

Support from within your business

The data team can engage with other departments that have previously done skills development programs, such as Finance and Change & Communications, who may have relevant resources to help you improve your business acumen and change management skills.

Info-Tech Insight

Seeking input and support across your business units can align stakeholders to focus on the right data analytics skills and build a data learning culture.

Data & Analytics skills reinforcement

Don't assume learners will immediately comprehend new knowledge. Use different methods and approaches to reinforce their development.

Innovation Space

• Skills development is not a one-time event, but a continuous process during which innovation should be encouraged. A key aspect of being innovative is having a “fail fast” mentality, which means collecting feedback, recognizing when something isn't working, encouraging experimentation, and taking a different approach with the goal of achieving operational excellence.
• Human-centered design (HCD) also yields innovative outcomes with a people-first focus. When creating skills development programs for various target groups, organizations should integrate a human-centered approach.

Commercial Lens

• Exposing people to a commercial way of thinking can add long-term value by educating people to act in the business' best interest and raising awareness of what other business functions contribute. This includes concepts such as project management, return on investment (ROI), budget alignment, etc.

Checklists/Rubrics

• Employees should record what they learn so they can take the time to reflect. A checklist is an effective technique for establishing objectives, allowing measurement of skills development and progress.

Buddy Program

• A buddy program helps employees gain and reinforce knowledge and skills they have learned through mutual support and information exchange.

Align HR programs to support skills integration and talent recruitment

With a clear idea of skills needs and an executable strategy for training and reinforcing of concepts, HR programs and processes can help the data team foster a learning environment and establish a recruitment plan. The links below will direct you to blueprints produced by McLean & Company, a division of Info-Tech Research Group.

Workforce Planning

When integrating the skills of the future into workforce planning, determine the best approach for addressing the identified talent gaps – whether to build, buy, or borrow.

Integrate the future skills identified into the organization's workforce plan.

Talent Acquisition

In cases where employee development is not feasible, the organization's talent acquisition strategy must focus more on buying or borrowing talent. This will impact the TA process. For example, sourcing and screening must be updated to reflect new approaches and skills.

If you have a talent acquisition strategy, assess how to integrate the new roles/skills into recruiting.

Competencies/Succession Planning

Review current organizational core competencies to determine if they need to be modified. New skills will help inform critical roles and competencies required in succession talent pools.

If no competency framework exists, use McLean & Company's Develop a Comprehensive Competency Framework blueprint.

Compensation

Evaluate modified and new roles against the organization's compensation structure. Adjust them as necessary. Look at market data to understand compensation for new roles and skills.

Reassess your base pay structure according to market data for new roles and skills.

Learning and Development

L&D plays a huge role in closing the skills gap. Build L&D opportunities to support development of new skills in employees.

Design an Impactful Employee Development Program to build the skills employees need in the future.

3.1 Use the Data & Analytics Assessment and Planning Tool to build an actionable plan

1-3 hours

Input: Roles and skills required, Key decision points
Output: Actionable plan
Materials: Data & Analytics Assessment and Planning Tool
Participants: Data leads, Business leads and subject matter experts (SMEs), Key business stakeholders

Instruction:

1. On Tab 7 (Next Steps & Decision Points), you will find a list of tasks that correspond to roles that where there is a skills gap.
2. Customize this list of tasks initiatives according to your needs.
3. The Gantt chart, which will be generated automatically after assigning start and finish dates for each activity, can be used to structure your plan and guarantee that all the main components of skills development are addressed.

Download the Data & Analytics Assessment and Planning Tool

Related Info-Tech Research

Create a Data Management Roadmap

• This blueprint will help you design a data management practice that will allow your organization to use data as a strategic enabler.

Build a Robust and Comprehensive Data Strategy

• Put a strategy in place to ensure data is available, accessible, well-integrated, secured, of acceptable quality, and suitably visualized to fuel organization-wide decision making. Start treating data as strategic and corporate asset.

Foster Data-Driven Culture With Data Literacy

• By thoughtfully designing a data literacy training program appropriate to the audience's experience, maturity level, and learning style, organizations build a data-driven and engaged culture that helps them unlock their data's full potential and outperform other organizations.

Research Authors and Contributors

Authors:

Contributors:

Bibliography

2022 Workplace Learning Trends Report.” Udemy, 2022. Accessed 20 June 2023.

Agrawal, Sapana, et al. “Beyond hiring: How companies are reskilling to address talent gaps.” McKinsey & Company, 12 Feb. 2020. Accessed 20 June 2023.

Bika, Nikoletta. “Key hiring metrics: Useful benchmarks for tech roles.” Workable, 2019. Accessed 20 June 2023.

Chroust, Tomas. “Chief Data Officer – Leaders of data-driven enterprises.” BearingPoint, 2020. Accessed 20 June 2023.

“Data and AI Leadership Executive Survey 2022.” NewVantage Partners, Jan 2022. Accessed 20 June 2023.

Dondi, Marco, et al. “Defining the skills citizens will need in the future world of work.” McKinsey & Company, June 2021. Accessed 20 June 2023.

Futschek, Gerald. “Algorithmic Thinking: The Key for Understanding Computer Science.” Lecture Notes in Computer Science, vol. 4226, 2006.

Howard, William, et al. “2022 HR Trends Report.” McLean & Company, 2022. Accessed 20 June 2023.

“Future of Jobs Report 2023.” World Economic Forum, May 2023. Accessed 20 June 2023.

Knight, Michelle. “What is Data Ethics?” Dataversity, 19 May 2021. Accessed 20 June 2023.

Little, Jim, et al. “The CIO Imperative: Is your technology moving fast enough to realize your ambitions?” EY, 22 Apr. 2022. Accessed 20 June 2023.

“MDM Roles and Responsibilities.” Profisee, April 2019. Accessed 20 June 2023.

“Reskilling and Upskilling: A Strategic Response to Changing Skill Demands.” TalentGuard, Oct. 2019. Accessed 20 June 2023.

Southekal, Prashanth. “The Five C's: Soft Skills That Every Data Analytics Professional Should Have.” Forbes, 17 Oct. 2022. Accessed 20 June 2023.

Select a Marketing Management Suite

A best-fit solution balances needs, cost, and capability.

Table of contents

1. Project Rationale
2. Execute the Project/DIY Guide
   • 2.1. Launch the MMS Project and Collect Requirements
   • 2.2. Shortlist Marketing Management Suites
   • 2.3. Select Vendor and Communicate Decision to Stakeholders
3. Appendices

ANALYST PERSPECTIVE

Navigate the complexity of a vast ecosystem by taking a structured approach to marketing management suite (MMS) selection.

“Marketing applications are in high demand, but it is difficult to select a suite that is right for your organization. Market offerings have grown from 50 vendors to over 800 in the past five years. Much of the process of identifying an appropriate vendor is not about the vendor at all, but rather about having a comprehensive understanding of internal needs. There are instances where a smaller-point solution is necessary to satisfy requirements and a full marketing management suite is an overinvestment.

Likewise, a partner with differentiating features such as AI-driven workflows and a mobile software development kit can act as a powerful extension of an overall customer experience management strategy. It is crucial to make the right decision; missing the mark on an MMS selection will have a direct impact on the business’ bottom line.”

Ben Dickie
Research Director, Enterprise Applications
Info-Tech Research Group

Phase milestones

Launch the MMS Project and Collect Requirements — Phase 1

• Understand the MMS market space.
• Assess organizational and project readiness for MMS selection.
• Structure your MMS selection and implementation project by refining your MMS roadmap.
• Align organizational use-case fit with market use cases.
• Collect, prioritize, and document MMS requirements.

Shortlist MMS Tool — Phase 2

• Review MMS market leaders and players within your aligned use case.
• Review MMS vendor profiles and capabilities.
• Shortlist MMS vendors based on organizational fit.

Select an MMS — Phase 3

• Submit request for proposal (RFP) to shortlisted vendors.
• Evaluate vendor responses and develop vendor demonstration scripts.
• Score vendor demonstrations and select the final product.

Stop! Are you ready for this project?

Executive summary

Situation

The MMS market is a landscape of vendors offering campaign management, multichannel support, analytics, and publishing tools. Many vendors specialize in some of these areas but not all. Sometimes multiple products are necessary – but determining which feature sets the organization truly needs can be a challenging task. The right technology stack is critical in order to bring automation to marketing initiatives.

Complication

• The first challenge is deciding whether to implement a full marketing suite or a point solution.
• The number of marketing suites and point solutions has increased from 50 to more than 800 just in the past five years.
• IT is receiving a growing number of marketing analytics requests and must be prepared to speak intelligently about marketing management vendor selection.

Resolution

• Leverage Info-Tech’s comprehensive three-phase approach to MMS selection projects: assess your organization’s preparedness to go into the selection stage, move through technology selection, and present decisions to stakeholders.
• Conduct an MMS project preparedness assessment to ensure you maximize the value of your time, effort, and spend.
• Determine whether your organization’s needs will best be met by a marketing management suite or a point solution.
• Determine which use case your organization fits into and review the relevant vendor landscape, common capability, and areas of product differentiation. Consult Info-Tech’s market analysis to shortlist vendors for your RFP process.
• Take advantage of traceable and auditable selection tools to run an effective evaluation and selection process. Be prepared to answer the retroactive question “Why this MMS?” with documentation of your selection process and outputs.

Info-Tech Insight

1. The new MMS market. Selecting a marketing management solution has become increasingly difficult, with the number of players in the marketplace ballooning to meet buyer demand.
2. Direct translation to revenue. Picking the wrong marketing solution has a direct impact on the bottom line. However, the right MMS can lead to a 7.3x greater year-over-year increase in annual revenue.
3. Don’t buy best-of-breed; buy best-for-you. Base your vendor selection on your requirements and use case, not on the vendor’s overall performance.

MMS is a key piece of the CRM puzzle

In order to optimize cross-sell opportunities and marketing effectiveness, there needs to be a master customer database, which belongs in the customer relationship management (CRM) suite.

“When it comes to marketing automation capabilities, using CRM is like building a car from a kit. All the parts are there, but you need the time and skill to put it all together. Using marketing automation is like buying the car you want or need, with all the features you want already installed and some gas in the tank, ready to drive. In either case, you still need to know how to drive and where you want to go.” (Mac McIntosh, Marketo Inc.)

A master database – the central place where all up-to-the-minute data on a customer profile is stored – is essential for MMS success. This is particularly true for real-time capability effectiveness and to minimize customer fatigue.

Understand what an MMS can do for you

Take time to learn the capabilities of modern marketing applications. Understanding the “art of the possible” will help you to get the most out of your MMS.

Review Info-Tech’s vendor profiles of the MMS market to identify vendors that meet your requirements

Use Info-Tech’s MMS implementation methodology as a starting point for your organization’s MMS selection

Contact your account representative or email Workshops@InfoTech.com for more information.

Professional services provider engages Info-Tech to guide it through its MMS selection journey

Info-Tech offers various levels of support to best suit your needs